FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-02-2014
Ran by Nicii (ATTENTION: The logged in user is not administrator) on USER-PC on 06-02-2014 17:18:50
Running from C:\Users\Nicii\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Systweak Inc) C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Spotify Ltd) C:\Users\Nicii\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Nicii\AppData\Roaming\Spotify\spotify.exe
(Conduit) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Conduit) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
() C:\Program Files (x86)\watchmi\TvdTray.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Facebook) C:\Users\Nicii\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(SAMSUNG ELECTRONICS) C:\Program Files (x86)\Samsung\Samsung Media Studio 5\SMSTray.exe
(Iminent) C:\Program Files (x86)\Iminent\Iminent.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(Iminent) C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Users\Nicii\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
() C:\Users\Nicii\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Nicii\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Nicii\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Nicii\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IntelPAN] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-05-02] (Intel(R) Corporation)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [10372368 2011-03-30] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2294568 2010-09-03] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12661352 2011-08-01] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2264168 2011-07-13] (Realtek Semiconductor)
HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-03] (CyberLink)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] - C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [506712 2011-02-03] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310128 2013-02-13] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SMSTray] - C:\Program Files (x86)\Samsung\Samsung Media Studio 5\SMSTray.exe [132624 2007-12-14] (SAMSUNG ELECTRONICS)
HKLM-x32\...\Run: [Iminent] - C:\Program Files (x86)\Iminent\Iminent.exe [1074736 2013-01-25] (Iminent)
HKLM-x32\...\Run: [IminentMessenger] - C:\Program Files (x86)\Iminent\Iminent.Messengers.exe [884784 2013-01-25] (Iminent)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe [202328 2012-08-30] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Runonce: [MSPCLOCK] - rundll32.exe streamci,StreamingDeviceSetup {97ebaacc-95bd-11d0-a3ea-00a0c9223196},{53172480-4791-11D0-A5D6-28DB04C10000},{53172480-4791-11D0-A5D6-28DB04C10000}
HKLM\...\Runonce: [MSPQM] - rundll32.exe streamci,StreamingDeviceSetup {DDF4358E-BB2C-11D0-A42F-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196}
HKLM\...\Runonce: [MSKSSRV] - rundll32.exe streamci,StreamingDeviceSetup {96E080C7-143C-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196}
HKLM\...\Runonce: [MSTEE.CxTransform] - rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},C:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install
HKLM\...\Runonce: [MSTEE.Splitter] - rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},C:\Windows\inf\ksfilter.inf,MSTEE.Interface.Install
HKLM\...\Runonce: [WDM_DRMKAUD] - rundll32.exe streamci,StreamingDeviceSetup {EEC12DB6-AD9C-4168-8658-B03DAEF417FE},{ABD61E00-9350-47e2-A632-4438B90C6641},{FFBB6E3F-CCFE-4D84-90D9-421418B03A8E},C:\Windows\inf\WDMAUDIO.inf,WDM_DRMKAUD.Interface.Install
HKLM-x32\...\RunOnce: [SPUpdSentinel] - "C:\Program Files (x86)\Common Files\Umbrella\umbrella_bkp.exe" -SERVICEARGS=c [2894144 2013-11-11] (Iminent)
HKLM-x32\...\Runonce: [Del1584673] - cmd.exe /Q /D /c del "C:\Users\User\AppData\Local\Temp\0.del" [X]
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\klogon: C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
HKU\S-1-5-21-784739313-2177059454-3529121170-1002\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-10-16] (Google Inc.)
HKU\S-1-5-21-784739313-2177059454-3529121170-1002\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844144 2013-02-13] (Samsung)
HKU\S-1-5-21-784739313-2177059454-3529121170-1002\...\Run: [Spotify Web Helper] - C:\Users\Nicii\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-16] (Spotify Ltd)
HKU\S-1-5-21-784739313-2177059454-3529121170-1002\...\Run: [Facebook Update] - C:\Users\Nicii\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-09-03] (Facebook Inc.)
HKU\S-1-5-21-784739313-2177059454-3529121170-1002\...\Run: [Spotify] - C:\Users\Nicii\AppData\Roaming\Spotify\spotify.exe [6118400 2014-01-16] (Spotify Ltd)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [1350944 2014-02-03] (Conduit)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [1046816 2014-02-03] (Conduit)
AppInit_DLLs-x32: C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL => File Not Found
Startup: C:\Users\Nicii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
ShortcutTarget: Facebook Messenger.lnk -> C:\Users\Nicii\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (Facebook)
Startup: C:\Users\Nicii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=d1237141-d41b-ce7e-667c-57a16086ecd0&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=25/08/2013&type=hp1000
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=d1237141-d41b-ce7e-667c-57a16086ecd0&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=25/08/2013&type=hp1000
HKCU\Software\Microsoft\Internet Explorer\Main,start page = about:blank
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=d1237141-d41b-ce7e-667c-57a16086ecd0&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=25/08/2013&type=hp1000
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=d1237141-d41b-ce7e-667c-57a16086ecd0&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=25/08/2013&type=hp1000
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
BHO: Yahoo Community Smartbar (by Linkury)Engine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\x64\ievkbd.dll (Kaspersky Lab ZAO)
BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner64.dll (Google Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\x64\klwtbbho.dll (Kaspersky Lab ZAO)
BHO: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: No Name - {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} - No File
BHO-x32: Yahoo Community Smartbar (by Linkury)Engine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ievkbd.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll (Google Inc.)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: IMinent WebBooster (BHO) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll (SIEN)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Nicii\AppData\Roaming\Mozilla\Firefox\Profiles\goo5etm1.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: facebook.com/fbDesktopPlugin - C:\Users\Nicii\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF Extension: No Name - C:\Users\Nicii\AppData\Roaming\Mozilla\Firefox\Profiles\goo5etm1.default\Extensions\staged [2014-02-01]
FF Extension: Iminent - C:\Users\Nicii\AppData\Roaming\Mozilla\Firefox\Profiles\goo5etm1.default\Extensions\webbooster@iminent.com.xpi [2014-01-23]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\FFExt\virtualKeyboard@kaspersky.ru
FF Extension: Virtuelle Tastatur - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\FFExt\virtualKeyboard@kaspersky.ru [2013-04-19]
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\FFExt\KavAntiBanner@Kaspersky.ru
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\FFExt\KavAntiBanner@Kaspersky.ru [2013-04-19]
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\FFExt\linkfilter@kaspersky.ru
FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\FFExt\linkfilter@kaspersky.ru [2013-04-19]
FF HKCU\...\Firefox\Extensions: [happylyrics@hpyproductions.net] - C:\Program Files (x86)\HappyLyrics\FF\
Chrome:
=======
CHR HomePage: hxxp://www.google.com/ig/redirectdomain?brand=MDNE&bmod=MDNE
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (Skype Click to Call) - C:\Users\Nicii\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\npSkypeChromePlugin.dll (Skype Technologies S.A.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.260.3) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U26) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll No File
CHR Extension: (Lila Blüten(Non-Aero)) - C:\Users\Nicii\AppData\Local\Google\Chrome\User Data\Default\Extensions\apifmdobolibbidmcdlofnnenabonodd [2014-01-02]
CHR Extension: (YouTube) - C:\Users\Nicii\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-10-18]
CHR Extension: (Google-Suche) - C:\Users\Nicii\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-10-18]
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\Nicii\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2013-04-19]
CHR Extension: (AdBlock) - C:\Users\Nicii\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-02-01]
CHR Extension: (Virtuelle Tastatur) - C:\Users\Nicii\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2013-04-19]
CHR Extension: (Skype Click to Call) - C:\Users\Nicii\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-10-18]
CHR Extension: (Google Wallet) - C:\Users\Nicii\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR Extension: (Google Mail) - C:\Users\Nicii\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-10-18]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ChromeExt\urladvisor.crx [2012-08-30]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ChromeExt\virtkbd.crx [2012-08-30]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-10-02]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ChromeExt\ab.crx [2012-08-30]
==================== Services (Whitelisted) =================
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe [202328 2012-08-30] (Kaspersky Lab ZAO)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2317600 2014-02-03] (Conduit)
R2 CSObjectsSrv; C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [743992 2009-12-21] (Infowatch)
R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] ()
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2010-12-14] ()
R2 SProtection; C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe [2905408 2013-11-21] (Iminent)
S2 watchmi; C:\Program Files (x86)\watchmi\TvdService.exe [62464 2010-12-06] ()
==================== Drivers (Whitelisted) ====================
R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [85048 2009-12-14] (Infowatch)
R1 CSVirtualDiskDrv; C:\Windows\System32\DRIVERS\CSVirtualDiskDrv.sys [66104 2009-12-14] (Infowatch)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [165504 2011-08-10] (ITE )
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [458032 2011-10-20] (Kaspersky Lab ZAO)
R1 kl2; C:\Windows\System32\DRIVERS\kl2.sys [13616 2011-10-20] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [636760 2013-04-19] (Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29488 2011-03-10] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [22544 2009-11-02] (Kaspersky Lab)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 mod7764; C:\Windows\System32\DRIVERS\mod77-64.sys [1077416 2010-09-16] (DiBcom SA)
S3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [15896 2009-05-13] (X10 Wireless Technology, Inc.)
S3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [32792 2009-05-13] (X10 Wireless Technology, Inc.)
S3 L1C; system32\DRIVERS\L1C62x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-06 17:18 - 2014-02-06 17:19 - 00025845 _____ () C:\Users\Nicii\Downloads\FRST.txt
2014-02-06 17:18 - 2014-02-06 17:18 - 02082304 _____ (Farbar) C:\Users\Nicii\Downloads\FRST64.exe
2014-02-06 16:29 - 2014-02-06 16:29 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-06 16:29 - 2014-02-06 16:29 - 00000000 ____D () C:\Users\Nicii\AppData\Roaming\Malwarebytes
2014-02-06 16:29 - 2014-02-06 16:29 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-06 16:29 - 2014-02-06 16:29 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-06 16:29 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-06 16:16 - 2014-02-06 16:18 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Nicii\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-06 15:55 - 2014-02-06 16:03 - 00001426 _____ () C:\Users\Nicii\Desktop\Registry kostenlos entrümpeln!.lnk
2014-02-04 20:16 - 2014-02-05 20:33 - 00027868 _____ () C:\Users\Nicii\Documents\Karikatur PoWi.odt
2014-01-31 23:59 - 2014-01-31 23:59 - 00000000 ____D () C:\Users\Nicii\AppData\Local\Macromedia
2014-01-30 22:11 - 2014-01-30 22:15 - 30552288 _____ () C:\Users\Nicii\Downloads\KnuddelsJavaUpdater.exe
2014-01-28 23:29 - 2014-02-06 17:18 - 00000000 ____D () C:\FRST
2014-01-23 20:13 - 2014-01-23 20:24 - 05275648 _____ () C:\Users\Nicii\Downloads\video verusch 3.wmv
2014-01-23 20:10 - 2014-01-23 20:10 - 00000000 ____D () C:\Users\Nicii\voip
2014-01-23 20:06 - 2014-01-23 20:13 - 00000000 ____D () C:\Users\Nicii\AppData\Roaming\ICQ-Profile
2014-01-21 00:33 - 2014-01-21 00:33 - 00000000 ____D () C:\Users\Nicii\AppData\Local\Mozilla
2014-01-20 21:59 - 2014-01-20 21:59 - 00000000 ____D () C:\Users\Nicii\AppData\Roaming\Systweak
2014-01-19 22:10 - 2014-01-19 22:10 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-01-19 22:10 - 2014-01-19 22:10 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-01-19 15:57 - 2014-01-19 15:57 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-19 15:57 - 2014-01-19 15:56 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-19 15:56 - 2014-01-19 15:56 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-19 15:56 - 2014-01-19 15:56 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-19 15:56 - 2014-01-19 15:56 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-19 14:23 - 2014-01-20 23:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-01-19 14:18 - 2014-01-25 23:38 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-18 19:56 - 2014-01-30 18:33 - 00026042 _____ () C:\Users\Nicii\Documents\Praktikumsbericht.odt
2014-01-18 00:18 - 2014-02-02 20:09 - 00009031 _____ () C:\Users\Nicii\daemonprocess.txt
2014-01-16 21:04 - 2014-01-21 00:33 - 00000000 ____D () C:\Users\Nicii\AppData\Roaming\Mozilla
2014-01-16 21:04 - 2014-01-16 21:04 - 00000000 ____D () C:\ProgramData\Mozilla
2014-01-16 21:02 - 2014-02-06 17:02 - 00000288 _____ () C:\Windows\Tasks\UpdaterEX.job
2014-01-16 21:02 - 2014-02-05 21:02 - 00000282 _____ () C:\Windows\Tasks\RegClean Pro_UPDATES.job
2014-01-16 21:02 - 2014-02-02 23:08 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-01-16 21:02 - 2014-02-02 15:01 - 00000274 _____ () C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2014-01-16 21:01 - 2014-02-02 23:07 - 00000000 ____D () C:\Program Files (x86)\Mobogenie
2014-01-16 21:01 - 2014-01-16 21:01 - 00000000 ____D () C:\Program Files (x86)\RegClean Pro
2014-01-16 21:01 - 2013-12-27 18:10 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe
2014-01-16 20:57 - 2014-02-02 18:14 - 00000000 ____D () C:\Program Files (x86)\Amazon
2014-01-15 20:23 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 20:23 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 20:23 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 20:23 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 20:23 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 20:23 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 20:23 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 20:23 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 20:23 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-15 20:20 - 2014-01-15 20:20 - 00000000 ____D () C:\Windows\SysWOW64\SearchProtect
2014-01-09 00:24 - 2014-01-09 00:24 - 00000000 ____D () C:\Users\Nicii\AppData\Local\SearchProtect
2014-01-09 00:23 - 2014-02-03 19:05 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-01-08 13:24 - 2014-01-08 13:24 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log
2014-01-08 13:24 - 2014-01-08 13:24 - 00000000 ____D () C:\Users\Public\Documents\CrashDump
==================== One Month Modified Files and Folders =======
2014-02-06 17:19 - 2014-02-06 17:18 - 00025845 _____ () C:\Users\Nicii\Downloads\FRST.txt
2014-02-06 17:18 - 2014-02-06 17:18 - 02082304 _____ (Farbar) C:\Users\Nicii\Downloads\FRST64.exe
2014-02-06 17:18 - 2014-01-28 23:29 - 00000000 ____D () C:\FRST
2014-02-06 17:17 - 2009-07-14 05:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-06 17:17 - 2009-07-14 05:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-06 17:02 - 2014-01-16 21:02 - 00000288 _____ () C:\Windows\Tasks\UpdaterEX.job
2014-02-06 16:59 - 2013-04-12 18:46 - 00000000 ____D () C:\Users\Nicii\AppData\Roaming\Spotify
2014-02-06 16:58 - 2013-04-19 17:46 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-02-06 16:51 - 2012-10-28 13:04 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-06 16:48 - 2012-10-16 12:07 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-06 16:48 - 2012-10-16 12:07 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-06 16:36 - 2013-09-03 18:31 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-784739313-2177059454-3529121170-1002UA.job
2014-02-06 16:29 - 2014-02-06 16:29 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-06 16:29 - 2014-02-06 16:29 - 00000000 ____D () C:\Users\Nicii\AppData\Roaming\Malwarebytes
2014-02-06 16:29 - 2014-02-06 16:29 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-06 16:29 - 2014-02-06 16:29 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-06 16:18 - 2014-02-06 16:16 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Nicii\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-06 16:11 - 2013-09-01 09:51 - 01829883 _____ () C:\Windows\WindowsUpdate.log
2014-02-06 16:03 - 2014-02-06 15:55 - 00001426 _____ () C:\Users\Nicii\Desktop\Registry kostenlos entrümpeln!.lnk
2014-02-06 16:02 - 2013-09-01 09:46 - 00027013 _____ () C:\Windows\setupact.log
2014-02-06 16:02 - 2011-08-10 20:14 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-06 16:02 - 2010-11-21 04:47 - 00507572 _____ () C:\Windows\PFRO.log
2014-02-06 16:02 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-06 15:29 - 2013-04-12 18:57 - 00000000 ____D () C:\Users\Nicii\AppData\Local\Spotify
2014-02-05 21:02 - 2014-01-16 21:02 - 00000282 _____ () C:\Windows\Tasks\RegClean Pro_UPDATES.job
2014-02-05 20:51 - 2012-10-28 13:04 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-05 20:51 - 2011-08-10 20:00 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-05 20:33 - 2014-02-04 20:16 - 00027868 _____ () C:\Users\Nicii\Documents\Karikatur PoWi.odt
2014-02-05 20:26 - 2013-09-03 18:31 - 00000906 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-784739313-2177059454-3529121170-1002Core.job
2014-02-03 22:43 - 2012-10-18 16:10 - 00000000 ____D () C:\Users\Nicii\AppData\Roaming\Skype
2014-02-03 19:52 - 2012-10-16 12:08 - 00002179 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-03 19:05 - 2014-01-09 00:23 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-02-02 23:09 - 2013-03-07 21:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-02 23:08 - 2014-01-16 21:02 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-02-02 23:07 - 2014-01-16 21:01 - 00000000 ____D () C:\Program Files (x86)\Mobogenie
2014-02-02 23:05 - 2011-08-17 13:14 - 00000000 ____D () C:\Program Files (x86)\Launch Manager
2014-02-02 23:05 - 2011-08-10 18:06 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-02 20:09 - 2014-01-18 00:18 - 00009031 _____ () C:\Users\Nicii\daemonprocess.txt
2014-02-02 19:59 - 2013-01-13 16:00 - 00000000 ____D () C:\Users\Nicii\Documents\Youcam
2014-02-02 18:14 - 2014-01-16 20:57 - 00000000 ____D () C:\Program Files (x86)\Amazon
2014-02-02 15:01 - 2014-01-16 21:02 - 00000274 _____ () C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2014-02-02 11:43 - 2013-03-07 21:24 - 00000000 ____D () C:\Program Files (x86)\HappyLyrics
2014-02-02 11:35 - 2013-02-10 19:56 - 00000000 ____D () C:\Users\Nicii\AppData\Local\CrashDumps
2014-01-31 23:59 - 2014-01-31 23:59 - 00000000 ____D () C:\Users\Nicii\AppData\Local\Macromedia
2014-01-30 22:39 - 2013-04-17 17:19 - 00000000 ____D () C:\Users\Nicii\Documents\Meine empfangenen Dateien
2014-01-30 22:15 - 2014-01-30 22:11 - 30552288 _____ () C:\Users\Nicii\Downloads\KnuddelsJavaUpdater.exe
2014-01-30 19:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-01-30 19:04 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-01-30 18:33 - 2014-01-18 19:56 - 00026042 _____ () C:\Users\Nicii\Documents\Praktikumsbericht.odt
2014-01-30 15:14 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-01-30 15:11 - 2012-10-28 00:18 - 00122880 ___SH () C:\Users\Nicii\Thumbs.db
2014-01-25 23:38 - 2014-01-19 14:18 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-23 20:24 - 2014-01-23 20:13 - 05275648 _____ () C:\Users\Nicii\Downloads\video verusch 3.wmv
2014-01-23 20:13 - 2014-01-23 20:06 - 00000000 ____D () C:\Users\Nicii\AppData\Roaming\ICQ-Profile
2014-01-23 20:10 - 2014-01-23 20:10 - 00000000 ____D () C:\Users\Nicii\voip
2014-01-23 20:10 - 2012-10-18 09:57 - 00000000 ____D () C:\Users\Nicii
2014-01-23 18:17 - 2012-10-16 12:07 - 00109544 _____ () C:\Users\Default\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-23 18:17 - 2012-10-16 12:07 - 00109544 _____ () C:\Users\Default User\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-21 00:33 - 2014-01-21 00:33 - 00000000 ____D () C:\Users\Nicii\AppData\Local\Mozilla
2014-01-21 00:33 - 2014-01-16 21:04 - 00000000 ____D () C:\Users\Nicii\AppData\Roaming\Mozilla
2014-01-20 23:48 - 2012-10-18 09:57 - 00109544 _____ () C:\Users\Nicii\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-20 23:47 - 2009-07-14 05:45 - 00434472 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-20 23:06 - 2014-01-19 14:23 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-01-20 22:04 - 2011-08-10 00:07 - 00654852 _____ () C:\Windows\system32\perfh007.dat
2014-01-20 22:04 - 2011-08-10 00:07 - 00130434 _____ () C:\Windows\system32\perfc007.dat
2014-01-20 22:04 - 2009-07-14 06:13 - 01500358 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-01-20 21:59 - 2014-01-20 21:59 - 00000000 ____D () C:\Users\Nicii\AppData\Roaming\Systweak
2014-01-19 22:10 - 2014-01-19 22:10 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-01-19 22:10 - 2014-01-19 22:10 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-01-19 15:57 - 2014-01-19 15:57 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-19 15:56 - 2014-01-19 15:57 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-19 15:56 - 2014-01-19 15:56 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-19 15:56 - 2014-01-19 15:56 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-19 15:56 - 2014-01-19 15:56 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-19 15:56 - 2011-08-10 20:01 - 00000000 ____D () C:\Program Files (x86)\Java
2014-01-19 14:23 - 2011-08-10 17:35 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-01-19 14:22 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-01-19 14:19 - 2013-01-20 20:32 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-01-19 14:19 - 2011-04-12 09:28 - 00000000 ____D () C:\Windows\ShellNew
2014-01-16 21:04 - 2014-01-16 21:04 - 00000000 ____D () C:\ProgramData\Mozilla
2014-01-16 21:01 - 2014-01-16 21:01 - 00000000 ____D () C:\Program Files (x86)\RegClean Pro
2014-01-15 20:20 - 2014-01-15 20:20 - 00000000 ____D () C:\Windows\SysWOW64\SearchProtect
2014-01-11 23:39 - 2013-08-25 15:50 - 00000000 ____D () C:\Users\Nicii\Documents\DVDVideoSoft
2014-01-09 00:24 - 2014-01-09 00:24 - 00000000 ____D () C:\Users\Nicii\AppData\Local\SearchProtect
2014-01-09 00:23 - 2013-08-25 15:49 - 00001536 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-01-09 00:23 - 2013-08-25 15:49 - 00001243 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-01-09 00:23 - 2013-08-25 15:49 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-01-08 13:24 - 2014-01-08 13:24 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log
2014-01-08 13:24 - 2014-01-08 13:24 - 00000000 ____D () C:\Users\Public\Documents\CrashDump
2014-01-07 22:35 - 2013-08-25 15:53 - 00000000 ____D () C:\ProgramData\TuneUp Software
Some content of TEMP:
====================
C:\Users\Nicii\AppData\Local\Temp\icqsetup.exe
C:\Users\Nicii\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Nicii\AppData\Local\Temp\SPSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== End Of Log ============================
--- --- ---
--- --- ---
--- --- ---
FRST Additions Logfile: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-02-2014
Ran by Nicii at 2014-02-06 17:20:25
Running from C:\Users\Nicii\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Kaspersky PURE 2.0 (Enabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AS: Kaspersky PURE 2.0 (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky PURE 2.0 (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
==================== Installed Programs ======================
Adobe AIR (x32 Version: 2.7.1.19610 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.7.1.19610 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Reader X (10.1.0) MUI (x32 Version: 10.1.0 - Adobe Systems Incorporated)
ALDI SÜD Mah Jong (x32 Version: - )
Ashampoo Burning Studio (x32 Version: 10.0.10 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander (x32 Version: 9.2.0 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer (x32 Version: 4.0.0 - Ashampoo GmbH & Co. KG)
Ashampoo Snap (x32 Version: 4.3.0 - Ashampoo GmbH & Co. KG)
Corel Graphics - Windows Shell Extension (x32 Version: 15.2.0.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 15.2.686 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.686 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Common (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Connect (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Custom Data (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - DE (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Draw (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - EN (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - ES (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Extra Content (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Filters (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - FR (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IPM (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - PHOTO-PAINT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Redist (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Setup Files (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - WT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 (x32 Version: 15.2.0.686 - Corel Corporation)
CorelDRAW Essentials X5 (x32 Version: 15.3 - Corel Corporation) Hidden
CyberLink LabelPrint (x32 Version: 2.5.3624 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.3624 - CyberLink Corp.) Hidden
CyberLink MediaEspresso (x32 Version: 6.5.1508_36229 - CyberLink Corp.)
CyberLink MediaEspresso (x32 Version: 6.5.1508_36229 - CyberLink Corp.) Hidden
CyberLink MediaShow (x32 Version: 5.1.2414 - CyberLink Corp.)
CyberLink MediaShow (x32 Version: 5.1.2414 - CyberLink Corp.) Hidden
CyberLink PhotoNow (x32 Version: 1.1.0.6904 - CyberLink Corp.)
CyberLink PhotoNow (x32 Version: 1.1.0.6904 - CyberLink Corp.) Hidden
CyberLink Power2Go (x32 Version: 7.0.0.1327 - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 7.0.0.1327 - CyberLink Corp.) Hidden
CyberLink PowerDirector (x32 Version: 8.0.4020 - CyberLink Corp.)
CyberLink PowerDirector (x32 Version: 8.0.4020 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (x32 Version: 10.0.2930.52 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.2930.52 - CyberLink Corp.) Hidden
CyberLink PowerDVD Copy (x32 Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerDVD Copy (x32 Version: 1.5.1306 - CyberLink Corp.) Hidden
CyberLink PowerProducer (x32 Version: 5.0.2.3503 - CyberLink Corp.)
CyberLink PowerProducer (x32 Version: 5.0.2.3503 - CyberLink Corp.) Hidden
CyberLink YouCam (x32 Version: 3.1.4013 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.1.4013 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Advanced Audio v2 (x32 Version: 7.2.7000.4 - Dolby Laboratories Inc)
Facebook Messenger 2.1.4814.0 (x32 Version: 2.1.4814.0 - Facebook)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.20.1230 (x32 Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
Galería de fotos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Google Chrome (x32 Version: 32.0.1700.107 - Google Inc.)
Google Earth (x32 Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (x32 Version: 7.5.4805.320 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Iminent (x32 Version: 6.4.56.0 - Iminent) <==== ATTENTION
Iminent (x32 Version: 6.4.56.0 - Iminent) Hidden <==== ATTENTION
Intel PROSet Wireless (Version: - ) Hidden
Intel PROSet Wireless (x32 Version: - ) Hidden
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 8.15.10.2462 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed (Version: 1.1.0.0157 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (Version: 1.1.0.0537 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (Version: 14.01.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (x32 Version: 10.6.0.1002 - Intel Corporation)
Intel(R) WiDi (x32 Version: 2.1.41.0 - Intel Corporation)
Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 26 (64-bit) (Version: 6.0.260 - Oracle)
Java(TM) 6 Update 26 (x32 Version: 6.0.260 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Kaspersky PURE 2.0 (x32 Version: 12.0.2.733 - Kaspersky Lab)
Kaspersky PURE 2.0 (x32 Version: 12.0.2.733 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Medion Home Cinema (x32 Version: 8.0.2608 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.2608 - CyberLink Corp.) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Mathematics (64-Bit) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Driver 269.24 (Version: 269.24 - NVIDIA Corporation)
NVIDIA Control Panel 269.24 (Version: 269.24 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 269.24 (Version: 269.24 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.265.42.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.0.23 (Version: 1.0.23 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.10.0513 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6924 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 1.0.23 - NVIDIA Corporation) Hidden
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593 - Apache Software Foundation)
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Picasa 3 (x32 Version: 3.9 - Google, Inc.)
Poczta usługi Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Raccolta foto (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6428 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (x32 Version: 6.1.7600.10010 - Realtek Semiconductor Corp.)
RegClean Pro (x32 Version: 6.21 - Systweak Inc) <==== ATTENTION
Samsung Kies (x32 Version: 2.5.0.12114_1 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.0.12114_1 - Samsung Electronics Co., Ltd.) Hidden
Samsung Media Studio 5 (x32 Version: 5.0 - Samsung)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.18.0 - SAMSUNG Electronics Co., Ltd.)
Search Protect (x32 Version: 2.9.65.0 - Conduit) <==== ATTENTION
Skype Click to Call (x32 Version: 6.3.11079 - Skype Technologies S.A.)
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
Spelling Dictionaries Support For Adobe Reader X (x32 Version: 10.0.0 - Adobe Systems Incorporated)
Spotify (HKCU Version: 0.9.7.16.g4b197456 - Spotify AB)
Synaptics Pointing Device Driver (Version: 15.1.12.0 - Synaptics Incorporated)
TI USB 3.0 Host Controller Driver (x32 Version: 1.12.14.0 - Texas Instruments Inc.)
TI USB3 Host Driver (x32 Version: 1.12.14.0 - Texas Instruments Inc.) Hidden
Update for 2007 Microsoft Office System (KB967642) (x32 Version: - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32 Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (x32 Version: - Microsoft)
Versandhelfer (x32 Version: 0.9.511 - Deutsche Post AG)
Versandhelfer (x32 Version: 0.9.511 - Deutsche Post AG) Hidden
watchmi (x32 Version: 2.5.0 - Axel Springer Digital TV Guide GmbH)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Yahoo Community Smartbar (x32 Version: 1.133.66.11819 - Linkury Inc.) <==== ATTENTION
==================== Restore Points =========================
Could not list Restore Points. Check WMI.
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-784739313-2177059454-3529121170-1002Core.job => C:\Users\Nicii\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-784739313-2177059454-3529121170-1002UA.job => C:\Users\Nicii\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => ?
Task: C:\Windows\Tasks\RegClean Pro_DEFAULT.job => ?
Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => ?
Task: C:\Windows\Tasks\UpdaterEX.job => ?
==================== Loaded Modules (whitelisted) =============
2011-07-26 23:37 - 2011-07-26 23:37 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-05-02 21:41 - 2011-05-02 21:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2010-12-06 11:52 - 2010-12-06 11:52 - 00004608 _____ () C:\Program Files (x86)\watchmi\de\TvdTray.resources.dll
2012-10-16 12:07 - 2012-10-16 12:07 - 00061952 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Remote\2.5.0.5__f722db7bec59a14b\Tvd.Remote.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
Name: Ethernet-Controller
Description: Ethernet-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: RF receiver
Description: RF receiver
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/06/2014 04:00:51 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 32.0.1700.107, Zeitstempel: 0x52ed6c62
Name des fehlerhaften Moduls: SPVC32.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x52ef702a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x5c529ee8
ID des fehlerhaften Prozesses: 0x1b78
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Error: (02/06/2014 04:00:27 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 32.0.1700.107, Zeitstempel: 0x52ed6c62
Name des fehlerhaften Moduls: SPVC32.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x52ef702a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x5ca3117b
ID des fehlerhaften Prozesses: 0x1b78
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Error: (02/02/2014 11:01:31 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.
Error: (02/02/2014 10:52:02 PM) (Source: Iminent) (User: )
Description: Unexpected exception.
System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.NullReferenceException: Object reference not set to an instance of an object.
at Iminent.Mediator.Server.ApplicationService.<>c__DisplayClassa.<WarmUp>b__9(Composite composite)
--- End of inner exception stack trace ---
at System.RuntimeMethodHandle._InvokeMethodFast(IRuntimeMethodInfo method, Object target, Object[] arguments, SignatureStruct& sig, MethodAttributes methodAttributes, RuntimeType typeOwner)
at System.RuntimeMethodHandle.InvokeMethodFast(IRuntimeMethodInfo method, Object target, Object[] arguments, Signature sig, MethodAttributes methodAttributes, RuntimeType typeOwner)
at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture, Boolean skipVisibilityChecks)
at System.Delegate.DynamicInvokeImpl(Object[] args)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Int32 numArgs)
at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(Object source, Delegate method, Object args, Int32 numArgs, Delegate catchHandler)
Error: (02/02/2014 06:07:48 PM) (Source: Microsoft-Windows-RestartManager) (User: User-PC)
Description: Die Anwendung oder der Dienst "Apple Mobile Device" konnte nicht neu gestartet werden.
Error: (02/02/2014 00:28:36 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7644
Error: (02/02/2014 00:28:36 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7644
Error: (02/02/2014 00:28:36 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/02/2014 00:28:35 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6443
Error: (02/02/2014 00:28:35 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6443
System errors:
=============
Error: (02/06/2014 04:03:16 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "watchmi service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (02/06/2014 04:03:16 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst watchmi service erreicht.
Error: (02/06/2014 03:28:09 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "watchmi service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (02/06/2014 03:28:09 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst watchmi service erreicht.
Error: (02/05/2014 05:49:34 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "watchmi service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (02/05/2014 05:49:34 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst watchmi service erreicht.
Error: (02/04/2014 07:01:40 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "watchmi service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (02/04/2014 07:01:40 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst watchmi service erreicht.
Error: (02/04/2014 07:00:07 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 03.02.2014 um 22:43:45 unerwartet heruntergefahren.
Error: (02/03/2014 10:11:23 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "watchmi service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2013-03-20 18:53:24.103
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-20 18:53:24.032
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-20 18:53:21.914
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-20 18:53:21.817
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-20 18:53:19.484
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-20 18:53:19.368
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-20 18:53:16.871
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-20 18:53:16.834
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-20 18:53:14.734
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-20 18:53:14.686
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 66%
Total physical RAM: 4001.87 MB
Available physical RAM: 1350.44 MB
Total Pagefile: 8001.92 MB
Available Pagefile: 4594.27 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (Boot) (Fixed) (Total:647.54 GB) (Free:561.5 GB) NTFS
Drive d: (Recover) (Fixed) (Total:48 GB) (Free:22.11 GB) NTFS
==================== MBR & Partition Table ==================
==================== End Of Log ============================
--- --- --- |
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
