Mist, ich bin untröstlich da hatte ich noch den vorherigen Log im Speicher :-/
Jetzt aber:
[QUOTE]--OTL Logfile: Code:
OTL logfile created on: 22.05.2012 20:49:03 - Run 3
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Zooey Deschanel\Desktop\Data
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,25 Gb Total Physical Memory | 1,42 Gb Available Physical Memory | 43,69% Memory free
6,50 Gb Paging File | 4,10 Gb Available in Paging File | 63,05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 55,80 Gb Total Space | 12,34 Gb Free Space | 22,11% Space Free | Partition Type: NTFS
Drive D: | 6,33 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive F: | 931,51 Gb Total Space | 743,19 Gb Free Space | 79,78% Space Free | Partition Type: NTFS
Computer Name: LIANGPC | User Name: Zooey Deschanel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Programme\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - C:\Users\Zooey Deschanel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - F:\Programme\TS3\ts3client_win32.exe (TeamSpeak Systems GmbH)
PRC - F:\Spiele\steam\steam.exe (Valve Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Users\Zooey Deschanel\Desktop\Data\OTL.exe (OldTimer Tools)
PRC - C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - C:\Programme\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation)
PRC - C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - F:\Programme\hamachi\hamachi-2.exe (LogMeIn Inc.)
PRC - F:\Programme\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmplayer.exe (Microsoft Corporation)
PRC - C:\Programme\Logitech\GamePanel Software\LGDevAgt.exe (Logitech Inc.)
PRC - C:\Programme\Logitech\GamePanel Software\Applets\LCDRSS.exe (Logitech Inc.)
PRC - C:\Programme\Logitech\GamePanel Software\Applets\LCDPop3.exe (Logitech Inc.)
PRC - C:\Programme\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
PRC - C:\Programme\Logitech\GamePanel Software\Applets\LCDMedia.exe (Logitech Inc.)
PRC - C:\Programme\Logitech\GamePanel Software\Applets\LCDCountdown.exe (Logitech Inc.)
PRC - C:\Programme\Logitech\GamePanel Software\Applets\LCDClock.exe (Logitech Inc.)
PRC - C:\Programme\Common Files\Java\Java Update\jucheck.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\Windows Media Player\WMPSideShowGadget.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\NETGEAR\WG111v3\WG111v3.exe ()
========== Modules (No Company Name) ==========
MOD - F:\Spiele\steam\bin\libcef.dll ()
MOD - F:\Spiele\steam\bin\avcodec-53.dll ()
MOD - F:\Spiele\steam\bin\chromehtml.dll ()
MOD - F:\Spiele\steam\bin\avformat-53.dll ()
MOD - F:\Spiele\steam\bin\avutil-51.dll ()
MOD - C:\Users\Zooey Deschanel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - F:\Programme\TS3\plugins\clientquery_plugin.dll ()
MOD - F:\Programme\TS3\soundbackends\windowsaudiosession_win32.dll ()
MOD - F:\Programme\TS3\soundbackends\directsound_win32.dll ()
MOD - F:\Programme\TS3\plugins\appscanner_plugin.dll ()
MOD - C:\Programme\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll ()
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
MOD - F:\Programme\TS3\QtGui4.dll ()
MOD - F:\Programme\TS3\QtCore4.dll ()
MOD - F:\Programme\TS3\QtNetwork4.dll ()
MOD - F:\Programme\TS3\imageformats\qjpeg4.dll ()
MOD - F:\Programme\TS3\imageformats\qgif4.dll ()
MOD - C:\Programme\NETGEAR\WG111v3\WG111v3.exe ()
========== Win32 Services (SafeList) ==========
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (nvUpdatusService) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (Hamachi2Svc) -- F:\Programme\hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (ssadmdm) -- C:\Windows\System32\drivers\ssadmdm.sys (MCCI Corporation)
DRV - (ssadbus) SAMSUNG Android USB Composite Device driver (WDM) -- C:\Windows\System32\drivers\ssadbus.sys (MCCI Corporation)
DRV - (ssadmdfl) SAMSUNG Android USB Modem (Filter) -- C:\Windows\System32\drivers\ssadmdfl.sys (MCCI Corporation)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (LGVirHid) -- C:\Windows\System32\drivers\LGVirHid.sys (Logitech Inc.)
DRV - (LGBusEnum) -- C:\Windows\System32\drivers\LGBusEnum.sys (Logitech Inc.)
DRV - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\System32\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys ()
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (RTL8187B) -- C:\Windows\System32\drivers\wg111v3.sys (NETGEAR Inc. )
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Programme\uTorrentBar_DE\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851647
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2467157446-3512218533-3410238873-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-2467157446-3512218533-3410238873-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F0 7E D1 F9 43 9A CC 01 [binary data]
IE - HKU\S-1-5-21-2467157446-3512218533-3410238873-1000\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Programme\uTorrentBar_DE\prxtbuTor.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2467157446-3512218533-3410238873-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2467157446-3512218533-3410238873-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2467157446-3512218533-3410238873-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851647
IE - HKU\S-1-5-21-2467157446-3512218533-3410238873-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2467157446-3512218533-3410238873-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: F:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.01.08 05:06:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.05.03 09:39:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.11.24 20:42:38 | 000,000,000 | ---D | M]
[2011.11.03 18:18:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zooey Deschanel\AppData\Roaming\mozilla\Extensions
[2012.05.18 13:05:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zooey Deschanel\AppData\Roaming\mozilla\Firefox\Profiles\cc9ya6lp.default\extensions
[2012.05.18 13:05:23 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Zooey Deschanel\AppData\Roaming\mozilla\Firefox\Profiles\cc9ya6lp.default\extensions\ich@maltegoetz.de
[2012.02.01 21:45:38 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Zooey Deschanel\AppData\Roaming\mozilla\Firefox\Profiles\cc9ya6lp.default\extensions\plugin@yontoo.com
[2012.01.08 05:11:13 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.01.08 05:06:36 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
() (No name found) -- C:\USERS\ZOOEY DESCHANEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CC9YA6LP.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\ZOOEY DESCHANEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CC9YA6LP.DEFAULT\EXTENSIONS\{DF4E4DF5-5CB7-46B0-9AEF-6C784C3249F8}.XPI
() (No name found) -- C:\USERS\ZOOEY DESCHANEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CC9YA6LP.DEFAULT\EXTENSIONS\DIVXWEBPLAYER@DIVX.COM.XPI
[2012.05.03 09:39:06 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.11.20 22:36:30 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012.03.20 16:54:13 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.03.20 16:54:13 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.03.20 16:54:13 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.03.20 16:54:13 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.03.20 16:54:13 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.03.20 16:54:13 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2012.01.06 18:01:42 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (uTorrentBar_DE Toolbar) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Programme\uTorrentBar_DE\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Programme\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (uTorrentBar_DE Toolbar) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Programme\uTorrentBar_DE\prxtbuTor.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2467157446-3512218533-3410238873-1000\..\Toolbar\WebBrowser: (uTorrentBar_DE Toolbar) - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} - C:\Programme\uTorrentBar_DE\prxtbuTor.dll (Conduit Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [KiesHelper] F:\Programme\Kies\KiesHelper.exe (Samsung)
O4 - HKLM..\Run: [KiesTrayAgent] F:\Programme\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
O4 - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] F:\Programme\hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-21-2467157446-3512218533-3410238873-1000..\Run: [Pando Media Booster] C:\Programme\Pando Networks\Media Booster\PMB.exe ()
O4 - HKU\S-1-5-21-2467157446-3512218533-3410238873-1000..\Run: [Spotify] C:\Users\Zooey Deschanel\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-2467157446-3512218533-3410238873-1000..\Run: [Spotify Web Helper] C:\Users\Zooey Deschanel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
O4 - HKU\S-1-5-21-2467157446-3512218533-3410238873-1000..\Run: [Steam] F:\Spiele\steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-2467157446-3512218533-3410238873-1004..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Zooey Deschanel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2467157446-3512218533-3410238873-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2467157446-3512218533-3410238873-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-2467157446-3512218533-3410238873-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1BE0245E-3722-4587-8351-0F456FCE2C84}: DhcpNameServer = 192.168.15.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A8474337-1BB2-49E4-A5E9-994FB57CCBA6}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010.02.08 12:07:09 | 000,000,000 | ---D | M] - D:\AutoPlay -- [ UDF ]
O32 - AutoRun File - [2010.02.08 10:55:51 | 002,855,560 | ---- | M] (UBISOFT) - D:\autorun.exe -- [ UDF ]
O32 - AutoRun File - [2010.02.08 10:55:52 | 000,000,043 | ---- | M] () - D:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
MsConfig - State: "bootini" - 2
SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Hamachi2Svc - F:\Programme\hamachi\hamachi-2.exe (LogMeIn Inc.)
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\System32\Microsoft
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\System32\Microsoft
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32: aux - wdmaud.drv (Microsoft Corporation)
Drivers32: midi - wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - wdmaud.drv (Microsoft Corporation)
Drivers32: midi2 - wdmaud.drv (Microsoft Corporation)
Drivers32: midi3 - wdmaud.drv (Microsoft Corporation)
Drivers32: midi4 - wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - midimap.dll (Microsoft Corporation)
Drivers32: mixer - wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - wdmaud.drv (Microsoft Corporation)
Drivers32: mixer2 - wdmaud.drv (Microsoft Corporation)
Drivers32: mixer3 - wdmaud.drv (Microsoft Corporation)
Drivers32: mixer4 - wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.imaadpcm - imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.siren - sirenacm.dll (Microsoft Corporation)
Drivers32: MSVideo8 - VfWWDM32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - DivX.dll (DivX, Inc.)
Drivers32: vidc.i420 - iyuv_32.dll (Microsoft Corporation)
Drivers32: VIDC.IYUV - iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - msvidc32.dll (Microsoft Corporation)
Drivers32: VIDC.UYVY - msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YUY2 - msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yv12 - DivX.dll (DivX, Inc.)
Drivers32: VIDC.YVU9 - tsbyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVYU - msyuv.dll (Microsoft Corporation)
Drivers32: wave - wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - wdmaud.drv (Microsoft Corporation)
Drivers32: wave2 - wdmaud.drv (Microsoft Corporation)
Drivers32: wave3 - wdmaud.drv (Microsoft Corporation)
Drivers32: wave4 - wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - msacm32.drv (Microsoft Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012.05.22 11:36:02 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.05.22 11:29:41 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{504BB5F9-25AA-44FC-B445-8B0FD017FA7B}
[2012.05.22 11:29:22 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{B45E8E06-EA65-45C5-84B1-1E1C395BA70C}
[2012.05.21 15:52:54 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{6E92C78A-4902-477E-BF75-BD7404FC4655}
[2012.05.21 15:52:35 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{ED71DE65-6D78-4DF7-BA72-E0A70EF2C796}
[2012.05.20 17:09:40 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{9B9C1B01-AA6D-4EE5-8219-1D4220BE3C47}
[2012.05.20 17:09:21 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{8DF34815-6453-4FD6-AAD3-9E4ED499A20D}
[2012.05.20 11:15:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
[2012.05.20 11:12:24 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{6A539025-ACEE-40B7-A480-E7154DB02738}
[2012.05.20 11:12:02 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{13C4A783-C0D4-45CC-AA63-60D1CB03B64D}
[2012.05.20 00:35:45 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\Neuer Ordner
[2012.05.19 12:14:44 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{87B7BE40-C82E-4441-B1CE-6E3D229C4D63}
[2012.05.19 12:14:24 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{EA7639BE-BFE7-4CA3-A6AF-D82427AFB3CD}
[2012.05.19 01:27:58 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\Spotify
[2012.05.19 01:27:57 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Roaming\Spotify
[2012.05.18 13:05:03 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{6C6C779C-961E-4936-A930-E37F085ADE07}
[2012.05.18 13:04:41 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{C5F22BE1-88CE-48C8-903E-CBC8855F4A88}
[2012.05.17 11:21:11 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{14B8D8F3-AC9C-4187-AE2A-2CF88B7142B9}
[2012.05.17 11:20:52 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{7B924B53-A8F6-49A5-BC0B-9F7D24255191}
[2012.05.17 01:35:04 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{92FED7A6-0868-418C-9E83-729B69F1013C}
[2012.05.17 01:34:44 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{7C6981D9-4758-4688-9998-0FD8015CCB99}
[2012.05.16 18:25:15 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{65C6A0B7-F5D3-49D9-9D64-EDBA695FC69D}
[2012.05.16 18:24:55 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{6F3827B4-3DBA-48CE-B8B0-769675950DE5}
[2012.05.16 15:33:53 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{42F2ACF8-26AE-4175-A782-8F397BFA9C3C}
[2012.05.16 15:33:42 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{2ABD68AA-6E13-4EFE-9BFD-9882486EC761}
[2012.05.16 14:08:04 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{CF4C57C0-28AB-42C9-A320-D21E6EFEE2C5}
[2012.05.16 14:07:44 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{783D71DD-F40F-4A9D-95AB-F0A2A6547306}
[2012.05.15 13:19:22 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{496FF681-79E0-449F-ADCF-506552E5923F}
[2012.05.15 13:19:02 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{080A4FF0-B089-416F-89CA-9F05BCC3AF36}
[2012.05.14 15:49:22 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{91D6638F-89B6-452C-AA03-02BB28B21E9E}
[2012.05.14 15:49:02 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{33EE8461-08D1-45E8-9EFF-AEEE1EFBDF4B}
[2012.05.13 12:55:12 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{B4A183CE-E42F-4CBD-B316-6B45FA60DAA1}
[2012.05.13 12:54:51 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{B50B119B-F437-43FB-9297-665EFECB71A4}
[2012.05.13 04:29:23 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{33B34EA7-5A9E-41F6-AF75-73174BF65A0D}
[2012.05.13 03:20:36 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{65B28F07-2D62-4C00-8BC0-778113E43736}
[2012.05.13 03:20:21 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{15E0C43F-CBC5-4BCF-9B79-7E1026EF9CAE}
[2012.05.12 10:00:47 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{BC4BE65C-A00F-43C8-B68D-B0870068215C}
[2012.05.12 10:00:26 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{EB5082B3-1FD6-41CA-BF52-EDE2AD468130}
[2012.05.11 12:31:49 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{DB5FD67A-1211-4A73-8083-1BD7CC7BE663}
[2012.05.11 12:31:28 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{09EBCED7-7013-49CA-ABBB-CD47C38B3E5C}
[2012.05.10 11:32:50 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{6BFD8103-C4FC-4013-9754-92FDEEFA425D}
[2012.05.10 11:32:30 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{2A4BADAE-0EEE-41C6-B543-8209E513024F}
[2012.05.09 15:44:05 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{627DF269-A8AD-4C47-9A6F-9147997A2D10}
[2012.05.09 15:43:46 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{4C858FA0-6F9D-4B66-871F-A9615FD22256}
[2012.05.08 17:52:18 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{18BD3039-44B9-47C7-84AF-9C55B5A2C229}
[2012.05.08 17:51:58 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{FB3355F6-D4F7-49AF-A074-DEBC64E7B860}
[2012.05.08 13:19:52 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{A86123D1-F935-4207-A981-4F17E0032ADE}
[2012.05.08 13:19:29 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{7BE1045B-F5D5-4A3D-8A70-B0B3AB450ED8}
[2012.05.07 10:06:05 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{24F11ACF-CF74-4F90-A9EB-7DBA88F07736}
[2012.05.07 10:05:44 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{037A9B2D-96D9-47A1-8B88-34F3EB2FACF6}
[2012.05.06 13:09:26 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{6AE53F97-BBA7-4B27-9CDD-5D8273879C88}
[2012.05.06 13:09:05 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{C3879C6B-698A-42AD-A1C2-BFA672B13D87}
[2012.05.05 11:27:47 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{8812D626-3586-4FBA-AF0F-E66D1F8C7BCA}
[2012.05.05 11:27:27 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{3B3CFEAF-AA28-48C2-9326-19663CB29CF4}
[2012.05.05 00:19:28 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{13AEA1DB-EF69-4C85-AE2E-8B80632AA86D}
[2012.05.05 00:19:09 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{266CAA98-652A-4F1D-B265-3D736187C3D9}
[2012.05.04 12:47:22 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{D7F8603E-EEFB-4BCC-BBE2-5666D9FF9AC5}
[2012.05.04 12:47:01 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{9FC27320-B0C9-4162-92D5-99EE85D32021}
[2012.05.03 15:51:36 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{1469C94E-60BE-42D9-8313-14C82B898523}
[2012.05.03 15:51:17 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{76C88997-535D-4AC0-83FB-4049FA1FF6CC}
[2012.05.03 09:39:07 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012.05.03 09:39:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.05.03 09:38:33 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{69D83437-E67A-460A-954F-94082CDC351A}
[2012.05.03 09:38:13 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{C082BC1A-A03B-43EC-A974-318BBCA7AA11}
[2012.05.02 19:35:27 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{28523460-EAFE-48B9-8B87-B5B0328D2B77}
[2012.05.02 17:10:54 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{571FD5BC-EAD4-4850-A535-AB0985852276}
[2012.05.02 17:10:35 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{3A6EF2B4-BCF0-47F9-808E-DDA5ABE84B04}
[2012.05.01 12:15:21 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{D0B1B15A-8687-4831-85C3-AF454426CDA9}
[2012.05.01 12:15:02 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{C0D12A85-657D-496F-A6CB-9DCD62563DAD}
[2012.05.01 00:38:08 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{39FF4645-A7AC-4F29-9D02-0462E776D258}
[2012.05.01 00:37:48 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{02335CDF-06DA-4821-A1B5-18B65E9309C1}
[2012.04.30 15:49:02 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{BF681D93-4559-42F4-BEB6-CB79D1D75396}
[2012.04.30 15:48:41 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{CCE3168F-3CC6-4A20-A231-DF8FEE5197F7}
[2012.04.29 19:04:48 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{72EED3EA-7BDE-481A-8E18-900730DB8594}
[2012.04.29 19:04:32 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{64A1F207-975F-45E4-B67A-F1F22D84D1FC}
[2012.04.29 17:42:37 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{92D84984-088D-4236-AD37-2D8E74DF3012}
[2012.04.29 17:42:27 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{C7BBD6F1-E862-4478-AD92-B27E925CAAE3}
[2012.04.29 17:16:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012.04.29 17:15:09 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2012.04.29 16:39:43 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{A8F475F1-2464-4D12-9060-242A1C7F859C}
[2012.04.29 16:39:23 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{57F48BC8-0DE1-418C-8AB6-DA704D94F772}
[2012.04.29 11:05:41 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{ACF677E0-74AE-4942-A52D-096CE1F5245E}
[2012.04.29 11:05:21 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{D392FAF2-8CD2-4749-B0E8-5E3DF073E993}
[2012.04.28 20:44:57 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{F5D8FF28-47F3-4FEE-B259-671A293BBD8B}
[2012.04.28 20:44:37 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{8A0C2FC6-78F5-4F2D-97DC-508031E34BB2}
[2012.04.28 17:55:59 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{332E88C5-5DE0-4C80-A5F5-A36585CB64DA}
[2012.04.28 17:55:37 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{60FBDAEE-D646-48A0-BB0C-5C633D4DF3BB}
[2012.04.28 15:14:58 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Roaming\Ubisoft
[2012.04.28 15:14:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft
[2012.04.28 13:32:02 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{26660A58-CFF1-475C-8B9B-E9FBDF840ECA}
[2012.04.28 13:31:44 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{D61FBB96-7707-4002-B02D-DFA6F54A34AA}
[2012.04.28 09:43:55 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{62AE4C53-3AB8-4229-AF4C-AD42B4B25EA6}
[2012.04.28 09:43:35 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{1FECD79E-7FEF-4B0F-A3E4-9EB4BF34EDD4}
[2012.04.27 12:43:56 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{200FDD9D-4B81-45F1-BA6E-2FD82DB4ACCB}
[2012.04.27 12:43:37 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{31113462-D2A1-420C-9570-28D74C804005}
[2012.04.26 21:48:14 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{EA2892F2-0082-4EA6-A035-06C64D03E9A8}
[2012.04.26 21:47:42 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{90F22394-642F-4246-AB1B-4A9C68994F10}
[2012.04.26 09:48:01 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{9CCE25FA-E9A9-4907-9843-13D50C15B65F}
[2012.04.26 09:47:42 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{C3112C48-72B0-44BA-8587-A4E5FDCA40ED}
[2012.04.25 17:21:20 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{A81EF66B-4951-4292-A390-2FEAB761E0E9}
[2012.04.25 17:21:01 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{E4B9E9E7-D980-46A0-B10E-441D0ED33557}
[2012.04.24 17:58:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge
[2012.04.24 17:58:25 | 000,000,000 | ---D | C] -- C:\Program Files\Gameforge
[2012.04.24 14:01:05 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{F63C57CD-FC7A-444B-9CB4-1A74E760BD8B}
[2012.04.24 14:00:46 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{77DE4987-A870-4A10-A210-78FFC496B69F}
[2012.04.23 15:40:36 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{3AB4899A-290E-4823-BFBA-681BC0D2BEEB}
[2012.04.23 15:40:17 | 000,000,000 | ---D | C] -- C:\Users\Zooey Deschanel\AppData\Local\{C55F0C7A-16F2-48C1-AB43-9B27EEC04838}
========== Files - Modified Within 30 Days ==========
[2012.05.22 11:36:11 | 000,014,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.05.22 11:36:11 | 000,014,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.05.22 11:35:22 | 000,653,928 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.05.22 11:35:22 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.05.22 11:35:22 | 000,129,800 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.05.22 11:35:22 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.05.22 11:29:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.05.22 11:28:54 | 2616,532,992 | -HS- | M] () -- C:\hiberfil.sys
[2012.05.20 11:23:50 | 000,000,900 | ---- | M] () -- C:\Users\Public\Desktop\Diablo III.lnk
[2012.05.19 01:27:58 | 000,001,854 | ---- | M] () -- C:\Users\Zooey Deschanel\Desktop\Spotify.lnk
[2012.05.13 03:19:53 | 000,300,688 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.05.08 18:44:46 | 000,137,928 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2012.05.08 18:44:46 | 000,083,392 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
========== Files Created - No Company Name ==========
[2012.05.20 11:15:18 | 000,000,900 | ---- | C] () -- C:\Users\Public\Desktop\Diablo III.lnk
[2012.05.19 01:27:58 | 000,001,854 | ---- | C] () -- C:\Users\Zooey Deschanel\Desktop\Spotify.lnk
[2012.05.19 01:27:58 | 000,001,840 | ---- | C] () -- C:\Users\Zooey Deschanel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
[2012.04.29 17:15:43 | 002,515,790 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin
[2012.02.29 13:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2012.02.05 13:20:12 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2011.11.03 17:22:52 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2011.11.03 17:22:47 | 000,028,763 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2011.09.28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011.09.16 12:54:48 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011.09.16 12:54:44 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011.09.16 12:54:44 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011.09.16 12:54:44 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011.09.16 12:54:44 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2011.06.10 07:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011.06.02 09:17:24 | 000,007,764 | ---- | C] () -- C:\Windows\cadx2.ini
========== LOP Check ==========
[2012.04.01 16:50:37 | 000,000,000 | ---D | M] -- C:\Users\Zooey Deschanel\AppData\Roaming\.minecraft
[2012.03.02 20:47:24 | 000,000,000 | ---D | M] -- C:\Users\Zooey Deschanel\AppData\Roaming\Amazon
[2011.11.03 21:31:50 | 000,000,000 | ---D | M] -- C:\Users\Zooey Deschanel\AppData\Roaming\LolClient
[2011.11.20 22:38:59 | 000,000,000 | ---D | M] -- C:\Users\Zooey Deschanel\AppData\Roaming\OpenOffice.org
[2012.03.24 21:54:07 | 000,000,000 | ---D | M] -- C:\Users\Zooey Deschanel\AppData\Roaming\Origin
[2011.11.20 22:45:09 | 000,000,000 | ---D | M] -- C:\Users\Zooey Deschanel\AppData\Roaming\PhotoFiltre
[2011.11.11 22:18:28 | 000,000,000 | ---D | M] -- C:\Users\Zooey Deschanel\AppData\Roaming\Samsung
[2012.05.22 11:33:38 | 000,000,000 | ---D | M] -- C:\Users\Zooey Deschanel\AppData\Roaming\Spotify
[2012.04.23 15:43:08 | 000,000,000 | ---D | M] -- C:\Users\Zooey Deschanel\AppData\Roaming\TS3Client
[2012.04.28 15:14:58 | 000,000,000 | ---D | M] -- C:\Users\Zooey Deschanel\AppData\Roaming\Ubisoft
[2012.02.02 01:43:31 | 000,000,000 | ---D | M] -- C:\Users\Zooey Deschanel\AppData\Roaming\uTorrent
[2012.04.21 18:43:51 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.04.01 16:50:37 | 000,000,000 | ---D | M] -- C:\Users\Zooey Deschanel\AppData\Roaming\.minecraft
[2011.11.24 20:43:57 | 000,000,000 | ---D | M] -- C:\Users\Zooey Deschanel\AppData\Roaming\Adobe
[2012.03.02 20:47:24 | 000,000,000 | ---D | M] -- C:\Users\Zooey Deschanel\AppData\Roaming\Amazon
[2011.12.18 00:55:59 | 000,000,000 | ---D | M] -- C:\Users\Zooey Deschanel\AppData\Roaming\Apple Computer
[2011.11.03 18:31:06 | 000,000,000 | ---D | M] -- C:\Users\Zooey Deschanel\AppData\Roaming\Avira
[2011.11.03 17:14:51 | 000,000,000 | ---D | M] -- C:\Users\Zooey Deschanel\AppData\Roaming\Identities
[2011.11.03 21:31:50 | 000,000,000 | ---D | M] -- C:\Users\Zooey Deschanel\AppData\Roaming\LolClient
[2011.11.03 18:39:39 | 000,000,000 | ---D | M] -- C:\Users\Zooey Deschanel\AppData\Roaming\Macromedia
[2012.01.06 17:06:14 | 000,000,000 | ---D | M] -- C:\Users\Zooey Deschanel\AppData\Roaming\Malwarebytes
[2009.07.14 10:56:41 | 000,000,000 | ---D | M] -- C:\Users\Zooey Deschanel\AppData\Roaming\Media Center Programs
[2012.02.05 13:18:43 | 000,000,000 | --SD | M] -- C:\Users\Zooey Deschanel\AppData\Roaming\Microsoft
[2011.11.03 18:18:20 | 000,000,000 | ---D | M] -- C:\Users\Zooey Deschanel\AppData\Roaming\Mozilla
[2012.01.07 22:04:11 | 000,000,000 | ---D | M] -- C:\Users\Zooey Deschanel\AppData\Roaming\NVIDIA
[2011.11.20 22:38:59 | 000,000,000 | ---D | M] -- C:\Users\Zooey Deschanel\AppData\Roaming\OpenOffice.org
[2012.03.24 21:54:07 | 000,000,000 | ---D | M] -- C:\Users\Zooey Deschanel\AppData\Roaming\Origin
[2011.11.20 22:45:09 | 000,000,000 | ---D | M] -- C:\Users\Zooey Deschanel\AppData\Roaming\PhotoFiltre
[2011.11.11 22:18:28 | 000,000,000 | ---D | M] -- C:\Users\Zooey Deschanel\AppData\Roaming\Samsung
[2012.05.20 21:42:09 | 000,000,000 | ---D | M] -- C:\Users\Zooey Deschanel\AppData\Roaming\Skype
[2012.05.22 11:33:38 | 000,000,000 | ---D | M] -- C:\Users\Zooey Deschanel\AppData\Roaming\Spotify
[2012.04.23 15:43:08 | 000,000,000 | ---D | M] -- C:\Users\Zooey Deschanel\AppData\Roaming\TS3Client
[2012.04.28 15:14:58 | 000,000,000 | ---D | M] -- C:\Users\Zooey Deschanel\AppData\Roaming\Ubisoft
[2012.02.02 01:43:31 | 000,000,000 | ---D | M] -- C:\Users\Zooey Deschanel\AppData\Roaming\uTorrent
[2011.11.04 13:38:21 | 000,000,000 | ---D | M] -- C:\Users\Zooey Deschanel\AppData\Roaming\vlc
[2011.11.05 18:21:27 | 000,000,000 | ---D | M] -- C:\Users\Zooey Deschanel\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2012.05.19 01:27:58 | 009,478,320 | ---- | M] (Spotify Ltd) -- C:\Users\Zooey Deschanel\AppData\Roaming\Spotify\spotify.exe
[2012.05.19 01:27:57 | 000,932,528 | ---- | M] () -- C:\Users\Zooey Deschanel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\ERDNT\cache\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\ERDNT\cache\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\ERDNT\cache\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
< MD5 for: IASTORV.SYS >
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011.03.11 07:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\System32\drivers\iaStorV.sys
[2011.03.11 07:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0033117673c16921\iaStorV.sys
[2011.03.11 07:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011.03.11 07:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011.03.11 07:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\ERDNT\cache\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011.03.11 07:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\System32\drivers\nvstor.sys
[2011.03.11 07:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_38e464dbe521cc7f\nvstor.sys
[2011.03.11 07:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011.03.11 07:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011.03.11 07:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\ERDNT\cache\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
< MD5 for: USER32.DLL >
[2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\ERDNT\cache\user32.dll
[2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\System32\user32.dll
[2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\ERDNT\cache\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WININIT.EXE >
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\ERDNT\cache\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
< MD5 for: WINLOGON.EXE >
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\ERDNT\cache\winlogon.exe
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< >
< End of report >
--- --- ---
MfG,
Levi |
