Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: OTLogfile Auswertung benötigt

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 07.02.2014, 14:04   #1
minimall
 
OTLogfile Auswertung benötigt - Standard

OTLogfile Auswertung benötigt



OTL EXTRAS Logfile:
OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 07.02.2014 13:05:36 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Mala Mi\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
15,97 Gb Total Physical Memory | 11,12 Gb Available Physical Memory | 69,66% Memory free
31,93 Gb Paging File | 27,09 Gb Available in Paging File | 84,84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1397,17 Gb Total Space | 1005,41 Gb Free Space | 71,96% Space Free | Partition Type: NTFS
Drive D: | 177,31 Gb Total Space | 133,18 Gb Free Space | 75,11% Space Free | Partition Type: NTFS
 
Computer Name: MONI-PC | User Name: Mala Mi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software)
 
[HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
 
[HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
 
[HKEY_USERS\S-1-5-21-2933857112-123260191-3042084646-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== System Restore Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0FF49C0F-58C1-467E-8E24-3135939156F2}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | 
"{6EDC8652-73AF-4A23-9252-21A243BB8A45}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | 
"{8E8E90D9-03FF-4577-A2F5-D3234377BD7C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{94B52559-7F3E-4CF6-9969-BF983AF69FA9}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | 
"{FC770E0B-08A2-47FA-B438-F122B4B4CB24}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | 
"TCP Query User{9DA93815-9DE8-4F8A-9337-DCD50E44580F}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"TCP Query User{EF54007D-DB9B-491D-865C-35712943D338}C:\users\mala mi\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\mala mi\appdata\roaming\spotify\spotify.exe | 
"UDP Query User{456F3A5D-D301-4C3C-A7C2-13DDA2D9D603}C:\users\mala mi\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\mala mi\appdata\roaming\spotify\spotify.exe | 
"UDP Query User{513AB29A-BEE1-413A-BB11-A3414687FBC3}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417051FF}" = Java 7 Update 51 (64-bit)
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031" = Microsoft .NET Framework 4.5.1 (Deutsch)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.13.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.15.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.26.4
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C513739C-5F16-37B5-9ACF-99925FF1C1F3}" = Microsoft .NET Framework 4.5.1 (DEU)
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"CCleaner" = CCleaner
"sp6" = Logitech SetPoint 6.61
"WinRAR archiver" = WinRAR 4.11 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03D562B5-C4E2-4846-A920-33178788BE00}" = Windows Live Communications Platform
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0F929651-F516-4956-90F2-FFBD2CD5D30E}" = Photo Gallery
"{0FD66C6F-4023-4C74-AF8E-9B8B2053868E}" = Fotogalerie
"{0FF9CC94-EF23-401E-BDBD-37403D1A2B38}" = Windows Live SOXE Definitions
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{1C997E1C-5CE9-4AF3-AAA9-DC65E6090827}" = Microsoft Expression Blend SDK for Silverlight 4
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{23B93929-FAD4-40E5-96C6-0E977BB87204}" = Windows Live Essentials
"{256E7DAC-9BE8-494E-8DE7-7857BF96B774}" = Microsoft Expression Blend 3 SDK
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 51
"{3282FBE1-35FC-48D8-98CA-115A5EF1F9B4}" = NVIDIA PhysX
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{43430FA1-12BB-4D88-862E-4F1000008400}" = Resident Evil: Operation Raccoon City
"{45898170-E68C-4F02-AA35-C2186BF347A3}" = Movie Maker
"{49DC9658-D26A-4AAB-A83A-2655B8033056}" = Photo Common
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}" = Google Earth Plug-in
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{5A0EE0F0-E909-4F3B-B437-AAD9252427CB}" = Windows Live Installer
"{6066D3FE-3692-4449-A3C8-D1EAA2C0E9E7}" = Movie Maker
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B6923B9-8719-425B-916C-CD2908F31AAF}" = Windows Live SOXE
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{765BF404-2FEE-492B-9E7F-A55143796EF1}" = Geheimakte 3
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{875FD277-1D33-4321-BDD8-5D776DE81117}" = Windows Internet Explorer 10
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{91B33C97-0FBA-74AE-E802-D782F5C8AA89}_is1" = Ashampoo Burning Studio 2013 v.11.0.6
"{91B33C97-93EB-244C-F687-71D85E45A206}_is1" = Ashampoo Burning Studio 12 v.12.0.5
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9781A96F-71AC-4738-984B-5AB597DFE678}" = WER WIRD MILLIONÄR VIERTE EDITION
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B3A1C97-A361-463E-8817-444F9F88CDFE}" = Microsoft Expression Blend SDK for .NET 4
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A50DE037-B5C0-4C8A-8049-B0C576B313D1}" = Google+ Auto Backup
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB67580-257C-45FF-B8F4-C8C30682091A}_is1" = SIW version 2011.10.29
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.06) - Deutsch
"{AF6ECA04-F2CC-11D3-9D68-0020781864F1}" = International CueClub
"{B28DBCBA-60F8-40ED-B35B-F510C327946C}" = OpenOffice 4.0.0
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B829E117-D072-41EA-9606-9826A38D34C1}" = Sophos Virus Removal Tool
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{C6B0EE9E-2128-4448-B7AE-5E2B46E0F0E7}" = Windows Live Photo Common
"{CCC7C18E-1BEA-409F-B7A9-6C9740B99119}" = Windows Live UX Platform Language Pack
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam-Software
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3445598-4424-4EE2-B71C-C23325F7FB71}" = Windows Live PIMT Platform
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E58739-2B4C-498F-9B0D-FF0F2FD52B61}" = Windows Live UX Platform
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE)
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"33B31D6D-7EFB-45A3-AC50-4DAF98042443_is1" = The Book Of Unwritten Tales: Die Vieh Chroniken Version 1.2
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"AudibleManager" = AudibleManager
"AudioCS" = Creative Audio-Systemsteuerung
"Avira AntiVir Desktop" = Avira Free Antivirus
"Black Mirror III_is1" = Black Mirror III
"Broken Sword 2.5_is1" = Broken Sword 2.5
"Chronicles of Mystery/DE-German_is1" = Das Vermächtnis: Testament of Sin
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2011-11-11
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Sound Blaster Properties x64 Edition" = Creative Sound Blaster Properties x64 Edition
"CUE_CLUB" = CUE CLUB
"DAEMON Tools Lite" = DAEMON Tools Lite
"Deponia" = Deponia
"ffdshow_is1" = ffdshow v1.2.4475 [2012-07-12]
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.11.812
"Freemake Video Converter_is1" = Freemake Video Converter wersja 4.0.3
"Galileo Family Quiz - Spezial II" = Galileo Family Quiz - Spezial II
"HaaliMkx" = Haali Media Splitter
"IObit Malware Fighter_is1" = IObit Malware Fighter
"Luxor 5th Passage" = Luxor 5th Passage
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.75.0.1300
"Mozilla Firefox 26.0 (x86 de)" = Mozilla Firefox 26.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"Opera 19.0.1326.59" = Opera Stable 19.0.1326.59
"Pflanzen gegen Zombies" = Pflanzen gegen Zombies
"Picasa 3" = Picasa 3
"Saw" = Saw Game
"SDR2" = Schlag den Raab - Das 2. Spiel
"SDR3" = Schlag den Raab - Das 3. Spiel
"Security Task Manager" = Security Task Manager 1.8g
"Sophos-AntiRootkit" = Sophos Anti-Rootkit 1.5.0
"TeamViewer 8" = TeamViewer 8
"TrueCrypt" = TrueCrypt
"TuneUp Utilities 2013" = TuneUp Utilities 2013
"UseNeXT by Tangysoft_is1" = UseNeXT by Tangysoft
"VLC media player" = VLC media player 2.1.1
"WinLiveSuite" = Windows Live Essentials
"xp-AntiSpy" = xp-AntiSpy 3.98-2
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-2933857112-123260191-3042084646-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 22.08.2013 15:19:27 | Computer Name = Moni-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 23.08.2013 10:25:38 | Computer Name = Moni-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 24.08.2013 07:43:19 | Computer Name = Moni-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 25.08.2013 08:39:13 | Computer Name = Moni-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 27.08.2013 07:14:21 | Computer Name = Moni-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 28.08.2013 04:06:48 | Computer Name = Moni-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 28.08.2013 10:04:14 | Computer Name = Moni-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 29.08.2013 09:00:55 | Computer Name = Moni-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 29.08.2013 13:44:40 | Computer Name = Moni-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567,
 Zeitstempel: 0x4d672ee4  Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.1.7601.18103,
 Zeitstempel: 0x512d9f39  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000000000005055a
ID
 des fehlerhaften Prozesses: 0x6dc  Startzeit der fehlerhaften Anwendung: 0x01cea4b989e1dfd9
Pfad
 der fehlerhaften Anwendung: C:\Windows\Explorer.EXE  Pfad des fehlerhaften Moduls:
 C:\Windows\system32\SHELL32.dll  Berichtskennung: adabbb4b-10d2-11e3-95d5-5404a6efb57a
 
Error - 30.08.2013 02:32:25 | Computer Name = Moni-PC | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 05.02.2014 08:43:14 | Computer Name = Moni-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "sbapifs" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 05.02.2014 19:27:11 | Computer Name = Moni-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "sbapifs" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 06.02.2014 03:50:00 | Computer Name = Moni-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "sbapifs" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 06.02.2014 04:27:22 | Computer Name = Moni-PC | Source = Microsoft-Windows-Kernel-General | ID = 5
Description = 
 
Error - 06.02.2014 04:28:05 | Computer Name = Moni-PC | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
 Sie auf dem Volume "\Device\HarddiskVolumeShadowCopy8" den Befehl "chkdsk" aus.
 
Error - 06.02.2014 04:28:29 | Computer Name = Moni-PC | Source = Microsoft-Windows-Kernel-General | ID = 5
Description = 
 
Error - 06.02.2014 04:29:05 | Computer Name = Moni-PC | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
 Sie auf dem Volume "\Device\HarddiskVolumeShadowCopy7" den Befehl "chkdsk" aus.
 
Error - 07.02.2014 03:31:44 | Computer Name = Moni-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "sbapifs" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 07.02.2014 03:33:17 | Computer Name = Moni-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Spybot-S&D 2 Scanner Service erreicht.
 
Error - 07.02.2014 03:33:17 | Computer Name = Moni-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1053
 
 
< End of report >
         
--- --- ---

--- --- ---


OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 07.02.2014 13:05:36 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Mala Mi\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
15,97 Gb Total Physical Memory | 11,12 Gb Available Physical Memory | 69,66% Memory free
31,93 Gb Paging File | 27,09 Gb Available in Paging File | 84,84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1397,17 Gb Total Space | 1005,41 Gb Free Space | 71,96% Space Free | Partition Type: NTFS
Drive D: | 177,31 Gb Total Space | 133,18 Gb Free Space | 75,11% Space Free | Partition Type: NTFS
 
Computer Name: MONI-PC | User Name: Mala Mi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC -  File not found
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\TuneUp Utilities 2013\Integrator.exe (TuneUp Software)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\TuneUp Utilities 2013\libcef.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (TeamViewer8) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (LBTServ) -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (!SASCORE) -- C:\Programme\SUPERAntiSpyware\SASCore64.exe (SUPERAntiSpyware.com)
SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (CTAudSvcService) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (esgiguard) -- C:\PROGRAM FILES\ENIGMA SOFTWARE GROUP\SPYHUNTER\esgiguard.sys File not found
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LEqdUsb) -- C:\Windows\SysNative\drivers\LEqdUsb.sys (Logitech, Inc.)
DRV:64bit: - (LHidEqd) -- C:\Windows\SysNative\drivers\LHidEqd.sys (Logitech, Inc.)
DRV:64bit: - (gfibto) -- C:\Windows\SysNative\drivers\gfibto.sys (GFI Software)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys (Duplex Secure Ltd.)
DRV:64bit: - (truecrypt) -- C:\Windows\SysNative\drivers\truecrypt.sys (TrueCrypt Foundation)
DRV:64bit: - (CompFilter64) -- C:\Windows\SysNative\drivers\lvbflt64.sys (Logitech Inc.)
DRV:64bit: - (LVUVC64) -- C:\Windows\SysNative\drivers\LVUVC64.sys (Logitech Inc.)
DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (asmtxhci) -- C:\Windows\SysNative\drivers\asmtxhci.sys (ASMedia Technology Inc)
DRV:64bit: - (asmthub3) -- C:\Windows\SysNative\drivers\asmthub3.sys (ASMedia Technology Inc)
DRV:64bit: - (ssadmdm) -- C:\Windows\SysNative\drivers\ssadmdm.sys (MCCI Corporation)
DRV:64bit: - (ssadbus) -- C:\Windows\SysNative\drivers\ssadbus.sys (MCCI Corporation)
DRV:64bit: - (ssadmdfl) -- C:\Windows\SysNative\drivers\ssadmdfl.sys (MCCI Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (tsusbhub) -- C:\Windows\SysNative\drivers\tsusbhub.sys (Microsoft Corporation)
DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (P17) -- C:\Windows\SysNative\drivers\P17.sys (Creative Technology Ltd.)
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (MEMSWEEP2) -- C:\Windows\SysNative\650E.tmp (Sophos Plc)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (SASDIFSV) -- C:\Programme\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Programme\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0191A6B0-1154-4C22-9182-23A95BBE92D9}
IE:64bit: - HKLM\..\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}: "URL" = hxxp://www.google.com/search?q={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0191A6B0-1154-4C22-9182-23A95BBE92D9}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=7e7272e0-5843-45b7-a463-8e1f0d20c653&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKLM\..\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}: "URL" = hxxp://www.google.com/search?q={searchTerms}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\URLSearchHook:  - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
 
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
 
IE - HKU\S-1-5-21-2933857112-123260191-3042084646-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = about:blank [binary data]
IE - HKU\S-1-5-21-2933857112-123260191-3042084646-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2933857112-123260191-3042084646-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
IE - HKU\S-1-5-21-2933857112-123260191-3042084646-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2933857112-123260191-3042084646-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-2933857112-123260191-3042084646-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D8 23 A4 E5 F5 5C CD 01  [binary data]
IE - HKU\S-1-5-21-2933857112-123260191-3042084646-1000\..\SearchScopes,DefaultScope = {35436CE0-E4FC-49F0-95C5-F39E66DFACE8}
IE - HKU\S-1-5-21-2933857112-123260191-3042084646-1000\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
IE - HKU\S-1-5-21-2933857112-123260191-3042084646-1000\..\SearchScopes\{2B883C7E-1F59-4886-9679-257EF88BF625}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}
IE - HKU\S-1-5-21-2933857112-123260191-3042084646-1000\..\SearchScopes\{35436CE0-E4FC-49F0-95C5-F39E66DFACE8}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-2933857112-123260191-3042084646-1000\..\SearchScopes\{68AFAB6F-DABF-40F1-91BF-251E8A12F8A1}: "URL" = hxxp://www.computerbild.de/suche/index.html?s_text={searchTerms}
IE - HKU\S-1-5-21-2933857112-123260191-3042084646-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={sear
IE - HKU\S-1-5-21-2933857112-123260191-3042084646-1000\..\SearchScopes\{9C3B3989-561F-47C3-9A31-EC00EF307A05}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2933857112-123260191-3042084646-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2933857112-123260191-3042084646-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
 
========== FireFox ==========
 
FF - prefs.js..browser.search.order.1: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "chrome://fvd.speeddial/content/fvd_about_blank.html"
FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.5.5
FF - prefs.js..extensions.enabledAddons: openlinkintab%40piro.sakura.ne.jp:0.1.2013100801
FF - prefs.js..extensions.enabledAddons: YouTubeAutoReplay%40arikv.com:2.88
FF - prefs.js..extensions.enabledAddons: https-everywhere%40eff.org:3.4.5
FF - prefs.js..extensions.enabledAddons: %7B62760FD6-B943-48C9-AB09-F99C6FE96088%7D:3.0.2.0
FF - prefs.js..extensions.enabledAddons: tiletabs%40DW-dev:11.0
FF - prefs.js..extensions.enabledAddons: %7B19503e42-ca3c-4c27-b1e2-9cdb2170ee34%7D:1.5.5.96
FF - prefs.js..extensions.enabledAddons: pavel.sherbakov%40gmail.com:4.6.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDAPP\CCM\Utilities\npAdobeAAMDetect64.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@protectdisc.com/NPMPDRM: C:\Program Files (x86)\Common Files\mpDRM\Binaries\NPMPDRM.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Mala Mi\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Mala Mi\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ [2013.08.16 12:26:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmconverter@gmail.com: C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2013.08.16 11:11:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F003DA68-8256-4b37-A6C4-350FA04494DF}: C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013.08.18 20:22:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
 
[2013.03.24 20:19:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mala Mi\AppData\Roaming\mozilla\Extensions
[2014.02.03 13:36:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mala Mi\AppData\Roaming\mozilla\Firefox\Profiles\czdufkyf.default\extensions
[2014.01.23 13:09:14 | 000,000,000 | ---D | M] (FT DeepDark) -- C:\Users\Mala Mi\AppData\Roaming\mozilla\Firefox\Profiles\czdufkyf.default\extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66}
[2013.08.27 12:25:49 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Mala Mi\AppData\Roaming\mozilla\Firefox\Profiles\czdufkyf.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2014.01.23 13:09:22 | 000,000,000 | ---D | M] ("Flash Video Downloader") -- C:\Users\Mala Mi\AppData\Roaming\mozilla\Firefox\Profiles\czdufkyf.default\extensions\artur.dubovoy@gmail.com
[2014.01.12 18:14:04 | 000,000,000 | ---D | M] (HTTPS-Everywhere) -- C:\Users\Mala Mi\AppData\Roaming\mozilla\Firefox\Profiles\czdufkyf.default\extensions\https-everywhere@eff.org
[2013.12.11 19:39:07 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Mala Mi\AppData\Roaming\mozilla\Firefox\Profiles\czdufkyf.default\extensions\ich@maltegoetz.de
[2014.01.31 16:43:53 | 000,000,000 | ---D | M] ("FVD Speed Dial with Full Online Sync") -- C:\Users\Mala Mi\AppData\Roaming\mozilla\Firefox\Profiles\czdufkyf.default\extensions\pavel.sherbakov@gmail.com
[2013.10.20 21:09:24 | 000,103,613 | ---- | M] () (No name found) -- C:\Users\Mala Mi\AppData\Roaming\mozilla\firefox\profiles\czdufkyf.default\extensions\openlinkintab@piro.sakura.ne.jp.xpi
[2014.01.31 14:46:42 | 000,129,516 | ---- | M] () (No name found) -- C:\Users\Mala Mi\AppData\Roaming\mozilla\firefox\profiles\czdufkyf.default\extensions\tiletabs@DW-dev.xpi
[2012.10.26 19:03:29 | 000,060,290 | ---- | M] () (No name found) -- C:\Users\Mala Mi\AppData\Roaming\mozilla\firefox\profiles\czdufkyf.default\extensions\translator@zoli.bod.xpi
[2013.10.12 22:25:43 | 000,001,552 | ---- | M] () (No name found) -- C:\Users\Mala Mi\AppData\Roaming\mozilla\firefox\profiles\czdufkyf.default\extensions\unseen@tangrs.xpi
[2013.11.18 11:35:04 | 000,015,095 | ---- | M] () (No name found) -- C:\Users\Mala Mi\AppData\Roaming\mozilla\firefox\profiles\czdufkyf.default\extensions\YouTubeAutoReplay@arikv.com.xpi
[2014.01.31 16:43:51 | 000,384,324 | ---- | M] () (No name found) -- C:\Users\Mala Mi\AppData\Roaming\mozilla\firefox\profiles\czdufkyf.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
[2014.01.23 13:09:47 | 000,931,920 | ---- | M] () (No name found) -- C:\Users\Mala Mi\AppData\Roaming\mozilla\firefox\profiles\czdufkyf.default\extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}.xpi
[2014.01.24 13:09:07 | 000,536,213 | ---- | M] () (No name found) -- C:\Users\Mala Mi\AppData\Roaming\mozilla\firefox\profiles\czdufkyf.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2014.01.01 15:41:34 | 000,152,142 | ---- | M] () (No name found) -- C:\Users\Mala Mi\AppData\Roaming\mozilla\firefox\profiles\czdufkyf.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
[2014.01.23 13:09:13 | 000,940,775 | ---- | M] () (No name found) -- C:\Users\Mala Mi\AppData\Roaming\mozilla\firefox\profiles\czdufkyf.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.03.05 22:15:39 | 000,001,504 | ---- | M] () -- C:\Users\Mala Mi\AppData\Roaming\mozilla\firefox\profiles\czdufkyf.default\searchplugins\imdb.xml
[2012.07.10 21:32:23 | 000,004,140 | ---- | M] () -- C:\Users\Mala Mi\AppData\Roaming\mozilla\firefox\profiles\czdufkyf.default\searchplugins\youtube.xml
[2013.09.13 03:40:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2014.01.01 15:52:52 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2013.07.20 08:20:50 | 000,003,036 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1	 secure.tuneup.com
O1 - Hosts: 127.0.0.1	 secure.tune-up.com
O1 - Hosts: 127.0.0.1	 activate.adobe.com
O1 - Hosts: 127.0.0.1	 practivate.adobe.com
O1 - Hosts: 127.0.0.1 192.150.14.69
O1 - Hosts: 127.0.0.1 192.150.18.101
O1 - Hosts: 127.0.0.1 192.150.18.108
O1 - Hosts: 127.0.0.1 192.150.22.40
O1 - Hosts: 127.0.0.1 192.150.8.100
O1 - Hosts: 127.0.0.1 192.150.8.118
O1 - Hosts: 127.0.0.1 209-34-83-73.ood.opsource.net
O1 - Hosts: 127.0.0.1 3dns-1.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-4.adobe.com
O1 - Hosts: 127.0.0.1 3dns.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 46 more lines...
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Programme\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Programme\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKU\S-1-5-21-2933857112-123260191-3042084646-1006..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2933857112-123260191-3042084646-1006..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-21-2933857112-123260191-3042084646-1000\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-21-2933857112-123260191-3042084646-1000\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-21-2933857112-123260191-3042084646-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2933857112-123260191-3042084646-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-2933857112-123260191-3042084646-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O7 - HKU\S-1-5-21-2933857112-123260191-3042084646-1006\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-21-2933857112-123260191-3042084646-1006\Software\Policies\Microsoft\Internet Explorer\restrictions present
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm ()
O9:64bit: - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
O9:64bit: - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab (Java Plug-in 10.51.2)
O16 - DPF: {CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab (Java Plug-in 1.7.0_10)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab (Java Plug-in 10.51.2)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab (Creative Software AutoUpdate 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BD735716-763A-444D-A777-88DF67FB2AE2}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O20 - Winlogon\Notify\LBTWlgn: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\AcroRd32.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\adobe air application installer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\adobe audition.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\adobe extension manager cs5.5.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\adobe extension manager cs6.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\afterfx.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\ccleaner64.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\devicecentral.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\extendscript toolkit.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\illustrator.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\nvstlink.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\nvstview.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\pdapp.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\pixel bender toolkit.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\skype.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\switchboard.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\teamviewer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\uninst.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\AcroRd32.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\adobe air application installer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\adobe audition.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\adobe extension manager cs5.5.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\adobe extension manager cs6.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\afterfx.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\ccleaner64.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\devicecentral.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\extendscript toolkit.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\illustrator.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\nvstlink.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\nvstview.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\pdapp.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\pixel bender toolkit.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\skype.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\switchboard.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\teamviewer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\uninst.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.07.20 10:08:05 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{602b05cf-a233-11e2-aafa-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{602b05cf-a233-11e2-aafa-806e6f6e6963}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL hxxp://www.ultimatebootcd.com/
O34 - HKLM BootExecute: (VLw⁶ᴆ‰耀	><_⁹ᴆ‰耀
wDX⁸ᴆ‰耀bTq⁻ᴆ‰耀A..⁺ᴆ‰耀
and⁽ᴆ‰耀Lqy⁼ᴆ‰耀Ru3ⁿᴆ‰耀nuB⁾ᴆ‰耀N3X₁ᴆ‰耀JOY₀ᴆ‰耀M."₃ᴆ‰耀="_₂ᴆ‰耀UuQ₅ᴆ‰耀kHS₄ᴆ‰耀2Ke₇ᴆ‰耀-Lm₆ᴆ‰耀5yB₉ᴆ‰耀jYh₈ᴆ‰耀wCF₋ᴆ‰耀tjy₊ᴆ‰耀ren₍ᴆ‰耀"_G₌ᴆ‰耀JD3₏ᴆ‰耀 PCo₎ᴆ‰耀!.."ₑᴆ‰耀"helₐᴆ‰耀#qyDₓᴆ‰耀$0vkₒᴆ‰耀%4SGₕᴆ‰耀& waₔᴆ‰耀'untₗᴆ‰耀(_7Jₖᴆ‰耀)jEQₙᴆ‰耀*wNGₘᴆ‰耀+/><ₛᴆ‰耀,_XVₚᴆ‰耀-VyG₝ᴆ‰耀.hQ.ₜᴆ‰耀/t="₟ᴆ‰耀0oSL₞ᴆ‰耀1X98₡ᴆ‰耀2UQ.₠ᴆ‰耀3<_5₣ᴆ‰耀4V_b₢ᴆ‰耀5Gql₥ᴆ‰耀6.. ₤ᴆ‰耀7="_₧ᴆ‰耀8j_r₦ᴆ‰耀98im₩ᴆ‰耀:w..₨ᴆ‰耀;_hF₫ᴆ‰耀<vkz₪ᴆ‰耀=5bc₭ᴆ‰耀￿. condition꿑༝㽤ࠂᖴ,)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\.DEFAULT\...exe [@ = exefile] -- Reg Error: Key error. File not found
O37 - HKU\S-1-5-18\...exe [@ = exefile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014.02.07 11:48:02 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Mala Mi\Desktop\OTL.exe
[2014.02.07 10:06:10 | 000,000,000 | ---D | C] -- C:\Users\Mala Mi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
[2014.02.07 09:58:58 | 000,312,744 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2014.02.07 09:58:52 | 000,189,352 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2014.02.07 09:58:52 | 000,189,352 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2014.02.07 09:58:52 | 000,108,968 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2014.02.07 09:58:48 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2014.01.31 18:45:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2014.01.31 14:52:09 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014.01.23 13:31:11 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2014.01.23 13:31:11 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2014.01.23 13:31:09 | 000,376,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2014.01.23 13:30:10 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014.01.23 13:30:05 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014.01.23 13:30:05 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014.01.23 13:30:05 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.05.27 05:29:06 | 001,178,624 | ---- | C] (CPUID) -- C:\Users\Mala Mi\AppData\Roaming\siw_sdk.dll
[23 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014.02.07 13:07:02 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.02.07 12:18:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.02.07 11:48:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mala Mi\Desktop\OTL.exe
[2014.02.07 11:07:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.02.07 10:55:07 | 000,007,636 | ---- | M] () -- C:\Users\Mala Mi\AppData\Local\Resmon.ResmonCfg
[2014.02.07 10:20:24 | 000,026,352 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.02.07 10:20:24 | 000,026,352 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.02.07 10:11:09 | 009,877,626 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014.02.07 10:11:09 | 000,737,390 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
[2014.02.07 10:11:09 | 000,732,292 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2014.02.07 10:11:09 | 000,731,980 | ---- | M] () -- C:\Windows\SysNative\perfh010.dat
[2014.02.07 10:11:09 | 000,716,534 | ---- | M] () -- C:\Windows\SysNative\perfh019.dat
[2014.02.07 10:11:09 | 000,699,432 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2014.02.07 10:11:09 | 000,682,558 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2014.02.07 10:11:09 | 000,675,688 | ---- | M] () -- C:\Windows\SysNative\perfh00E.dat
[2014.02.07 10:11:09 | 000,660,774 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014.02.07 10:11:09 | 000,654,270 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.02.07 10:11:09 | 000,648,616 | ---- | M] () -- C:\Windows\SysNative\perfh01F.dat
[2014.02.07 10:11:09 | 000,501,348 | ---- | M] () -- C:\Windows\SysNative\perfh006.dat
[2014.02.07 10:11:09 | 000,470,948 | ---- | M] () -- C:\Windows\SysNative\perfh001.dat
[2014.02.07 10:11:09 | 000,420,358 | ---- | M] () -- C:\Windows\SysNative\perfh012.dat
[2014.02.07 10:11:09 | 000,171,272 | ---- | M] () -- C:\Windows\SysNative\perfc00E.dat
[2014.02.07 10:11:09 | 000,158,472 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
[2014.02.07 10:11:09 | 000,155,870 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2014.02.07 10:11:09 | 000,150,840 | ---- | M] () -- C:\Windows\SysNative\perfc019.dat
[2014.02.07 10:11:09 | 000,149,572 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2014.02.07 10:11:09 | 000,146,844 | ---- | M] () -- C:\Windows\SysNative\perfc010.dat
[2014.02.07 10:11:09 | 000,141,424 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014.02.07 10:11:09 | 000,139,998 | ---- | M] () -- C:\Windows\SysNative\perfc01F.dat
[2014.02.07 10:11:09 | 000,130,230 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2014.02.07 10:11:09 | 000,122,142 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.02.07 10:11:09 | 000,120,382 | ---- | M] () -- C:\Windows\SysNative\perfc012.dat
[2014.02.07 10:11:09 | 000,098,656 | ---- | M] () -- C:\Windows\SysNative\perfc006.dat
[2014.02.07 10:11:09 | 000,094,770 | ---- | M] () -- C:\Windows\SysNative\perfc001.dat
[2014.02.07 10:10:59 | 009,877,626 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.02.07 10:07:16 | 001,178,624 | ---- | M] (CPUID) -- C:\Users\Mala Mi\AppData\Roaming\siw_sdk.dll
[2014.02.07 09:58:49 | 000,312,744 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2014.02.07 09:58:49 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2014.02.07 09:58:49 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2014.02.07 09:58:49 | 000,108,968 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2014.02.07 09:49:11 | 000,028,520 | ---- | M] () -- C:\Users\Mala Mi\Desktop\alc.PNG
[2014.02.07 09:34:50 | 000,027,658 | ---- | M] () -- C:\Users\Mala Mi\Desktop\procesy.PNG
[2014.02.07 08:31:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.02.05 16:18:05 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014.02.05 16:18:05 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014.01.28 09:35:58 | 000,035,640 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2014.01.28 09:35:50 | 000,038,200 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2014.01.28 09:35:50 | 000,030,520 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2014.01.28 09:35:50 | 000,026,936 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2014.01.28 09:35:50 | 000,022,328 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2014.01.23 23:25:39 | 004,914,128 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014.01.23 14:25:02 | 000,068,799 | ---- | M] () -- C:\Users\Mala Mi\Desktop\7537_772270226136225_959847539_n.jpg
[2014.01.23 14:21:00 | 000,042,957 | ---- | M] () -- C:\Users\Mala Mi\Desktop\148614_772321072797807_213943924_n.jpg
[2014.01.23 14:20:06 | 000,061,226 | ---- | M] () -- C:\Users\Mala Mi\Desktop\1555315_451950561594498_199197272_n.jpg
[2014.01.23 14:20:00 | 000,032,839 | ---- | M] () -- C:\Users\Mala Mi\Desktop\558256_767068439989190_711166395_n.jpg
[23 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014.02.07 09:49:11 | 000,028,520 | ---- | C] () -- C:\Users\Mala Mi\Desktop\alc.PNG
[2014.02.07 09:34:50 | 000,027,658 | ---- | C] () -- C:\Users\Mala Mi\Desktop\procesy.PNG
[2014.01.23 14:25:02 | 000,068,799 | ---- | C] () -- C:\Users\Mala Mi\Desktop\7537_772270226136225_959847539_n.jpg
[2014.01.23 14:21:00 | 000,042,957 | ---- | C] () -- C:\Users\Mala Mi\Desktop\148614_772321072797807_213943924_n.jpg
[2014.01.23 14:20:06 | 000,061,226 | ---- | C] () -- C:\Users\Mala Mi\Desktop\1555315_451950561594498_199197272_n.jpg
[2014.01.23 14:20:00 | 000,032,839 | ---- | C] () -- C:\Users\Mala Mi\Desktop\558256_767068439989190_711166395_n.jpg
[2013.09.18 14:20:57 | 000,234,224 | ---- | C] () -- C:\ProgramData\1379510315.bdinstall.bin
[2013.08.09 18:08:02 | 000,839,680 | ---- | C] () -- C:\ProgramData\1376065669.bdinstall.bin
[2013.06.14 11:56:01 | 000,426,243 | ---- | C] () -- C:\ProgramData\1371207065.bdinstall.bin
[2013.06.14 11:46:54 | 000,059,010 | ---- | C] () -- C:\ProgramData\1371206791.bdinstall.bin
[2013.06.14 11:45:45 | 000,233,169 | ---- | C] () -- C:\ProgramData\1371206623.bdinstall.bin
[2013.06.14 11:34:42 | 000,515,921 | ---- | C] () -- C:\ProgramData\1371205505.bdinstall.bin
[2013.05.26 19:40:07 | 000,000,680 | RHS- | C] () -- C:\Users\Mala Mi\ntuser.pol
[2013.05.16 14:51:32 | 000,485,233 | ---- | C] () -- C:\ProgramData\1368711765.bdinstall.bin
[2013.05.16 14:48:21 | 000,058,728 | ---- | C] () -- C:\ProgramData\1368712098.bdinstall.bin
[2013.05.16 14:46:48 | 000,058,728 | ---- | C] () -- C:\ProgramData\1368712005.bdinstall.bin
[2013.05.11 21:56:23 | 000,516,264 | ---- | C] () -- C:\ProgramData\1368305217.bdinstall.bin
[2013.05.06 18:09:08 | 000,472,377 | ---- | C] () -- C:\ProgramData\1367859660.bdinstall.bin
[2013.05.05 17:04:55 | 000,059,018 | ---- | C] () -- C:\ProgramData\1367769891.bdinstall.bin
[2013.05.05 15:52:56 | 000,067,754 | ---- | C] () -- C:\ProgramData\1367765573.1232.bin
[2013.05.05 15:52:56 | 000,002,300 | ---- | C] () -- C:\ProgramData\1367765573.196.bin
[2013.05.05 15:52:56 | 000,002,253 | ---- | C] () -- C:\ProgramData\1367765573.1320.bin
[2013.05.05 15:52:53 | 000,078,216 | ---- | C] () -- C:\ProgramData\1367765573.2500.bin
[2013.05.05 15:44:47 | 000,007,813 | ---- | C] () -- C:\ProgramData\1367765082.2292.bin
[2013.05.05 15:44:47 | 000,002,253 | ---- | C] () -- C:\ProgramData\1367765082.2296.bin
[2013.05.05 15:44:47 | 000,001,417 | ---- | C] () -- C:\ProgramData\1367765082.1172.bin
[2013.05.05 15:44:42 | 000,077,856 | ---- | C] () -- C:\ProgramData\1367765082.2692.bin
[2013.05.05 15:41:53 | 000,417,104 | ---- | C] () -- C:\ProgramData\1367760645.bdinstall.bin
[2013.05.05 14:30:45 | 000,075,580 | ---- | C] () -- C:\ProgramData\1367760644.bdinstall.bin
[2013.01.22 12:45:12 | 000,000,132 | ---- | C] () -- C:\Users\Mala Mi\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012.12.14 19:15:51 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\mslck.dat
[2012.12.14 19:12:34 | 000,000,032 | ---- | C] () -- C:\Windows\SysWow64\Mlkf.dll
[2012.12.14 19:08:29 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\fldlckun.exe
[2012.09.21 20:08:36 | 010,919,784 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012.09.21 20:08:36 | 000,338,136 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012.09.21 20:08:36 | 000,103,272 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2012.09.20 08:18:35 | 000,567,773 | ---- | C] () -- C:\ProgramData\1348124937.bdinstall.bin
[2012.09.20 08:05:37 | 000,051,289 | ---- | C] () -- C:\ProgramData\1348124726.bdinstall.bin
[2012.09.20 08:05:23 | 000,325,326 | ---- | C] () -- C:\ProgramData\1348124655.bdinstall.bin
[2012.09.20 08:00:43 | 000,206,857 | ---- | C] () -- C:\ProgramData\1348124189.bdinstall.bin
[2012.09.20 07:56:22 | 000,079,590 | ---- | C] () -- C:\ProgramData\1348124145.bdinstall.bin
[2012.09.20 02:58:18 | 000,408,233 | ---- | C] () -- C:\ProgramData\1348105983.bdinstall.bin
[2012.09.19 11:57:40 | 000,000,134 | ---- | C] () -- C:\Windows\rootkitno.ini
[2012.09.17 21:28:34 | 000,573,836 | ---- | C] () -- C:\ProgramData\1347913332.bdinstall.bin
[2012.09.17 21:21:49 | 000,103,394 | ---- | C] () -- C:\ProgramData\1347913224.bdinstall.bin
[2012.09.17 15:11:28 | 000,239,057 | ---- | C] () -- C:\ProgramData\1347890415.bdinstall.bin
[2012.08.11 13:36:30 | 000,003,584 | ---- | C] () -- C:\Users\Mala Mi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.08.11 13:35:49 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012.08.11 12:36:47 | 009,877,626 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.06.28 12:09:46 | 000,213,369 | ---- | C] () -- C:\ProgramData\1340881649.bdinstall.bin
[2012.06.19 17:52:42 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2012.06.13 23:27:44 | 000,166,912 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2012.06.13 23:27:44 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2012.05.29 04:07:39 | 000,252,923 | ---- | C] () -- C:\ProgramData\1338260454.bdinstall.bin
[2012.05.09 13:22:17 | 000,351,893 | ---- | C] () -- C:\Windows\wininit.ini
[2012.05.08 09:41:21 | 000,007,636 | ---- | C] () -- C:\Users\Mala Mi\AppData\Local\Resmon.ResmonCfg
[2012.04.20 01:03:54 | 000,001,672 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2012.03.13 22:37:36 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012.03.13 22:37:30 | 000,026,961 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013.05.15 22:43:51 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\Ad-Aware Antivirus
[2013.09.13 08:22:11 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\Ashampoo
[2012.09.06 16:35:48 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\Broken Sword 2.5
[2013.08.30 11:24:08 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\Canneverbe Limited
[2013.08.18 18:34:54 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\DAEMON Tools Lite
[2013.08.16 12:25:57 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\DVDVideoSoft
[2013.08.16 12:26:12 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\DVDVideoSoftIEHelpers
[2013.07.20 10:44:25 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\eCyber
[2012.04.28 12:49:55 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\ICQ
[2012.04.27 15:06:49 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\ICQ Search
[2012.10.31 08:23:15 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\IObit
[2013.07.20 13:59:38 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\iSafe
[2012.11.24 20:59:34 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\Leadertech
[2012.04.22 03:56:46 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\MumboJumbo
[2013.05.27 05:25:02 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\Notepad++
[2013.08.18 20:01:10 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\OpenOffice
[2012.04.22 23:12:13 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\OpenOffice.org
[2013.09.12 21:30:30 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\Opera
[2013.09.12 21:35:54 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\Opera Software
[2012.06.23 21:12:39 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\PACE Anti-Piracy
[2012.04.22 22:24:53 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\PerformerSoft
[2012.12.25 22:51:06 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\ProtectDISC
[2013.08.05 12:01:43 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\QuickScan
[2013.07.16 04:59:40 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\Spotify
[2012.06.23 21:14:05 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012.09.03 17:56:00 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\Systweak
[2012.12.02 15:39:40 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\TeamViewer
[2012.12.14 20:07:12 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\TrueCrypt
[2013.08.18 20:13:14 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\TuneUp Software
[2012.05.09 02:49:55 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\Unity
[2013.11.07 11:15:56 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\UseNeXT
 
========== Purity Check ==========
 
 
 
========== Files - Unicode (All) ==========
[2013.10.26 21:58:58 | 103,214,166 | ---- | M] ()(C:\Windows\SysWow64\???A) -- C:\Windows\SysWow64\⧸⦇A
[2013.10.26 15:19:07 | 103,214,166 | ---- | C] ()(C:\Windows\SysWow64\???A) -- C:\Windows\SysWow64\⧸⦇A
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 1126 bytes -> C:\Users\Mala Mi\AppData\Local\Temp:nsawkMjiN1M9C5BpNYBSm

< End of report >
         
--- --- ---

Alt 07.02.2014, 15:10   #2
schrauber
/// the machine
/// TB-Ausbilder
 

OTLogfile Auswertung benötigt - Standard

OTLogfile Auswertung benötigt



Hi,

gibts Probleme mit dem Rechner?
__________________

__________________

Alt 08.02.2014, 01:50   #3
minimall
 
OTLogfile Auswertung benötigt - Standard

OTLogfile Auswertung benötigt



also: PC braucht lange zum hochfahren, Bildschirm bleibt manchmal einige Minuten lang schwarz, Adobe Flash-Plugin stürzt andauernd ab (Plugins sind aktuell), Firefox hängt sich auf und braucht ewig um manche Seiten zu laden, Rechner ist viel langsamer geworden und arbeitet deutlich lauter, macht komische Geräusche...rattert usw.
__________________

Alt 08.02.2014, 17:07   #4
schrauber
/// the machine
/// TB-Ausbilder
 

OTLogfile Auswertung benötigt - Standard

OTLogfile Auswertung benötigt



hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu OTLogfile Auswertung benötigt
adobe, adobe reader xi, avira, converter, desktop, dvdvideosoft ltd., error, flash player, format, google, homepage, iexplore.exe, install.exe, logfile, malware, mozilla, mp3, raccoon, realtek, registry, rundll, scan, security, server, software, tcp, udp, usb, windows




Ähnliche Themen: OTLogfile Auswertung benötigt


  1. OTLogfile Auswertung für weitere Schritte benötigt
    Log-Analyse und Auswertung - 06.12.2013 (10)
  2. OTL fix benötigt
    Log-Analyse und Auswertung - 07.06.2013 (28)
  3. GVU Bundes Trojaner NEU !!! HILFE ??? Auswertung Log.dateien benötigt
    Plagegeister aller Art und deren Bekämpfung - 28.01.2013 (11)
  4. Bundestrojaner "Verstoß gegen Gesetze der Bundesrep Dtschl" Log Auswertung benötigt!
    Log-Analyse und Auswertung - 01.10.2012 (9)
  5. (2x) Nach OTL und Malwarescan - was muss ich nun tun? log Auswertung benötigt!
    Mülltonne - 04.09.2012 (1)
  6. OTL logfile Auswertung benötigt.
    Log-Analyse und Auswertung - 03.07.2012 (8)
  7. "Achtung aus Sicherheitsgründen wurde ihr Windowssystem blockiert!" OTLogfile im Anhang
    Log-Analyse und Auswertung - 26.01.2012 (1)
  8. BKA fix benötigt
    Log-Analyse und Auswertung - 15.08.2011 (15)
  9. AntiVir meldet TR/Kazy.mekml.1, OTLogfile
    Log-Analyse und Auswertung - 29.04.2011 (10)
  10. OTL - OTLogfile by Oldtimer
    Anleitungen, FAQs & Links - 19.04.2010 (1)
  11. Google-leitet-weiter-Problem - HJT-Auswertung benötigt
    Log-Analyse und Auswertung - 14.07.2009 (8)
  12. Hilfe benötigt für eine Auswertung
    Mülltonne - 15.06.2008 (1)
  13. Auswertungshilfe benötigt
    Log-Analyse und Auswertung - 31.03.2008 (1)
  14. auswertung benötigt (pc ist ungemein langsam)
    Log-Analyse und Auswertung - 13.01.2008 (2)
  15. Auswertung benötigt
    Log-Analyse und Auswertung - 11.01.2008 (1)
  16. Hilfe bei Log-File-Auswertung benötigt
    Log-Analyse und Auswertung - 25.07.2006 (3)
  17. HJT Log File Auswertung. Hilfe benötigt
    Log-Analyse und Auswertung - 25.11.2004 (1)

Zum Thema OTLogfile Auswertung benötigt - OTL EXTRAS Logfile: OTL Logfile: Code: Alles auswählen Aufklappen ATTFilter OTL Extras logfile created on: 07.02.2014 13:05:36 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mala Mi\Downloads - OTLogfile Auswertung benötigt...
Archiv
Du betrachtest: OTLogfile Auswertung benötigt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.