Hallo zusammen!
Sowohl in google chrome (Standartbrowser) als auch in firefox (als vegleichstest installiert) sind seit einigen Tagen die downloads extrem langsam. 5 MB brauchen schonmal 30 min. Videos lade ich schon garnicht mehr, die stocken alle 2 sek.
Ich benutze Windows 7, habe sowohl antiVIR, hijackthis als auch malwarebits durchlaufen lassen. masware hat beim ersten mal miranda32.exe gefunden und gelöscht. Nach neustart etc. geht auch nichts schneller voran.
Habe auch meinen wlan router auf Firmwareupdates geprüft. Alles gut.

Hier die logfiledatei:
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.08.31.13

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 8.0.7601.17514
Nathalie :: NATHALIE-PC [limitiert]

01/09/2012 12:41:10
mbam-log-2012-09-01 (12-41-10).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 190817
Laufzeit: 5 Minute(n), 43 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Hier hijack:

HiJackthis Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:51:10, on 01/09/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe
C:\Program Files\MAGIX\PC_Check_Tuning_Free_2011\MxTray.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\PicPick\picpick.exe
C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe
C:\Program Files\Vidalia Bundle\Tor\tor.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Vidalia Bundle\Polipo\polipo.exe
C:\Windows\system32\conhost.exe
C:\Users\Nathalie\Downloads\stinger1020757.exe
C:\Users\Nathalie\AppData\Local\Temp\{907A1104-E812-4b5c-959B-E4DAB37A96AB}\Install.exe
C:\Users\Nathalie\AppData\Local\Temp\Temp1_AntiBundestrojaner_Globell_V_1_3_3.zip\AntiBundestrojaner.exe
C:\Users\Nathalie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Nathalie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Nathalie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Nathalie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Nathalie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Nathalie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Nathalie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Nathalie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Nathalie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\Nathalie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\notepad.exe
C:\Users\Nathalie\Desktop\HiJackThis204.exe
C:\Windows\system32\SearchFilterHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.zonealarm.com/?Source=Homepage&oemCode=ZLN114523570322718-1001&toolbarId=base&affiliateId=1001&Lan=de&utid=d63809ec0000000000000025d31d0a73
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Zonealarm Helper Object - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.6.7.4\bh\zonealarm.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm Installer] "C:\Program Files\CheckPoint\Install\Launcher.exe" "C:\Program Files\CheckPoint\Install\Install.exe" /r download /c "C:\Program Files\CheckPoint\Install\Install.xml" /w
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Nathalie\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [PicPick Start] C:\Program Files\PicPick\picpick.exe /startup
O4 - HKCU\..\Run: [DriverScanner] "C:\Program Files\Uniblue\DriverScanner\launcher.exe" delay 20000 
O4 - HKCU\..\Run: [Vidalia] "C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [InfoCockpit] C:\Program Files\Common Files\Marmiko Shared\Info-Cockpit\IC_START.EXE /nosplash (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [InfoCockpit] C:\Program Files\Common Files\Marmiko Shared\Info-Cockpit\IC_START.EXE /nosplash (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [InfoCockpit] C:\Program Files\Common Files\Marmiko Shared\Info-Cockpit\IC_START.EXE /nosplash (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Nathalie\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Avira Planer (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Echtzeit Scanner (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MAGIX StartUp Analyze Service - MAGIX AG - C:\Program Files\MAGIX\PC_Check_Tuning_Free_2011\MXSAS.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 9464 bytes
         

--- --- ---


Hilfe?!
Danke!

Falls ihr noch irgendwelche Daten braucht, bitte fragen. Ich versuch euch alles zu liefern, bin nur echt eigentlich unwissend weitestgehend. Hoffe es wird trotzdem was

Bitte keine Hijackthis-Logfiles posten!!!

Zitat:

Zitat von Larusso

Uns ist klar, dass HijackThis wahrscheinlich eines der bekanntesten Analysetools ist.

Jedoch scannt es nur noch sehr oberflächlich und gibt uns für eine genaue Analyse eures Systems zu wenig Informationen.

Darum, bitte keine HijackThis Logfiles posten, sondern folgendes lesen und abarbeiten.

http://www.trojaner-board.de/69886-a...-beachten.html

Nur mit diesen Informationen können wir euch helfen.

Danke

Bitte erstmal routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen!
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Die Funde mit Malwarebytes bitte alle entfernen, sodass sie in der Quarantäne von Malwarebytes aufgehoben werden! NICHTS voreilig aus der Quarantäne entfernen!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!



ESET Online Scanner

• Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
• Lade und starte Eset Online Scanner
• Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
• Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
• Klicke auf Starten.
• Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
• Klicke am Ende des Suchlaufs auf Fertig stellen.
• Schließe das Fenster von ESET.
• Explorer öffnen.
• C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
• Logfile hier posten.
• Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
• Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code: Alles auswählenAufklappen

ATTFilter

 hier steht das Log
         

Soll ich auch die Schritte 1-3 (defogger, OTL- Scan, gmer (x86 basiert) ) durchführen und hier posten?

Noch eine Info - am PC treten nun die gleichen Langsamkeitsprobleme auf. Dieser ist ans gleiche System angeschlossen. Gleiches Internet etc. Schreibe hier vom Laptop welcher mit Wlan verbunden ist. Habe 331 Lan- Modem der Telekom und daran angeschlossen den N300 WirelessRouter WNR 2000v3. Vor ein paar Tagen habe ich erst die neueste Firmware installiert (Version V1.1.2.2.)

Das mit dem anderen PC hat sich erledigt. Neustart und alles ging wieder. Sorry.

Malwarebytes Anti-Malware 1.62.0.1300
Malwarebytes : Free Anti-Malware download

Datenbank Version: v2012.09.01.05

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 8.0.7601.17514
Nathalie :: NATHALIE-PC [Administrator]

01/09/2012 18:47:51
LogSep

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|F:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 417032
Laufzeit: 3 Stunde(n), 33 Minute(n), 14 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Windows.old\Windows\System32\__IwWrV9V.exe (Adware.AdRotator) -> Keine Aktion durchgeführt.

(Ende)

--------ESET hat nichts gefunden

Code: Alles auswählenAufklappen

ATTFilter

OTL logfile created on: 02/09/2012 01:10:22 - Run 1
OTL by OldTimer - Version 3.2.59.1     Folder = C:\Users\Nathalie\Downloads\Scansysteme
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd/MM/yyyy
 
2,99 Gb Total Physical Memory | 1,83 Gb Available Physical Memory | 61,05% Memory free
5,99 Gb Paging File | 4,69 Gb Available in Paging File | 78,33% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 268,79 Gb Total Space | 180,44 Gb Free Space | 67,13% Space Free | Partition Type: NTFS
Drive D: | 29,28 Gb Total Space | 14,59 Gb Free Space | 49,84% Space Free | Partition Type: FAT32
Drive I: | 7,45 Gb Total Space | 7,09 Gb Free Space | 95,16% Space Free | Partition Type: FAT32
 
Computer Name: NATHALIE-PC | User Name: Nathalie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012/09/01 18:54:40 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Nathalie\Downloads\Scansysteme\OTL.exe
PRC - [2012/08/29 16:17:06 | 002,445,880 | ---- | M] (Check Point Software Technologies LTD) -- C:\Programme\CheckPoint\ZoneAlarm\vsmon.exe
PRC - [2012/08/29 15:45:24 | 000,073,392 | ---- | M] (Check Point Software Technologies LTD) -- C:\Programme\CheckPoint\ZoneAlarm\zatray.exe
PRC - [2012/08/14 02:44:18 | 002,978,318 | ---- | M] () -- C:\Programme\Vidalia Bundle\Tor\tor.exe
PRC - [2012/08/09 06:50:03 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/07/28 22:35:30 | 006,172,985 | ---- | M] () -- C:\Programme\Vidalia Bundle\Vidalia\vidalia.exe
PRC - [2012/07/27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/07/24 20:58:08 | 003,091,296 | ---- | M] (Piriform Ltd) -- C:\Programme\CCleaner\CCleaner.exe
PRC - [2012/07/14 15:59:32 | 000,497,320 | ---- | M] (Check Point Software Technologies) -- C:\Programme\CheckPoint\ZAForceField\ISWSVC.exe
PRC - [2012/07/14 15:59:08 | 000,738,984 | ---- | M] (Check Point Software Technologies) -- C:\Programme\CheckPoint\ZAForceField\ForceField.exe
PRC - [2012/06/18 07:06:34 | 008,878,720 | ---- | M] (NTeWORKS) -- C:\Programme\PicPick\picpick.exe
PRC - [2012/05/31 21:46:50 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/05/31 21:46:50 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012/05/31 21:46:50 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011/10/20 13:43:56 | 000,025,464 | ---- | M] (Uniblue Systems Limited) -- C:\Programme\Uniblue\DriverScanner\dsmonitor.exe
PRC - [2011/07/29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/06/24 06:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011/05/10 18:02:20 | 000,181,248 | ---- | M] () -- C:\Programme\Vidalia Bundle\Polipo\polipo.exe
PRC - [2010/11/20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/08 18:08:28 | 002,644,248 | ---- | M] () -- C:\Programme\MAGIX\PC_Check_Tuning_Free_2011\MxTray.exe
PRC - [2010/07/04 19:07:40 | 000,238,952 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012/08/14 02:44:18 | 002,978,318 | ---- | M] () -- C:\Programme\Vidalia Bundle\Tor\tor.exe
MOD - [2012/07/28 22:35:30 | 006,172,985 | ---- | M] () -- C:\Programme\Vidalia Bundle\Vidalia\vidalia.exe
MOD - [2012/07/25 01:17:28 | 000,035,328 | ---- | M] () -- C:\Programme\CCleaner\Lang\lang-1031.dll
MOD - [2011/08/24 00:59:50 | 000,047,972 | ---- | M] () -- C:\Programme\Vidalia Bundle\Vidalia\mingwm10.dll
MOD - [2011/07/29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
MOD - [2011/05/10 18:02:20 | 000,181,248 | ---- | M] () -- C:\Programme\Vidalia Bundle\Polipo\polipo.exe
MOD - [2011/05/10 18:02:20 | 000,076,800 | ---- | M] () -- C:\Programme\Vidalia Bundle\Polipo\libgnurx-0.dll
MOD - [2010/11/08 18:08:28 | 002,644,248 | ---- | M] () -- C:\Programme\MAGIX\PC_Check_Tuning_Free_2011\MxTray.exe
MOD - [2010/11/04 12:21:28 | 000,635,904 | ---- | M] () -- C:\Programme\MAGIX\PC_Check_Tuning_Free_2011\MFL_U_VC9.DLL
MOD - [2009/06/23 04:42:42 | 000,043,008 | ---- | M] () -- C:\Programme\Vidalia Bundle\Vidalia\libgcc_s_dw2-1.dll
MOD - [2007/09/05 16:42:10 | 000,638,976 | ---- | M] () -- C:\Programme\MAGIX\PC_Check_Tuning_Free_2011\PlayRIpl.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - [2012/08/29 16:17:06 | 002,445,880 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Programme\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon)
SRV - [2012/07/27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/14 15:59:32 | 000,497,320 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Programme\CheckPoint\ZAForceField\ISWSVC.exe -- (IswSvc)
SRV - [2012/07/14 02:17:12 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/31 21:46:50 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/05/31 21:46:50 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/03/10 02:16:28 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2012/01/06 19:55:47 | 001,564,368 | ---- | M] () [Disabled | Stopped] -- C:\Programme\Guard-ICQ\GuardICQ.exe -- (Guard.Mail.ru)
SRV - [2010/11/20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010/11/04 12:45:14 | 000,186,368 | ---- | M] (MAGIX AG) [Auto | Stopped] -- C:\Programme\MAGIX\PC_Check_Tuning_Free_2011\MXSAS.exe -- (MAGIX StartUp Analyze Service)
SRV - [2010/07/04 19:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Running] -- C:\Users\Nathalie\AppData\Local\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132)
DRV - [2012/07/14 15:59:44 | 000,027,056 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Programme\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV - [2012/05/31 21:46:51 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012/05/31 21:46:51 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012/01/09 18:59:32 | 000,468,272 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2012/01/09 18:59:30 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\kl1.sys -- (KL1)
DRV - [2012/01/09 18:59:30 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl2.sys -- (kl2)
DRV - [2011/09/16 16:08:07 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011/05/07 17:51:28 | 000,455,256 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\System32\drivers\vsdatant.sys -- (Vsdatant)
DRV - [2010/11/20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/06/14 09:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/05/12 12:14:58 | 000,121,576 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2010/05/12 12:14:56 | 000,096,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2010/05/12 12:14:56 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2010/04/27 04:25:16 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2010/04/27 04:25:16 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus)
DRV - [2010/04/27 04:25:16 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV - [2010/04/27 04:25:12 | 000,123,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2010/04/27 04:25:12 | 000,098,560 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bus.sys -- (ss_bus)
DRV - [2010/04/27 04:25:12 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2010/04/01 10:13:38 | 001,009,184 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se)
DRV - [2010/03/16 06:52:00 | 011,573,768 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/10/08 16:55:33 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/07/14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.zonealarm.com/?Source=Homepage&oemCode=ZLN114523570322718-1001&toolbarId=base&affiliateId=1001&Lan=de&utid=d63809ec0000000000000025d31d0a73
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{67BB476D-508E-4326-9D3C-23996A4DD1C8}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=DVS2&o=1586&src=crm&q={searchTerms}&locale=&apn_ptnrs=^AAA&apn_dtid=^YYYYYY^YY^DE&apn_uid=CF1196C2-17A7-4D06-9DF1-5A15ACC5650A&apn_sauid=B529C341-3D5C-45FF-B05C-E67D9CA7C1FD
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searcerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={46A84E6B-EF2C-47B0-AAAE-7600A9C66804}&mid=7e29fc70d08947d0a6e0d15650c557f2-434cef8a0017b20bb8bbba9ac4a3c4db3d1fa958&lang=en&ds=bm013&pr=sa&d=2012-08-04 23:29:43&v=12.1.0.21&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{A7AD9E6B-F11E-4C1E-9158-6242F00473DD}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.startup.homepage: "hxxp://search.zonealarm.com/?Source=Homepage&oemCode=ZLN114523570322718-1001&toolbarId=base&affiliateId=1001&Lan=de&utid=d63809ec0000000000000025d31d0a73"
FF - prefs.js..extensions.enabledItems: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f}:2.5.8.6
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.91
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&q="
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@t-immersion.com/DFusionHomeWebPlugIn:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Nathalie\AppData\Roaming\Move Networks\plugins\071803000001\npqmp071803000001.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Nathalie\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Nathalie\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/08/23 20:14:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2012/09/01 13:19:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/08/23 19:55:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/08/23 19:55:48 | 000,000,000 | ---D | M]
 
[2010/04/20 22:15:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nathalie\AppData\Roaming\mozilla\Extensions
[2012/09/01 13:19:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nathalie\AppData\Roaming\mozilla\Firefox\Profiles\dc1z684w.default\extensions
[2012/08/23 20:00:21 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Nathalie\AppData\Roaming\mozilla\Firefox\Profiles\dc1z684w.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2012/03/11 04:23:39 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Nathalie\AppData\Roaming\mozilla\Firefox\Profiles\dc1z684w.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012/09/01 13:19:30 | 000,000,000 | ---D | M] (zonealarm.com) -- C:\Users\Nathalie\AppData\Roaming\mozilla\Firefox\Profiles\dc1z684w.default\extensions\ffxtlbr@zonealarm.com
[2012/01/10 00:47:40 | 000,000,000 | ---D | M] (SpeedFox) -- C:\Users\Nathalie\AppData\Roaming\mozilla\Firefox\Profiles\dc1z684w.default\extensions\jid1-uabu5A9hduqzCw@jetpack
[2012/01/08 14:04:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nathalie\AppData\Roaming\mozilla\Firefox\Profiles\dc1z684w.default\extensions\nostmp
[2011/07/29 23:02:18 | 000,002,333 | ---- | M] () -- C:\Users\Nathalie\AppData\Roaming\Mozilla\Firefox\Profiles\dc1z684w.default\searchplugins\askcom.xml
[2010/06/08 11:29:10 | 000,000,927 | ---- | M] () -- C:\Users\Nathalie\AppData\Roaming\Mozilla\Firefox\Profiles\dc1z684w.default\searchplugins\conduit.xml
[2012/09/01 09:51:08 | 000,001,056 | ---- | M] () -- C:\Users\Nathalie\AppData\Roaming\Mozilla\Firefox\Profiles\dc1z684w.default\searchplugins\icqplugin.xml
[2012/08/23 19:43:03 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012/03/03 21:40:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/09/01 12:11:21 | 000,773,913 | ---- | M] () (No name found) -- C:\USERS\NATHALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DC1Z684W.DEFAULT\EXTENSIONS\{E0204BD5-9D31-402B-A99D-A6AA8FFEBDCA}.XPI
[2012/08/23 20:00:22 | 000,685,019 | ---- | M] () (No name found) -- C:\USERS\NATHALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DC1Z684W.DEFAULT\EXTENSIONS\{EF4E370E-D9F0-4E00-B93E-A4F274CFDD5A}.XPI
[2012/09/01 11:41:25 | 000,221,522 | ---- | M] () (No name found) -- C:\USERS\NATHALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DC1Z684W.DEFAULT\EXTENSIONS\GMAILWATCHER@SONTHAKIT.XPI
[2012/07/14 02:17:47 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/07/14 02:16:36 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/07/14 02:16:36 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://start.icq.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: hxxp://start.icq.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Nathalie\AppData\Local\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Nathalie\AppData\Local\Google\Chrome\Application\21.0.1180.83\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Nathalie\AppData\Local\Google\Chrome\Application\21.0.1180.83\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U32 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.320.5 (Enabled) = C:\Windows\system32\npdeployJava1.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Move Media Player 7 (Enabled) = C:\Users\Nathalie\AppData\Roaming\Move Networks\plugins\071803000001\npqmp071803000001.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll
CHR - Extension: Koji NISHIDA = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\acganlmcjehnfmehkmlimgkaloifodlf\2_0\
CHR - Extension: Entanglement = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\
CHR - Extension: BetterFlirt = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\befplpgnchpaahcgdgmljdklhpoonmnc\1.2.2_0\
CHR - Extension: YouTube = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Fun Switcher = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddeoimiimmmfddbiggnbipkjomlalanb\0.0.0.3_0\
CHR - Extension: Pic3D | 3D Converter = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgdldhjodnhddcdfagfdmnemdmijbljj\1.0.1.3_0\
CHR - Extension: Elemente und Physik = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcpedjbhjpalhdjkbchahkcceaikoda\1.2.0_0\
CHR - Extension: Facebook Unseen = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfjpoahaombpolfifdahikhbdnjjeifk\1.1.1.3_0\
CHR - Extension: AdBlock = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.42_0\
CHR - Extension: Little Alchemy = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd\0.0.12_0\
CHR - Extension: Google Mail-Checker = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\
CHR - Extension: Mehr Leistung und Videoformate fr dein HTML5 video = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Google Mail = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2012/03/22 00:48:53 | 000,441,475 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	www.008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	www.00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.0scan.com
O1 - Hosts: 127.0.0.1	0scan.com
O1 - Hosts: 127.0.0.1	1000gratisproben.com
O1 - Hosts: 127.0.0.1	www.1000gratisproben.com
O1 - Hosts: 127.0.0.1	1001namen.com
O1 - Hosts: 127.0.0.1	www.1001namen.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	www.100sexlinks.com
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	www.10sek.com
O1 - Hosts: 127.0.0.1	www.1-2005-search.com
O1 - Hosts: 127.0.0.1	1-2005-search.com
O1 - Hosts: 127.0.0.1	123fporn.info
O1 - Hosts: 15172 more lines...
O2 - BHO: (Zonealarm Helper Object) - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Programme\Check Point Software Technologies LTD\zonealarm\1.6.7.4\bh\zonealarm.dll (Montera Technologeis LTD)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [NPSStartup]  File not found
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [ccleaner] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - HKCU..\Run: [DriverScanner] C:\Program Files\Uniblue\DriverScanner\launcher.exe (Uniblue Systems Limited)
O4 - HKCU..\Run: [PicPick Start] C:\Program Files\PicPick\picpick.exe (NTeWORKS)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [Vidalia] C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Nathalie\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Programme\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Programme\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 10.7.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{73B78241-87FC-45F0-B59F-D40419A5D436}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008/08/21 11:50:32 | 000,000,672 | RH-- | M] () - D:\autoexec.bat -- [ FAT32 ]
O32 - Unable to obtain root file information for disk I:\
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/09/02 00:59:29 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Local\CrashDumps
[2012/09/01 18:39:33 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012/09/01 13:20:11 | 000,011,352 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\kl2.sys
[2012/09/01 13:20:10 | 000,133,208 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\kl1.sys
[2012/09/01 13:20:03 | 000,468,272 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2012/09/01 13:19:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
[2012/09/01 13:19:41 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\Documents\ForceField Shared Files
[2012/09/01 13:19:41 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Roaming\CheckPoint
[2012/09/01 12:11:04 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Roaming\tor
[2012/09/01 12:10:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vidalia Bundle
[2012/09/01 12:10:52 | 000,000,000 | ---D | C] -- C:\Program Files\Vidalia Bundle
[2012/09/01 12:10:52 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Local\Vidalia
[2012/09/01 12:10:52 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Local\Tor
[2012/09/01 11:40:30 | 000,000,000 | ---D | C] -- C:\Program Files\Check Point Software Technologies LTD
[2012/09/01 11:38:09 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint
[2012/09/01 11:38:04 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint
[2012/09/01 11:37:45 | 000,014,664 | ---- | C] (McAfee, Inc.) -- C:\Windows\stinger.sys
[2012/09/01 11:35:51 | 000,000,000 | ---D | C] -- C:\Program Files\stinger
[2012/09/01 11:35:20 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2012/09/01 11:27:37 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Local\NPE
[2012/09/01 03:33:31 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Roaming\Malwarebytes
[2012/09/01 03:33:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/09/01 03:33:16 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/09/01 03:33:16 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/09/01 03:33:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/09/01 02:40:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Uniblue
[2012/09/01 02:15:14 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Roaming\MAGIX
[2012/09/01 02:15:12 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\Documents\MAGIX_MxTray
[2012/09/01 02:14:50 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\Documents\OnDemandDump
[2012/09/01 02:14:50 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\Documents\CrashLog
[2012/09/01 02:14:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
[2012/09/01 02:14:37 | 000,000,000 | ---D | C] -- C:\ProgramData\MAGIX
[2012/09/01 02:14:37 | 000,000,000 | ---D | C] -- C:\Program Files\MAGIX
[2012/09/01 01:19:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/08/23 20:15:54 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Local\DDMSettings
[2012/08/23 20:12:30 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Roaming\Uniblue
[2012/08/23 20:12:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
[2012/08/23 20:12:27 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2012/08/23 19:55:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/08/23 19:55:23 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2012/08/23 19:43:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/08/23 19:43:04 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/08/04 23:29:16 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
[2012/08/04 23:28:38 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Roaming\picpick
[2012/08/04 23:27:16 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012/08/04 23:26:57 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PicPick
[2012/08/04 23:26:56 | 000,000,000 | ---D | C] -- C:\Program Files\PicPick
 
========== Files - Modified Within 30 Days ==========
 
[2012/09/02 01:15:16 | 000,014,816 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/02 01:15:16 | 000,014,816 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/02 01:07:44 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/09/02 01:07:34 | 000,000,420 | ---- | M] () -- C:\Windows\tasks\PCCT - MAGIX AG.job
[2012/09/02 01:07:34 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\DriverScanner.job
[2012/09/02 01:07:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/09/02 01:07:08 | 2411,888,640 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/02 00:56:06 | 000,001,132 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-573435265-2242419648-335125992-1000UA.job
[2012/09/02 00:32:02 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/09/01 19:12:12 | 000,000,000 | ---- | M] () -- C:\Users\Nathalie\defogger_reenable
[2012/09/01 13:26:09 | 000,002,505 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/09/01 13:23:00 | 000,415,877 | ---- | M] () -- C:\Windows\System32\drivers\vsconfig.xml
[2012/09/01 13:19:50 | 000,000,732 | ---- | M] () -- C:\Users\Public\Desktop\ZoneAlarm Security.lnk
[2012/09/01 12:14:28 | 000,000,252 | ---- | M] () -- C:\user.js
[2012/09/01 12:12:43 | 000,014,664 | ---- | M] (McAfee, Inc.) -- C:\Windows\stinger.sys
[2012/09/01 11:52:19 | 006,286,832 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012/09/01 11:52:19 | 001,904,914 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012/09/01 11:52:19 | 000,299,952 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/09/01 11:52:19 | 000,037,816 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/09/01 10:36:49 | 000,000,381 | ---- | M] () -- C:\Users\Nathalie\RECOVER (D) - Verknüpfung.lnk
[2012/09/01 03:33:17 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012/09/01 02:56:00 | 000,001,080 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-573435265-2242419648-335125992-1000Core.job
[2012/09/01 02:14:48 | 000,001,039 | ---- | M] () -- C:\Users\Public\Desktop\MAGIX PC Check & Tuning Free 2011.lnk
[2012/08/25 18:06:00 | 000,001,115 | ---- | M] () -- C:\Users\Nathalie\Dokumente - Verknüpfung.lnk
[2012/08/23 20:14:06 | 000,002,066 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2012/08/23 20:14:06 | 000,001,595 | ---- | M] () -- C:\Users\Nathalie\Desktop\DivX Movies.lnk
[2012/08/23 20:13:55 | 000,001,086 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2012/08/23 20:12:30 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\DriverScanner.lnk
[2012/08/23 19:55:37 | 000,001,819 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012/08/23 19:43:06 | 000,001,092 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/08/22 00:58:35 | 000,002,471 | ---- | M] () -- C:\Users\Nathalie\Desktop\Google Chrome.lnk
[2012/08/16 19:48:46 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/08/15 21:20:05 | 000,294,160 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/08/11 01:11:41 | 000,333,108 | ---- | M] () -- C:\Users\Nathalie\Documents\Badoo.jpg
 
========== Files Created - No Company Name ==========
 
[2012/09/01 19:12:12 | 000,000,000 | ---- | C] () -- C:\Users\Nathalie\defogger_reenable
[2012/09/01 13:20:17 | 000,415,877 | ---- | C] () -- C:\Windows\System32\drivers\vsconfig.xml
[2012/09/01 13:19:50 | 000,000,732 | ---- | C] () -- C:\Users\Public\Desktop\ZoneAlarm Security.lnk
[2012/09/01 11:40:33 | 000,000,252 | ---- | C] () -- C:\user.js
[2012/09/01 10:36:49 | 000,000,381 | ---- | C] () -- C:\Users\Nathalie\RECOVER (D) - Verknüpfung.lnk
[2012/09/01 03:33:17 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012/09/01 02:14:51 | 000,000,420 | ---- | C] () -- C:\Windows\tasks\PCCT - MAGIX AG.job
[2012/09/01 02:14:48 | 000,001,039 | ---- | C] () -- C:\Users\Public\Desktop\MAGIX PC Check & Tuning Free 2011.lnk
[2012/08/25 18:06:00 | 000,001,115 | ---- | C] () -- C:\Users\Nathalie\Dokumente - Verknüpfung.lnk
[2012/08/23 20:14:06 | 000,001,595 | ---- | C] () -- C:\Users\Nathalie\Desktop\DivX Movies.lnk
[2012/08/23 20:13:55 | 000,001,086 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2012/08/23 20:12:32 | 000,000,334 | ---- | C] () -- C:\Windows\tasks\DriverScanner.job
[2012/08/23 20:12:30 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\DriverScanner.lnk
[2012/08/23 19:55:37 | 000,001,819 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012/08/23 19:43:06 | 000,001,104 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/08/23 19:43:06 | 000,001,092 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/08/11 01:11:41 | 000,333,108 | ---- | C] () -- C:\Users\Nathalie\Documents\Badoo.jpg
[2012/04/12 01:34:01 | 000,011,758 | ---- | C] () -- C:\Users\Nathalie\.recently-used.xbel
[2011/12/30 21:56:14 | 000,000,367 | ---- | C] () -- C:\Users\Nathalie\Heimnetzgruppe - Verknüpfung.lnk
[2011/11/11 21:13:46 | 000,000,058 | -H-- | C] () -- C:\Users\Nathalie\.picasa.ini
[2011/09/16 15:19:30 | 000,000,000 | ---- | C] () -- C:\Users\Nathalie\AppData\Local\{B9E38F41-76A7-48B4-BEC5-EB187A0AF4AD}
[2011/08/10 01:15:13 | 000,000,059 | ---- | C] () -- C:\Users\Nathalie\AppData\Roaming\GoodnightTimer.ini
[2011/06/12 02:55:00 | 000,000,000 | ---- | C] () -- C:\Users\Nathalie\AppData\Local\{D9142E35-3487-4FB1-82E8-B4FFE446A814}
[2011/06/09 20:11:45 | 000,035,298 | -HS- | C] () -- C:\Users\Nathalie\Folder.jpg
[2011/06/09 20:11:45 | 000,008,045 | -HS- | C] () -- C:\Users\Nathalie\AlbumArtSmall.jpg
[2011/06/05 15:25:36 | 000,000,000 | ---- | C] () -- C:\Users\Nathalie\AppData\Local\{E28262CC-8EB1-45CB-8574-02ECBD64B999}
[2011/03/09 22:07:02 | 000,172,032 | ---- | C] () -- C:\Windows\System32\scNKService_s.exe
[2011/03/09 22:06:58 | 000,294,912 | R--- | C] () -- C:\Windows\System32\copydrvUsb.exe
[2010/08/04 23:33:41 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
 
========== LOP Check ==========
 
[2010/08/30 21:38:48 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\.purple
[2011/12/15 20:09:01 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\AllDup
[2012/09/01 13:19:41 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\CheckPoint
[2012/03/11 04:23:47 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\DVDVideoSoft
[2011/04/16 20:38:35 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\DVDVideoSoftIEHelpers
[2012/03/27 17:52:10 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\foobar2000
[2012/04/12 01:34:01 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\gtk-2.0
[2012/01/08 18:47:51 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\ICQ
[2012/09/01 02:15:14 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\MAGIX
[2010/08/25 00:26:22 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\Miranda
[2010/06/08 01:05:17 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\OpenOffice.org
[2010/08/08 17:11:18 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\Philipp Winterberg
[2010/11/02 06:20:05 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\PhotoScape
[2012/08/04 23:28:38 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\picpick
[2010/08/24 10:09:27 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\Samsung
[2011/08/22 15:10:09 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\Simfy
[2012/01/04 16:42:26 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\Synthesia
[2010/04/21 00:30:11 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\T-Online
[2012/03/23 18:01:13 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\TeamViewer
[2011/08/29 19:06:15 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\Total Immersion
[2012/08/23 20:12:30 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\Uniblue
[2012/09/02 01:07:34 | 000,000,334 | ---- | M] () -- C:\Windows\Tasks\DriverScanner.job
[2012/09/02 01:07:34 | 000,000,420 | ---- | M] () -- C:\Windows\Tasks\PCCT - MAGIX AG.job
[2012/08/24 19:21:06 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
         

Code: Alles auswählenAufklappen

ATTFilter

OTL logfile created on: 02/09/2012 01:10:22 - Run 1
OTL by OldTimer - Version 3.2.59.1     Folder = C:\Users\Nathalie\Downloads\Scansysteme
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd/MM/yyyy
 
2,99 Gb Total Physical Memory | 1,83 Gb Available Physical Memory | 61,05% Memory free
5,99 Gb Paging File | 4,69 Gb Available in Paging File | 78,33% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 268,79 Gb Total Space | 180,44 Gb Free Space | 67,13% Space Free | Partition Type: NTFS
Drive D: | 29,28 Gb Total Space | 14,59 Gb Free Space | 49,84% Space Free | Partition Type: FAT32
Drive I: | 7,45 Gb Total Space | 7,09 Gb Free Space | 95,16% Space Free | Partition Type: FAT32
 
Computer Name: NATHALIE-PC | User Name: Nathalie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012/09/01 18:54:40 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Nathalie\Downloads\Scansysteme\OTL.exe
PRC - [2012/08/29 16:17:06 | 002,445,880 | ---- | M] (Check Point Software Technologies LTD) -- C:\Programme\CheckPoint\ZoneAlarm\vsmon.exe
PRC - [2012/08/29 15:45:24 | 000,073,392 | ---- | M] (Check Point Software Technologies LTD) -- C:\Programme\CheckPoint\ZoneAlarm\zatray.exe
PRC - [2012/08/14 02:44:18 | 002,978,318 | ---- | M] () -- C:\Programme\Vidalia Bundle\Tor\tor.exe
PRC - [2012/08/09 06:50:03 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/07/28 22:35:30 | 006,172,985 | ---- | M] () -- C:\Programme\Vidalia Bundle\Vidalia\vidalia.exe
PRC - [2012/07/27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/07/24 20:58:08 | 003,091,296 | ---- | M] (Piriform Ltd) -- C:\Programme\CCleaner\CCleaner.exe
PRC - [2012/07/14 15:59:32 | 000,497,320 | ---- | M] (Check Point Software Technologies) -- C:\Programme\CheckPoint\ZAForceField\ISWSVC.exe
PRC - [2012/07/14 15:59:08 | 000,738,984 | ---- | M] (Check Point Software Technologies) -- C:\Programme\CheckPoint\ZAForceField\ForceField.exe
PRC - [2012/06/18 07:06:34 | 008,878,720 | ---- | M] (NTeWORKS) -- C:\Programme\PicPick\picpick.exe
PRC - [2012/05/31 21:46:50 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/05/31 21:46:50 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012/05/31 21:46:50 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011/10/20 13:43:56 | 000,025,464 | ---- | M] (Uniblue Systems Limited) -- C:\Programme\Uniblue\DriverScanner\dsmonitor.exe
PRC - [2011/07/29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/06/24 06:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011/05/10 18:02:20 | 000,181,248 | ---- | M] () -- C:\Programme\Vidalia Bundle\Polipo\polipo.exe
PRC - [2010/11/20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/08 18:08:28 | 002,644,248 | ---- | M] () -- C:\Programme\MAGIX\PC_Check_Tuning_Free_2011\MxTray.exe
PRC - [2010/07/04 19:07:40 | 000,238,952 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012/08/14 02:44:18 | 002,978,318 | ---- | M] () -- C:\Programme\Vidalia Bundle\Tor\tor.exe
MOD - [2012/07/28 22:35:30 | 006,172,985 | ---- | M] () -- C:\Programme\Vidalia Bundle\Vidalia\vidalia.exe
MOD - [2012/07/25 01:17:28 | 000,035,328 | ---- | M] () -- C:\Programme\CCleaner\Lang\lang-1031.dll
MOD - [2011/08/24 00:59:50 | 000,047,972 | ---- | M] () -- C:\Programme\Vidalia Bundle\Vidalia\mingwm10.dll
MOD - [2011/07/29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
MOD - [2011/05/10 18:02:20 | 000,181,248 | ---- | M] () -- C:\Programme\Vidalia Bundle\Polipo\polipo.exe
MOD - [2011/05/10 18:02:20 | 000,076,800 | ---- | M] () -- C:\Programme\Vidalia Bundle\Polipo\libgnurx-0.dll
MOD - [2010/11/08 18:08:28 | 002,644,248 | ---- | M] () -- C:\Programme\MAGIX\PC_Check_Tuning_Free_2011\MxTray.exe
MOD - [2010/11/04 12:21:28 | 000,635,904 | ---- | M] () -- C:\Programme\MAGIX\PC_Check_Tuning_Free_2011\MFL_U_VC9.DLL
MOD - [2009/06/23 04:42:42 | 000,043,008 | ---- | M] () -- C:\Programme\Vidalia Bundle\Vidalia\libgcc_s_dw2-1.dll
MOD - [2007/09/05 16:42:10 | 000,638,976 | ---- | M] () -- C:\Programme\MAGIX\PC_Check_Tuning_Free_2011\PlayRIpl.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - [2012/08/29 16:17:06 | 002,445,880 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Programme\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon)
SRV - [2012/07/27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/14 15:59:32 | 000,497,320 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Programme\CheckPoint\ZAForceField\ISWSVC.exe -- (IswSvc)
SRV - [2012/07/14 02:17:12 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/31 21:46:50 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/05/31 21:46:50 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/03/10 02:16:28 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2012/01/06 19:55:47 | 001,564,368 | ---- | M] () [Disabled | Stopped] -- C:\Programme\Guard-ICQ\GuardICQ.exe -- (Guard.Mail.ru)
SRV - [2010/11/20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010/11/04 12:45:14 | 000,186,368 | ---- | M] (MAGIX AG) [Auto | Stopped] -- C:\Programme\MAGIX\PC_Check_Tuning_Free_2011\MXSAS.exe -- (MAGIX StartUp Analyze Service)
SRV - [2010/07/04 19:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Running] -- C:\Users\Nathalie\AppData\Local\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132)
DRV - [2012/07/14 15:59:44 | 000,027,056 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Programme\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV - [2012/05/31 21:46:51 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012/05/31 21:46:51 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012/01/09 18:59:32 | 000,468,272 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2012/01/09 18:59:30 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\kl1.sys -- (KL1)
DRV - [2012/01/09 18:59:30 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl2.sys -- (kl2)
DRV - [2011/09/16 16:08:07 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011/05/07 17:51:28 | 000,455,256 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\System32\drivers\vsdatant.sys -- (Vsdatant)
DRV - [2010/11/20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/06/14 09:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/05/12 12:14:58 | 000,121,576 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2010/05/12 12:14:56 | 000,096,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2010/05/12 12:14:56 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2010/04/27 04:25:16 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2010/04/27 04:25:16 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus)
DRV - [2010/04/27 04:25:16 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV - [2010/04/27 04:25:12 | 000,123,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2010/04/27 04:25:12 | 000,098,560 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bus.sys -- (ss_bus)
DRV - [2010/04/27 04:25:12 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2010/04/01 10:13:38 | 001,009,184 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se)
DRV - [2010/03/16 06:52:00 | 011,573,768 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/10/08 16:55:33 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/07/14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.zonealarm.com/?Source=Homepage&oemCode=ZLN114523570322718-1001&toolbarId=base&affiliateId=1001&Lan=de&utid=d63809ec0000000000000025d31d0a73
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{67BB476D-508E-4326-9D3C-23996A4DD1C8}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=DVS2&o=1586&src=crm&q={searchTerms}&locale=&apn_ptnrs=^AAA&apn_dtid=^YYYYYY^YY^DE&apn_uid=CF1196C2-17A7-4D06-9DF1-5A15ACC5650A&apn_sauid=B529C341-3D5C-45FF-B05C-E67D9CA7C1FD
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searcerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={46A84E6B-EF2C-47B0-AAAE-7600A9C66804}&mid=7e29fc70d08947d0a6e0d15650c557f2-434cef8a0017b20bb8bbba9ac4a3c4db3d1fa958&lang=en&ds=bm013&pr=sa&d=2012-08-04 23:29:43&v=12.1.0.21&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{A7AD9E6B-F11E-4C1E-9158-6242F00473DD}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.startup.homepage: "hxxp://search.zonealarm.com/?Source=Homepage&oemCode=ZLN114523570322718-1001&toolbarId=base&affiliateId=1001&Lan=de&utid=d63809ec0000000000000025d31d0a73"
FF - prefs.js..extensions.enabledItems: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f}:2.5.8.6
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.91
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&q="
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@t-immersion.com/DFusionHomeWebPlugIn:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Nathalie\AppData\Roaming\Move Networks\plugins\071803000001\npqmp071803000001.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Nathalie\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Nathalie\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/08/23 20:14:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2012/09/01 13:19:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/08/23 19:55:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/08/23 19:55:48 | 000,000,000 | ---D | M]
 
[2010/04/20 22:15:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nathalie\AppData\Roaming\mozilla\Extensions
[2012/09/01 13:19:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nathalie\AppData\Roaming\mozilla\Firefox\Profiles\dc1z684w.default\extensions
[2012/08/23 20:00:21 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Nathalie\AppData\Roaming\mozilla\Firefox\Profiles\dc1z684w.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2012/03/11 04:23:39 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Nathalie\AppData\Roaming\mozilla\Firefox\Profiles\dc1z684w.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012/09/01 13:19:30 | 000,000,000 | ---D | M] (zonealarm.com) -- C:\Users\Nathalie\AppData\Roaming\mozilla\Firefox\Profiles\dc1z684w.default\extensions\ffxtlbr@zonealarm.com
[2012/01/10 00:47:40 | 000,000,000 | ---D | M] (SpeedFox) -- C:\Users\Nathalie\AppData\Roaming\mozilla\Firefox\Profiles\dc1z684w.default\extensions\jid1-uabu5A9hduqzCw@jetpack
[2012/01/08 14:04:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nathalie\AppData\Roaming\mozilla\Firefox\Profiles\dc1z684w.default\extensions\nostmp
[2011/07/29 23:02:18 | 000,002,333 | ---- | M] () -- C:\Users\Nathalie\AppData\Roaming\Mozilla\Firefox\Profiles\dc1z684w.default\searchplugins\askcom.xml
[2010/06/08 11:29:10 | 000,000,927 | ---- | M] () -- C:\Users\Nathalie\AppData\Roaming\Mozilla\Firefox\Profiles\dc1z684w.default\searchplugins\conduit.xml
[2012/09/01 09:51:08 | 000,001,056 | ---- | M] () -- C:\Users\Nathalie\AppData\Roaming\Mozilla\Firefox\Profiles\dc1z684w.default\searchplugins\icqplugin.xml
[2012/08/23 19:43:03 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012/03/03 21:40:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/09/01 12:11:21 | 000,773,913 | ---- | M] () (No name found) -- C:\USERS\NATHALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DC1Z684W.DEFAULT\EXTENSIONS\{E0204BD5-9D31-402B-A99D-A6AA8FFEBDCA}.XPI
[2012/08/23 20:00:22 | 000,685,019 | ---- | M] () (No name found) -- C:\USERS\NATHALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DC1Z684W.DEFAULT\EXTENSIONS\{EF4E370E-D9F0-4E00-B93E-A4F274CFDD5A}.XPI
[2012/09/01 11:41:25 | 000,221,522 | ---- | M] () (No name found) -- C:\USERS\NATHALIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DC1Z684W.DEFAULT\EXTENSIONS\GMAILWATCHER@SONTHAKIT.XPI
[2012/07/14 02:17:47 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/07/14 02:16:36 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/07/14 02:16:36 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://start.icq.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: hxxp://start.icq.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Nathalie\AppData\Local\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Nathalie\AppData\Local\Google\Chrome\Application\21.0.1180.83\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Nathalie\AppData\Local\Google\Chrome\Application\21.0.1180.83\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U32 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.320.5 (Enabled) = C:\Windows\system32\npdeployJava1.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Move Media Player 7 (Enabled) = C:\Users\Nathalie\AppData\Roaming\Move Networks\plugins\071803000001\npqmp071803000001.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll
CHR - Extension: Koji NISHIDA = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\acganlmcjehnfmehkmlimgkaloifodlf\2_0\
CHR - Extension: Entanglement = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\
CHR - Extension: BetterFlirt = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\befplpgnchpaahcgdgmljdklhpoonmnc\1.2.2_0\
CHR - Extension: YouTube = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Fun Switcher = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddeoimiimmmfddbiggnbipkjomlalanb\0.0.0.3_0\
CHR - Extension: Pic3D | 3D Converter = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgdldhjodnhddcdfagfdmnemdmijbljj\1.0.1.3_0\
CHR - Extension: Elemente und Physik = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcpedjbhjpalhdjkbchahkcceaikoda\1.2.0_0\
CHR - Extension: Facebook Unseen = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfjpoahaombpolfifdahikhbdnjjeifk\1.1.1.3_0\
CHR - Extension: AdBlock = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.42_0\
CHR - Extension: Little Alchemy = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd\0.0.12_0\
CHR - Extension: Google Mail-Checker = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\
CHR - Extension: Mehr Leistung und Videoformate fr dein HTML5 video = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Google Mail = C:\Users\Nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2012/03/22 00:48:53 | 000,441,475 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	www.008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	www.00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.0scan.com
O1 - Hosts: 127.0.0.1	0scan.com
O1 - Hosts: 127.0.0.1	1000gratisproben.com
O1 - Hosts: 127.0.0.1	www.1000gratisproben.com
O1 - Hosts: 127.0.0.1	1001namen.com
O1 - Hosts: 127.0.0.1	www.1001namen.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	www.100sexlinks.com
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	www.10sek.com
O1 - Hosts: 127.0.0.1	www.1-2005-search.com
O1 - Hosts: 127.0.0.1	1-2005-search.com
O1 - Hosts: 127.0.0.1	123fporn.info
O1 - Hosts: 15172 more lines...
O2 - BHO: (Zonealarm Helper Object) - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Programme\Check Point Software Technologies LTD\zonealarm\1.6.7.4\bh\zonealarm.dll (Montera Technologeis LTD)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [NPSStartup]  File not found
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [ccleaner] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - HKCU..\Run: [DriverScanner] C:\Program Files\Uniblue\DriverScanner\launcher.exe (Uniblue Systems Limited)
O4 - HKCU..\Run: [PicPick Start] C:\Program Files\PicPick\picpick.exe (NTeWORKS)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [Vidalia] C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Nathalie\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Programme\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Programme\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 10.7.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{73B78241-87FC-45F0-B59F-D40419A5D436}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008/08/21 11:50:32 | 000,000,672 | RH-- | M] () - D:\autoexec.bat -- [ FAT32 ]
O32 - Unable to obtain root file information for disk I:\
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/09/02 00:59:29 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Local\CrashDumps
[2012/09/01 18:39:33 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012/09/01 13:20:11 | 000,011,352 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\kl2.sys
[2012/09/01 13:20:10 | 000,133,208 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\kl1.sys
[2012/09/01 13:20:03 | 000,468,272 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2012/09/01 13:19:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
[2012/09/01 13:19:41 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\Documents\ForceField Shared Files
[2012/09/01 13:19:41 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Roaming\CheckPoint
[2012/09/01 12:11:04 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Roaming\tor
[2012/09/01 12:10:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vidalia Bundle
[2012/09/01 12:10:52 | 000,000,000 | ---D | C] -- C:\Program Files\Vidalia Bundle
[2012/09/01 12:10:52 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Local\Vidalia
[2012/09/01 12:10:52 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Local\Tor
[2012/09/01 11:40:30 | 000,000,000 | ---D | C] -- C:\Program Files\Check Point Software Technologies LTD
[2012/09/01 11:38:09 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint
[2012/09/01 11:38:04 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint
[2012/09/01 11:37:45 | 000,014,664 | ---- | C] (McAfee, Inc.) -- C:\Windows\stinger.sys
[2012/09/01 11:35:51 | 000,000,000 | ---D | C] -- C:\Program Files\stinger
[2012/09/01 11:35:20 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2012/09/01 11:27:37 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Local\NPE
[2012/09/01 03:33:31 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Roaming\Malwarebytes
[2012/09/01 03:33:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/09/01 03:33:16 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/09/01 03:33:16 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/09/01 03:33:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/09/01 02:40:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Uniblue
[2012/09/01 02:15:14 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Roaming\MAGIX
[2012/09/01 02:15:12 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\Documents\MAGIX_MxTray
[2012/09/01 02:14:50 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\Documents\OnDemandDump
[2012/09/01 02:14:50 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\Documents\CrashLog
[2012/09/01 02:14:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
[2012/09/01 02:14:37 | 000,000,000 | ---D | C] -- C:\ProgramData\MAGIX
[2012/09/01 02:14:37 | 000,000,000 | ---D | C] -- C:\Program Files\MAGIX
[2012/09/01 01:19:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/08/23 20:15:54 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Local\DDMSettings
[2012/08/23 20:12:30 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Roaming\Uniblue
[2012/08/23 20:12:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
[2012/08/23 20:12:27 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2012/08/23 19:55:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/08/23 19:55:23 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2012/08/23 19:43:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/08/23 19:43:04 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/08/04 23:29:16 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
[2012/08/04 23:28:38 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Roaming\picpick
[2012/08/04 23:27:16 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012/08/04 23:26:57 | 000,000,000 | ---D | C] -- C:\Users\Nathalie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PicPick
[2012/08/04 23:26:56 | 000,000,000 | ---D | C] -- C:\Program Files\PicPick
 
========== Files - Modified Within 30 Days ==========
 
[2012/09/02 01:15:16 | 000,014,816 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/02 01:15:16 | 000,014,816 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/02 01:07:44 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/09/02 01:07:34 | 000,000,420 | ---- | M] () -- C:\Windows\tasks\PCCT - MAGIX AG.job
[2012/09/02 01:07:34 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\DriverScanner.job
[2012/09/02 01:07:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/09/02 01:07:08 | 2411,888,640 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/02 00:56:06 | 000,001,132 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-573435265-2242419648-335125992-1000UA.job
[2012/09/02 00:32:02 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/09/01 19:12:12 | 000,000,000 | ---- | M] () -- C:\Users\Nathalie\defogger_reenable
[2012/09/01 13:26:09 | 000,002,505 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/09/01 13:23:00 | 000,415,877 | ---- | M] () -- C:\Windows\System32\drivers\vsconfig.xml
[2012/09/01 13:19:50 | 000,000,732 | ---- | M] () -- C:\Users\Public\Desktop\ZoneAlarm Security.lnk
[2012/09/01 12:14:28 | 000,000,252 | ---- | M] () -- C:\user.js
[2012/09/01 12:12:43 | 000,014,664 | ---- | M] (McAfee, Inc.) -- C:\Windows\stinger.sys
[2012/09/01 11:52:19 | 006,286,832 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012/09/01 11:52:19 | 001,904,914 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012/09/01 11:52:19 | 000,299,952 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/09/01 11:52:19 | 000,037,816 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/09/01 10:36:49 | 000,000,381 | ---- | M] () -- C:\Users\Nathalie\RECOVER (D) - Verknüpfung.lnk
[2012/09/01 03:33:17 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012/09/01 02:56:00 | 000,001,080 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-573435265-2242419648-335125992-1000Core.job
[2012/09/01 02:14:48 | 000,001,039 | ---- | M] () -- C:\Users\Public\Desktop\MAGIX PC Check & Tuning Free 2011.lnk
[2012/08/25 18:06:00 | 000,001,115 | ---- | M] () -- C:\Users\Nathalie\Dokumente - Verknüpfung.lnk
[2012/08/23 20:14:06 | 000,002,066 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2012/08/23 20:14:06 | 000,001,595 | ---- | M] () -- C:\Users\Nathalie\Desktop\DivX Movies.lnk
[2012/08/23 20:13:55 | 000,001,086 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2012/08/23 20:12:30 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\DriverScanner.lnk
[2012/08/23 19:55:37 | 000,001,819 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012/08/23 19:43:06 | 000,001,092 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/08/22 00:58:35 | 000,002,471 | ---- | M] () -- C:\Users\Nathalie\Desktop\Google Chrome.lnk
[2012/08/16 19:48:46 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/08/15 21:20:05 | 000,294,160 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/08/11 01:11:41 | 000,333,108 | ---- | M] () -- C:\Users\Nathalie\Documents\Badoo.jpg
 
========== Files Created - No Company Name ==========
 
[2012/09/01 19:12:12 | 000,000,000 | ---- | C] () -- C:\Users\Nathalie\defogger_reenable
[2012/09/01 13:20:17 | 000,415,877 | ---- | C] () -- C:\Windows\System32\drivers\vsconfig.xml
[2012/09/01 13:19:50 | 000,000,732 | ---- | C] () -- C:\Users\Public\Desktop\ZoneAlarm Security.lnk
[2012/09/01 11:40:33 | 000,000,252 | ---- | C] () -- C:\user.js
[2012/09/01 10:36:49 | 000,000,381 | ---- | C] () -- C:\Users\Nathalie\RECOVER (D) - Verknüpfung.lnk
[2012/09/01 03:33:17 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012/09/01 02:14:51 | 000,000,420 | ---- | C] () -- C:\Windows\tasks\PCCT - MAGIX AG.job
[2012/09/01 02:14:48 | 000,001,039 | ---- | C] () -- C:\Users\Public\Desktop\MAGIX PC Check & Tuning Free 2011.lnk
[2012/08/25 18:06:00 | 000,001,115 | ---- | C] () -- C:\Users\Nathalie\Dokumente - Verknüpfung.lnk
[2012/08/23 20:14:06 | 000,001,595 | ---- | C] () -- C:\Users\Nathalie\Desktop\DivX Movies.lnk
[2012/08/23 20:13:55 | 000,001,086 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2012/08/23 20:12:32 | 000,000,334 | ---- | C] () -- C:\Windows\tasks\DriverScanner.job
[2012/08/23 20:12:30 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\DriverScanner.lnk
[2012/08/23 19:55:37 | 000,001,819 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012/08/23 19:43:06 | 000,001,104 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/08/23 19:43:06 | 000,001,092 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/08/11 01:11:41 | 000,333,108 | ---- | C] () -- C:\Users\Nathalie\Documents\Badoo.jpg
[2012/04/12 01:34:01 | 000,011,758 | ---- | C] () -- C:\Users\Nathalie\.recently-used.xbel
[2011/12/30 21:56:14 | 000,000,367 | ---- | C] () -- C:\Users\Nathalie\Heimnetzgruppe - Verknüpfung.lnk
[2011/11/11 21:13:46 | 000,000,058 | -H-- | C] () -- C:\Users\Nathalie\.picasa.ini
[2011/09/16 15:19:30 | 000,000,000 | ---- | C] () -- C:\Users\Nathalie\AppData\Local\{B9E38F41-76A7-48B4-BEC5-EB187A0AF4AD}
[2011/08/10 01:15:13 | 000,000,059 | ---- | C] () -- C:\Users\Nathalie\AppData\Roaming\GoodnightTimer.ini
[2011/06/12 02:55:00 | 000,000,000 | ---- | C] () -- C:\Users\Nathalie\AppData\Local\{D9142E35-3487-4FB1-82E8-B4FFE446A814}
[2011/06/09 20:11:45 | 000,035,298 | -HS- | C] () -- C:\Users\Nathalie\Folder.jpg
[2011/06/09 20:11:45 | 000,008,045 | -HS- | C] () -- C:\Users\Nathalie\AlbumArtSmall.jpg
[2011/06/05 15:25:36 | 000,000,000 | ---- | C] () -- C:\Users\Nathalie\AppData\Local\{E28262CC-8EB1-45CB-8574-02ECBD64B999}
[2011/03/09 22:07:02 | 000,172,032 | ---- | C] () -- C:\Windows\System32\scNKService_s.exe
[2011/03/09 22:06:58 | 000,294,912 | R--- | C] () -- C:\Windows\System32\copydrvUsb.exe
[2010/08/04 23:33:41 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
 
========== LOP Check ==========
 
[2010/08/30 21:38:48 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\.purple
[2011/12/15 20:09:01 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\AllDup
[2012/09/01 13:19:41 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\CheckPoint
[2012/03/11 04:23:47 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\DVDVideoSoft
[2011/04/16 20:38:35 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\DVDVideoSoftIEHelpers
[2012/03/27 17:52:10 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\foobar2000
[2012/04/12 01:34:01 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\gtk-2.0
[2012/01/08 18:47:51 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\ICQ
[2012/09/01 02:15:14 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\MAGIX
[2010/08/25 00:26:22 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\Miranda
[2010/06/08 01:05:17 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\OpenOffice.org
[2010/08/08 17:11:18 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\Philipp Winterberg
[2010/11/02 06:20:05 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\PhotoScape
[2012/08/04 23:28:38 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\picpick
[2010/08/24 10:09:27 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\Samsung
[2011/08/22 15:10:09 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\Simfy
[2012/01/04 16:42:26 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\Synthesia
[2010/04/21 00:30:11 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\T-Online
[2012/03/23 18:01:13 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\TeamViewer
[2011/08/29 19:06:15 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\Total Immersion
[2012/08/23 20:12:30 | 000,000,000 | ---D | M] -- C:\Users\Nathalie\AppData\Roaming\Uniblue
[2012/09/02 01:07:34 | 000,000,334 | ---- | M] () -- C:\Windows\Tasks\DriverScanner.job
[2012/09/02 01:07:34 | 000,000,420 | ---- | M] () -- C:\Windows\Tasks\PCCT - MAGIX AG.job
[2012/08/24 19:21:06 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
         

Code: Alles auswählenAufklappen

ATTFilter

OTL Extras logfile created on: 02/09/2012 01:10:22 - Run 1
OTL by OldTimer - Version 3.2.59.1     Folder = C:\Users\Nathalie\Downloads\Scansysteme
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd/MM/yyyy
 
2,99 Gb Total Physical Memory | 1,83 Gb Available Physical Memory | 61,05% Memory free
5,99 Gb Paging File | 4,69 Gb Available in Paging File | 78,33% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 268,79 Gb Total Space | 180,44 Gb Free Space | 67,13% Space Free | Partition Type: NTFS
Drive D: | 29,28 Gb Total Space | 14,59 Gb Free Space | 49,84% Space Free | Partition Type: FAT32
Drive I: | 7,45 Gb Total Space | 7,09 Gb Free Space | 95,16% Space Free | Partition Type: FAT32
 
Computer Name: NATHALIE-PC | User Name: Nathalie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- C:\program files\common files\marmiko shared\browser\Browser.exe "%1" (Deutsche Telekom AG, T-Com)
htmlfile [opennew] -- C:\program files\common files\marmiko shared\browser\Browser.exe "%1" (Deutsche Telekom AG, T-Com)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{019A14BE-689C-4B30-A8DC-5151749A801F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{01BAC722-B7DF-42BC-8D94-E80CCC63AE98}" = lport=137 | protocol=17 | dir=in | app=system | 
"{060DEB3A-2B0C-4215-8AC4-194C40620412}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{11B27273-A129-4D3F-A22C-6FA4E7605590}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{23C3A486-459C-4843-B22C-E8DDD0087ADE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{43DFAC69-23BF-41AF-99D9-19A809A5EDBB}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{47A1BD86-4C46-42C3-B57E-482456F571EC}" = lport=139 | protocol=6 | dir=in | app=system | 
"{4B29833C-5B49-48E2-ABBA-2A32FFA36D3C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{53D43CF0-0451-460D-8EBC-126249920CFC}" = rport=137 | protocol=17 | dir=out | app=system | 
"{6A28D9D3-C33B-4973-8E4F-7B0203CEA7E7}" = rport=139 | protocol=6 | dir=out | app=system | 
"{6EF25CA2-45D3-4353-9C41-5C6DB2CFE243}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{7852E25C-69CB-4F18-BA9F-095244399C67}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{7DDB1865-1273-4585-B9AD-B3C85C2DAF4A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{8A7C334C-B50D-4456-B238-57AB5DD494B3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{9019A80E-FF26-463A-977B-70AFE12F0B31}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{975EACE6-CB40-49EA-B64E-2DC38378ADF0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{9826FD51-C6D1-4455-AC58-4330CF1FFE2D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{A3DD26BA-F725-4C58-A299-46F0930939BA}" = rport=445 | protocol=6 | dir=out | app=system | 
"{A709DF06-E5C6-4082-A684-C27BD4ED8E9B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{A8698622-6DD0-49D9-9F3B-F87395D53EA0}" = rport=138 | protocol=17 | dir=out | app=system | 
"{BF8C4214-38B1-40B7-9219-24440187111F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{C88938B0-5701-4829-AE8A-C5DA2A653A32}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{CB4F8383-8BA1-4E09-82D8-8F5961C3C074}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{F283FAB9-58E5-404C-9567-9471D03C4A79}" = lport=445 | protocol=6 | dir=in | app=system | 
"{F2E36101-69FF-4715-86AD-51B7D126AA5E}" = lport=138 | protocol=17 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08258A48-D424-4780-9861-C51F1880DAF3}" = protocol=17 | dir=in | app=c:\program files\icq7.7\icq.exe | 
"{0976E813-99D9-4A29-87AA-D99F8350F5C4}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{24BDDAA2-8374-42D0-A722-C99179EAC86D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{2D1CDE1B-2239-4D2E-B39F-B9CB10A7D341}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{2EBC1A1E-9E34-4D9C-9345-5142279CCCBA}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe | 
"{3E045342-2D64-4A3B-98A0-BFA083756C9E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{461B5E51-D09C-4ACA-AAEE-3FCEE77462F5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{4B0EFAAA-0B27-420C-A1F3-E019A472DCCD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{4F63DFFA-64B2-4779-B89E-E1A1C7FD5C6A}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe | 
"{4FC61DF5-224D-4104-9D1E-6DC7BD6D44C3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{55EDBD21-CDF0-4F49-B292-66309369D81A}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe | 
"{5B41B6B9-831F-4C6D-A64D-D9871F10DC43}" = protocol=6 | dir=in | app=c:\program files\icq7.7\icq.exe | 
"{605CBBEB-8841-496F-ACA1-B110ED17AD86}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{6733EE6F-74A3-423F-9E23-66D6B7D64F08}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{67B4390E-6402-46F7-B955-BC9EEF21BEAE}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{6A19AD73-1712-471B-8A1F-16171486FBF0}" = protocol=17 | dir=in | app=c:\program files\icq7.7\icq.exe | 
"{710AA423-3F4A-4374-BF53-E5B4961A13E4}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{76513CE0-6428-4DCB-AEFA-5375E068995D}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{7D4D48DA-6E73-4D7B-8074-EFDD636440FC}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe | 
"{7FF6B825-8342-46BD-92C8-907B8B340114}" = protocol=6 | dir=in | app=c:\program files\icq7.7\icq.exe | 
"{8474EB81-B8FE-4DB2-AC09-5FD7F66976A7}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{85ADC8B9-39B6-4309-9E6E-F03EE1FADE18}" = protocol=17 | dir=in | app=c:\program files\icq7.7\icq.exe | 
"{85FA6735-080E-486A-987A-44CEB3D520AE}" = dir=in | app=c:\program files\itunes\itunes.exe | 
"{8B1E1A1B-83DA-4A0F-A100-20A91A5073CC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{9067D110-1734-451B-9294-535A9117C4C7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{9B1D3506-C950-487A-8E07-1B6FF1EAA045}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{A7E604AA-BCF6-47C8-B361-2A49A1372622}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{C305C97B-1565-4BF5-AD72-59ADB4DA0F3D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{C385BE3A-9F0D-4596-A404-9B22D0BBCBD9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{CC41233E-4A2B-4A1E-B962-0ABA7EEDB25A}" = protocol=6 | dir=out | app=system | 
"{DB037385-82CE-4433-AFBC-15AB9AD28312}" = protocol=6 | dir=in | app=c:\program files\icq7.7\icq.exe | 
"{E829674F-A126-4838-A147-6C1B4A4FC35F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"TCP Query User{67D382DA-26D4-41AF-9832-21CF22D44481}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"TCP Query User{70379AE5-587F-4B9E-807A-DB391E0F6CD1}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"TCP Query User{7BE9A419-3EAA-4E03-8842-81492A26EC38}C:\program files\miranda im\miranda32.exe" = protocol=6 | dir=in | app=c:\program files\miranda im\miranda32.exe | 
"TCP Query User{829D7BCE-C40D-44DB-9AB8-079BAC27E3F3}C:\users\nathalie\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\nathalie\appdata\local\google\chrome\application\chrome.exe | 
"UDP Query User{60571AA5-65C6-495D-9F57-9785206F6EBD}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"UDP Query User{60A947DA-47B3-4678-8A43-15E6ECEBC204}C:\program files\miranda im\miranda32.exe" = protocol=17 | dir=in | app=c:\program files\miranda im\miranda32.exe | 
"UDP Query User{7656CD61-D59B-4F4D-994D-94A62253EF75}C:\users\nathalie\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\nathalie\appdata\local\google\chrome\application\chrome.exe | 
"UDP Query User{C3843EC9-B29F-470D-8949-5C5E96121913}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{295C31E5-3F91-498E-9623-DA24D2FA2B6A}" = T-Online WLAN-Access Finder
"{3055CB72-68BC-4D81-9561-5F33AEC1EC12}" = MAGIX PC Check & Tuning Free 2011
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}" = VoiceOver Kit
"{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}" = ICQ7.7
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B92D97D-DB3D-4926-A8F7-718FE7C5EE18}" = iTunes
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A5181519-9F3D-4372-ABC6-C333C2F3A816}_is1" = RunAlyzer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B1275E23-717A-4D52-997A-1AD1E24BC7F3}" = T-Online 6.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B63DFA23-5C10-44B4-881D-45EFBF4A4761}" = MAGIX Screenshare
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BDD39AD8-707B-4CC3-A4CB-A1F53129FF12}" = ZoneAlarm Antivirus
"{BE536F6C-9079-4BA6-9EAA-891F501CDFC7}" = ZoneAlarm Firewall
"{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1" = Uniblue DriverScanner
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E2B312-D7FD-4349-A9B6-E90B36DB1BD0}" = Paint.NET v3.5.5
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F9690E2A-EF1E-46C8-B330-677BDA62CC6B}" = ZoneAlarm Security
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"Adobe AIR" = Adobe AIR
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"AllDup_is1" = AllDup 3.3.14
"Avira AntiVir Desktop" = Avira Free Antivirus
"CCleaner" = CCleaner
"DivX Setup" = DivX-Setup
"ESET Online Scanner" = ESET Online Scanner v3
"foobar2000" = foobar2000 v1.1.1
"Free RAR Extract Frog" = Free RAR Extract Frog
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.17.221
"Guard.Mail.ru" = Guard.ICQ
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"MAGIX_MSI_PC_Check_Tuning_Free_2011" = MAGIX PC Check & Tuning Free 2011
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 14.0.1 (x86 en-US)" = Mozilla Firefox 14.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Picasa 3" = Picasa 3
"PicPick" = PicPick
"Polipo" = Polipo 1.0.4.1
"Security Task Manager" = Security Task Manager 1.8d
"Tor" = Tor 0.2.2.38
"Uninstall_is1" = Uninstall 1.0.0.1
"Vidalia" = Vidalia 0.2.20
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite_Wave3" = Windows Live Essentials
"ZoneAlarm Free Antivirus + Firewall" = ZoneAlarm Free Antivirus + Firewall
"ZoneAlarm LTD Toolbar" = ZoneAlarm LTD Toolbar
"ZoneAlarm Security Toolbar" = ZoneAlarm Security Toolbar 
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Move Media Player" = Move Media Player
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 31/08/2012 16:33:45 | Computer Name = Nathalie-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 17488
 
Error - 31/08/2012 18:47:58 | Computer Name = Nathalie-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
 werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
 ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
 DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
 und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
 
Error - 31/08/2012 19:55:48 | Computer Name = Nathalie-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\spybot
 - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "c:\program
 files\spybot - search & destroy\DelZip179.dll" in Zeile 8.  Der Wert "*" des "language"-Attributs
 im assemblyIdentity-Element ist ungültig.
 
Error - 31/08/2012 20:45:05 | Computer Name = Nathalie-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
 werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
 ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
 DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
 und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
 
Error - 01/09/2012 03:30:36 | Computer Name = Nathalie-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
 werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
 ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
 DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
 und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
 
Error - 01/09/2012 05:52:19 | Computer Name = Nathalie-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
 werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
 ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
 DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
 und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
 
Error - 01/09/2012 13:02:48 | Computer Name = Nathalie-PC | Source = Application Hang | ID = 1002
Description = Programm q5eljzht.exe, Version 1.0.15.15641 kann nicht mehr unter 
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in
 der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem 
zu suchen.    Prozess-ID: 2d4    Startzeit: 01cd88638196ca6d    Endzeit: 19    Anwendungspfad: C:\Users\Nathalie\Downloads\q5eljzht.exe

Berichts-ID:
 d4428e80-f456-11e1-a0f8-001f1621be01  
 
Error - 01/09/2012 18:59:25 | Computer Name = Nathalie-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: q5eljzht.exe, Version: 1.0.15.15641,
 Zeitstempel: 0x4e21f2b1  Name des fehlerhaften Moduls: q5eljzht.exe, Version: 1.0.15.15641,
 Zeitstempel: 0x4e21f2b1  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0000c676  ID des fehlerhaften
 Prozesses: 0x7d0  Startzeit der fehlerhaften Anwendung: 0x01cd8895164a00a4  Pfad der
 fehlerhaften Anwendung: C:\Users\Nathalie\Downloads\q5eljzht.exe  Pfad des fehlerhaften
 Moduls: C:\Users\Nathalie\Downloads\q5eljzht.exe  Berichtskennung: ac89aa17-f488-11e1-95b8-001f1621be01
 
Error - 01/09/2012 18:59:52 | Computer Name = Nathalie-PC | Source = Application Hang | ID = 1002
Description = Programm OTL.exe, Version 3.2.59.1 kann nicht mehr unter Windows ausgeführt
 werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: be8    Startzeit: 
01cd8893de789ad0    Endzeit: 0    Anwendungspfad: C:\Users\Nathalie\Downloads\OTL.exe    Berichts-ID:
 b7a3fc30-f488-11e1-95b8-001f1621be01  
 
Error - 01/09/2012 19:05:05 | Computer Name = Nathalie-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: q5eljzht.exe, Version: 1.0.15.15641,
 Zeitstempel: 0x4e21f2b1  Name des fehlerhaften Moduls: q5eljzht.exe, Version: 1.0.15.15641,
 Zeitstempel: 0x4e21f2b1  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0000c676  ID des fehlerhaften
 Prozesses: 0x13e0  Startzeit der fehlerhaften Anwendung: 0x01cd8895e21e9494  Pfad der
 fehlerhaften Anwendung: C:\Users\Nathalie\Downloads\Scansysteme\q5eljzht.exe  Pfad
 des fehlerhaften Moduls: C:\Users\Nathalie\Downloads\Scansysteme\q5eljzht.exe  Berichtskennung:
 773f0a81-f489-11e1-95b8-001f1621be01
 
[ Media Center Events ]
Error - 23/09/2010 16:50:28 | Computer Name = Nathalie-PC | Source = MCUpdate | ID = 0
Description = 22:50:28 - Fehler beim Herstellen der Internetverbindung.  22:50:28 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 23/09/2010 17:54:28 | Computer Name = Nathalie-PC | Source = MCUpdate | ID = 0
Description = 23:54:28 - Fehler beim Herstellen der Internetverbindung.  23:54:28 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 23/09/2010 19:34:19 | Computer Name = Nathalie-PC | Source = MCUpdate | ID = 0
Description = 01:34:19 - Fehler beim Herstellen der Internetverbindung.  01:34:19 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 25/09/2010 02:09:29 | Computer Name = Nathalie-PC | Source = MCUpdate | ID = 0
Description = 08:09:29 - Fehler beim Herstellen der Internetverbindung.  08:09:29 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 10/12/2010 22:45:48 | Computer Name = Nathalie-PC | Source = MCUpdate | ID = 0
Description = 03:45:46 - Fehler beim Herstellen der Internetverbindung.  03:45:48 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 10/12/2010 22:47:53 | Computer Name = Nathalie-PC | Source = MCUpdate | ID = 0
Description = 03:46:19 - Fehler beim Herstellen der Internetverbindung.  03:46:19 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 12/12/2010 04:35:07 | Computer Name = Nathalie-PC | Source = MCUpdate | ID = 0
Description = 09:35:07 - Fehler beim Herstellen der Internetverbindung.  09:35:07 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 12/12/2010 04:35:22 | Computer Name = Nathalie-PC | Source = MCUpdate | ID = 0
Description = 09:35:13 - Fehler beim Herstellen der Internetverbindung.  09:35:13 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 23/12/2010 19:56:16 | Computer Name = Nathalie-PC | Source = MCUpdate | ID = 0
Description = 00:56:15 - Fehler beim Herstellen der Internetverbindung.  00:56:15 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 23/12/2010 19:56:52 | Computer Name = Nathalie-PC | Source = MCUpdate | ID = 0
Description = 00:56:45 - Fehler beim Herstellen der Internetverbindung.  00:56:45 
-     Serververbindung konnte nicht hergestellt werden..  
 
[ System Events ]
Error - 01/09/2012 12:28:59 | Computer Name = Nathalie-PC | Source = atapi | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort1 gefunden.
 
Error - 01/09/2012 16:41:45 | Computer Name = Nathalie-PC | Source = cdrom | ID = 262159
Description = Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.
 
Error - 01/09/2012 16:41:45 | Computer Name = Nathalie-PC | Source = cdrom | ID = 262159
Description = Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.
 
Error - 01/09/2012 16:41:45 | Computer Name = Nathalie-PC | Source = cdrom | ID = 262159
Description = Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.
 
Error - 01/09/2012 16:41:45 | Computer Name = Nathalie-PC | Source = cdrom | ID = 262159
Description = Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.
 
Error - 01/09/2012 16:41:45 | Computer Name = Nathalie-PC | Source = atapi | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort1 gefunden.
 
Error - 01/09/2012 16:41:45 | Computer Name = Nathalie-PC | Source = cdrom | ID = 262159
Description = Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.
 
Error - 01/09/2012 19:07:15 | Computer Name = Nathalie-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?02.?09.?2012 um 01:05:56 unerwartet heruntergefahren.
 
Error - 01/09/2012 19:07:19 | Computer Name = Nathalie-PC | Source = BugCheck | ID = 1001
Description = 
 
Error - 01/09/2012 19:08:08 | Computer Name = Nathalie-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   cdrom
 
 
< End of report >
         

Malwarebytes erstellt bei jedem Scanvorgang genau ein Log. Hast du in der Vergangenheit schonmal mit Malwarebytes gescannt?
Wenn ja dann stehen auch alle Logs zu jedem Scanvorgang im Reiter Logdateien. Bitte alle posten, die dort sichtbar sind.

Außerdem fehlt das ESET-Log auch wenn nichts gefunden wurde soll es gepostet werden