minimall | 07.02.2014 14:04 | OTLogfile Auswertung benötigt OTL EXTRAS Logfile:
OTL Logfile: Code:
OTL Extras logfile created on: 07.02.2014 13:05:36 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mala Mi\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
15,97 Gb Total Physical Memory | 11,12 Gb Available Physical Memory | 69,66% Memory free
31,93 Gb Paging File | 27,09 Gb Available in Paging File | 84,84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1397,17 Gb Total Space | 1005,41 Gb Free Space | 71,96% Space Free | Partition Type: NTFS
Drive D: | 177,31 Gb Total Space | 133,18 Gb Free Space | 75,11% Space Free | Partition Type: NTFS
Computer Name: MONI-PC | User Name: Mala Mi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software)
[HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-21-2933857112-123260191-3042084646-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0FF49C0F-58C1-467E-8E24-3135939156F2}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{6EDC8652-73AF-4A23-9252-21A243BB8A45}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{8E8E90D9-03FF-4577-A2F5-D3234377BD7C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{94B52559-7F3E-4CF6-9969-BF983AF69FA9}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{FC770E0B-08A2-47FA-B438-F122B4B4CB24}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"TCP Query User{9DA93815-9DE8-4F8A-9337-DCD50E44580F}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{EF54007D-DB9B-491D-865C-35712943D338}C:\users\mala mi\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\mala mi\appdata\roaming\spotify\spotify.exe |
"UDP Query User{456F3A5D-D301-4C3C-A7C2-13DDA2D9D603}C:\users\mala mi\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\mala mi\appdata\roaming\spotify\spotify.exe |
"UDP Query User{513AB29A-BEE1-413A-BB11-A3414687FBC3}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417051FF}" = Java 7 Update 51 (64-bit)
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031" = Microsoft .NET Framework 4.5.1 (Deutsch)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.13.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.15.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.26.4
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C513739C-5F16-37B5-9ACF-99925FF1C1F3}" = Microsoft .NET Framework 4.5.1 (DEU)
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"CCleaner" = CCleaner
"sp6" = Logitech SetPoint 6.61
"WinRAR archiver" = WinRAR 4.11 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03D562B5-C4E2-4846-A920-33178788BE00}" = Windows Live Communications Platform
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0F929651-F516-4956-90F2-FFBD2CD5D30E}" = Photo Gallery
"{0FD66C6F-4023-4C74-AF8E-9B8B2053868E}" = Fotogalerie
"{0FF9CC94-EF23-401E-BDBD-37403D1A2B38}" = Windows Live SOXE Definitions
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{1C997E1C-5CE9-4AF3-AAA9-DC65E6090827}" = Microsoft Expression Blend SDK for Silverlight 4
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{23B93929-FAD4-40E5-96C6-0E977BB87204}" = Windows Live Essentials
"{256E7DAC-9BE8-494E-8DE7-7857BF96B774}" = Microsoft Expression Blend 3 SDK
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 51
"{3282FBE1-35FC-48D8-98CA-115A5EF1F9B4}" = NVIDIA PhysX
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{43430FA1-12BB-4D88-862E-4F1000008400}" = Resident Evil: Operation Raccoon City
"{45898170-E68C-4F02-AA35-C2186BF347A3}" = Movie Maker
"{49DC9658-D26A-4AAB-A83A-2655B8033056}" = Photo Common
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}" = Google Earth Plug-in
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{5A0EE0F0-E909-4F3B-B437-AAD9252427CB}" = Windows Live Installer
"{6066D3FE-3692-4449-A3C8-D1EAA2C0E9E7}" = Movie Maker
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B6923B9-8719-425B-916C-CD2908F31AAF}" = Windows Live SOXE
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{765BF404-2FEE-492B-9E7F-A55143796EF1}" = Geheimakte 3
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{875FD277-1D33-4321-BDD8-5D776DE81117}" = Windows Internet Explorer 10
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{91B33C97-0FBA-74AE-E802-D782F5C8AA89}_is1" = Ashampoo Burning Studio 2013 v.11.0.6
"{91B33C97-93EB-244C-F687-71D85E45A206}_is1" = Ashampoo Burning Studio 12 v.12.0.5
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9781A96F-71AC-4738-984B-5AB597DFE678}" = WER WIRD MILLIONÄR VIERTE EDITION
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B3A1C97-A361-463E-8817-444F9F88CDFE}" = Microsoft Expression Blend SDK for .NET 4
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A50DE037-B5C0-4C8A-8049-B0C576B313D1}" = Google+ Auto Backup
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB67580-257C-45FF-B8F4-C8C30682091A}_is1" = SIW version 2011.10.29
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.06) - Deutsch
"{AF6ECA04-F2CC-11D3-9D68-0020781864F1}" = International CueClub
"{B28DBCBA-60F8-40ED-B35B-F510C327946C}" = OpenOffice 4.0.0
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B829E117-D072-41EA-9606-9826A38D34C1}" = Sophos Virus Removal Tool
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{C6B0EE9E-2128-4448-B7AE-5E2B46E0F0E7}" = Windows Live Photo Common
"{CCC7C18E-1BEA-409F-B7A9-6C9740B99119}" = Windows Live UX Platform Language Pack
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam-Software
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3445598-4424-4EE2-B71C-C23325F7FB71}" = Windows Live PIMT Platform
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E58739-2B4C-498F-9B0D-FF0F2FD52B61}" = Windows Live UX Platform
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE)
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"33B31D6D-7EFB-45A3-AC50-4DAF98042443_is1" = The Book Of Unwritten Tales: Die Vieh Chroniken Version 1.2
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"AudibleManager" = AudibleManager
"AudioCS" = Creative Audio-Systemsteuerung
"Avira AntiVir Desktop" = Avira Free Antivirus
"Black Mirror III_is1" = Black Mirror III
"Broken Sword 2.5_is1" = Broken Sword 2.5
"Chronicles of Mystery/DE-German_is1" = Das Vermächtnis: Testament of Sin
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2011-11-11
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Sound Blaster Properties x64 Edition" = Creative Sound Blaster Properties x64 Edition
"CUE_CLUB" = CUE CLUB
"DAEMON Tools Lite" = DAEMON Tools Lite
"Deponia" = Deponia
"ffdshow_is1" = ffdshow v1.2.4475 [2012-07-12]
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.11.812
"Freemake Video Converter_is1" = Freemake Video Converter wersja 4.0.3
"Galileo Family Quiz - Spezial II" = Galileo Family Quiz - Spezial II
"HaaliMkx" = Haali Media Splitter
"IObit Malware Fighter_is1" = IObit Malware Fighter
"Luxor 5th Passage" = Luxor 5th Passage
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.75.0.1300
"Mozilla Firefox 26.0 (x86 de)" = Mozilla Firefox 26.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"Opera 19.0.1326.59" = Opera Stable 19.0.1326.59
"Pflanzen gegen Zombies" = Pflanzen gegen Zombies
"Picasa 3" = Picasa 3
"Saw" = Saw Game
"SDR2" = Schlag den Raab - Das 2. Spiel
"SDR3" = Schlag den Raab - Das 3. Spiel
"Security Task Manager" = Security Task Manager 1.8g
"Sophos-AntiRootkit" = Sophos Anti-Rootkit 1.5.0
"TeamViewer 8" = TeamViewer 8
"TrueCrypt" = TrueCrypt
"TuneUp Utilities 2013" = TuneUp Utilities 2013
"UseNeXT by Tangysoft_is1" = UseNeXT by Tangysoft
"VLC media player" = VLC media player 2.1.1
"WinLiveSuite" = Windows Live Essentials
"xp-AntiSpy" = xp-AntiSpy 3.98-2
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2933857112-123260191-3042084646-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 22.08.2013 15:19:27 | Computer Name = Moni-PC | Source = WinMgmt | ID = 10
Description =
Error - 23.08.2013 10:25:38 | Computer Name = Moni-PC | Source = WinMgmt | ID = 10
Description =
Error - 24.08.2013 07:43:19 | Computer Name = Moni-PC | Source = WinMgmt | ID = 10
Description =
Error - 25.08.2013 08:39:13 | Computer Name = Moni-PC | Source = WinMgmt | ID = 10
Description =
Error - 27.08.2013 07:14:21 | Computer Name = Moni-PC | Source = WinMgmt | ID = 10
Description =
Error - 28.08.2013 04:06:48 | Computer Name = Moni-PC | Source = WinMgmt | ID = 10
Description =
Error - 28.08.2013 10:04:14 | Computer Name = Moni-PC | Source = WinMgmt | ID = 10
Description =
Error - 29.08.2013 09:00:55 | Computer Name = Moni-PC | Source = WinMgmt | ID = 10
Description =
Error - 29.08.2013 13:44:40 | Computer Name = Moni-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567,
Zeitstempel: 0x4d672ee4 Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.1.7601.18103,
Zeitstempel: 0x512d9f39 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000000000005055a
ID
des fehlerhaften Prozesses: 0x6dc Startzeit der fehlerhaften Anwendung: 0x01cea4b989e1dfd9
Pfad
der fehlerhaften Anwendung: C:\Windows\Explorer.EXE Pfad des fehlerhaften Moduls:
C:\Windows\system32\SHELL32.dll Berichtskennung: adabbb4b-10d2-11e3-95d5-5404a6efb57a
Error - 30.08.2013 02:32:25 | Computer Name = Moni-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 05.02.2014 08:43:14 | Computer Name = Moni-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "sbapifs" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 05.02.2014 19:27:11 | Computer Name = Moni-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "sbapifs" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 06.02.2014 03:50:00 | Computer Name = Moni-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "sbapifs" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 06.02.2014 04:27:22 | Computer Name = Moni-PC | Source = Microsoft-Windows-Kernel-General | ID = 5
Description =
Error - 06.02.2014 04:28:05 | Computer Name = Moni-PC | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie auf dem Volume "\Device\HarddiskVolumeShadowCopy8" den Befehl "chkdsk" aus.
Error - 06.02.2014 04:28:29 | Computer Name = Moni-PC | Source = Microsoft-Windows-Kernel-General | ID = 5
Description =
Error - 06.02.2014 04:29:05 | Computer Name = Moni-PC | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie auf dem Volume "\Device\HarddiskVolumeShadowCopy7" den Befehl "chkdsk" aus.
Error - 07.02.2014 03:31:44 | Computer Name = Moni-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "sbapifs" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 07.02.2014 03:33:17 | Computer Name = Moni-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Spybot-S&D 2 Scanner Service erreicht.
Error - 07.02.2014 03:33:17 | Computer Name = Moni-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1053
< End of report > --- --- ---
--- --- ---
OTL Logfile: Code:
OTL logfile created on: 07.02.2014 13:05:36 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mala Mi\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
15,97 Gb Total Physical Memory | 11,12 Gb Available Physical Memory | 69,66% Memory free
31,93 Gb Paging File | 27,09 Gb Available in Paging File | 84,84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1397,17 Gb Total Space | 1005,41 Gb Free Space | 71,96% Space Free | Partition Type: NTFS
Drive D: | 177,31 Gb Total Space | 133,18 Gb Free Space | 75,11% Space Free | Partition Type: NTFS
Computer Name: MONI-PC | User Name: Mala Mi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - File not found
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\TuneUp Utilities 2013\Integrator.exe (TuneUp Software)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
========== Modules (No Company Name) ==========
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\TuneUp Utilities 2013\libcef.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (TeamViewer8) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (LBTServ) -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (!SASCORE) -- C:\Programme\SUPERAntiSpyware\SASCore64.exe (SUPERAntiSpyware.com)
SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (CTAudSvcService) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
========== Driver Services (SafeList) ==========
DRV:64bit: - (esgiguard) -- C:\PROGRAM FILES\ENIGMA SOFTWARE GROUP\SPYHUNTER\esgiguard.sys File not found
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LEqdUsb) -- C:\Windows\SysNative\drivers\LEqdUsb.sys (Logitech, Inc.)
DRV:64bit: - (LHidEqd) -- C:\Windows\SysNative\drivers\LHidEqd.sys (Logitech, Inc.)
DRV:64bit: - (gfibto) -- C:\Windows\SysNative\drivers\gfibto.sys (GFI Software)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys (Duplex Secure Ltd.)
DRV:64bit: - (truecrypt) -- C:\Windows\SysNative\drivers\truecrypt.sys (TrueCrypt Foundation)
DRV:64bit: - (CompFilter64) -- C:\Windows\SysNative\drivers\lvbflt64.sys (Logitech Inc.)
DRV:64bit: - (LVUVC64) -- C:\Windows\SysNative\drivers\LVUVC64.sys (Logitech Inc.)
DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (asmtxhci) -- C:\Windows\SysNative\drivers\asmtxhci.sys (ASMedia Technology Inc)
DRV:64bit: - (asmthub3) -- C:\Windows\SysNative\drivers\asmthub3.sys (ASMedia Technology Inc)
DRV:64bit: - (ssadmdm) -- C:\Windows\SysNative\drivers\ssadmdm.sys (MCCI Corporation)
DRV:64bit: - (ssadbus) -- C:\Windows\SysNative\drivers\ssadbus.sys (MCCI Corporation)
DRV:64bit: - (ssadmdfl) -- C:\Windows\SysNative\drivers\ssadmdfl.sys (MCCI Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (tsusbhub) -- C:\Windows\SysNative\drivers\tsusbhub.sys (Microsoft Corporation)
DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (P17) -- C:\Windows\SysNative\drivers\P17.sys (Creative Technology Ltd.)
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (MEMSWEEP2) -- C:\Windows\SysNative\650E.tmp (Sophos Plc)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (SASDIFSV) -- C:\Programme\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Programme\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0191A6B0-1154-4C22-9182-23A95BBE92D9}
IE:64bit: - HKLM\..\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}: "URL" = hxxp://www.google.com/search?q={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0191A6B0-1154-4C22-9182-23A95BBE92D9}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=7e7272e0-5843-45b7-a463-8e1f0d20c653&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKLM\..\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}: "URL" = hxxp://www.google.com/search?q={searchTerms}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2933857112-123260191-3042084646-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = about:blank [binary data]
IE - HKU\S-1-5-21-2933857112-123260191-3042084646-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2933857112-123260191-3042084646-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
IE - HKU\S-1-5-21-2933857112-123260191-3042084646-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2933857112-123260191-3042084646-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-2933857112-123260191-3042084646-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D8 23 A4 E5 F5 5C CD 01 [binary data]
IE - HKU\S-1-5-21-2933857112-123260191-3042084646-1000\..\SearchScopes,DefaultScope = {35436CE0-E4FC-49F0-95C5-F39E66DFACE8}
IE - HKU\S-1-5-21-2933857112-123260191-3042084646-1000\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
IE - HKU\S-1-5-21-2933857112-123260191-3042084646-1000\..\SearchScopes\{2B883C7E-1F59-4886-9679-257EF88BF625}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}
IE - HKU\S-1-5-21-2933857112-123260191-3042084646-1000\..\SearchScopes\{35436CE0-E4FC-49F0-95C5-F39E66DFACE8}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-2933857112-123260191-3042084646-1000\..\SearchScopes\{68AFAB6F-DABF-40F1-91BF-251E8A12F8A1}: "URL" = hxxp://www.computerbild.de/suche/index.html?s_text={searchTerms}
IE - HKU\S-1-5-21-2933857112-123260191-3042084646-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={sear
IE - HKU\S-1-5-21-2933857112-123260191-3042084646-1000\..\SearchScopes\{9C3B3989-561F-47C3-9A31-EC00EF307A05}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2933857112-123260191-3042084646-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2933857112-123260191-3042084646-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ==========
FF - prefs.js..browser.search.order.1: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "chrome://fvd.speeddial/content/fvd_about_blank.html"
FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.5.5
FF - prefs.js..extensions.enabledAddons: openlinkintab%40piro.sakura.ne.jp:0.1.2013100801
FF - prefs.js..extensions.enabledAddons: YouTubeAutoReplay%40arikv.com:2.88
FF - prefs.js..extensions.enabledAddons: https-everywhere%40eff.org:3.4.5
FF - prefs.js..extensions.enabledAddons: %7B62760FD6-B943-48C9-AB09-F99C6FE96088%7D:3.0.2.0
FF - prefs.js..extensions.enabledAddons: tiletabs%40DW-dev:11.0
FF - prefs.js..extensions.enabledAddons: %7B19503e42-ca3c-4c27-b1e2-9cdb2170ee34%7D:1.5.5.96
FF - prefs.js..extensions.enabledAddons: pavel.sherbakov%40gmail.com:4.6.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDAPP\CCM\Utilities\npAdobeAAMDetect64.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@protectdisc.com/NPMPDRM: C:\Program Files (x86)\Common Files\mpDRM\Binaries\NPMPDRM.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Mala Mi\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Mala Mi\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ [2013.08.16 12:26:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmconverter@gmail.com: C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2013.08.16 11:11:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F003DA68-8256-4b37-A6C4-350FA04494DF}: C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013.08.18 20:22:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
[2013.03.24 20:19:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mala Mi\AppData\Roaming\mozilla\Extensions
[2014.02.03 13:36:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mala Mi\AppData\Roaming\mozilla\Firefox\Profiles\czdufkyf.default\extensions
[2014.01.23 13:09:14 | 000,000,000 | ---D | M] (FT DeepDark) -- C:\Users\Mala Mi\AppData\Roaming\mozilla\Firefox\Profiles\czdufkyf.default\extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66}
[2013.08.27 12:25:49 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Mala Mi\AppData\Roaming\mozilla\Firefox\Profiles\czdufkyf.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2014.01.23 13:09:22 | 000,000,000 | ---D | M] ("Flash Video Downloader") -- C:\Users\Mala Mi\AppData\Roaming\mozilla\Firefox\Profiles\czdufkyf.default\extensions\artur.dubovoy@gmail.com
[2014.01.12 18:14:04 | 000,000,000 | ---D | M] (HTTPS-Everywhere) -- C:\Users\Mala Mi\AppData\Roaming\mozilla\Firefox\Profiles\czdufkyf.default\extensions\https-everywhere@eff.org
[2013.12.11 19:39:07 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Mala Mi\AppData\Roaming\mozilla\Firefox\Profiles\czdufkyf.default\extensions\ich@maltegoetz.de
[2014.01.31 16:43:53 | 000,000,000 | ---D | M] ("FVD Speed Dial with Full Online Sync") -- C:\Users\Mala Mi\AppData\Roaming\mozilla\Firefox\Profiles\czdufkyf.default\extensions\pavel.sherbakov@gmail.com
[2013.10.20 21:09:24 | 000,103,613 | ---- | M] () (No name found) -- C:\Users\Mala Mi\AppData\Roaming\mozilla\firefox\profiles\czdufkyf.default\extensions\openlinkintab@piro.sakura.ne.jp.xpi
[2014.01.31 14:46:42 | 000,129,516 | ---- | M] () (No name found) -- C:\Users\Mala Mi\AppData\Roaming\mozilla\firefox\profiles\czdufkyf.default\extensions\tiletabs@DW-dev.xpi
[2012.10.26 19:03:29 | 000,060,290 | ---- | M] () (No name found) -- C:\Users\Mala Mi\AppData\Roaming\mozilla\firefox\profiles\czdufkyf.default\extensions\translator@zoli.bod.xpi
[2013.10.12 22:25:43 | 000,001,552 | ---- | M] () (No name found) -- C:\Users\Mala Mi\AppData\Roaming\mozilla\firefox\profiles\czdufkyf.default\extensions\unseen@tangrs.xpi
[2013.11.18 11:35:04 | 000,015,095 | ---- | M] () (No name found) -- C:\Users\Mala Mi\AppData\Roaming\mozilla\firefox\profiles\czdufkyf.default\extensions\YouTubeAutoReplay@arikv.com.xpi
[2014.01.31 16:43:51 | 000,384,324 | ---- | M] () (No name found) -- C:\Users\Mala Mi\AppData\Roaming\mozilla\firefox\profiles\czdufkyf.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
[2014.01.23 13:09:47 | 000,931,920 | ---- | M] () (No name found) -- C:\Users\Mala Mi\AppData\Roaming\mozilla\firefox\profiles\czdufkyf.default\extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}.xpi
[2014.01.24 13:09:07 | 000,536,213 | ---- | M] () (No name found) -- C:\Users\Mala Mi\AppData\Roaming\mozilla\firefox\profiles\czdufkyf.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2014.01.01 15:41:34 | 000,152,142 | ---- | M] () (No name found) -- C:\Users\Mala Mi\AppData\Roaming\mozilla\firefox\profiles\czdufkyf.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
[2014.01.23 13:09:13 | 000,940,775 | ---- | M] () (No name found) -- C:\Users\Mala Mi\AppData\Roaming\mozilla\firefox\profiles\czdufkyf.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.03.05 22:15:39 | 000,001,504 | ---- | M] () -- C:\Users\Mala Mi\AppData\Roaming\mozilla\firefox\profiles\czdufkyf.default\searchplugins\imdb.xml
[2012.07.10 21:32:23 | 000,004,140 | ---- | M] () -- C:\Users\Mala Mi\AppData\Roaming\mozilla\firefox\profiles\czdufkyf.default\searchplugins\youtube.xml
[2013.09.13 03:40:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2014.01.01 15:52:52 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
O1 HOSTS File: ([2013.07.20 08:20:50 | 000,003,036 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 secure.tuneup.com
O1 - Hosts: 127.0.0.1 secure.tune-up.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 192.150.14.69
O1 - Hosts: 127.0.0.1 192.150.18.101
O1 - Hosts: 127.0.0.1 192.150.18.108
O1 - Hosts: 127.0.0.1 192.150.22.40
O1 - Hosts: 127.0.0.1 192.150.8.100
O1 - Hosts: 127.0.0.1 192.150.8.118
O1 - Hosts: 127.0.0.1 209-34-83-73.ood.opsource.net
O1 - Hosts: 127.0.0.1 3dns-1.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-4.adobe.com
O1 - Hosts: 127.0.0.1 3dns.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 46 more lines...
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Programme\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Programme\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKU\S-1-5-21-2933857112-123260191-3042084646-1006..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2933857112-123260191-3042084646-1006..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-21-2933857112-123260191-3042084646-1000\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-21-2933857112-123260191-3042084646-1000\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-21-2933857112-123260191-3042084646-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2933857112-123260191-3042084646-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-2933857112-123260191-3042084646-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O7 - HKU\S-1-5-21-2933857112-123260191-3042084646-1006\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-21-2933857112-123260191-3042084646-1006\Software\Policies\Microsoft\Internet Explorer\restrictions present
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm ()
O9:64bit: - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
O9:64bit: - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab (Java Plug-in 10.51.2)
O16 - DPF: {CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab (Java Plug-in 1.7.0_10)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab (Java Plug-in 10.51.2)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab (Creative Software AutoUpdate 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BD735716-763A-444D-A777-88DF67FB2AE2}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O20 - Winlogon\Notify\LBTWlgn: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\AcroRd32.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\adobe air application installer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\adobe audition.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\adobe extension manager cs5.5.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\adobe extension manager cs6.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\afterfx.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\ccleaner64.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\devicecentral.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\extendscript toolkit.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\illustrator.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\nvstlink.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\nvstview.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\pdapp.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\pixel bender toolkit.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\skype.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\switchboard.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\teamviewer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\uninst.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\AcroRd32.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\adobe air application installer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\adobe audition.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\adobe extension manager cs5.5.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\adobe extension manager cs6.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\afterfx.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\ccleaner64.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\devicecentral.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\extendscript toolkit.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\illustrator.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\nvstlink.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\nvstview.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\pdapp.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\pixel bender toolkit.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\skype.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\switchboard.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\teamviewer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\uninst.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.07.20 10:08:05 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{602b05cf-a233-11e2-aafa-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{602b05cf-a233-11e2-aafa-806e6f6e6963}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL hxxp://www.ultimatebootcd.com/
O34 - HKLM BootExecute: (VLw⁶ᴆ‰耀 ><_⁹ᴆ‰耀
wDX⁸ᴆ‰耀bTq⁻ᴆ‰耀A..⁺ᴆ‰耀
and⁽ᴆ‰耀Lqy⁼ᴆ‰耀Ru3ⁿᴆ‰耀nuB⁾ᴆ‰耀N3X₁ᴆ‰耀JOY₀ᴆ‰耀M."₃ᴆ‰耀="_₂ᴆ‰耀UuQ₅ᴆ‰耀kHS₄ᴆ‰耀2Ke₇ᴆ‰耀-Lm₆ᴆ‰耀5yB₉ᴆ‰耀jYh₈ᴆ‰耀wCF₋ᴆ‰耀tjy₊ᴆ‰耀ren₍ᴆ‰耀"_G₌ᴆ‰耀JD3ᴆ‰耀 PCo₎ᴆ‰耀!.."ₑᴆ‰耀"helₐᴆ‰耀#qyDₓᴆ‰耀$0vkₒᴆ‰耀%4SGₕᴆ‰耀& waₔᴆ‰耀'untₗᴆ‰耀(_7Jₖᴆ‰耀)jEQₙᴆ‰耀*wNGₘᴆ‰耀+/><ₛᴆ‰耀,_XVₚᴆ‰耀-VyGᴆ‰耀.hQ.ₜᴆ‰耀/t="ᴆ‰耀0oSLᴆ‰耀1X98₡ᴆ‰耀2UQ.₠ᴆ‰耀3<_5₣ᴆ‰耀4V_b₢ᴆ‰耀5Gql₥ᴆ‰耀6.. ₤ᴆ‰耀7="_₧ᴆ‰耀8j_r₦ᴆ‰耀98im₩ᴆ‰耀:w..₨ᴆ‰耀;_hF₫ᴆ‰耀<vkz₪ᴆ‰耀=5bc₭ᴆ‰耀. condition꿑༝㽤ࠂᖴ,)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\.DEFAULT\...exe [@ = exefile] -- Reg Error: Key error. File not found
O37 - HKU\S-1-5-18\...exe [@ = exefile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014.02.07 11:48:02 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Mala Mi\Desktop\OTL.exe
[2014.02.07 10:06:10 | 000,000,000 | ---D | C] -- C:\Users\Mala Mi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
[2014.02.07 09:58:58 | 000,312,744 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2014.02.07 09:58:52 | 000,189,352 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2014.02.07 09:58:52 | 000,189,352 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2014.02.07 09:58:52 | 000,108,968 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2014.02.07 09:58:48 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2014.01.31 18:45:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2014.01.31 14:52:09 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014.01.23 13:31:11 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2014.01.23 13:31:11 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2014.01.23 13:31:09 | 000,376,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2014.01.23 13:30:10 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014.01.23 13:30:05 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014.01.23 13:30:05 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014.01.23 13:30:05 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.05.27 05:29:06 | 001,178,624 | ---- | C] (CPUID) -- C:\Users\Mala Mi\AppData\Roaming\siw_sdk.dll
[23 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014.02.07 13:07:02 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.02.07 12:18:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.02.07 11:48:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mala Mi\Desktop\OTL.exe
[2014.02.07 11:07:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.02.07 10:55:07 | 000,007,636 | ---- | M] () -- C:\Users\Mala Mi\AppData\Local\Resmon.ResmonCfg
[2014.02.07 10:20:24 | 000,026,352 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.02.07 10:20:24 | 000,026,352 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.02.07 10:11:09 | 009,877,626 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014.02.07 10:11:09 | 000,737,390 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
[2014.02.07 10:11:09 | 000,732,292 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2014.02.07 10:11:09 | 000,731,980 | ---- | M] () -- C:\Windows\SysNative\perfh010.dat
[2014.02.07 10:11:09 | 000,716,534 | ---- | M] () -- C:\Windows\SysNative\perfh019.dat
[2014.02.07 10:11:09 | 000,699,432 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2014.02.07 10:11:09 | 000,682,558 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2014.02.07 10:11:09 | 000,675,688 | ---- | M] () -- C:\Windows\SysNative\perfh00E.dat
[2014.02.07 10:11:09 | 000,660,774 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014.02.07 10:11:09 | 000,654,270 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.02.07 10:11:09 | 000,648,616 | ---- | M] () -- C:\Windows\SysNative\perfh01F.dat
[2014.02.07 10:11:09 | 000,501,348 | ---- | M] () -- C:\Windows\SysNative\perfh006.dat
[2014.02.07 10:11:09 | 000,470,948 | ---- | M] () -- C:\Windows\SysNative\perfh001.dat
[2014.02.07 10:11:09 | 000,420,358 | ---- | M] () -- C:\Windows\SysNative\perfh012.dat
[2014.02.07 10:11:09 | 000,171,272 | ---- | M] () -- C:\Windows\SysNative\perfc00E.dat
[2014.02.07 10:11:09 | 000,158,472 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
[2014.02.07 10:11:09 | 000,155,870 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2014.02.07 10:11:09 | 000,150,840 | ---- | M] () -- C:\Windows\SysNative\perfc019.dat
[2014.02.07 10:11:09 | 000,149,572 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2014.02.07 10:11:09 | 000,146,844 | ---- | M] () -- C:\Windows\SysNative\perfc010.dat
[2014.02.07 10:11:09 | 000,141,424 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014.02.07 10:11:09 | 000,139,998 | ---- | M] () -- C:\Windows\SysNative\perfc01F.dat
[2014.02.07 10:11:09 | 000,130,230 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2014.02.07 10:11:09 | 000,122,142 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.02.07 10:11:09 | 000,120,382 | ---- | M] () -- C:\Windows\SysNative\perfc012.dat
[2014.02.07 10:11:09 | 000,098,656 | ---- | M] () -- C:\Windows\SysNative\perfc006.dat
[2014.02.07 10:11:09 | 000,094,770 | ---- | M] () -- C:\Windows\SysNative\perfc001.dat
[2014.02.07 10:10:59 | 009,877,626 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.02.07 10:07:16 | 001,178,624 | ---- | M] (CPUID) -- C:\Users\Mala Mi\AppData\Roaming\siw_sdk.dll
[2014.02.07 09:58:49 | 000,312,744 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2014.02.07 09:58:49 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2014.02.07 09:58:49 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2014.02.07 09:58:49 | 000,108,968 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2014.02.07 09:49:11 | 000,028,520 | ---- | M] () -- C:\Users\Mala Mi\Desktop\alc.PNG
[2014.02.07 09:34:50 | 000,027,658 | ---- | M] () -- C:\Users\Mala Mi\Desktop\procesy.PNG
[2014.02.07 08:31:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.02.05 16:18:05 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014.02.05 16:18:05 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014.01.28 09:35:58 | 000,035,640 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2014.01.28 09:35:50 | 000,038,200 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2014.01.28 09:35:50 | 000,030,520 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2014.01.28 09:35:50 | 000,026,936 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2014.01.28 09:35:50 | 000,022,328 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2014.01.23 23:25:39 | 004,914,128 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014.01.23 14:25:02 | 000,068,799 | ---- | M] () -- C:\Users\Mala Mi\Desktop\7537_772270226136225_959847539_n.jpg
[2014.01.23 14:21:00 | 000,042,957 | ---- | M] () -- C:\Users\Mala Mi\Desktop\148614_772321072797807_213943924_n.jpg
[2014.01.23 14:20:06 | 000,061,226 | ---- | M] () -- C:\Users\Mala Mi\Desktop\1555315_451950561594498_199197272_n.jpg
[2014.01.23 14:20:00 | 000,032,839 | ---- | M] () -- C:\Users\Mala Mi\Desktop\558256_767068439989190_711166395_n.jpg
[23 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014.02.07 09:49:11 | 000,028,520 | ---- | C] () -- C:\Users\Mala Mi\Desktop\alc.PNG
[2014.02.07 09:34:50 | 000,027,658 | ---- | C] () -- C:\Users\Mala Mi\Desktop\procesy.PNG
[2014.01.23 14:25:02 | 000,068,799 | ---- | C] () -- C:\Users\Mala Mi\Desktop\7537_772270226136225_959847539_n.jpg
[2014.01.23 14:21:00 | 000,042,957 | ---- | C] () -- C:\Users\Mala Mi\Desktop\148614_772321072797807_213943924_n.jpg
[2014.01.23 14:20:06 | 000,061,226 | ---- | C] () -- C:\Users\Mala Mi\Desktop\1555315_451950561594498_199197272_n.jpg
[2014.01.23 14:20:00 | 000,032,839 | ---- | C] () -- C:\Users\Mala Mi\Desktop\558256_767068439989190_711166395_n.jpg
[2013.09.18 14:20:57 | 000,234,224 | ---- | C] () -- C:\ProgramData\1379510315.bdinstall.bin
[2013.08.09 18:08:02 | 000,839,680 | ---- | C] () -- C:\ProgramData\1376065669.bdinstall.bin
[2013.06.14 11:56:01 | 000,426,243 | ---- | C] () -- C:\ProgramData\1371207065.bdinstall.bin
[2013.06.14 11:46:54 | 000,059,010 | ---- | C] () -- C:\ProgramData\1371206791.bdinstall.bin
[2013.06.14 11:45:45 | 000,233,169 | ---- | C] () -- C:\ProgramData\1371206623.bdinstall.bin
[2013.06.14 11:34:42 | 000,515,921 | ---- | C] () -- C:\ProgramData\1371205505.bdinstall.bin
[2013.05.26 19:40:07 | 000,000,680 | RHS- | C] () -- C:\Users\Mala Mi\ntuser.pol
[2013.05.16 14:51:32 | 000,485,233 | ---- | C] () -- C:\ProgramData\1368711765.bdinstall.bin
[2013.05.16 14:48:21 | 000,058,728 | ---- | C] () -- C:\ProgramData\1368712098.bdinstall.bin
[2013.05.16 14:46:48 | 000,058,728 | ---- | C] () -- C:\ProgramData\1368712005.bdinstall.bin
[2013.05.11 21:56:23 | 000,516,264 | ---- | C] () -- C:\ProgramData\1368305217.bdinstall.bin
[2013.05.06 18:09:08 | 000,472,377 | ---- | C] () -- C:\ProgramData\1367859660.bdinstall.bin
[2013.05.05 17:04:55 | 000,059,018 | ---- | C] () -- C:\ProgramData\1367769891.bdinstall.bin
[2013.05.05 15:52:56 | 000,067,754 | ---- | C] () -- C:\ProgramData\1367765573.1232.bin
[2013.05.05 15:52:56 | 000,002,300 | ---- | C] () -- C:\ProgramData\1367765573.196.bin
[2013.05.05 15:52:56 | 000,002,253 | ---- | C] () -- C:\ProgramData\1367765573.1320.bin
[2013.05.05 15:52:53 | 000,078,216 | ---- | C] () -- C:\ProgramData\1367765573.2500.bin
[2013.05.05 15:44:47 | 000,007,813 | ---- | C] () -- C:\ProgramData\1367765082.2292.bin
[2013.05.05 15:44:47 | 000,002,253 | ---- | C] () -- C:\ProgramData\1367765082.2296.bin
[2013.05.05 15:44:47 | 000,001,417 | ---- | C] () -- C:\ProgramData\1367765082.1172.bin
[2013.05.05 15:44:42 | 000,077,856 | ---- | C] () -- C:\ProgramData\1367765082.2692.bin
[2013.05.05 15:41:53 | 000,417,104 | ---- | C] () -- C:\ProgramData\1367760645.bdinstall.bin
[2013.05.05 14:30:45 | 000,075,580 | ---- | C] () -- C:\ProgramData\1367760644.bdinstall.bin
[2013.01.22 12:45:12 | 000,000,132 | ---- | C] () -- C:\Users\Mala Mi\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012.12.14 19:15:51 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\mslck.dat
[2012.12.14 19:12:34 | 000,000,032 | ---- | C] () -- C:\Windows\SysWow64\Mlkf.dll
[2012.12.14 19:08:29 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\fldlckun.exe
[2012.09.21 20:08:36 | 010,919,784 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012.09.21 20:08:36 | 000,338,136 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012.09.21 20:08:36 | 000,103,272 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2012.09.20 08:18:35 | 000,567,773 | ---- | C] () -- C:\ProgramData\1348124937.bdinstall.bin
[2012.09.20 08:05:37 | 000,051,289 | ---- | C] () -- C:\ProgramData\1348124726.bdinstall.bin
[2012.09.20 08:05:23 | 000,325,326 | ---- | C] () -- C:\ProgramData\1348124655.bdinstall.bin
[2012.09.20 08:00:43 | 000,206,857 | ---- | C] () -- C:\ProgramData\1348124189.bdinstall.bin
[2012.09.20 07:56:22 | 000,079,590 | ---- | C] () -- C:\ProgramData\1348124145.bdinstall.bin
[2012.09.20 02:58:18 | 000,408,233 | ---- | C] () -- C:\ProgramData\1348105983.bdinstall.bin
[2012.09.19 11:57:40 | 000,000,134 | ---- | C] () -- C:\Windows\rootkitno.ini
[2012.09.17 21:28:34 | 000,573,836 | ---- | C] () -- C:\ProgramData\1347913332.bdinstall.bin
[2012.09.17 21:21:49 | 000,103,394 | ---- | C] () -- C:\ProgramData\1347913224.bdinstall.bin
[2012.09.17 15:11:28 | 000,239,057 | ---- | C] () -- C:\ProgramData\1347890415.bdinstall.bin
[2012.08.11 13:36:30 | 000,003,584 | ---- | C] () -- C:\Users\Mala Mi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.08.11 13:35:49 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012.08.11 12:36:47 | 009,877,626 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.06.28 12:09:46 | 000,213,369 | ---- | C] () -- C:\ProgramData\1340881649.bdinstall.bin
[2012.06.19 17:52:42 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2012.06.13 23:27:44 | 000,166,912 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2012.06.13 23:27:44 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2012.05.29 04:07:39 | 000,252,923 | ---- | C] () -- C:\ProgramData\1338260454.bdinstall.bin
[2012.05.09 13:22:17 | 000,351,893 | ---- | C] () -- C:\Windows\wininit.ini
[2012.05.08 09:41:21 | 000,007,636 | ---- | C] () -- C:\Users\Mala Mi\AppData\Local\Resmon.ResmonCfg
[2012.04.20 01:03:54 | 000,001,672 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2012.03.13 22:37:36 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012.03.13 22:37:30 | 000,026,961 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013.05.15 22:43:51 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\Ad-Aware Antivirus
[2013.09.13 08:22:11 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\Ashampoo
[2012.09.06 16:35:48 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\Broken Sword 2.5
[2013.08.30 11:24:08 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\Canneverbe Limited
[2013.08.18 18:34:54 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\DAEMON Tools Lite
[2013.08.16 12:25:57 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\DVDVideoSoft
[2013.08.16 12:26:12 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\DVDVideoSoftIEHelpers
[2013.07.20 10:44:25 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\eCyber
[2012.04.28 12:49:55 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\ICQ
[2012.04.27 15:06:49 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\ICQ Search
[2012.10.31 08:23:15 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\IObit
[2013.07.20 13:59:38 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\iSafe
[2012.11.24 20:59:34 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\Leadertech
[2012.04.22 03:56:46 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\MumboJumbo
[2013.05.27 05:25:02 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\Notepad++
[2013.08.18 20:01:10 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\OpenOffice
[2012.04.22 23:12:13 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\OpenOffice.org
[2013.09.12 21:30:30 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\Opera
[2013.09.12 21:35:54 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\Opera Software
[2012.06.23 21:12:39 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\PACE Anti-Piracy
[2012.04.22 22:24:53 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\PerformerSoft
[2012.12.25 22:51:06 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\ProtectDISC
[2013.08.05 12:01:43 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\QuickScan
[2013.07.16 04:59:40 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\Spotify
[2012.06.23 21:14:05 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012.09.03 17:56:00 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\Systweak
[2012.12.02 15:39:40 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\TeamViewer
[2012.12.14 20:07:12 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\TrueCrypt
[2013.08.18 20:13:14 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\TuneUp Software
[2012.05.09 02:49:55 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\Unity
[2013.11.07 11:15:56 | 000,000,000 | ---D | M] -- C:\Users\Mala Mi\AppData\Roaming\UseNeXT
========== Purity Check ==========
========== Files - Unicode (All) ==========
[2013.10.26 21:58:58 | 103,214,166 | ---- | M] ()(C:\Windows\SysWow64\???A) -- C:\Windows\SysWow64\⧸⦇A
[2013.10.26 15:19:07 | 103,214,166 | ---- | C] ()(C:\Windows\SysWow64\???A) -- C:\Windows\SysWow64\⧸⦇A
========== Alternate Data Streams ==========
@Alternate Data Stream - 1126 bytes -> C:\Users\Mala Mi\AppData\Local\Temp:nsawkMjiN1M9C5BpNYBSm
< End of report > --- --- --- |