| Schnatti925 | 01.09.2012 18:09 |
Soll ich auch die Schritte 1-3 (defogger, OTL- Scan, gmer (x86 basiert) ) durchführen und hier posten?
Noch eine Info - am PC treten nun die gleichen Langsamkeitsprobleme auf. Dieser ist ans gleiche System angeschlossen. Gleiches Internet etc. Schreibe hier vom Laptop welcher mit Wlan verbunden ist. Habe 331 Lan- Modem der Telekom und daran angeschlossen den N300 WirelessRouter WNR 2000v3. Vor ein paar Tagen habe ich erst die neueste Firmware installiert (Version V1.1.2.2.)
Das mit dem anderen PC hat sich erledigt. Neustart und alles ging wieder. Sorry.
Malwarebytes Anti-Malware 1.62.0.1300
Malwarebytes : Free anti-malware download
Datenbank Version: v2012.09.01.05
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 8.0.7601.17514
Nathalie :: NATHALIE-PC [Administrator]
01/09/2012 18:47:51
LogSep
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|F:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 417032
Laufzeit: 3 Stunde(n), 33 Minute(n), 14 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 1
C:\Windows.old\Windows\System32\__IwWrV9V.exe (Adware.AdRotator) -> Keine Aktion durchgeführt.
(Ende)
--------ESET hat nichts gefunden Code:
OTL logfile created on: 02/09/2012 01:10:22 - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\Nathalie\Downloads\Scansysteme
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd/MM/yyyy
2,99 Gb Total Physical Memory | 1,83 Gb Available Physical Memory | 61,05% Memory free
5,99 Gb Paging File | 4,69 Gb Available in Paging File | 78,33% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 268,79 Gb Total Space | 180,44 Gb Free Space | 67,13% Space Free | Partition Type: NTFS
Drive D: | 29,28 Gb Total Space | 14,59 Gb Free Space | 49,84% Space Free | Partition Type: FAT32
Drive I: | 7,45 Gb Total Space | 7,09 Gb Free Space | 95,16% Space Free | Partition Type: FAT32
Computer Name: NATHALIE-PC | User Name: Nathalie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/09/01 18:54:40 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Nathalie\Downloads\Scansysteme\OTL.exe
PRC - [2012/08/29 16:17:06 | 002,445,880 | ---- | M] (Check Point Software Technologies LTD) -- C:\Programme\CheckPoint\ZoneAlarm\vsmon.exe
PRC - [2012/08/29 15:45:24 | 000,073,392 | ---- | M] (Check Point Software Technologies LTD) -- C:\Programme\CheckPoint\ZoneAlarm\zatray.exe
PRC - [2012/08/14 02:44:18 | 002,978,318 | ---- | M] () -- C:\Programme\Vidalia Bundle\Tor\tor.exe
PRC - [2012/08/09 06:50:03 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/07/28 22:35:30 | 006,172,985 | ---- | M] () -- C:\Programme\Vidalia Bundle\Vidalia\vidalia.exe
PRC - [2012/07/27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/07/24 20:58:08 | 003,091,296 | ---- | M] (Piriform Ltd) -- C:\Programme\CCleaner\CCleaner.exe
PRC - [2012/07/14 15:59:32 | 000,497,320 | ---- | M] (Check Point Software Technologies) -- C:\Programme\CheckPoint\ZAForceField\ISWSVC.exe
PRC - [2012/07/14 15:59:08 | 000,738,984 | ---- | M] (Check Point Software Technologies) -- C:\Programme\CheckPoint\ZAForceField\ForceField.exe
PRC - [2012/06/18 07:06:34 | 008,878,720 | ---- | M] (NTeWORKS) -- C:\Programme\PicPick\picpick.exe
PRC - [2012/05/31 21:46:50 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/05/31 21:46:50 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012/05/31 21:46:50 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011/10/20 13:43:56 | 000,025,464 | ---- | M] (Uniblue Systems Limited) -- C:\Programme\Uniblue\DriverScanner\dsmonitor.exe
PRC - [2011/07/29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/06/24 06:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011/05/10 18:02:20 | 000,181,248 | ---- | M] () -- C:\Programme\Vidalia Bundle\Polipo\polipo.exe
PRC - [2010/11/20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/08 18:08:28 | 002,644,248 | ---- | M] () -- C:\Programme\MAGIX\PC_Check_Tuning_Free_2011\MxTray.exe
PRC - [2010/07/04 19:07:40 | 000,238,952 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe
========== Modules (No Company Name) ==========
MOD - [2012/08/14 02:44:18 | 002,978,318 | ---- | M] () -- C:\Programme\Vidalia Bundle\Tor\tor.exe
MOD - [2012/07/28 22:35:30 | 006,172,985 | ---- | M] () -- C:\Programme\Vidalia Bundle\Vidalia\vidalia.exe
MOD - [2012/07/25 01:17:28 | 000,035,328 | ---- | M] () -- C:\Programme\CCleaner\Lang\lang-1031.dll
MOD - [2011/08/24 00:59:50 | 000,047,972 | ---- | M] () -- C:\Programme\Vidalia Bundle\Vidalia\mingwm10.dll
MOD - [2011/07/29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
MOD - [2011/05/10 18:02:20 | 000,181,248 | ---- | M] () -- C:\Programme\Vidalia Bundle\Polipo\polipo.exe
MOD - [2011/05/10 18:02:20 | 000,076,800 | ---- | M] () -- C:\Programme\Vidalia Bundle\Polipo\libgnurx-0.dll
MOD - [2010/11/08 18:08:28 | 002,644,248 | ---- | M] () -- C:\Programme\MAGIX\PC_Check_Tuning_Free_2011\MxTray.exe
MOD - [2010/11/04 12:21:28 | 000,635,904 | ---- | M] () -- C:\Programme\MAGIX\PC_Check_Tuning_Free_2011\MFL_U_VC9.DLL
MOD - [2009/06/23 04:42:42 | 000,043,008 | ---- | M] () -- C:\Programme\Vidalia Bundle\Vidalia\libgcc_s_dw2-1.dll
MOD - [2007/09/05 16:42:10 | 000,638,976 | ---- | M] () -- C:\Programme\MAGIX\PC_Check_Tuning_Free_2011\PlayRIpl.dll
========== Services (SafeList) ==========
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - [2012/08/29 16:17:06 | 002,445,880 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Programme\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon)
SRV - [2012/07/27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/14 15:59:32 | 000,497,320 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Programme\CheckPoint\ZAForceField\ISWSVC.exe -- (IswSvc)
SRV - [2012/07/14 02:17:12 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/31 21:46:50 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/05/31 21:46:50 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/03/10 02:16:28 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2012/01/06 19:55:47 | 001,564,368 | ---- | M] () [Disabled | Stopped] -- C:\Programme\Guard-ICQ\GuardICQ.exe -- (Guard.Mail.ru)
SRV - [2010/11/20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010/11/04 12:45:14 | 000,186,368 | ---- | M] (MAGIX AG) [Auto | Stopped] -- C:\Programme\MAGIX\PC_Check_Tuning_Free_2011\MXSAS.exe -- (MAGIX StartUp Analyze Service)
SRV - [2010/07/04 19:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Running] -- C:\Users\Nathalie\AppData\Local\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132)
DRV - [2012/07/14 15:59:44 | 000,027,056 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Programme\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV - [2012/05/31 21:46:51 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012/05/31 21:46:51 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012/01/09 18:59:32 | 000,468,272 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2012/01/09 18:59:30 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\kl1.sys -- (KL1)
DRV - [2012/01/09 18:59:30 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl2.sys -- (kl2)
DRV - [2011/09/16 16:08:07 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011/05/07 17:51:28 | 000,455,256 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\System32\drivers\vsdatant.sys -- (Vsdatant)
DRV - [2010/11/20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/06/14 09:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/05/12 12:14:58 | 000,121,576 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2010/05/12 12:14:56 | 000,096,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2010/05/12 12:14:56 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2010/04/27 04:25:16 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2010/04/27 04:25:16 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus)
DRV - [2010/04/27 04:25:16 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV - [2010/04/27 04:25:12 | 000,123,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2010/04/27 04:25:12 | 000,098,560 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bus.sys -- (ss_bus)
DRV - [2010/04/27 04:25:12 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2010/04/01 10:13:38 | 001,009,184 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se)
DRV - [2010/03/16 06:52:00 | 011,573,768 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/10/08 16:55:33 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/07/14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.zonealarm.com/?Source=Homepage&oemCode=ZLN114523570322718-1001&toolbarId=base&affiliateId=1001&Lan=de&utid=d63809ec0000000000000025d31d0a73
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{67BB476D-508E-4326-9D3C-23996A4DD1C8}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=DVS2&o=1586&src=crm&q={searchTerms}&locale=&apn_ptnrs=^AAA&apn_dtid=^YYYYYY^YY^DE&apn_uid=CF1196C2-17A7-4D06-9DF1-5A15ACC5650A&apn_sauid=B529C341-3D5C-45FF-B05C-E67D9CA7C1FD
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searcerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={46A84E6B-EF2C-47B0-AAAE-7600A9C66804}&mid=7e29fc70d08947d0a6e0d15650c557f2-434cef8a0017b20bb8bbba9ac4a3c4db3d1fa958&lang=en&ds=bm013&pr=sa&d=2012-08-04 23:29:43&v=12.1.0.21&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{A7AD9E6B-F11E-4C1E-9158-6242F00473DD}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.startup.homepage: "hxxp://search.zonealarm.com/?Source=Homepage&oemCode=ZLN114523570322718-1001&toolbarId=base&affiliateId=1001&Lan=de&utid=d63809ec0000000000000025d31d0a73"
FF - prefs.js..extensions.enabledItems: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f}:2.5.8.6
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.91
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@t-immersion.com/DFusionHomeWebPlugIn: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Nathalie\AppData\Roaming\Move Networks\plugins\071803000001\npqmp071803000001.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Nathalie\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Nathalie\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/08/23 20:14:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2012/09/01 13:19:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/08/23 19:55:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/08/23 19:55:48 | 000,000,000 | ---D | M]
[2010/04/20 22:15:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nathalie\AppData\Roaming\mozilla\Extensions
[2012/09/01 13:19:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nathalie\AppData\Roaming\mozilla\Firefox\Profiles\dc1z684w.default\extensions
[2012/08/23 20:00:21 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Nathalie\AppData\Roaming\mozilla\Firefox\Profiles\dc1z684w.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2012/03/11 04:23:39 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Nathalie\AppData\Roaming\mozilla\Firefox\Profiles\dc1z684w.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012/09/01 13:19:30 | 000,000,000 | ---D | M] (zonealarm.com) -- C:\Users\Nathalie\AppData\Roaming\mozilla\Firefox\Profiles\dc1z684w.default\extensions\ffxtlbr@zonealarm.com
[2012/01/10 00:47:40 | 000,000,000 | ---D | M] (SpeedFox) -- C:\Users\Nathalie\AppData\Roaming\mozilla\Firefox\Profiles\dc1z684w.default\extensions\jid1-uabu5A9hduqzCw@jetpack
[2012/01/08 14:04:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nathalie\AppData\Roaming\mozilla\Firefox\Profiles\dc1z684w.default\extensions\nostmp
[2011/07/29 23:02:18 | 000,002,333 | ---- | M] () -- C:\Users\Nathalie\AppData\Roaming\Mozilla\Firefox\Profiles\dc1z684w.default\searchplugins\askcom.xml
[2010/06/08 11:29:10 | 000,000,927 | ---- | M] () -- C:\Users\Nathalie\AppData\Roaming\Mozilla\Firefox\Profiles\dc1z684w.default\searchplugins\conduit.xml
[2012/09/01 09:51:08 | 000,001,056 | ---- | M] () -- C:\Users\Nathalie\AppData\Roaming\Mozilla\Firefox\Profiles\dc1z684w.default\searchplugins\icqplugin.xml
[2012/08/23 19:43:03 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012/03/03 21:40:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/09/01 12:11:21 | 000,773,913 | ---- | M] () (No name found) -- C:\USERS\NATHALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DC1Z684W.DEFAULT\EXTENSIONS\{E0204BD5-9D31-402B-A99D-A6AA8FFEBDCA}.XPI
[2012/08/23 20:00:22 | 000,685,019 | ---- | M] () (No name found) -- C:\USERS\NATHALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DC1Z684W.DEFAULT\EXTENSIONS\{EF4E370E-D9F0-4E00-B93E-A4F274CFDD5A}.XPI
[2012/09/01 11:41:25 | 000,221,522 | ---- | M] () (No name found) -- C:\USERS\NATHALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DC1Z684W.DEFAULT\EXTENSIONS\GMAILWATCHER@SONTHAKIT.XPI
[2012/07/14 02:17:47 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/07/14 02:16:36 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/07/14 02:16:36 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - homepage: hxxp://start.icq.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: hxxp://start.icq.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Nathalie\AppData\Local\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Nathalie\AppData\Local\Google\Chrome\Application\21.0.1180.83\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Nathalie\AppData\Local\Google\Chrome\Application\21.0.1180.83\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U32 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.320.5 (Enabled) = C:\Windows\system32\npdeployJava1.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Move Media Player 7 (Enabled) = C:\Users\Nathalie\AppData\Roaming\Move Networks\plugins\071803000001\npqmp071803000001.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll
CHR - Extension: Koji NISHIDA = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\acganlmcjehnfmehkmlimgkaloifodlf\2_0\
CHR - Extension: Entanglement = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\
CHR - Extension: BetterFlirt = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\befplpgnchpaahcgdgmljdklhpoonmnc\1.2.2_0\
CHR - Extension: YouTube = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Fun Switcher = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddeoimiimmmfddbiggnbipkjomlalanb\0.0.0.3_0\
CHR - Extension: Pic3D | 3D Converter = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgdldhjodnhddcdfagfdmnemdmijbljj\1.0.1.3_0\
CHR - Extension: Elemente und Physik = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcpedjbhjpalhdjkbchahkcceaikoda\1.2.0_0\
CHR - Extension: Facebook Unseen = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfjpoahaombpolfifdahikhbdnjjeifk\1.1.1.3_0\
CHR - Extension: AdBlock = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.42_0\
CHR - Extension: Little Alchemy = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd\0.0.12_0\
CHR - Extension: Google Mail-Checker = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\
CHR - Extension: Mehr Leistung und Videoformate fr dein HTML5 video = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Google Mail = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2012/03/22 00:48:53 | 000,441,475 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 15172 more lines...
O2 - BHO: (Zonealarm Helper Object) - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Programme\Check Point Software Technologies LTD\zonealarm\1.6.7.4\bh\zonealarm.dll (Montera Technologeis LTD)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [ccleaner] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - HKCU..\Run: [DriverScanner] C:\Program Files\Uniblue\DriverScanner\launcher.exe (Uniblue Systems Limited)
O4 - HKCU..\Run: [PicPick Start] C:\Program Files\PicPick\picpick.exe (NTeWORKS)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [Vidalia] C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Nathalie\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Programme\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Programme\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 10.7.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{73B78241-87FC-45F0-B59F-D40419A5D436}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008/08/21 11:50:32 | 000,000,672 | RH-- | M] () - D:\autoexec.bat -- [ FAT32 ]
O32 - Unable to obtain root file information for disk I:\
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012/09/02 00:59:29 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Local\CrashDumps
[2012/09/01 18:39:33 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012/09/01 13:20:11 | 000,011,352 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\kl2.sys
[2012/09/01 13:20:10 | 000,133,208 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\kl1.sys
[2012/09/01 13:20:03 | 000,468,272 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2012/09/01 13:19:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
[2012/09/01 13:19:41 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\Documents\ForceField Shared Files
[2012/09/01 13:19:41 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Roaming\CheckPoint
[2012/09/01 12:11:04 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Roaming\tor
[2012/09/01 12:10:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vidalia Bundle
[2012/09/01 12:10:52 | 000,000,000 | ---D | C] -- C:\Program Files\Vidalia Bundle
[2012/09/01 12:10:52 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Local\Vidalia
[2012/09/01 12:10:52 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Local\Tor
[2012/09/01 11:40:30 | 000,000,000 | ---D | C] -- C:\Program Files\Check Point Software Technologies LTD
[2012/09/01 11:38:09 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint
[2012/09/01 11:38:04 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint
[2012/09/01 11:37:45 | 000,014,664 | ---- | C] (McAfee, Inc.) -- C:\Windows\stinger.sys
[2012/09/01 11:35:51 | 000,000,000 | ---D | C] -- C:\Program Files\stinger
[2012/09/01 11:35:20 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2012/09/01 11:27:37 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Local\NPE
[2012/09/01 03:33:31 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Roaming\Malwarebytes
[2012/09/01 03:33:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/09/01 03:33:16 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/09/01 03:33:16 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/09/01 03:33:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/09/01 02:40:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Uniblue
[2012/09/01 02:15:14 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Roaming\MAGIX
[2012/09/01 02:15:12 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\Documents\MAGIX_MxTray
[2012/09/01 02:14:50 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\Documents\OnDemandDump
[2012/09/01 02:14:50 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\Documents\CrashLog
[2012/09/01 02:14:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
[2012/09/01 02:14:37 | 000,000,000 | ---D | C] -- C:\ProgramData\MAGIX
[2012/09/01 02:14:37 | 000,000,000 | ---D | C] -- C:\Program Files\MAGIX
[2012/09/01 01:19:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/08/23 20:15:54 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Local\DDMSettings
[2012/08/23 20:12:30 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Roaming\Uniblue
[2012/08/23 20:12:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
[2012/08/23 20:12:27 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2012/08/23 19:55:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/08/23 19:55:23 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2012/08/23 19:43:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/08/23 19:43:04 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/08/04 23:29:16 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
[2012/08/04 23:28:38 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Roaming\picpick
[2012/08/04 23:27:16 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012/08/04 23:26:57 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PicPick
[2012/08/04 23:26:56 | 000,000,000 | ---D | C] -- C:\Program Files\PicPick
========== Files - Modified Within 30 Days ==========
[2012/09/02 01:15:16 | 000,014,816 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/02 01:15:16 | 000,014,816 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/02 01:07:44 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/09/02 01:07:34 | 000,000,420 | ---- | M] () -- C:\Windows\tasks\PCCT - MAGIX AG.job
[2012/09/02 01:07:34 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\DriverScanner.job
[2012/09/02 01:07:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/09/02 01:07:08 | 2411,888,640 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/02 00:56:06 | 000,001,132 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-573435265-2242419648-335125992-1000UA.job
[2012/09/02 00:32:02 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/09/01 19:12:12 | 000,000,000 | ---- | M] () -- C:\Users\Nathalie\defogger_reenable
[2012/09/01 13:26:09 | 000,002,505 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/09/01 13:23:00 | 000,415,877 | ---- | M] () -- C:\Windows\System32\drivers\vsconfig.xml
[2012/09/01 13:19:50 | 000,000,732 | ---- | M] () -- C:\Users\Public\Desktop\ZoneAlarm Security.lnk
[2012/09/01 12:14:28 | 000,000,252 | ---- | M] () -- C:\user.js
[2012/09/01 12:12:43 | 000,014,664 | ---- | M] (McAfee, Inc.) -- C:\Windows\stinger.sys
[2012/09/01 11:52:19 | 006,286,832 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012/09/01 11:52:19 | 001,904,914 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012/09/01 11:52:19 | 000,299,952 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/09/01 11:52:19 | 000,037,816 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/09/01 10:36:49 | 000,000,381 | ---- | M] () -- C:\Users\Nathalie\RECOVER (D) - Verknüpfung.lnk
[2012/09/01 03:33:17 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/09/01 02:56:00 | 000,001,080 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-573435265-2242419648-335125992-1000Core.job
[2012/09/01 02:14:48 | 000,001,039 | ---- | M] () -- C:\Users\Public\Desktop\MAGIX PC Check & Tuning Free 2011.lnk
[2012/08/25 18:06:00 | 000,001,115 | ---- | M] () -- C:\Users\Nathalie\Dokumente - Verknüpfung.lnk
[2012/08/23 20:14:06 | 000,002,066 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2012/08/23 20:14:06 | 000,001,595 | ---- | M] () -- C:\Users\Nathalie\Desktop\DivX Movies.lnk
[2012/08/23 20:13:55 | 000,001,086 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2012/08/23 20:12:30 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\DriverScanner.lnk
[2012/08/23 19:55:37 | 000,001,819 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012/08/23 19:43:06 | 000,001,092 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/08/22 00:58:35 | 000,002,471 | ---- | M] () -- C:\Users\Nathalie\Desktop\Google Chrome.lnk
[2012/08/16 19:48:46 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/08/15 21:20:05 | 000,294,160 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/08/11 01:11:41 | 000,333,108 | ---- | M] () -- C:\Users\Nathalie\Documents\Badoo.jpg
========== Files Created - No Company Name ==========
[2012/09/01 19:12:12 | 000,000,000 | ---- | C] () -- C:\Users\Nathalie\defogger_reenable
[2012/09/01 13:20:17 | 000,415,877 | ---- | C] () -- C:\Windows\System32\drivers\vsconfig.xml
[2012/09/01 13:19:50 | 000,000,732 | ---- | C] () -- C:\Users\Public\Desktop\ZoneAlarm Security.lnk
[2012/09/01 11:40:33 | 000,000,252 | ---- | C] () -- C:\user.js
[2012/09/01 10:36:49 | 000,000,381 | ---- | C] () -- C:\Users\Nathalie\RECOVER (D) - Verknüpfung.lnk
[2012/09/01 03:33:17 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/09/01 02:14:51 | 000,000,420 | ---- | C] () -- C:\Windows\tasks\PCCT - MAGIX AG.job
[2012/09/01 02:14:48 | 000,001,039 | ---- | C] () -- C:\Users\Public\Desktop\MAGIX PC Check & Tuning Free 2011.lnk
[2012/08/25 18:06:00 | 000,001,115 | ---- | C] () -- C:\Users\Nathalie\Dokumente - Verknüpfung.lnk
[2012/08/23 20:14:06 | 000,001,595 | ---- | C] () -- C:\Users\Nathalie\Desktop\DivX Movies.lnk
[2012/08/23 20:13:55 | 000,001,086 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2012/08/23 20:12:32 | 000,000,334 | ---- | C] () -- C:\Windows\tasks\DriverScanner.job
[2012/08/23 20:12:30 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\DriverScanner.lnk
[2012/08/23 19:55:37 | 000,001,819 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012/08/23 19:43:06 | 000,001,104 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/08/23 19:43:06 | 000,001,092 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/08/11 01:11:41 | 000,333,108 | ---- | C] () -- C:\Users\Nathalie\Documents\Badoo.jpg
[2012/04/12 01:34:01 | 000,011,758 | ---- | C] () -- C:\Users\Nathalie\.recently-used.xbel
[2011/12/30 21:56:14 | 000,000,367 | ---- | C] () -- C:\Users\Nathalie\Heimnetzgruppe - Verknüpfung.lnk
[2011/11/11 21:13:46 | 000,000,058 | -H-- | C] () -- C:\Users\Nathalie\.picasa.ini
[2011/09/16 15:19:30 | 000,000,000 | ---- | C] () -- C:\Users\Nathalie\AppData\Local\{B9E38F41-76A7-48B4-BEC5-EB187A0AF4AD}
[2011/08/10 01:15:13 | 000,000,059 | ---- | C] () -- C:\Users\Nathalie\AppData\Roaming\GoodnightTimer.ini
[2011/06/12 02:55:00 | 000,000,000 | ---- | C] () -- C:\Users\Nathalie\AppData\Local\{D9142E35-3487-4FB1-82E8-B4FFE446A814}
[2011/06/09 20:11:45 | 000,035,298 | -HS- | C] () -- C:\Users\Nathalie\Folder.jpg
[2011/06/09 20:11:45 | 000,008,045 | -HS- | C] () -- C:\Users\Nathalie\AlbumArtSmall.jpg
[2011/06/05 15:25:36 | 000,000,000 | ---- | C] () -- C:\Users\Nathalie\AppData\Local\{E28262CC-8EB1-45CB-8574-02ECBD64B999}
[2011/03/09 22:07:02 | 000,172,032 | ---- | C] () -- C:\Windows\System32\scNKService_s.exe
[2011/03/09 22:06:58 | 000,294,912 | R--- | C] () -- C:\Windows\System32\copydrvUsb.exe
[2010/08/04 23:33:41 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
========== LOP Check ==========
[2010/08/30 21:38:48 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\.purple
[2011/12/15 20:09:01 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\AllDup
[2012/09/01 13:19:41 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\CheckPoint
[2012/03/11 04:23:47 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\DVDVideoSoft
[2011/04/16 20:38:35 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\DVDVideoSoftIEHelpers
[2012/03/27 17:52:10 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\foobar2000
[2012/04/12 01:34:01 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\gtk-2.0
[2012/01/08 18:47:51 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\ICQ
[2012/09/01 02:15:14 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\MAGIX
[2010/08/25 00:26:22 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\Miranda
[2010/06/08 01:05:17 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\OpenOffice.org
[2010/08/08 17:11:18 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\Philipp Winterberg
[2010/11/02 06:20:05 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\PhotoScape
[2012/08/04 23:28:38 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\picpick
[2010/08/24 10:09:27 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\Samsung
[2011/08/22 15:10:09 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\Simfy
[2012/01/04 16:42:26 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\Synthesia
[2010/04/21 00:30:11 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\T-Online
[2012/03/23 18:01:13 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\TeamViewer
[2011/08/29 19:06:15 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\Total Immersion
[2012/08/23 20:12:30 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\Uniblue
[2012/09/02 01:07:34 | 000,000,334 | ---- | M] () -- C:\Windows\Tasks\DriverScanner.job
[2012/09/02 01:07:34 | 000,000,420 | ---- | M] () -- C:\Windows\Tasks\PCCT - MAGIX AG.job
[2012/08/24 19:21:06 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
Code:
OTL logfile created on: 02/09/2012 01:10:22 - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\Nathalie\Downloads\Scansysteme
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd/MM/yyyy
2,99 Gb Total Physical Memory | 1,83 Gb Available Physical Memory | 61,05% Memory free
5,99 Gb Paging File | 4,69 Gb Available in Paging File | 78,33% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 268,79 Gb Total Space | 180,44 Gb Free Space | 67,13% Space Free | Partition Type: NTFS
Drive D: | 29,28 Gb Total Space | 14,59 Gb Free Space | 49,84% Space Free | Partition Type: FAT32
Drive I: | 7,45 Gb Total Space | 7,09 Gb Free Space | 95,16% Space Free | Partition Type: FAT32
Computer Name: NATHALIE-PC | User Name: Nathalie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/09/01 18:54:40 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Nathalie\Downloads\Scansysteme\OTL.exe
PRC - [2012/08/29 16:17:06 | 002,445,880 | ---- | M] (Check Point Software Technologies LTD) -- C:\Programme\CheckPoint\ZoneAlarm\vsmon.exe
PRC - [2012/08/29 15:45:24 | 000,073,392 | ---- | M] (Check Point Software Technologies LTD) -- C:\Programme\CheckPoint\ZoneAlarm\zatray.exe
PRC - [2012/08/14 02:44:18 | 002,978,318 | ---- | M] () -- C:\Programme\Vidalia Bundle\Tor\tor.exe
PRC - [2012/08/09 06:50:03 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/07/28 22:35:30 | 006,172,985 | ---- | M] () -- C:\Programme\Vidalia Bundle\Vidalia\vidalia.exe
PRC - [2012/07/27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/07/24 20:58:08 | 003,091,296 | ---- | M] (Piriform Ltd) -- C:\Programme\CCleaner\CCleaner.exe
PRC - [2012/07/14 15:59:32 | 000,497,320 | ---- | M] (Check Point Software Technologies) -- C:\Programme\CheckPoint\ZAForceField\ISWSVC.exe
PRC - [2012/07/14 15:59:08 | 000,738,984 | ---- | M] (Check Point Software Technologies) -- C:\Programme\CheckPoint\ZAForceField\ForceField.exe
PRC - [2012/06/18 07:06:34 | 008,878,720 | ---- | M] (NTeWORKS) -- C:\Programme\PicPick\picpick.exe
PRC - [2012/05/31 21:46:50 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/05/31 21:46:50 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012/05/31 21:46:50 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011/10/20 13:43:56 | 000,025,464 | ---- | M] (Uniblue Systems Limited) -- C:\Programme\Uniblue\DriverScanner\dsmonitor.exe
PRC - [2011/07/29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/06/24 06:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011/05/10 18:02:20 | 000,181,248 | ---- | M] () -- C:\Programme\Vidalia Bundle\Polipo\polipo.exe
PRC - [2010/11/20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/08 18:08:28 | 002,644,248 | ---- | M] () -- C:\Programme\MAGIX\PC_Check_Tuning_Free_2011\MxTray.exe
PRC - [2010/07/04 19:07:40 | 000,238,952 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe
========== Modules (No Company Name) ==========
MOD - [2012/08/14 02:44:18 | 002,978,318 | ---- | M] () -- C:\Programme\Vidalia Bundle\Tor\tor.exe
MOD - [2012/07/28 22:35:30 | 006,172,985 | ---- | M] () -- C:\Programme\Vidalia Bundle\Vidalia\vidalia.exe
MOD - [2012/07/25 01:17:28 | 000,035,328 | ---- | M] () -- C:\Programme\CCleaner\Lang\lang-1031.dll
MOD - [2011/08/24 00:59:50 | 000,047,972 | ---- | M] () -- C:\Programme\Vidalia Bundle\Vidalia\mingwm10.dll
MOD - [2011/07/29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
MOD - [2011/05/10 18:02:20 | 000,181,248 | ---- | M] () -- C:\Programme\Vidalia Bundle\Polipo\polipo.exe
MOD - [2011/05/10 18:02:20 | 000,076,800 | ---- | M] () -- C:\Programme\Vidalia Bundle\Polipo\libgnurx-0.dll
MOD - [2010/11/08 18:08:28 | 002,644,248 | ---- | M] () -- C:\Programme\MAGIX\PC_Check_Tuning_Free_2011\MxTray.exe
MOD - [2010/11/04 12:21:28 | 000,635,904 | ---- | M] () -- C:\Programme\MAGIX\PC_Check_Tuning_Free_2011\MFL_U_VC9.DLL
MOD - [2009/06/23 04:42:42 | 000,043,008 | ---- | M] () -- C:\Programme\Vidalia Bundle\Vidalia\libgcc_s_dw2-1.dll
MOD - [2007/09/05 16:42:10 | 000,638,976 | ---- | M] () -- C:\Programme\MAGIX\PC_Check_Tuning_Free_2011\PlayRIpl.dll
========== Services (SafeList) ==========
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - [2012/08/29 16:17:06 | 002,445,880 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Programme\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon)
SRV - [2012/07/27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/14 15:59:32 | 000,497,320 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Programme\CheckPoint\ZAForceField\ISWSVC.exe -- (IswSvc)
SRV - [2012/07/14 02:17:12 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/31 21:46:50 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/05/31 21:46:50 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/03/10 02:16:28 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2012/01/06 19:55:47 | 001,564,368 | ---- | M] () [Disabled | Stopped] -- C:\Programme\Guard-ICQ\GuardICQ.exe -- (Guard.Mail.ru)
SRV - [2010/11/20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010/11/04 12:45:14 | 000,186,368 | ---- | M] (MAGIX AG) [Auto | Stopped] -- C:\Programme\MAGIX\PC_Check_Tuning_Free_2011\MXSAS.exe -- (MAGIX StartUp Analyze Service)
SRV - [2010/07/04 19:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Running] -- C:\Users\Nathalie\AppData\Local\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132)
DRV - [2012/07/14 15:59:44 | 000,027,056 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Programme\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV - [2012/05/31 21:46:51 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012/05/31 21:46:51 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012/01/09 18:59:32 | 000,468,272 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2012/01/09 18:59:30 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\kl1.sys -- (KL1)
DRV - [2012/01/09 18:59:30 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl2.sys -- (kl2)
DRV - [2011/09/16 16:08:07 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011/05/07 17:51:28 | 000,455,256 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\System32\drivers\vsdatant.sys -- (Vsdatant)
DRV - [2010/11/20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/06/14 09:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/05/12 12:14:58 | 000,121,576 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2010/05/12 12:14:56 | 000,096,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2010/05/12 12:14:56 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2010/04/27 04:25:16 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2010/04/27 04:25:16 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus)
DRV - [2010/04/27 04:25:16 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV - [2010/04/27 04:25:12 | 000,123,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2010/04/27 04:25:12 | 000,098,560 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bus.sys -- (ss_bus)
DRV - [2010/04/27 04:25:12 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2010/04/01 10:13:38 | 001,009,184 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se)
DRV - [2010/03/16 06:52:00 | 011,573,768 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/10/08 16:55:33 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/07/14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.zonealarm.com/?Source=Homepage&oemCode=ZLN114523570322718-1001&toolbarId=base&affiliateId=1001&Lan=de&utid=d63809ec0000000000000025d31d0a73
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{67BB476D-508E-4326-9D3C-23996A4DD1C8}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=DVS2&o=1586&src=crm&q={searchTerms}&locale=&apn_ptnrs=^AAA&apn_dtid=^YYYYYY^YY^DE&apn_uid=CF1196C2-17A7-4D06-9DF1-5A15ACC5650A&apn_sauid=B529C341-3D5C-45FF-B05C-E67D9CA7C1FD
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searcerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={46A84E6B-EF2C-47B0-AAAE-7600A9C66804}&mid=7e29fc70d08947d0a6e0d15650c557f2-434cef8a0017b20bb8bbba9ac4a3c4db3d1fa958&lang=en&ds=bm013&pr=sa&d=2012-08-04 23:29:43&v=12.1.0.21&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{A7AD9E6B-F11E-4C1E-9158-6242F00473DD}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.startup.homepage: "hxxp://search.zonealarm.com/?Source=Homepage&oemCode=ZLN114523570322718-1001&toolbarId=base&affiliateId=1001&Lan=de&utid=d63809ec0000000000000025d31d0a73"
FF - prefs.js..extensions.enabledItems: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f}:2.5.8.6
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.91
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@t-immersion.com/DFusionHomeWebPlugIn: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Nathalie\AppData\Roaming\Move Networks\plugins\071803000001\npqmp071803000001.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Nathalie\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Nathalie\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/08/23 20:14:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2012/09/01 13:19:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/08/23 19:55:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/08/23 19:55:48 | 000,000,000 | ---D | M]
[2010/04/20 22:15:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nathalie\AppData\Roaming\mozilla\Extensions
[2012/09/01 13:19:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nathalie\AppData\Roaming\mozilla\Firefox\Profiles\dc1z684w.default\extensions
[2012/08/23 20:00:21 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Nathalie\AppData\Roaming\mozilla\Firefox\Profiles\dc1z684w.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2012/03/11 04:23:39 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Nathalie\AppData\Roaming\mozilla\Firefox\Profiles\dc1z684w.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012/09/01 13:19:30 | 000,000,000 | ---D | M] (zonealarm.com) -- C:\Users\Nathalie\AppData\Roaming\mozilla\Firefox\Profiles\dc1z684w.default\extensions\ffxtlbr@zonealarm.com
[2012/01/10 00:47:40 | 000,000,000 | ---D | M] (SpeedFox) -- C:\Users\Nathalie\AppData\Roaming\mozilla\Firefox\Profiles\dc1z684w.default\extensions\jid1-uabu5A9hduqzCw@jetpack
[2012/01/08 14:04:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nathalie\AppData\Roaming\mozilla\Firefox\Profiles\dc1z684w.default\extensions\nostmp
[2011/07/29 23:02:18 | 000,002,333 | ---- | M] () -- C:\Users\Nathalie\AppData\Roaming\Mozilla\Firefox\Profiles\dc1z684w.default\searchplugins\askcom.xml
[2010/06/08 11:29:10 | 000,000,927 | ---- | M] () -- C:\Users\Nathalie\AppData\Roaming\Mozilla\Firefox\Profiles\dc1z684w.default\searchplugins\conduit.xml
[2012/09/01 09:51:08 | 000,001,056 | ---- | M] () -- C:\Users\Nathalie\AppData\Roaming\Mozilla\Firefox\Profiles\dc1z684w.default\searchplugins\icqplugin.xml
[2012/08/23 19:43:03 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012/03/03 21:40:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/09/01 12:11:21 | 000,773,913 | ---- | M] () (No name found) -- C:\USERS\NATHALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DC1Z684W.DEFAULT\EXTENSIONS\{E0204BD5-9D31-402B-A99D-A6AA8FFEBDCA}.XPI
[2012/08/23 20:00:22 | 000,685,019 | ---- | M] () (No name found) -- C:\USERS\NATHALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DC1Z684W.DEFAULT\EXTENSIONS\{EF4E370E-D9F0-4E00-B93E-A4F274CFDD5A}.XPI
[2012/09/01 11:41:25 | 000,221,522 | ---- | M] () (No name found) -- C:\USERS\NATHALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DC1Z684W.DEFAULT\EXTENSIONS\GMAILWATCHER@SONTHAKIT.XPI
[2012/07/14 02:17:47 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/07/14 02:16:36 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/07/14 02:16:36 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - homepage: hxxp://start.icq.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: hxxp://start.icq.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Nathalie\AppData\Local\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Nathalie\AppData\Local\Google\Chrome\Application\21.0.1180.83\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Nathalie\AppData\Local\Google\Chrome\Application\21.0.1180.83\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U32 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.320.5 (Enabled) = C:\Windows\system32\npdeployJava1.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Move Media Player 7 (Enabled) = C:\Users\Nathalie\AppData\Roaming\Move Networks\plugins\071803000001\npqmp071803000001.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll
CHR - Extension: Koji NISHIDA = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\acganlmcjehnfmehkmlimgkaloifodlf\2_0\
CHR - Extension: Entanglement = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\
CHR - Extension: BetterFlirt = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\befplpgnchpaahcgdgmljdklhpoonmnc\1.2.2_0\
CHR - Extension: YouTube = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Fun Switcher = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddeoimiimmmfddbiggnbipkjomlalanb\0.0.0.3_0\
CHR - Extension: Pic3D | 3D Converter = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgdldhjodnhddcdfagfdmnemdmijbljj\1.0.1.3_0\
CHR - Extension: Elemente und Physik = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcpedjbhjpalhdjkbchahkcceaikoda\1.2.0_0\
CHR - Extension: Facebook Unseen = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfjpoahaombpolfifdahikhbdnjjeifk\1.1.1.3_0\
CHR - Extension: AdBlock = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.42_0\
CHR - Extension: Little Alchemy = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd\0.0.12_0\
CHR - Extension: Google Mail-Checker = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\
CHR - Extension: Mehr Leistung und Videoformate fr dein HTML5 video = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Google Mail = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2012/03/22 00:48:53 | 000,441,475 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 15172 more lines...
O2 - BHO: (Zonealarm Helper Object) - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Programme\Check Point Software Technologies LTD\zonealarm\1.6.7.4\bh\zonealarm.dll (Montera Technologeis LTD)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [ccleaner] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - HKCU..\Run: [DriverScanner] C:\Program Files\Uniblue\DriverScanner\launcher.exe (Uniblue Systems Limited)
O4 - HKCU..\Run: [PicPick Start] C:\Program Files\PicPick\picpick.exe (NTeWORKS)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [Vidalia] C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Nathalie\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Programme\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Programme\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 10.7.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{73B78241-87FC-45F0-B59F-D40419A5D436}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008/08/21 11:50:32 | 000,000,672 | RH-- | M] () - D:\autoexec.bat -- [ FAT32 ]
O32 - Unable to obtain root file information for disk I:\
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012/09/02 00:59:29 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Local\CrashDumps
[2012/09/01 18:39:33 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012/09/01 13:20:11 | 000,011,352 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\kl2.sys
[2012/09/01 13:20:10 | 000,133,208 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\kl1.sys
[2012/09/01 13:20:03 | 000,468,272 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2012/09/01 13:19:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
[2012/09/01 13:19:41 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\Documents\ForceField Shared Files
[2012/09/01 13:19:41 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Roaming\CheckPoint
[2012/09/01 12:11:04 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Roaming\tor
[2012/09/01 12:10:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vidalia Bundle
[2012/09/01 12:10:52 | 000,000,000 | ---D | C] -- C:\Program Files\Vidalia Bundle
[2012/09/01 12:10:52 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Local\Vidalia
[2012/09/01 12:10:52 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Local\Tor
[2012/09/01 11:40:30 | 000,000,000 | ---D | C] -- C:\Program Files\Check Point Software Technologies LTD
[2012/09/01 11:38:09 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint
[2012/09/01 11:38:04 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint
[2012/09/01 11:37:45 | 000,014,664 | ---- | C] (McAfee, Inc.) -- C:\Windows\stinger.sys
[2012/09/01 11:35:51 | 000,000,000 | ---D | C] -- C:\Program Files\stinger
[2012/09/01 11:35:20 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2012/09/01 11:27:37 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Local\NPE
[2012/09/01 03:33:31 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Roaming\Malwarebytes
[2012/09/01 03:33:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/09/01 03:33:16 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/09/01 03:33:16 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/09/01 03:33:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/09/01 02:40:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Uniblue
[2012/09/01 02:15:14 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Roaming\MAGIX
[2012/09/01 02:15:12 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\Documents\MAGIX_MxTray
[2012/09/01 02:14:50 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\Documents\OnDemandDump
[2012/09/01 02:14:50 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\Documents\CrashLog
[2012/09/01 02:14:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
[2012/09/01 02:14:37 | 000,000,000 | ---D | C] -- C:\ProgramData\MAGIX
[2012/09/01 02:14:37 | 000,000,000 | ---D | C] -- C:\Program Files\MAGIX
[2012/09/01 01:19:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/08/23 20:15:54 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Local\DDMSettings
[2012/08/23 20:12:30 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Roaming\Uniblue
[2012/08/23 20:12:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
[2012/08/23 20:12:27 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2012/08/23 19:55:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/08/23 19:55:23 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2012/08/23 19:43:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/08/23 19:43:04 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/08/04 23:29:16 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
[2012/08/04 23:28:38 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Roaming\picpick
[2012/08/04 23:27:16 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012/08/04 23:26:57 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PicPick
[2012/08/04 23:26:56 | 000,000,000 | ---D | C] -- C:\Program Files\PicPick
========== Files - Modified Within 30 Days ==========
[2012/09/02 01:15:16 | 000,014,816 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/02 01:15:16 | 000,014,816 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/02 01:07:44 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/09/02 01:07:34 | 000,000,420 | ---- | M] () -- C:\Windows\tasks\PCCT - MAGIX AG.job
[2012/09/02 01:07:34 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\DriverScanner.job
[2012/09/02 01:07:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/09/02 01:07:08 | 2411,888,640 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/02 00:56:06 | 000,001,132 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-573435265-2242419648-335125992-1000UA.job
[2012/09/02 00:32:02 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/09/01 19:12:12 | 000,000,000 | ---- | M] () -- C:\Users\Nathalie\defogger_reenable
[2012/09/01 13:26:09 | 000,002,505 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/09/01 13:23:00 | 000,415,877 | ---- | M] () -- C:\Windows\System32\drivers\vsconfig.xml
[2012/09/01 13:19:50 | 000,000,732 | ---- | M] () -- C:\Users\Public\Desktop\ZoneAlarm Security.lnk
[2012/09/01 12:14:28 | 000,000,252 | ---- | M] () -- C:\user.js
[2012/09/01 12:12:43 | 000,014,664 | ---- | M] (McAfee, Inc.) -- C:\Windows\stinger.sys
[2012/09/01 11:52:19 | 006,286,832 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012/09/01 11:52:19 | 001,904,914 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012/09/01 11:52:19 | 000,299,952 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/09/01 11:52:19 | 000,037,816 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/09/01 10:36:49 | 000,000,381 | ---- | M] () -- C:\Users\Nathalie\RECOVER (D) - Verknüpfung.lnk
[2012/09/01 03:33:17 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/09/01 02:56:00 | 000,001,080 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-573435265-2242419648-335125992-1000Core.job
[2012/09/01 02:14:48 | 000,001,039 | ---- | M] () -- C:\Users\Public\Desktop\MAGIX PC Check & Tuning Free 2011.lnk
[2012/08/25 18:06:00 | 000,001,115 | ---- | M] () -- C:\Users\Nathalie\Dokumente - Verknüpfung.lnk
[2012/08/23 20:14:06 | 000,002,066 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2012/08/23 20:14:06 | 000,001,595 | ---- | M] () -- C:\Users\Nathalie\Desktop\DivX Movies.lnk
[2012/08/23 20:13:55 | 000,001,086 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2012/08/23 20:12:30 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\DriverScanner.lnk
[2012/08/23 19:55:37 | 000,001,819 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012/08/23 19:43:06 | 000,001,092 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/08/22 00:58:35 | 000,002,471 | ---- | M] () -- C:\Users\Nathalie\Desktop\Google Chrome.lnk
[2012/08/16 19:48:46 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/08/15 21:20:05 | 000,294,160 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/08/11 01:11:41 | 000,333,108 | ---- | M] () -- C:\Users\Nathalie\Documents\Badoo.jpg
========== Files Created - No Company Name ==========
[2012/09/01 19:12:12 | 000,000,000 | ---- | C] () -- C:\Users\Nathalie\defogger_reenable
[2012/09/01 13:20:17 | 000,415,877 | ---- | C] () -- C:\Windows\System32\drivers\vsconfig.xml
[2012/09/01 13:19:50 | 000,000,732 | ---- | C] () -- C:\Users\Public\Desktop\ZoneAlarm Security.lnk
[2012/09/01 11:40:33 | 000,000,252 | ---- | C] () -- C:\user.js
[2012/09/01 10:36:49 | 000,000,381 | ---- | C] () -- C:\Users\Nathalie\RECOVER (D) - Verknüpfung.lnk
[2012/09/01 03:33:17 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/09/01 02:14:51 | 000,000,420 | ---- | C] () -- C:\Windows\tasks\PCCT - MAGIX AG.job
[2012/09/01 02:14:48 | 000,001,039 | ---- | C] () -- C:\Users\Public\Desktop\MAGIX PC Check & Tuning Free 2011.lnk
[2012/08/25 18:06:00 | 000,001,115 | ---- | C] () -- C:\Users\Nathalie\Dokumente - Verknüpfung.lnk
[2012/08/23 20:14:06 | 000,001,595 | ---- | C] () -- C:\Users\Nathalie\Desktop\DivX Movies.lnk
[2012/08/23 20:13:55 | 000,001,086 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2012/08/23 20:12:32 | 000,000,334 | ---- | C] () -- C:\Windows\tasks\DriverScanner.job
[2012/08/23 20:12:30 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\DriverScanner.lnk
[2012/08/23 19:55:37 | 000,001,819 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012/08/23 19:43:06 | 000,001,104 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/08/23 19:43:06 | 000,001,092 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/08/11 01:11:41 | 000,333,108 | ---- | C] () -- C:\Users\Nathalie\Documents\Badoo.jpg
[2012/04/12 01:34:01 | 000,011,758 | ---- | C] () -- C:\Users\Nathalie\.recently-used.xbel
[2011/12/30 21:56:14 | 000,000,367 | ---- | C] () -- C:\Users\Nathalie\Heimnetzgruppe - Verknüpfung.lnk
[2011/11/11 21:13:46 | 000,000,058 | -H-- | C] () -- C:\Users\Nathalie\.picasa.ini
[2011/09/16 15:19:30 | 000,000,000 | ---- | C] () -- C:\Users\Nathalie\AppData\Local\{B9E38F41-76A7-48B4-BEC5-EB187A0AF4AD}
[2011/08/10 01:15:13 | 000,000,059 | ---- | C] () -- C:\Users\Nathalie\AppData\Roaming\GoodnightTimer.ini
[2011/06/12 02:55:00 | 000,000,000 | ---- | C] () -- C:\Users\Nathalie\AppData\Local\{D9142E35-3487-4FB1-82E8-B4FFE446A814}
[2011/06/09 20:11:45 | 000,035,298 | -HS- | C] () -- C:\Users\Nathalie\Folder.jpg
[2011/06/09 20:11:45 | 000,008,045 | -HS- | C] () -- C:\Users\Nathalie\AlbumArtSmall.jpg
[2011/06/05 15:25:36 | 000,000,000 | ---- | C] () -- C:\Users\Nathalie\AppData\Local\{E28262CC-8EB1-45CB-8574-02ECBD64B999}
[2011/03/09 22:07:02 | 000,172,032 | ---- | C] () -- C:\Windows\System32\scNKService_s.exe
[2011/03/09 22:06:58 | 000,294,912 | R--- | C] () -- C:\Windows\System32\copydrvUsb.exe
[2010/08/04 23:33:41 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
========== LOP Check ==========
[2010/08/30 21:38:48 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\.purple
[2011/12/15 20:09:01 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\AllDup
[2012/09/01 13:19:41 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\CheckPoint
[2012/03/11 04:23:47 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\DVDVideoSoft
[2011/04/16 20:38:35 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\DVDVideoSoftIEHelpers
[2012/03/27 17:52:10 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\foobar2000
[2012/04/12 01:34:01 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\gtk-2.0
[2012/01/08 18:47:51 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\ICQ
[2012/09/01 02:15:14 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\MAGIX
[2010/08/25 00:26:22 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\Miranda
[2010/06/08 01:05:17 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\OpenOffice.org
[2010/08/08 17:11:18 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\Philipp Winterberg
[2010/11/02 06:20:05 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\PhotoScape
[2012/08/04 23:28:38 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\picpick
[2010/08/24 10:09:27 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\Samsung
[2011/08/22 15:10:09 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\Simfy
[2012/01/04 16:42:26 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\Synthesia
[2010/04/21 00:30:11 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\T-Online
[2012/03/23 18:01:13 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\TeamViewer
[2011/08/29 19:06:15 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\Total Immersion
[2012/08/23 20:12:30 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\Uniblue
[2012/09/02 01:07:34 | 000,000,334 | ---- | M] () -- C:\Windows\Tasks\DriverScanner.job
[2012/09/02 01:07:34 | 000,000,420 | ---- | M] () -- C:\Windows\Tasks\PCCT - MAGIX AG.job
[2012/08/24 19:21:06 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
|
