Windows 7 - Windowsupdate beschädigt, einige Malwarefunde bzw. Verdacht

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 22:21 on 15/02/2014 (ml)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
HKCU:AlcoholAutomount -> Removed

Checking for services/drivers...
Unable to read sptd.sys
SPTD -> Disabled (Service running -> reboot required)


-=E.O.F=-
         

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-02-2014 01
Ran by ml (administrator) on ATLAN on 15-02-2014 22:30:58
Running from C:\Users\ml\Desktop\logs
Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
() C:\Program Files\AMD\OverDrive\AODAssist.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
(Teruten) C:\Windows\system32\FsUsbExService.Exe
() C:\ProgramData\HiSuiteOuc\HiSuiteOuc.exe
() C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(NVIDIA) C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
() C:\Windows\system32\PnkBstrA.exe
() C:\Windows\system32\PnkBstrB.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(StarWind Software) C:\Program Files\alcohol\StarWind\StarWindServiceAE.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(NVIDIA) C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe
(Uniblue Systems Limited) C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Creative Technology Ltd.) C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
(Creative Technology Ltd) C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
(Creative Technology Ltd) C:\Windows\System32\CTHELPER.EXE
(Saitek) C:\Program Files\Saitek\SD6\Software\SaiMfd.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
(Corsair Components  Inc) C:\Maus_M90\M90Hid.exe
(Creative Technology Ltd) C:\Windows\SYSTEM32\CTXFISPI.EXE
(Creative Technology Ltd) C:\Program Files\Creative\Sound Blaster X-Fi\Entertainment Center\EAXLoadr.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Creative Technology Ltd) C:\Windows\System32\Ctxfihlp.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\Pando Networks\Media Booster\PMB.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Creative Technology Ltd) C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe
() C:\Program Files\HiSuite\HiSuite.exe
() C:\Users\ml\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Corsair Components  Inc) C:\Maus_M90\CorsTra.exe
(Creative Technology Ltd.) C:\Program Files\Creative\ShareDLL\CADI\NotiMan.exe
() C:\Users\ml\AppData\Local\HiSuite\userdata\hwtools\hwtransport.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RCSystem] - C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe [57344 2006-11-22] (Creative Technology Ltd.)
HKLM\...\Run: [AudioDrvEmulator] - C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe [57344 2006-11-22] (Creative Technology Ltd.)
HKLM\...\Run: [VolPanel] - C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [180224 2006-12-06] (Creative Technology Ltd)
HKLM\...\Run: [CTHelper] - C:\Windows\system32\CTHELPER.EXE [19456 2007-03-05] (Creative Technology Ltd)
HKLM\...\Run: [UpdReg] - C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM\...\Run: [AdobeCS4ServiceManager] - C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM\...\Run: [ProfilerU] - C:\Program Files\Saitek\SD6\Software\ProfilerU.exe [237568 2009-09-11] (Saitek)
HKLM\...\Run: [SaiMfd] - C:\Program Files\Saitek\SD6\Software\SaiMfd.exe [131072 2009-09-11] (Saitek)
HKLM\...\Run: [ Malwarebytes Anti-Malware  (reboot)] - "C:\Program Files\Anti-Malware\mbam.exe" /runcleanupscript
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM\...\Run: [AVP] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [206448 2012-10-31] (Kaspersky Lab ZAO)
HKLM\...\Run: [NPSStartup] - [X]
HKLM\...\Run: [BrMfcWnd] - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM\...\Run: [ControlCenter3] - C:\Program Files\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM\...\Run: [Corsair Garros] - C:\Maus_M90\M90Hid.exe [1768960 2012-05-22] (Corsair Components  Inc)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [DivXMediaServer] - C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-20] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM\...\Run: [CTxfiHlp] - C:\Windows\system32\CTXFIHLP.EXE [25600 2010-05-05] (Creative Technology Ltd)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\klogon: C:\Windows\system32\klogon.dll (Kaspersky Lab ZAO)
HKU\.DEFAULT\...\Run: [CtxfiReg] - CTXFIREG.exe /FAIL1
HKU\S-1-5-21-3132632257-3045653775-2901208091-1001\...\Run: [Pando Media Booster] - C:\Program Files\Pando Networks\Media Booster\PMB.exe [3077528 2011-08-27] ()
HKU\S-1-5-21-3132632257-3045653775-2901208091-1001\...\Run: [Creative MediaSource Go] - C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe [204800 2006-11-09] (Creative Technology Ltd)
HKU\S-1-5-21-3132632257-3045653775-2901208091-1001\...\Run: [Mobile Partner] - C:\Program Files\HiSuite\HiSuite.exe [583488 2013-07-11] ()
HKU\S-1-5-21-3132632257-3045653775-2901208091-1001\...\Run: [Amazon Cloud Player] - C:\Users\ml\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3140608 2014-01-14] ()
HKU\S-1-5-21-3132632257-3045653775-2901208091-1001\...\MountPoints2: D - D:\ASRSetup.exe
HKU\S-1-5-21-3132632257-3045653775-2901208091-1001\...\MountPoints2: {cb124b1d-2f7c-11df-997d-6cf04902646e} - F:\Setup.exe
HKU\S-1-5-21-3132632257-3045653775-2901208091-1001\...\MountPoints2: {f4c6a2a3-3b33-11e3-817b-bc5ff40f2dd2} - G:\autorun.exe
Startup: C:\Users\ml\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Profiler.lnk
ShortcutTarget: Profiler.lnk -> C:\Windows\Installer\{46A219BA-FA02-43B6-8E46-4704B39251DD}\Profiler.exe (Saitek)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?crg=3.1010000.10005’
SearchScopes: HKLM - DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10005’
SearchScopes: HKLM - {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10005’
SearchScopes: HKCU - DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10005’
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://tbsearch.ask.com/redirect?client=ie&tb=BTV5&o=10148&src=crm&q={searchTerms}&locale=en_US
SearchScopes: HKCU - {47802076-0332-47D7-AB21-698498446961} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10005’
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 62.109.121.2 62.109.121.1

FireFox:
========
FF ProfilePath: C:\Users\ml\AppData\Roaming\Mozilla\Firefox\Profiles\6y5bomt0.default
FF user.js: detected! => C:\Users\ml\AppData\Roaming\Mozilla\Firefox\Profiles\6y5bomt0.default\user.js
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fhtml5.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Flisten.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpreview.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fpiki.fm*')%20%7C%7C%20host%20%3D%3D%20's.hulu.com'%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*')%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fdsc.discovery.com%2F*')%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fext.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Faccount.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*')%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%20%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('youtube.com%2Fvideoplayback')%20!%3D%20-1%20%26%26%20url.indexOf('%26gcr%3Dus')%20!%3D%20-1%20%26%26%20url.indexOf('%26ptchn')%20!%3D%20-1))%20%7B%20return%20'PROXY%20nq-us05.personalitycores.com%3A8000%3B%20PROXY%20nq-us10.personalitycores.com%3A8000%3B%20PROXY%20nq-us06.personalitycores.com%3A8000%3B%20PROXY%20nq-us04.personalitycores.com%3A8000%3B%20PROXY%20nq-us11.personalitycores.com%3A8000%3B%20PROXY%20nq-us07.personalitycores.com%3A8000%3B%20PROXY%20nq-us12.personalitycores.com%3A8000%3B%20PROXY%20nq-us09.personalitycores.com%3A8000%3B%20PROXY%20nq-us08.personalitycores.com%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\ml\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101714.dll (Amazon.com, Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: FT DeepDark - C:\Users\ml\AppData\Roaming\Mozilla\Firefox\Profiles\6y5bomt0.default\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2014-02-11]
FF Extension: Firebug - C:\Users\ml\AppData\Roaming\Mozilla\Firefox\Profiles\6y5bomt0.default\Extensions\firebug@software.joehewitt.com.xpi [2012-12-14]
FF Extension: YouTube MP3 Download - C:\Users\ml\AppData\Roaming\Mozilla\Firefox\Profiles\6y5bomt0.default\Extensions\jid0-Z0Vu9hJlqV0fhIAPqPfmUCNubYQ@jetpack.xpi [2013-07-20]
FF Extension: ProxMate - Proxy on steroids! - C:\Users\ml\AppData\Roaming\Mozilla\Firefox\Profiles\6y5bomt0.default\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi [2013-10-19]
FF Extension: TinEye Reverse Image Search - C:\Users\ml\AppData\Roaming\Mozilla\Firefox\Profiles\6y5bomt0.default\Extensions\tineye@ideeinc.com.xpi [2013-04-19]
FF Extension: NoScript - C:\Users\ml\AppData\Roaming\Mozilla\Firefox\Profiles\6y5bomt0.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2012-12-14]
FF Extension: FireFTP - C:\Users\ml\AppData\Roaming\Mozilla\Firefox\Profiles\6y5bomt0.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi [2012-12-14]
FF Extension: Adblock Plus - C:\Users\ml\AppData\Roaming\Mozilla\Firefox\Profiles\6y5bomt0.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-12-14]
FF HKLM\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF Extension: Kaspersky Virtual Keyboard - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru [2011-11-01]
FF HKLM\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru
FF Extension: Kaspersky URL Advisor - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru [2011-11-01]
FF HKLM\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru
FF Extension: Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru [2011-11-01]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-08-01]

========================== Services (Whitelisted) =================

R2 AODService; C:\Program Files\AMD\OverDrive\AODAssist.exe [136616 2010-04-23] ()
R2 AVP; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [206448 2012-10-31] (Kaspersky Lab ZAO)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2010-03-05] (Creative Labs)
R2 HiSuiteOuc.exe; C:\ProgramData\HiSuiteOuc\HiSuiteOuc.exe [116032 2013-07-11] ()
R2 HuaweiHiSuiteService.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe [158208 2013-05-02] ()
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 nTuneService; C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe [192832 2011-09-19] (NVIDIA)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [66872 2014-01-02] ()
R2 PnkBstrB; C:\Windows\system32\PnkBstrB.exe [107832 2014-01-02] ()
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
S2 SkypeUpdate; C:\Programme\Skype\Updater\Updater.exe [171680 2013-09-05] (Skype Technologies)
R2 StarWindServiceAE; C:\Program Files\alcohol\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software)
S3 nosGetPlusHelper; C:\Program Files\NOS\bin\getPlus_Helper_3004.dll [X]

==================== Drivers (Whitelisted) ====================

R3 AmdTools; C:\Windows\System32\DRIVERS\AmdTools.sys [42552 2008-04-28] (AMD, Inc.)
R3 AODDriver2; C:\Program Files\AMD\OverDrive\i386\AODDriver2.sys [36864 2010-04-23] (Advanced Micro Devices)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2010-07-07] ()
S3 CamDrL; C:\Windows\System32\DRIVERS\Camdrl.sys [1075360 2007-02-03] (Logitech Inc.)
S3 COMMONFX.DLL; C:\Windows\System32\COMMONFX.DLL [98616 2007-03-05] (Creative Technology Ltd)
R3 CORSGMS; C:\Windows\System32\Drivers\CORSGMS.sys [18432 2012-03-27] ( )
S3 CTAUDFX.DLL; C:\Windows\System32\CTAUDFX.DLL [552248 2007-03-05] (Creative Technology Ltd)
S3 ctdvda2k; C:\Windows\System32\drivers\ctdvda2k.sys [347144 2010-05-05] (Creative Technology Ltd)
S3 CTEAPSFX.DLL; C:\Windows\System32\CTEAPSFX.DLL [174392 2007-03-05] (Creative Technology Ltd)
S3 CTEDSPFX.DLL; C:\Windows\System32\CTEDSPFX.DLL [286520 2007-03-05] (Creative Technology Ltd)
S3 CTEDSPIO.DLL; C:\Windows\System32\CTEDSPIO.DLL [134968 2007-03-05] (Creative Technology Ltd)
R3 CTEDSPSY.DLL; C:\Windows\System32\CTEDSPSY.DLL [329528 2007-03-05] (Creative Technology Ltd)
S3 CTERFXFX.DLL; C:\Windows\System32\CTERFXFX.DLL [101176 2007-03-05] (Creative Technology Ltd)
S3 CTSBLFX.DLL; C:\Windows\System32\CTSBLFX.DLL [566584 2007-03-05] (Creative Technology Ltd)
S3 dbustrcm; C:\Users\ml\AppData\Local\Temp\dbustrcm.sys [31744 2013-09-01] ()
R3 EtronHub3; C:\Windows\System32\Drivers\EtronHub3.sys [32384 2011-02-08] (Etron Technology Inc)
R3 EtronXHCI; C:\Windows\System32\Drivers\EtronXHCI.sys [52352 2011-02-08] (Etron Technology Inc)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] ()
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [133208 2011-03-04] (Kaspersky Lab ZAO)
R1 kl2; C:\Windows\System32\DRIVERS\kl2.sys [11352 2011-03-04] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [586072 2012-10-31] (Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [23856 2011-03-10] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [19984 2009-11-02] (Kaspersky Lab)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2010-07-07] ()
R3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41504 2007-02-03] (Logitech Inc.)
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [75480 2014-02-12] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 RivaTuner32; C:\Program Files\RivaTuner\RivaTuner32.sys [9088 2009-08-22] ()
R3 SaiK0728; C:\Windows\System32\DRIVERS\SaiK0728.sys [104960 2008-01-21] (Saitek)
S3 SaiK0CEA; C:\Windows\System32\DRIVERS\SaiK0CEA.sys [104960 2008-04-04] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [20744 2009-09-14] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [43656 2009-09-14] (Saitek)
S3 SaiU0CEA; C:\Windows\System32\DRIVERS\SaiU0CEA.sys [28544 2008-04-04] (Saitek)
R1 SAVRKBootTasks; C:\Windows\system32\SAVRKBootTasks.sys [18816 2010-05-26] (Sophos Plc)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-03-14] (Duplex Secure Ltd.)
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2010-04-27] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2010-04-27] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2010-04-27] (MCCI Corporation)
R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2006-07-24] ()
R3 V0260VID; C:\Windows\System32\DRIVERS\V0260Vid.sys [154560 2007-05-25] (Creative Technology Ltd.)
S3 amdiox86; system32\DRIVERS\amdiox86.sys [X]
S2 AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [X]
S3 atillk64; \??\C:\Program Files\AMD GPU Clock Tool\atillk64.sys [X]
S3 CT20XUT.DLL; system32\CT20XUT.DLL [X]
S3 CTEXFIFX.DLL; system32\CTEXFIFX.DLL [X]
S3 CTHWIUT.DLL; system32\CTHWIUT.DLL [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2011-10-24] (Huawei Technologies Co., Ltd.)
S3 MEMSWEEP2; \??\C:\Windows\system32\34.tmp [X]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-15 21:15 - 2014-02-15 21:15 - 00293592 _____ () C:\Users\linuel\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-15 21:10 - 2014-02-16 07:08 - 00000000 ___RD () C:\Users\linuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-02-15 21:10 - 2014-02-16 07:08 - 00000000 ___RD () C:\Users\linuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-02-15 21:10 - 2014-02-16 07:08 - 00000000 ____D () C:\Users\linuel
2014-02-15 21:10 - 2014-02-15 21:10 - 00000000 _SHDL () C:\Users\linuel\Startmenü
2014-02-15 21:10 - 2014-02-15 21:10 - 00000000 _SHDL () C:\Users\linuel\Netzwerkumgebung
2014-02-15 21:10 - 2014-02-15 21:10 - 00000000 _SHDL () C:\Users\linuel\Druckumgebung
2014-02-15 21:10 - 2014-02-15 21:10 - 00000000 _SHDL () C:\Users\linuel\Documents\Eigene Musik
2014-02-15 21:10 - 2014-02-15 21:10 - 00000000 _SHDL () C:\Users\linuel\Documents\Eigene Bilder
2014-02-15 21:10 - 2014-02-15 21:10 - 00000000 _SHDL () C:\Users\linuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-15 21:10 - 2014-02-15 21:10 - 00000000 _SHDL () C:\Users\linuel\AppData\Local\Verlauf
2014-02-15 15:08 - 2014-02-15 22:22 - 00000340 _____ () C:\Users\ml\defogger_reenable
2014-02-15 13:00 - 2014-02-15 22:30 - 00000000 ____D () C:\FRST
2014-02-13 21:40 - 2014-02-13 22:52 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-13 21:18 - 2014-02-13 21:19 - 00000109 _____ () C:\Users\ml\Documents\mwb-am.TXT
2014-02-11 23:54 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-11 23:54 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-11 23:54 - 2014-02-06 11:19 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-11 23:54 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-11 23:54 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-11 23:54 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-11 23:54 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-11 23:54 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-11 23:54 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-11 23:54 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-11 23:54 - 2014-02-06 10:47 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-11 23:54 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-11 23:54 - 2014-02-06 10:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-11 23:54 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-11 23:54 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-11 23:54 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-11 23:54 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-11 23:54 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-11 23:54 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-11 23:54 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-11 23:54 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-11 23:44 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-11 22:41 - 2014-02-11 22:41 - 04745728 _____ (AVAST Software) C:\Users\ml\Downloads\aswMBR.exe
2014-02-11 22:14 - 2014-02-11 22:15 - 00267492 _____ () C:\Windows\msxml4-KB2758694-deu.LOG
2014-02-11 21:51 - 2014-02-12 18:43 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-11 21:50 - 2014-02-11 21:50 - 12589848 _____ (Malwarebytes Corp.) C:\Users\ml\Downloads\mbar-1.07.0.1009.exe
2014-02-11 21:49 - 2014-02-11 21:50 - 00000000 ____D () C:\Program Files\Malwarebytes_Anti-Rootkit
2014-02-11 21:45 - 2014-02-11 21:52 - 451422799 _____ (WinFuture) C:\Users\ml\Downloads\WinFuture_7SP1_x86_UpdatePack_2.34_Januar_2014-Vollversion.exe
2014-02-11 21:29 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-11 21:29 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-11 21:29 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-11 21:29 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-11 21:29 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-11 21:29 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-11 21:29 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-11 21:29 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-11 21:29 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-11 21:29 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-11 21:29 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-11 21:29 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-11 21:29 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-11 21:29 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-11 20:16 - 2014-02-11 20:32 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2014-02-11 20:15 - 2014-02-11 20:15 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-ATLAN-Microsoft-Windows-7-Professional-(32-bit).dat
2014-02-11 20:13 - 2014-02-11 20:13 - 00000000 ____D () C:\RegBackup
2014-02-11 18:23 - 2014-02-11 18:23 - 00001071 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-11 18:20 - 2014-02-11 18:20 - 00000000 ____D () C:\Program Files\Tweaking
2014-02-11 18:17 - 2014-02-11 18:23 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-02-11 18:17 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-06 18:31 - 2014-02-06 18:31 - 00924173 _____ () C:\Users\ml\Downloads\BrMain480.exe
2014-02-06 18:04 - 2014-02-16 07:09 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-02 01:10 - 2014-02-02 01:10 - 00000000 ____D () C:\Users\ml\AppData\Local\BigHugeEngine
2014-01-26 00:47 - 2014-01-26 00:47 - 22607745 _____ () C:\Users\ml\Downloads\ufoaftershock_patch_1_2-including_previous_patch.zip
2014-01-26 00:45 - 2014-01-26 00:45 - 03123262 _____ () C:\Users\ml\Downloads\ufo_aftershock_patch_1_3.zip
2014-01-26 00:45 - 2014-01-26 00:45 - 03122287 _____ () C:\Users\ml\Downloads\Ufo-Aftershock-Patch-1.3.zip
2014-01-26 00:44 - 2014-01-26 00:44 - 02028396 _____ () C:\Users\ml\Downloads\UFO_Aftershock_v1.2.1_Patch.zip
2014-01-26 00:41 - 2014-01-27 21:52 - 00000635 _____ () C:\Users\Public\Desktop\UFO Aftershock.lnk
2014-01-21 21:29 - 2014-01-21 21:29 - 03669884 _____ () C:\Users\ml\Downloads\DarkHorizon_v1.0.6.0_Patch.zip
2014-01-21 18:57 - 2014-02-16 07:09 - 00000000 ____D () C:\Users\ml\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Cloud Player
2014-01-21 18:57 - 2014-01-30 20:41 - 00001159 _____ () C:\Users\ml\Desktop\Amazon Cloud Player.lnk
2014-01-21 18:57 - 2014-01-30 20:41 - 00000000 ____D () C:\Users\ml\AppData\Local\Amazon Cloud Player
2014-01-20 21:46 - 2013-12-18 21:10 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-01-20 21:46 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-01-20 21:46 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-20 21:46 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-20 21:45 - 2014-01-20 21:46 - 00005315 _____ () C:\Windows\system32\jupdate-1.7.0_51-b13.log

==================== One Month Modified Files and Folders =======

2014-02-16 07:09 - 2014-02-06 18:04 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-16 07:09 - 2014-01-21 18:57 - 00000000 ____D () C:\Users\ml\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Cloud Player
2014-02-16 07:09 - 2013-05-18 01:29 - 00000000 ____D () C:\Users\ml\Downloads\sound
2014-02-16 07:09 - 2012-08-16 19:31 - 00000000 ____D () C:\Users\ml\AppData\Local\CCP
2014-02-16 07:09 - 2012-07-01 19:20 - 00000000 ____D () C:\Users\ml\Downloads\ydkj
2014-02-16 07:09 - 2012-05-05 06:28 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-02-16 07:09 - 2012-04-21 23:27 - 00000000 ____D () C:\Users\ml\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EVGA Precision
2014-02-16 07:09 - 2012-03-02 17:00 - 00000000 ____D () C:\Users\ml\Downloads\mflpro
2014-02-16 07:09 - 2011-12-13 17:50 - 00000000 ____D () C:\Users\ml\Downloads\cpu-z
2014-02-16 07:09 - 2011-12-10 17:16 - 00000000 ____D () C:\Program Files\CrystalDiskInfo
2014-02-16 07:09 - 2011-12-05 23:24 - 00000000 ____D () C:\Users\ml\Downloads\RoT
2014-02-16 07:09 - 2011-07-17 00:33 - 00000000 ____D () C:\Users\ml\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps
2014-02-16 07:09 - 2011-06-12 21:35 - 00000000 ____D () C:\Users\ml\Downloads\directx9c
2014-02-16 07:09 - 2011-03-06 01:01 - 00000000 ____D () C:\Users\ml\Downloads\xbox360ce
2014-02-16 07:09 - 2010-10-03 09:05 - 00000000 ____D () C:\Users\ml\Downloads\gpg
2014-02-16 07:09 - 2010-07-28 18:08 - 00000000 ____D () C:\Users\ml\AppData\Roaming\vlc
2014-02-16 07:09 - 2010-05-02 09:31 - 00000000 ____D () C:\Users\ml\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-02-16 07:09 - 2010-04-28 19:40 - 00000000 ____D () C:\Users\ml\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-02-16 07:09 - 2010-04-06 18:55 - 00000000 ____D () C:\Users\ml\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
2014-02-16 07:09 - 2010-03-20 12:57 - 00000000 ____D () C:\Users\ml\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-02-16 07:09 - 2010-03-20 12:55 - 00000000 ____D () C:\Program Files\Steam
2014-02-16 07:09 - 2010-03-05 01:04 - 00000000 ____D () C:\Windows\system32\Data
2014-02-16 07:09 - 2010-03-05 00:14 - 00000000 ___RD () C:\Users\ml\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-02-16 07:09 - 2010-03-05 00:14 - 00000000 ___RD () C:\Users\ml\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-02-16 07:09 - 2010-03-05 00:14 - 00000000 ____D () C:\Users\ml
2014-02-16 07:09 - 2010-02-08 23:40 - 00000000 ____D () C:\spiele
2014-02-16 07:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\wfp
2014-02-16 07:08 - 2014-02-15 21:10 - 00000000 ___RD () C:\Users\linuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-02-16 07:08 - 2014-02-15 21:10 - 00000000 ___RD () C:\Users\linuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-02-16 07:08 - 2014-02-15 21:10 - 00000000 ____D () C:\Users\linuel
2014-02-16 07:08 - 2013-10-30 23:57 - 00000000 ____D () C:\Users\ml\Downloads\simc-540-5-win32
2014-02-16 07:08 - 2012-11-11 11:45 - 00000000 ____D () C:\Users\ml\Downloads\Sine.Mora-SKIDROW-LaVerta.part1
2014-02-16 07:08 - 2012-11-04 10:41 - 00000000 ____D () C:\Users\ml\Downloads\wordpress_342-de
2014-02-16 07:08 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\registration
2014-02-16 07:07 - 2013-10-22 22:39 - 00000000 ____D () C:\Users\ml\Downloads\HiSuiteSetup_v1.8.10.1706
2014-02-16 07:07 - 2012-11-10 13:29 - 00000000 ____D () C:\Users\ml\Downloads\contact-form-7331
2014-02-16 07:07 - 2011-05-17 18:33 - 00000000 ____D () C:\Users\ml\Downloads\Mainboard_Treiber
2014-02-16 07:07 - 2010-07-23 19:04 - 00000000 ____D () C:\Users\ml\AppData\Roaming\Malwarebytes
2014-02-15 22:31 - 2011-01-01 10:54 - 00000000 ____D () C:\Users\ml\AppData\Local\PMB Files
2014-02-15 22:30 - 2014-02-15 13:00 - 00000000 ____D () C:\FRST
2014-02-15 22:30 - 2010-03-05 00:07 - 01738313 _____ () C:\Windows\WindowsUpdate.log
2014-02-15 22:30 - 2009-07-14 05:34 - 00014960 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-15 22:30 - 2009-07-14 05:34 - 00014960 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-15 22:29 - 2010-03-05 00:16 - 01644414 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-15 22:28 - 2010-03-05 00:42 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-02-15 22:25 - 2011-12-10 17:37 - 00000322 _____ () C:\Windows\Tasks\DriverScanner.job
2014-02-15 22:25 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-15 22:24 - 2012-04-21 23:17 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-15 22:24 - 2009-07-14 05:39 - 00179220 _____ () C:\Windows\setupact.log
2014-02-15 22:22 - 2014-02-15 15:08 - 00000340 _____ () C:\Users\ml\defogger_reenable
2014-02-15 21:15 - 2014-02-15 21:15 - 00293592 _____ () C:\Users\linuel\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-15 21:10 - 2014-02-15 21:10 - 00000000 _SHDL () C:\Users\linuel\Startmenü
2014-02-15 21:10 - 2014-02-15 21:10 - 00000000 _SHDL () C:\Users\linuel\Netzwerkumgebung
2014-02-15 21:10 - 2014-02-15 21:10 - 00000000 _SHDL () C:\Users\linuel\Druckumgebung
2014-02-15 21:10 - 2014-02-15 21:10 - 00000000 _SHDL () C:\Users\linuel\Documents\Eigene Musik
2014-02-15 21:10 - 2014-02-15 21:10 - 00000000 _SHDL () C:\Users\linuel\Documents\Eigene Bilder
2014-02-15 21:10 - 2014-02-15 21:10 - 00000000 _SHDL () C:\Users\linuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-15 21:10 - 2014-02-15 21:10 - 00000000 _SHDL () C:\Users\linuel\AppData\Local\Verlauf
2014-02-13 22:52 - 2014-02-13 21:40 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-13 21:19 - 2014-02-13 21:18 - 00000109 _____ () C:\Users\ml\Documents\mwb-am.TXT
2014-02-12 19:55 - 2012-07-05 16:22 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-12 19:10 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-02-12 18:43 - 2014-02-11 21:51 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-11 22:41 - 2014-02-11 22:41 - 04745728 _____ (AVAST Software) C:\Users\ml\Downloads\aswMBR.exe
2014-02-11 22:15 - 2014-02-11 22:14 - 00267492 _____ () C:\Windows\msxml4-KB2758694-deu.LOG
2014-02-11 22:14 - 2011-04-03 13:47 - 00000000 ____D () C:\Program Files\MSXML 4.0
2014-02-11 22:08 - 2011-07-19 19:14 - 00086016 ___SH () C:\Users\ml\Documents\Thumbs.db
2014-02-11 21:56 - 2013-11-24 02:17 - 00012248 _____ () C:\Windows\IE11_main.log
2014-02-11 21:52 - 2014-02-11 21:45 - 451422799 _____ (WinFuture) C:\Users\ml\Downloads\WinFuture_7SP1_x86_UpdatePack_2.34_Januar_2014-Vollversion.exe
2014-02-11 21:50 - 2014-02-11 21:50 - 12589848 _____ (Malwarebytes Corp.) C:\Users\ml\Downloads\mbar-1.07.0.1009.exe
2014-02-11 21:50 - 2014-02-11 21:49 - 00000000 ____D () C:\Program Files\Malwarebytes_Anti-Rootkit
2014-02-11 21:25 - 2010-03-05 01:56 - 00293592 _____ () C:\Users\ml\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-11 21:13 - 2009-07-14 05:33 - 02828184 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-11 21:12 - 2010-03-05 01:45 - 00234518 _____ () C:\Windows\PFRO.log
2014-02-11 20:32 - 2014-02-11 20:16 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2014-02-11 20:15 - 2014-02-11 20:15 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-ATLAN-Microsoft-Windows-7-Professional-(32-bit).dat
2014-02-11 20:13 - 2014-02-11 20:13 - 00000000 ____D () C:\RegBackup
2014-02-11 18:46 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-02-11 18:44 - 2012-04-01 10:50 - 00000000 ____D () C:\Program Files\SweetIM
2014-02-11 18:23 - 2014-02-11 18:23 - 00001071 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-11 18:23 - 2014-02-11 18:17 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-02-11 18:20 - 2014-02-11 18:20 - 00000000 ____D () C:\Program Files\Tweaking
2014-02-09 12:25 - 2010-03-14 13:28 - 00000354 _____ () C:\Windows\Tasks\At1.job
2014-02-08 23:15 - 2014-01-10 18:09 - 00000000 ____D () C:\Users\ml\AppData\Roaming\Awesomium
2014-02-06 19:23 - 2012-04-11 19:14 - 00000000 ____D () C:\ProgramData\Origin
2014-02-06 19:21 - 2012-04-11 19:18 - 00000000 ____D () C:\Program Files\Origin
2014-02-06 18:31 - 2014-02-06 18:31 - 00924173 _____ () C:\Users\ml\Downloads\BrMain480.exe
2014-02-06 18:24 - 2010-03-20 09:32 - 00000425 _____ () C:\Windows\BRWMARK.INI
2014-02-06 18:04 - 2013-12-16 21:18 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2014-02-06 11:38 - 2014-02-11 23:54 - 17103872 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 11:20 - 2014-02-11 23:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 11:19 - 2014-02-11 23:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 11:01 - 2014-02-11 23:54 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 11:00 - 2014-02-11 23:54 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-11 23:54 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 10:52 - 2014-02-11 23:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 10:52 - 2014-02-11 23:54 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 10:49 - 2014-02-11 23:54 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 10:47 - 2014-02-11 23:54 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 10:47 - 2014-02-11 23:54 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 10:46 - 2014-02-11 23:54 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 10:34 - 2014-02-11 23:54 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 10:25 - 2014-02-11 23:54 - 04244480 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 10:25 - 2014-02-11 23:54 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 10:13 - 2014-02-11 23:54 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:09 - 2014-02-11 23:54 - 01964032 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:03 - 2014-02-11 23:54 - 11266048 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 09:41 - 2014-02-11 23:54 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 09:36 - 2014-02-11 23:54 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:34 - 2014-02-11 23:54 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-05 21:55 - 2012-05-14 23:37 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-02-05 21:55 - 2011-05-19 18:10 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-02-03 23:24 - 2010-03-05 16:33 - 00000000 ____D () C:\Users\ml\AppData\Roaming\Skype
2014-02-03 20:14 - 2010-03-06 14:47 - 00000000 ____D () C:\Users\ml\AppData\Roaming\TS3Client
2014-02-02 20:56 - 2013-10-04 19:02 - 00000000 ____D () C:\Users\ml\AppData\Local\Battle.net
2014-02-02 01:10 - 2014-02-02 01:10 - 00000000 ____D () C:\Users\ml\AppData\Local\BigHugeEngine
2014-01-30 20:41 - 2014-01-21 18:57 - 00001159 _____ () C:\Users\ml\Desktop\Amazon Cloud Player.lnk
2014-01-30 20:41 - 2014-01-21 18:57 - 00000000 ____D () C:\Users\ml\AppData\Local\Amazon Cloud Player
2014-01-29 22:08 - 2010-03-20 12:55 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-01-27 21:52 - 2014-01-26 00:41 - 00000635 _____ () C:\Users\Public\Desktop\UFO Aftershock.lnk
2014-01-26 00:47 - 2014-01-26 00:47 - 22607745 _____ () C:\Users\ml\Downloads\ufoaftershock_patch_1_2-including_previous_patch.zip
2014-01-26 00:45 - 2014-01-26 00:45 - 03123262 _____ () C:\Users\ml\Downloads\ufo_aftershock_patch_1_3.zip
2014-01-26 00:45 - 2014-01-26 00:45 - 03122287 _____ () C:\Users\ml\Downloads\Ufo-Aftershock-Patch-1.3.zip
2014-01-26 00:44 - 2014-01-26 00:44 - 02028396 _____ () C:\Users\ml\Downloads\UFO_Aftershock_v1.2.1_Patch.zip
2014-01-26 00:40 - 2010-03-05 00:40 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-01-21 21:29 - 2014-01-21 21:29 - 03669884 _____ () C:\Users\ml\Downloads\DarkHorizon_v1.0.6.0_Patch.zip
2014-01-20 21:46 - 2014-01-20 21:45 - 00005315 _____ () C:\Windows\system32\jupdate-1.7.0_51-b13.log
2014-01-20 21:46 - 2013-10-17 21:24 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-20 21:46 - 2012-03-18 15:32 - 00000000 ____D () C:\Program Files\Java
2014-01-20 21:43 - 2010-03-14 16:43 - 00000000 ____D () C:\Users\ml\AppData\Local\Adobe
2014-01-18 18:21 - 2013-10-09 18:16 - 00000000 ____D () C:\Program Files\Hearthstone
2014-01-17 22:32 - 2013-10-04 19:02 - 00000000 ____D () C:\Program Files\Battle.net
2014-01-17 22:32 - 2012-05-14 18:11 - 00000000 ____D () C:\Program Files\Diablo III
2014-01-17 16:58 - 2012-11-21 21:56 - 00015726 _____ () C:\Users\ml\Documents\Geburtstage_Adressen.odt
2014-01-17 16:36 - 2010-03-05 01:02 - 00073312 _____ () C:\Windows\DirectX.log
2014-01-17 00:10 - 2010-03-05 01:58 - 00000000 ____D () C:\Windows\system32\directx
2014-01-17 00:09 - 2010-10-03 09:06 - 00000000 ____D () C:\Program Files\THQ

Files to move or delete:
====================
C:\Windows\Tasks\At1.job


Some content of TEMP:
====================
C:\Users\ml\AppData\Local\Temp\11-8_vista32_win7_32_dd_ccc_ocl.exe
C:\Users\ml\AppData\Local\Temp\CheatEngine63Clean.exe
C:\Users\ml\AppData\Local\Temp\CmdLineExt03.dll
C:\Users\ml\AppData\Local\Temp\CTPBSeq.exe
C:\Users\ml\AppData\Local\Temp\devcon.exe
C:\Users\ml\AppData\Local\Temp\DivXSetup.exe
C:\Users\ml\AppData\Local\Temp\drm_dyndata_7370012.dll
C:\Users\ml\AppData\Local\Temp\drm_dyndata_7400006.dll
C:\Users\ml\AppData\Local\Temp\GdiPlus.dll
C:\Users\ml\AppData\Local\Temp\installerdll.dll
C:\Users\ml\AppData\Local\Temp\InstallerMessageBox.exe
C:\Users\ml\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\ml\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\ml\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\ml\AppData\Local\Temp\jre-6u39-windows-i586-iftw.exe
C:\Users\ml\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\ml\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\ml\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\ml\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\ml\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\ml\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\ml\AppData\Local\Temp\mbam-setup.exe
C:\Users\ml\AppData\Local\Temp\MSVBVM60.DLL
C:\Users\ml\AppData\Local\Temp\NPSInstallerProxy.exe
C:\Users\ml\AppData\Local\Temp\NPSInstallerProxyMessageBoxHookDll.dll
C:\Users\ml\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\ml\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\ml\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\ml\AppData\Local\Temp\nvStInst.exe
C:\Users\ml\AppData\Local\Temp\patchw32.dll
C:\Users\ml\AppData\Local\Temp\RSPUpgradeInstaller.exe
C:\Users\ml\AppData\Local\Temp\SIntf16.dll
C:\Users\ml\AppData\Local\Temp\SIntf32.dll
C:\Users\ml\AppData\Local\Temp\SIntfNT.dll
C:\Users\ml\AppData\Local\Temp\SkypeSetup.exe
C:\Users\ml\AppData\Local\Temp\tmp4CE7.exe
C:\Users\ml\AppData\Local\Temp\tmp508F.exe
C:\Users\ml\AppData\Local\Temp\tmp5F8D.exe
C:\Users\ml\AppData\Local\Temp\tmp61AF.exe
C:\Users\ml\AppData\Local\Temp\tmp7010.exe
C:\Users\ml\AppData\Local\Temp\tmp96A3.exe
C:\Users\ml\AppData\Local\Temp\Uninst.exe
C:\Users\ml\AppData\Local\Temp\_is77CF.exe
C:\Users\ml\AppData\Local\Temp\_isE495.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-08 13:54

==================== End Of Log ============================
         

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12-02-2014 01
Ran by ml at 2014-02-15 22:31:35
Running from C:\Users\ml\Desktop\logs
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

[translation missing: EVERemoveOnly] (Version:  - CCP Games Ltd.)
Adobe AIR (Version: 1.1.0.5790 - Adobe Systems Inc.)
Adobe AIR (Version: 1.1.0.5790 - Adobe Systems Inc.) Hidden
Adobe Anchor Service CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS4 (Version: 3 - Adobe Systems Incorporated) Hidden
Adobe CMaps CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color - Photoshop Specific CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Recommended Settings CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Extra Settings CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color Video Profiles CS CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS4 (Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Director 11.5 (Version: 11.5 - Adobe Systems Incorporated)
Adobe Director 11.5 (Version: 11.5 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit CS4 (Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Extension Manager CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Fonts All (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (Version: 1.1 - Adobe Systems Incorporated)
Adobe Output Module (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (Version: 11.0 - Adobe Systems Incorporated)
Adobe Photoshop CS4 (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 Support (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Reader X (10.1.9) - Deutsch (Version: 10.1.9 - Adobe Systems Incorporated)
Adobe Search for Help (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Service Manager Extension (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Setup (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Shockwave Player 11.5 (Version: 11.5.6.606 - Adobe Systems, Inc.)
Adobe Type Support CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS4 (Version: 6.0.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin (Version: 1.1 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
AdobeColorCommonSetCMYK (Version: 2.0 - Adobe Systems Incorporated) Hidden
AdobeColorCommonSetRGB (Version: 2.0 - Adobe Systems Incorporated) Hidden
Age of Empires Online (Version:  - Microsoft)
Amazon Cloud Player (HKCU Version: 2.3.0.422 - Amazon Services LLC)
Amazon MP3-Downloader 1.0.17 (Version: 1.0.17 - Amazon Services LLC)
AMD Catalyst Install Manager (Version: 3.0.868.0 - Advanced Micro Devices, Inc.)
AMD GPU Clock Tool (Version: 0.9.26.0 - Advanced Micro Devices Inc.)
AMD OverDrive (Version: 3.2.1.0439 - Advanced Micro Devices, Inc.)
Apple Application Support (Version: 2.3 - Apple Inc.)
Apple Software Update (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.0.35 - Atheros Communications Inc.)
Bastion (Version:  - Supergiant Games)
Battle.net (Version:  - Blizzard Entertainment)
Binary Domain (Version:  - Sega)
BioShock 2 (Version:  - 2K Games)
BitTorrent (Version: 6.4.0 - BitTorrent, Inc)
Brother MFL-Pro Suite MFC-260C (Version: 1.0.2.0 - Brother Industries, Ltd.)
Brütal Legend (Version:  - Double Fine Productions)
Bundled software uninstaller (Version:  - ) <==== ATTENTION
Catalyst Control Center InstallProxy (Version: 2012.0309.43.976 - Advanced Micro Devices, Inc.) Hidden
Cheat Engine 6.3 (Version:  - Cheat Engine)
Connect (Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
Corsair M90 Firmware Update Application (Version:  - )
Corsair M90 Maustreiber V1.0 (Version: 1.00.00.25 - )
Creative ALchemy (Version: 1.41 - Creative Technology Limited)
Creative Audio-Systemsteuerung (Version: 2.00 - Creative Technology Limited)
Creative Konsole Starter (Version:  - Creative Technology Limited)
Creative Live! Cam Center (Version:  - )
Creative Live! Cam Vista IM Driver (1.10.04.00) (Version:  - )
Creative MediaSource 5 (Version: 5.00 - )
Creative Software AutoUpdate (Version: 1.40 - Creative Technology Limited)
Creative WaveStudio 7 (Version: 7.14 - Creative Technology Limited)
CrystalDiskInfo 4.1.4 (Version: 4.1.4 - Crystal Dew World)
Dark Horizon (Version:  - Paradox Interactive)
Darksiders II (Version:  - Vigil Games)
DarksidersInstaller (Version: 1.00.1000 - Ihr Firmenname)
Dead Space™ 2 (Version: 1.0.941.0 - Electronic Arts)
Deus Ex: Human Revolution - The Missing Link (Version:  - Eidos Montreal)
Deus Ex: Human Revolution (Version:  - Eidos Montreal)
Devil May Cry 4 (Version:  - Capcom)
Diablo III (Version:  - Blizzard Entertainment)
Disciples III: Renaissance (Version:  - Akella)
Dishonored (Version: 1.0 - Bethesda Softworks)
DivX Converter (Version: 7.1.0 - DivX, Inc.)
DivX Plus DirectShow Filters (Version:  - DivX, Inc.)
DivX Version Checker (Version: 7.1.0.9 - DivX, Inc.)
DivX-Setup (Version: 2.6.1.44 - DivX, LLC)
Duke Nukem Forever (Version:  - Gearbox Software)
Eigenschaften von Creative Sound Blaster (Version: 1.02 - Creative Technology Limited)
ElsterFormular (Version: 14.1.11318 - Landesfinanzdirektion Thüringen)
Endless Space (Version:  - Amplitude Studios)
Essential XML Editor (Version:  - Dieter Köhler)
Essential XML Editor (Version: 1.6.4 - Dieter Köhler) Hidden
Etron USB3.0 Host Controller (Version: 0.96 - Etron Technology)
Etron USB3.0 Host Controller (Version: 0.96 - Etron Technology) Hidden
EVEREST Home Edition v2.20 (Version: 2.20 - Lavalys Inc)
EVGA Precision 2.0.4 (Version: 2.0.4 - EVGA Corporation)
Fallout: New Vegas (Version:  - Bethesda Softworks)
Far Cry 2 (Version:  - Ubisoft Montreal)
FileZilla Client 3.6.0.2 (Version: 3.6.0.2 - FileZilla Project)
Fraps (Version:  - )
GECK - New Vegas Edition (Version:  - )
GPGNet (Version: 1.0.0 - Gas Powered Games)
HiSuite (Version: 32.610.20.00.06 - Huawei Technologies Co.,Ltd)
Hydrophobia: Prophecy (Version:  - Dark Energy Digital)
Impulse (Version: 1.0 - Stardock Corporation) Hidden
Impulse (Version: 1.0 - Stardock)
Java 7 Update 51 (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 22 (Version: 6.0.220 - Oracle)
Java(TM) 6 Update 29 (Version: 6.0.290 - Oracle)
Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Kaspersky Internet Security 2012 (Version: 12.0.0.374 - Kaspersky Lab)
Kaspersky Internet Security 2012 (Version: 12.0.0.374 - Kaspersky Lab) Hidden
Kingdoms of Amalur: Reckoning™ (Version:  - Big Huge Games)
kuler (Version: 2.0 - Adobe Systems Incorporated) Hidden
Legendary (Version:  - Gamecock)
LOST PLANET 2 (Version: 1.0.0.129 - CAPCOM CO., LTD.)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300 - Malwarebytes Corporation)
Mass Effect (Version: 1.00 - Electronic Arts, Inc.)
Mass Effect 2 (Version: 1.01 - Electronic Arts, Inc.)
Mass Effect™ 3 (Version: 1.05.0.0 - Electronic Arts)
MechWarrior Online (HKCU Version: 1.2.0.0 - Piranha Games Inc.)
MechWarrior Online (Version: 1.2.0.0 - Piranha Games Inc.) Hidden
Metro 2033 (Version:  - THQ)
Microsoft .NET Framework 1.1 (Version:  - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Age of Empires II (Version:  - )
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (Version:  - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 3.1 (Version: 3.1.10527.0 - Microsoft Corporation)
Might & Magic Heroes VI (Version: 1.1.1 - Ubisoft)
Mozilla Firefox 27.0 (x86 de) (Version: 27.0 - Mozilla)
Mozilla Maintenance Service (Version: 27.0 - Mozilla)
Mozilla Thunderbird 24.3.0 (x86 de) (Version: 24.3.0 - Mozilla)
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 314.22 (Version: 314.22 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 314.22 (Version: 314.22 - NVIDIA Corporation)
NVIDIA Drivers (Version: 1.10 - NVIDIA Corporation)
NVIDIA Grafiktreiber 314.22 (Version: 314.22 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.23.1 (Version: 1.3.23.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.115.743 - NVIDIA Corporation) Hidden
NVIDIA Performance (Version: 6.5 - NVIDIA Corporation)
NVIDIA Performance (Version: 6.5 - NVIDIA Corporation) Hidden
NVIDIA PhysX (Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.1031 (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.1422 - NVIDIA Corporation) Hidden
NVIDIA System Monitor (Version: 6.5 - NVIDIA Corporation)
NVIDIA System Monitor (Version: 6.5 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 314.22 (Version: 314.22 - NVIDIA Corporation) Hidden
NVIDIA Update 1.12.12 (Version: 1.12.12 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.12.12 - NVIDIA Corporation) Hidden
OpenAL (Version:  - )
OpenOffice.org 3.3 (Version: 3.3.9567 - OpenOffice.org)
Origin (Version: 8.5.2.23 - Electronic Arts, Inc.)
Overlord II (Version:  - Codemasters)
oZone3D.Net FurMark v1.8.2 (Version:  - oZone3D.Net)
Pando Media Booster (Version: 2.3.6.0 - Pando Networks Inc.)
PC Connectivity Solution (Version: 8.15.0.0 - Nokia)
PDF Settings CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Pflanzen gegen Zombies Version 1.0.4.7924 (Version: 1.0.4.7924 - UGP)
Pharao (Version:  - )
Photoshop Camera Raw (Version: 5.0 - Adobe Systems Incorporated) Hidden
Portal (Version:  - Valve)
Portal 2 (Version:  - Valve)
PSPad editor (Version:  - Jan Fiala)
PunkBuster Services (Version: 0.986 - Even Balance, Inc.)
QuickTime (Version: 7.74.80.86 - Apple Inc.)
RAGE (Version:  - id Software)
Realtek Ethernet Controller  Driver (Version: 1.00.0008 - Realtek)
Red Faction Guerrilla (Version: 1.00.0000 - Volition Inc.)
Red Faction Guerrilla (Version: 1.00.0000 - Volition Inc.) Hidden
Red Faction: Armageddon (Version:  - Volition)
Rise of the Triad (Version:  - Interceptor Entertainment)
RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition (Version: v2.24 MSI Master Overclocking Arena 2009 edition - Alexey Nicolaychuk)
Saitek SD6 Programming Software 6.7.5.2 (Version: 6.7.5.2 - Saitek)
Samsung Mobile phone USB driver Drive Software (Version:  - )
Samsung New PC Studio (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
Samsung New PC Studio USB Driver Installer (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio USB Driver Installer (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (Version: 1.3.650.0 - SAMSUNG Electronics Co., Ltd.)
SamsungConnectivityCableDriver (Version: 6.83.6.2.1 - Samsung)
Scan2PDF 1.6 (Version:  - Koma-Code)
Sine Mora (Version:  - )
Sins of a Solar Empire - Diplomacy (Version:  - Stardock Corporation)
Sins of a Solar Empire - Entrenchment (Version:  - Stardock Corporation)
Sins of a Solar Empire (Version:  - Stardock Corporation)
Sins of a Solar Empire: Rebellion Beta (Version:  - )
Skype Click to Call (Version: 6.3.11079 - Skype Technologies S.A.)
Skype™ 6.11 (Version: 6.11.102 - Skype Technologies S.A.)
Sound Blaster X-Fi (Version: 1.0 - )
Star Conflict (Version:  - )
Star Wars(TM): Knights of the Old Republic (TM) (Version:  - )
Steam (Version: 1.0.0.0 - Valve Corporation)
Strike Suit Zero (Version:  - )
Suite Shared Configuration CS4 (Version: 1.0 - Adobe Systems Incorporated) Hidden
SweetIM for Messenger 3.6 (Version: 3.6.0007 - SweetIM Technologies Ltd.) <==== ATTENTION
SweetPacks Toolbar for Internet Explorer 4.4 (Version: 4.4.0001 - SweetIM Technologies Ltd.) <==== ATTENTION
TeamSpeak 2 RC2 (Version: 2.0.32.60 - Dominating Bytes Design)
TeamSpeak 3 Client (Version: 3.0.13.1 - TeamSpeak Systems GmbH)
TeamViewer 9 (Version: 9.0.24951 - TeamViewer)
The Bureau: XCOM Declassified (Version:  - 2K Marin)
The Elder Scrolls Online Beta (Version: 0.3.4 - )
The Elder Scrolls V: Skyrim (Version:  - Bethesda Game Studios)
Thief - Deadly Shadows (Version: 1.0 - )
Tomb Raider (Version:  - Crystal Dynamics)
Tweaking.com - Windows Repair (All in One) (Version: 2.3.0 - Tweaking.com)
Ubisoft Game Launcher (Version: 1.0.0.0 - UBISOFT)
UFO Aftermath (Version: 1.4 - )
UFO Aftershock (Version: 1.0 - )
UFO Aftershock Patch 1.2.1 (Version:  - 1C Publishing EU)
UFO: Afterlight (Version:  - Altar Games)
Uniblue DriverScanner (Version: 4.0.3.4 - Uniblue Systems Ltd)
Unity Web Player (HKCU Version:  - Unity Technologies ApS)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (Version: 3 - Microsoft Corporation)
Update Manager B09.0908.1 (Version: 1.00.0000 - GIGABYTE)
Update Manager B09.0908.1 (Version: 1.00.0000 - GIGABYTE) Hidden
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.0.8 (Version: 2.0.8 - VideoLAN)
Warhammer 40,000 Space Marine (Version:  - Relic)
Warhammer® 40,000®: Dawn of War® II – Retribution™ (Version:  - Relic)
Warhammer® 40,000™: Dawn of War® II (Version:  - Relic)
WinAce Archiver (Version: 2.69 - e-merge GmbH)
Windows Live Communications Platform (Version: 14.0.8098.930 - Microsoft Corporation) Hidden
Windows Live Essentials (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Mail (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd  (10/12/2007 6.85.4.0) (Version: 10/12/2007 6.85.4.0 - Nokia)
WinRAR (Version:  - )
World of Logs Client (4.2) (HKCU Version:  - Digibites Technology)
World of Warcraft (Version:  - Blizzard Entertainment)
XCOM: Enemy Unknown (Version:  - Firaxis Games)

==================== Restore Points  =========================

11-02-2014 17:14:59 Windows Update
11-02-2014 19:13:31 Tweaking.com - Windows Repair
11-02-2014 22:40:54 Windows Update
12-02-2014 19:46:59 Malwarebytes Anti-Rootkit Restore Point
15-02-2014 21:17:51 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:04 - 2014-02-11 20:29 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {1550374E-B1F1-438A-9332-79E0ACA35FB7} - \At1 No Task File
Task: {2EC1CB48-68BF-4F58-AB5A-016EE4A259D2} - System32\Tasks\DriverScanner => C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe [2011-10-20] (Uniblue Systems Limited)
Task: {45FD44A8-359B-433D-B834-D0888E959F68} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {99344698-6568-444F-9F70-24F618621AF1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CA5BEFE0-E91B-41B4-A3FB-B808E63B79FC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-05] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\At1.job => C:\Windows\system32\compaact.exe
Task: C:\Windows\Tasks\DriverScanner.job => C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe

==================== Loaded Modules (whitelisted) =============

2012-11-29 22:59 - 2012-11-29 22:59 - 00093696 _____ () C:\Program Files\FileZilla\fzshellext.dll
2010-03-08 23:12 - 2010-03-15 10:28 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
2010-03-05 01:03 - 2009-02-06 17:52 - 00073728 _____ () C:\Windows\SYSTEM32\CmdRtr.DLL
2010-03-05 01:03 - 2009-03-26 13:46 - 00148480 _____ () C:\Windows\SYSTEM32\APOMngr.DLL
2011-04-24 23:13 - 2011-04-24 23:13 - 02118032 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\QtCore4.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 07008656 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\QtGui4.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 02089360 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\QtDeclarative4.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 01270160 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\QtScript4.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 00192912 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\QtSql4.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 00758160 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\QtNetwork4.dll
2011-04-20 19:56 - 2011-04-20 19:56 - 00025088 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll
2012-07-10 19:22 - 2012-05-14 11:43 - 00043008 _____ () C:\Maus_M90\hidGetKey.dll
2013-02-13 03:37 - 2013-02-13 03:37 - 01263952 _____ () C:\Program Files\DivX\DivX Update\DivXUpdate.exe
2013-02-13 03:38 - 2013-02-13 03:38 - 00100688 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
2010-03-05 01:04 - 2006-06-09 14:20 - 00003072 _____ () C:\Windows\CTXFIGER.DLL
2011-01-01 10:54 - 2011-08-27 00:16 - 03077528 _____ () C:\Program Files\Pando Networks\Media Booster\PMB.exe
2013-07-11 15:46 - 2013-07-11 15:46 - 00583488 _____ () C:\Program Files\HiSuite\HiSuite.exe
2013-07-11 15:47 - 2013-07-11 15:47 - 00634176 _____ () C:\Program Files\HiSuite\core.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 00302912 _____ () C:\Program Files\HiSuite\sdk.dll
2013-07-11 15:48 - 2013-07-11 15:48 - 00017832 _____ () C:\Program Files\HiSuite\mingwm10.dll
2013-07-11 15:48 - 2013-07-11 15:48 - 00049472 _____ () C:\Program Files\HiSuite\libgcc_s_dw2-1.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 02421568 _____ () C:\Program Files\HiSuite\QtCore4.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 00911168 _____ () C:\Program Files\HiSuite\QtNetwork4.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 07723328 _____ () C:\Program Files\HiSuite\QtGui4.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 12326208 _____ () C:\Program Files\HiSuite\QtWebKit4.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 00262464 _____ () C:\Program Files\HiSuite\phonon4.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 00855872 _____ () C:\Program Files\HiSuite\Proxy.DLL
2013-07-11 15:47 - 2013-07-11 15:47 - 00764224 _____ () C:\Program Files\HiSuite\Common.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 00535360 _____ () C:\Program Files\HiSuite\Trace.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 00596288 _____ () C:\Program Files\HiSuite\PluginContainer.dll
2013-07-11 15:47 - 2013-07-11 15:47 - 01475392 _____ () C:\Program Files\HiSuite\AtComm.dll
2013-07-11 15:47 - 2013-07-11 15:47 - 00759616 _____ () C:\Program Files\HiSuite\AddrBookSrvPlugin.dll
2013-07-11 15:50 - 2013-07-11 15:50 - 00751424 _____ () C:\Program Files\HiSuite\vCardvCalPlugin.dll
2013-07-11 15:47 - 2013-07-11 15:47 - 00105792 _____ () C:\Program Files\HiSuite\CryptPlugin.dll
2013-07-11 15:47 - 2013-07-11 15:47 - 00586560 _____ () C:\Program Files\HiSuite\CalendarPlugin.dll
2013-07-11 15:50 - 2013-07-11 15:50 - 00558400 _____ () C:\Program Files\HiSuite\XCodec.dll
2013-07-11 15:47 - 2013-07-11 15:47 - 00953664 _____ () C:\Program Files\HiSuite\DeviceAppPlugin.dll
2013-07-11 15:46 - 2013-07-11 15:46 - 00635200 _____ () C:\Program Files\HiSuite\ADB.dll
2013-07-11 15:48 - 2013-07-11 15:48 - 00504640 _____ () C:\Program Files\HiSuite\OSPowerMgr.dll
2013-07-11 15:50 - 2013-07-11 15:50 - 00768832 _____ () C:\Program Files\HiSuite\XObex.dll
2013-07-11 15:48 - 2013-07-11 15:48 - 00070976 _____ () C:\Program Files\HiSuite\obex.dll
2013-07-11 15:47 - 2013-07-11 15:47 - 00613184 _____ () C:\Program Files\HiSuite\ADBAdapt.dll
2013-07-11 15:48 - 2013-07-11 15:48 - 00637760 _____ () C:\Program Files\HiSuite\OSAdapt.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 00108864 _____ () C:\Program Files\HiSuite\SmsSrvPlugin.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 00687936 _____ () C:\Program Files\HiSuite\SmsAppPlugin.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 00844608 _____ () C:\Program Files\HiSuite\SyncPlugin.dll
2013-07-11 15:47 - 2013-07-11 15:47 - 00540480 _____ () C:\Program Files\HiSuite\APKManagerPlugin.dll
2013-07-11 15:48 - 2013-07-11 15:48 - 00572736 _____ () C:\Program Files\HiSuite\MusicPlaySrvPlugin.dll
2013-07-11 15:48 - 2013-07-11 15:48 - 00551744 _____ () C:\Program Files\HiSuite\ImageMgrSrvPlugin.dll
2013-07-11 15:50 - 2013-07-11 15:50 - 00089408 _____ () C:\Program Files\HiSuite\plugins\imageformats\qgif4.dll
2013-07-11 15:50 - 2013-07-11 15:50 - 00088384 _____ () C:\Program Files\HiSuite\plugins\imageformats\qico4.dll
2013-07-11 15:50 - 2013-07-11 15:50 - 00198464 _____ () C:\Program Files\HiSuite\plugins\imageformats\qjpeg4.dll
2013-07-11 15:50 - 2013-07-11 15:50 - 00357184 _____ () C:\Program Files\HiSuite\plugins\imageformats\qmng4.dll
2013-07-11 15:50 - 2013-07-11 15:50 - 00078656 _____ () C:\Program Files\HiSuite\plugins\imageformats\qsvg4.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 00305984 _____ () C:\Program Files\HiSuite\QtSvg4.dll
2013-07-11 15:50 - 2013-07-11 15:50 - 00376640 _____ () C:\Program Files\HiSuite\plugins\imageformats\qtiff4.dll
2013-07-11 15:50 - 2013-07-11 15:50 - 00253248 _____ () C:\Program Files\HiSuite\XFramePlugin.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 00332096 _____ () C:\Program Files\HiSuite\QtXml4.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 00222016 _____ () C:\Program Files\HiSuite\QtSql4.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 00147264 _____ () C:\Program Files\HiSuite\StatusBarMgrPlugin.dll
2013-07-11 15:47 - 2013-07-11 15:47 - 01233216 _____ () C:\Program Files\HiSuite\AddrBookUIPlugin.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 00208704 _____ () C:\Program Files\HiSuite\SettingUIPlugin.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 00170304 _____ () C:\Program Files\HiSuite\RelationPlugin.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 01483072 _____ () C:\Program Files\HiSuite\SMSUIPlugin.dll
2013-07-11 15:47 - 2013-07-11 15:47 - 00598336 _____ () C:\Program Files\HiSuite\CalendarUIPlugin.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 00273216 _____ () C:\Program Files\HiSuite\TaskUIPlugin.dll
2013-07-11 15:47 - 2013-07-11 15:47 - 00222528 _____ () C:\Program Files\HiSuite\DownLoadPlugin.dll
2013-07-11 15:48 - 2013-07-11 15:48 - 00106816 _____ () C:\Program Files\HiSuite\NotifyServicePlugin.dll
2013-07-11 15:48 - 2013-07-11 15:48 - 01455936 _____ () C:\Program Files\HiSuite\ImExportUIPlugin.dll
2013-07-11 15:47 - 2013-07-11 15:47 - 00159040 _____ () C:\Program Files\HiSuite\GmailOperation.DLL
2013-07-11 15:48 - 2013-07-11 15:48 - 00993600 _____ () C:\Program Files\HiSuite\libxml2.dll
2013-07-11 15:50 - 2013-07-11 15:50 - 00084288 _____ () C:\Program Files\HiSuite\zlib1.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 00211264 _____ () C:\Program Files\HiSuite\Outlook.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 00137536 _____ () C:\Program Files\HiSuite\OutlookExpress.dll
2013-07-11 15:48 - 2013-07-11 15:48 - 00119616 _____ () C:\Program Files\HiSuite\LayoutPlugin.dll
2013-07-11 15:48 - 2013-07-11 15:48 - 00227136 _____ () C:\Program Files\HiSuite\ModuleTreePlugin.dll
2013-07-11 15:48 - 2013-07-11 15:48 - 00274752 _____ () C:\Program Files\HiSuite\HomeUIPlugin.dll
2013-07-11 15:47 - 2013-07-11 15:47 - 00897344 _____ () C:\Program Files\HiSuite\AppManagerUIPlugin.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 01560896 _____ () C:\Program Files\HiSuite\QtScript4.dll
2013-07-11 15:48 - 2013-07-11 15:48 - 01182528 _____ () C:\Program Files\HiSuite\MusicMgrUIPlugin.dll
2013-07-11 15:48 - 2013-07-11 15:48 - 00713024 _____ () C:\Program Files\HiSuite\ImageMgrUIPlugin.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 00239424 _____ () C:\Program Files\HiSuite\ScreenShotUIPlugin.dll
2013-07-11 15:50 - 2013-07-11 15:50 - 02308928 _____ () C:\Program Files\HiSuite\UpdateUIPlugin.dll
2013-07-11 15:48 - 2013-07-11 15:48 - 00087360 _____ () C:\Program Files\HiSuite\HWEMUIEditToolsUIPlugin.dll
2013-07-11 15:48 - 2013-07-11 15:48 - 00083264 _____ () C:\Program Files\HiSuite\LogoPlugin.dll
2013-07-11 15:47 - 2013-07-11 15:47 - 00916288 _____ () C:\Program Files\HiSuite\DeviceMgrUIPlugin.dll
2013-07-11 15:49 - 2013-07-11 15:49 - 00552768 _____ () C:\Program Files\HiSuite\SyncUIPlugin.dll
2013-07-11 15:47 - 2013-07-11 15:47 - 02282304 _____ () C:\Program Files\HiSuite\BackUpUIPlugin.dll
2013-07-11 15:48 - 2013-07-11 15:48 - 00203584 _____ () C:\Program Files\HiSuite\MenuMgrPlugin.dll
2013-07-11 15:50 - 2013-07-11 15:50 - 00364864 _____ () C:\Program Files\HiSuite\WebKitUIPlugin.dll
2013-07-11 15:48 - 2013-07-11 15:48 - 00171328 _____ () C:\Program Files\HiSuite\KuwoWebUIPlugin.dll
2013-07-11 15:50 - 2013-07-11 15:50 - 00832320 _____ () C:\Program Files\HiSuite\UpdateSrvPlugin.dll
2014-01-21 18:57 - 2014-01-14 20:46 - 03140608 _____ () C:\Users\ml\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2013-10-22 22:42 - 2013-07-11 15:50 - 00821568 _____ () C:\Users\ml\AppData\Local\HiSuite\userdata\hwtools\hwtransport.exe
2014-02-15 12:16 - 2014-02-06 18:04 - 03583600 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: AODDriver4.01
Description: AODDriver4.01
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: AODDriver4.01
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/15/2014 10:26:11 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: ProfilerU.exe, Version: 6.7.5.2, Zeitstempel: 0x4aaa3efd
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00381874
ID des fehlerhaften Prozesses: 0x105c
Startzeit der fehlerhaften Anwendung: 0xProfilerU.exe0
Pfad der fehlerhaften Anwendung: ProfilerU.exe1
Pfad des fehlerhaften Moduls: ProfilerU.exe2
Berichtskennung: ProfilerU.exe3

Error: (02/15/2014 10:01:14 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80040154, Klasse nicht registriert
.


Vorgang:
   Generator wird abonniert

Kontext:
   Generatorklassen-ID: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Generatorname: WMI Writer
   Generatorinstanz-ID: {828bf9ee-08b7-401d-b79d-69d30233d473}

Error: (02/15/2014 10:01:14 PM) (Source: VSS) (User: )
Description: Fehler im Volumenschattenkopie-Dienst: Eine vom Volumenschattenkopie-Dienst benötigte kritische Komponente ist nicht registriert.
Dies kann geschehen, wenn bei der Windows-Installation oder bei der Installation eines Schattenkopieanbieters ein Fehler aufgetreten ist.
Der von CoCreateInstance für die Klasse mit CLSID "{4e14fba2-2e22-11d1-9964-00c04fbbb345}" und dem Namen "CEventSystem" zurückgegebene Fehler ist [0x80040154, Klasse nicht registriert
].


Vorgang:
   Generator wird abonniert

Kontext:
   Generatorklassen-ID: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Generatorname: WMI Writer
   Generatorinstanz-ID: {828bf9ee-08b7-401d-b79d-69d30233d473}

Error: (02/15/2014 10:01:14 PM) (Source: Windows Search Service) (User: )
Description: Plug-In in <Search.MapPI> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	(HRESULT : 0x80040154) (0x80040154)

Error: (02/15/2014 10:01:06 PM) (Source: SecurityCenter) (User: )
Description: Das Windows-Sicherheitscenter konnte keine Ereignisabfragen mit der WMI herstellen, um Antiviren, AntiSpyware- und Firewallprogramme von Drittanbietern zu überwachen.

Error: (02/15/2014 09:42:47 PM) (Source: WinMgmt) (User: )
Description: 0x80041014

Error: (02/15/2014 09:42:42 PM) (Source: Windows Search Service) (User: )
Description: Der Index kann nicht initialisiert werden.


Details:
	(HRESULT : 0x80040154) (0x80040154)

Error: (02/15/2014 09:42:42 PM) (Source: Windows Search Service) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung


Details:
	(HRESULT : 0x80040154) (0x80040154)

Error: (02/15/2014 09:42:42 PM) (Source: Windows Search Service) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	(HRESULT : 0x80040154) (0x80040154)

Error: (02/15/2014 09:42:39 PM) (Source: Windows Search Service) (User: )
Description: Plug-In in <Search.MapPI> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	(HRESULT : 0x80040154) (0x80040154)


System errors:
=============
Error: (02/15/2014 10:25:07 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.01" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%3

Error: (02/15/2014 10:11:49 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.01" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%3

Error: (02/15/2014 10:01:22 PM) (Source: DCOM) (User: )
Description: {DCAB0989-1301-4319-BE5F-ADE89F88581C}

Error: (02/15/2014 10:00:54 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Skype Updater erreicht.

Error: (02/15/2014 10:00:53 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Media Center-Planerdienst erreicht.

Error: (02/15/2014 10:00:53 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Media Center-Empfängerdienst erreicht.

Error: (02/15/2014 10:00:53 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.01" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%3

Error: (02/15/2014 10:00:52 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Benachrichtigungsdienst für Systemereignisse" ist vom Dienst "COM+-Ereignissystem" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%0

Error: (02/15/2014 10:00:53 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{89115307-8248-448F-ADA0-F3F3718A9B2A}Nicht verfügbarNT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (02/15/2014 10:00:53 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{89115307-8248-448F-ADA0-F3F3718A9B2A}Nicht verfügbarNT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)


Microsoft Office Sessions:
=========================
Error: (02/15/2014 10:26:11 PM) (Source: Application Error)(User: )
Description: ProfilerU.exe6.7.5.24aaa3efdunknown0.0.0.000000000c000000500381874105c01cf2a94884c3a3fC:\Program Files\Saitek\SD6\Software\ProfilerU.exeunknownca27f059-9687-11e3-99e6-bc5ff40f2dd2

Error: (02/15/2014 10:01:14 PM) (Source: VSS)(User: )
Description: CoCreateInstance0x80040154, Klasse nicht registriert


Vorgang:
   Generator wird abonniert

Kontext:
   Generatorklassen-ID: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Generatorname: WMI Writer
   Generatorinstanz-ID: {828bf9ee-08b7-401d-b79d-69d30233d473}

Error: (02/15/2014 10:01:14 PM) (Source: VSS)(User: )
Description: {4e14fba2-2e22-11d1-9964-00c04fbbb345}CEventSystem0x80040154, Klasse nicht registriert


Vorgang:
   Generator wird abonniert

Kontext:
   Generatorklassen-ID: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Generatorname: WMI Writer
   Generatorinstanz-ID: {828bf9ee-08b7-401d-b79d-69d30233d473}

Error: (02/15/2014 10:01:14 PM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	(HRESULT : 0x80040154) (0x80040154)
Search.MapPI

Error: (02/15/2014 10:01:06 PM) (Source: SecurityCenter)(User: )
Description: 

Error: (02/15/2014 09:42:47 PM) (Source: WinMgmt)(User: )
Description: 0x80041014

Error: (02/15/2014 09:42:42 PM) (Source: Windows Search Service)(User: )
Description: 
Details:
	(HRESULT : 0x80040154) (0x80040154)

Error: (02/15/2014 09:42:42 PM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung


Details:
	(HRESULT : 0x80040154) (0x80040154)

Error: (02/15/2014 09:42:42 PM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	(HRESULT : 0x80040154) (0x80040154)

Error: (02/15/2014 09:42:39 PM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	(HRESULT : 0x80040154) (0x80040154)
Search.MapPI


==================== Memory info =========================== 

Percentage of memory in use: 56%
Total physical RAM: 3323.64 MB
Available physical RAM: 1441.06 MB
Total Pagefile: 6645.58 MB
Available Pagefile: 4453.08 MB
Total Virtual: 2047.88 MB
Available Virtual: 1913.32 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.5 GB) (Free:225.67 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 08C308C2)
Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-02-15 22:50:25
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 ST1000DM003-1CH162 rev.CC44 931,51GB
Running: Gmer-19357.exe; Driver: C:\Users\ml\AppData\Local\Temp\axldrpow.sys


---- System - GMER 2.1 ----

SSDT   \SystemRoot\system32\DRIVERS\klif.sys                                                                                 ZwAdjustPrivilegesToken [0x92472392]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys                                                                                 ZwAlpcConnectPort [0x9248D24A]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys                                                                                 ZwAlpcCreatePort [0x9248D580]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys                                                                                 ZwAlpcSendWaitReceivePort [0x9248D8F6]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys                                                                                 ZwClose [0x92472E0C]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys                                                                                 ZwConnectPort [0x9248CF32]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys                                                                                 ZwCreateEvent [0x9247337E]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys                                                                                 ZwCreateMutant [0x9247326C]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys                                                                                 ZwCreatePort [0x9248D3F0]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys                                                                                 ZwCreateSection [0x9247214E]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys                                                                                 ZwCreateSemaphore [0x92473496]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys                                                                                 ZwCreateThread [0x924729C2]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys                                                                                 ZwCreateThreadEx [0x92472B32]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys                                                                                 ZwCreateUserProcess [0x924735AE]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys                                                                                 ZwCreateWaitablePort [0x9248D4B8]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys                                                                                 ZwDebugActiveProcess [0x92473856]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys                                                                                 ZwDeviceIoControlFile [0x92472E4E]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys                                                                                 ZwDuplicateObject [0x92474858]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys                                                                                 ZwLoadDriver [0x92473948]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys                                                                                 ZwMapViewOfSection [0x92473EB4]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys                                                                                 ZwNotifyChangeKey [0x9248B722]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys                                                                                 ZwOpenEvent [0x92473410]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys                                                                                 ZwOpenMutant [0x924732F8]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys                                                                                 ZwOpenProcess [0x924725CC]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys                                                                                 ZwOpenSection [0x92473C98]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys                                                                                 ZwOpenSemaphore [0x92473528]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys                                                                                 ZwOpenThread [0x924724C0]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys                                                                                 ZwQueryDirectoryObject [0x92473664]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys                                                                                 ZwQueryObject [0x9248B91A]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys                                                                                 ZwQuerySection [0x924741DA]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys                                                                                 ZwQueueApcThread [0x92473AE8]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys                                                                                 ZwReplyPort [0x9248D6E4]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys                                                                                 ZwReplyWaitReceivePort [0x9248D632]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys                                                                                 ZwRequestWaitReplyPort [0x9248D750]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys                                                                                 ZwResumeThread [0x924746FA]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys                                                                                 ZwSecureConnectPort [0x9248D0BA]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys                                                                                 ZwSetContextThread [0x92472CAC]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys                                                                                 ZwSetInformationToken [0x92473702]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys                                                                                 ZwSetSystemInformation [0x9247432A]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys                                                                                 ZwSuspendProcess [0x9247441E]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys                                                                                 ZwSuspendThread [0x92474558]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys                                                                                 ZwSystemDebugControl [0x92473778]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys                                                                                 ZwTerminateProcess [0x9247276C]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys                                                                                 ZwTerminateThread [0x924726C2]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys                                                                                 ZwUnmapViewOfSection [0x92474092]
SSDT   \SystemRoot\system32\DRIVERS\klif.sys                                                                                 ZwWriteVirtualMemory [0x92472858]

---- Kernel code sections - GMER 2.1 ----

.text  ntkrnlpa.exe!ZwRollbackEnlistment + 142D                                                                              83A5AA15 1 Byte  [06]
.text  ntkrnlpa.exe!KiDispatchInterrupt + 5A2                                                                                83A94212 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text  ntkrnlpa.exe!KeRemoveQueueEx + 10D7                                                                                   83A9B46C 4 Bytes  [92, 23, 47, 92] {XCHG EDX, EAX; AND EAX, [EDI-0x6e]}
.text  ntkrnlpa.exe!KeRemoveQueueEx + 10FF                                                                                   83A9B494 8 Bytes  [4A, D2, 48, 92, 80, D5, 48, ...] {DEC EDX; ROR [EAX-0x6e], CL; ADC CH, 0x48; XCHG EDX, EAX}
.text  ntkrnlpa.exe!KeRemoveQueueEx + 1143                                                                                   83A9B4D8 4 Bytes  [F6, D8, 48, 92] {NEG AL; DEC EAX; XCHG EDX, EAX}
.text  ntkrnlpa.exe!KeRemoveQueueEx + 116F                                                                                   83A9B504 4 Bytes  [0C, 2E, 47, 92] {OR AL, 0x2e; INC EDI; XCHG EDX, EAX}
.text  ntkrnlpa.exe!KeRemoveQueueEx + 1193                                                                                   83A9B528 4 Bytes  [32, CF, 48, 92] {XOR CL, BH; DEC EAX; XCHG EDX, EAX}
.text  ...                                                                                                                   
.text  C:\Windows\system32\DRIVERS\atksgt.sys                                                                                section is writeable [0xAB829300, 0x3B6D8, 0xE8000020]
.text  C:\Windows\system32\DRIVERS\lirsgt.sys                                                                                section is writeable [0xAB86C300, 0x1BEE, 0xE8000020]

---- User code sections - GMER 2.1 ----

?      C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[332] C:\Windows\SYSTEM32\ntdll.dll            time/date stamp mismatch; 
.text  C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[332] ntdll.dll!NtProtectVirtualMemory         77AF5F58 5 Bytes  JMP 6AC91765 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ushata.dll
?      C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[332] C:\Windows\system32\kernel32.dll         time/date stamp mismatch; unknown module: KERNELBASE.dll
.text  C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[332] USER32.dll!NotifyWinEvent + 6AE          75F5D66C 4 Bytes  [E0, 13, 54, 67]
.text  C:\Program Files\Pando Networks\Media Booster\PMB.exe[4176] kernel32.dll!SetUnhandledExceptionFilter                  769BF4EB 5 Bytes  [33, C0, C2, 04, 00] {XOR EAX, EAX; RET 0x4}
?      C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[4592] C:\Windows\SYSTEM32\ntdll.dll           time/date stamp mismatch; 
.text  C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[4592] ntdll.dll!NtProtectVirtualMemory        77AF5F58 5 Bytes  JMP 6AC91765 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ushata.dll
?      C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[4592] C:\Windows\system32\kernel32.dll        time/date stamp mismatch; unknown module: KERNELBASE.dll
.text  C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[4592] USER32.dll!NotifyWinEvent + 6AE         75F5D66C 4 Bytes  [E0, 13, 54, 67]
.text  C:\Program Files\Mozilla Firefox\firefox.exe[4936] ntdll.dll!LdrGetProcedureAddress + 26                              77B122A9 7 Bytes  JMP 716F1FFD C:\Program Files\Mozilla Firefox\mozglue.dll
.text  C:\Program Files\Mozilla Firefox\firefox.exe[4936] kernel32.dll!K32GetDeviceDriverBaseNameW + 5D                      769B941E 7 Bytes  JMP 63DA09D3 C:\Program Files\Mozilla Firefox\xul.dll
.text  C:\Program Files\Mozilla Firefox\firefox.exe[4936] kernel32.dll!QueryPerformanceCounter + 13                          769BC425 7 Bytes  JMP 63DA098B C:\Program Files\Mozilla Firefox\xul.dll
.text  C:\Program Files\Mozilla Firefox\firefox.exe[4936] kernel32.dll!LoadAppInitDlls + 355                                 769BF4E6 7 Bytes  JMP 639B5CC6 C:\Program Files\Mozilla Firefox\xul.dll
.text  C:\Program Files\Mozilla Firefox\firefox.exe[4936] GDI32.dll!GetViewportOrgEx + 26C                                   77BF884B 7 Bytes  JMP 63DA09FA C:\Program Files\Mozilla Firefox\xul.dll

---- Registry - GMER 2.1 ----

Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001                             
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0                          0x20 0x01 0x00 0x00 ...
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew                       0x0F 0x68 0xFB 0x75 ...
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40                      
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew                0x4E 0x7F 0x91 0x7F ...
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)         
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0                              0x20 0x01 0x00 0x00 ...
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew                           0x0F 0x68 0xFB 0x75 ...
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)  
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew                    0x4E 0x7F 0x91 0x7F ...

---- EOF - GMER 2.1 ----