| Kurochimaru | 25.02.2014 17:50 |
Ich hoffe das ist richtig so und ich stell mich jetzt nicht völlig bescheuert an :D
Noch so nebenbei: Jetzt laufen die Bilder nicht einmal mehr im Inkognito Fenster..
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-02-2014 01
Ran by Nati (administrator) on NATI-HP on 25-02-2014 17:44:20
Running from C:\Users\Nati\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchService.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
() C:\Users\Nati\AppData\Roaming\okitspace\protect\PluginProtect.exe
() C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
() C:\Program Files (x86)\Tor\tor.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Eastman Kodak Company) C:\Windows\System32\spool\drivers\x64\3\EKAiO2MUI.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Akamai Technologies, Inc.) C:\Users\Nati\AppData\Local\Akamai\netsession_win.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Akamai Technologies, Inc.) C:\Users\Nati\AppData\Local\Akamai\netsession_win.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(FILSH Media GmbH) C:\Program Files (x86)\FILSHtray\FILSHtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
(Dropbox, Inc.) C:\Users\Nati\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Users\Nati\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Nati\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Nati\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Nati\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Nati\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Nati\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Nati\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Nati\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Nati\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Nati\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Nati\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2799912 2011-06-10] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-06-07] (IDT, Inc.)
HKLM\...\Run: [SetDefault] - C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [42808 2011-06-27] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [EKAIO2StatusMonitor] - C:\Windows\system32\spool\DRIVERS\x64\3\EKAiO2MUI.exe [3240448 2011-12-10] (Eastman Kodak Company)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-05-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-30] (Intel Corporation)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [HPQuickWebProxy] - C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [168504 2011-06-28] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [586808 2011-04-08] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2013-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [318520 2011-01-27] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Easybits Recovery] - C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-05-17] (EasyBits Software AS)
HKLM-x32\...\Run: [BambooCore] - C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646232 2011-09-27] ()
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [348664 2012-07-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-01-28] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1144517153-2922543115-1289146031-1000\...\Run: [msnmsgr] - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4280184 2012-03-08] (Microsoft Corporation)
HKU\S-1-5-21-1144517153-2922543115-1289146031-1000\...\Run: [Google Update] - C:\Users\Nati\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-04-13] (Google Inc.)
HKU\S-1-5-21-1144517153-2922543115-1289146031-1000\...\Run: [Akamai NetSession Interface] - C:\Users\Nati\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1144517153-2922543115-1289146031-1000\...\Run: [TU] - C:\Users\Nati\AppData\Roaming\SDIV 2.0\Prot\tu\tu.exe [133536 2012-10-28] ()
HKU\S-1-5-21-1144517153-2922543115-1289146031-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [18678376 2013-04-19] (Skype Technologies S.A.)
HKU\S-1-5-21-1144517153-2922543115-1289146031-1000\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1144517153-2922543115-1289146031-1000\...\Run: [DataMgr] - C:\Users\Nati\AppData\Roaming\DataMgr\DataMgr.exe [168264 2012-10-16] (HTTO Group, Ltd.)
HKU\S-1-5-21-1144517153-2922543115-1289146031-1000\...\Run: [OMESupervisor] - C:\Users\Nati\AppData\Local\omesuperv.exe [2239264 2013-12-24] ()
HKU\S-1-5-21-1144517153-2922543115-1289146031-1000\...\Run: [SCheck] - C:\Users\Nati\AppData\Roaming\SCheck\SCheck.exe [37376 2013-12-09] ()
HKU\S-1-5-21-1144517153-2922543115-1289146031-1000\...\Run: [Snoozer] - C:\Users\Nati\AppData\Roaming\Snz\Snz.exe [1209625 2013-12-24] ()
HKU\S-1-5-21-1144517153-2922543115-1289146031-1000\...\Run: [Intermediate] - C:\Users\Nati\AppData\Roaming\Intermediate\Intermediate.exe [37376 2013-12-09] ()
HKU\S-1-5-21-1144517153-2922543115-1289146031-1000\...\Run: [NextLive] - C:\Windows\SysWOW64\rundll32.exe "C:\Users\Nati\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKU\S-1-5-21-1144517153-2922543115-1289146031-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-1144517153-2922543115-1289146031-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-1144517153-2922543115-1289146031-1000\...\MountPoints2: {7a204920-ee1b-11e2-9e00-441ea1d90405} - G:\setup.exe -a
Startup: C:\Users\Nati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Nati\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Nati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.awesomehp.com/?type=hp&ts=1393264780&from=tugs&uid=HitachiXHTS547550A9E384_J21P0053H9DYHCH9DYHCX
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1393264780&from=tugs&uid=HitachiXHTS547550A9E384_J21P0053H9DYHCH9DYHCX
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1393264780&from=tugs&uid=HitachiXHTS547550A9E384_J21P0053H9DYHCH9DYHCX&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?ch_id=sk27211&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.searchgol.com/?affID=119816&babsrc=HP_ss_Btisdt7&mntrId=0E67441EA1D90405
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = �ћ�
㜛〫�耀�ћ
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1393264780&from=tugs&uid=HitachiXHTS547550A9E384_J21P0053H9DYHCH9DYHCX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1393264780&from=tugs&uid=HitachiXHTS547550A9E384_J21P0053H9DYHCH9DYHCX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1393264780&from=tugs&uid=HitachiXHTS547550A9E384_J21P0053H9DYHCH9DYHCX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.awesomehp.com/?type=hp&ts=1393264780&from=tugs&uid=HitachiXHTS547550A9E384_J21P0053H9DYHCH9DYHCX
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1393264780&from=tugs&uid=HitachiXHTS547550A9E384_J21P0053H9DYHCH9DYHCX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1393264780&from=tugs&uid=HitachiXHTS547550A9E384_J21P0053H9DYHCH9DYHCX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1393264780&from=tugs&uid=HitachiXHTS547550A9E384_J21P0053H9DYHCH9DYHCX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.awesomehp.com/?type=hp&ts=1393264780&from=tugs&uid=HitachiXHTS547550A9E384_J21P0053H9DYHCH9DYHCX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1393264780&from=tugs&uid=HitachiXHTS547550A9E384_J21P0053H9DYHCH9DYHCX&q={searchTerms}
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM-x32 - (No Name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No File
URLSearchHook: HKLM-x32 - Winload Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWinl.dll (Conduit Ltd.)
URLSearchHook: HKCU - Winload Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWinl.dll (Conduit Ltd.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.awesomehp.com/?type=sc&ts=1393264780&from=tugs&uid=HitachiXHTS547550A9E384_J21P0053H9DYHCH9DYHCX
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1393264780&from=tugs&uid=HitachiXHTS547550A9E384_J21P0053H9DYHCH9DYHCX&q={searchTerms}
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1393264780&from=tugs&uid=HitachiXHTS547550A9E384_J21P0053H9DYHCH9DYHCX&q={searchTerms}
SearchScopes: HKLM - {3BC70585-04B1-4BF3-BD1B-E829876E5EDA} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=341&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1393264780&from=tugs&uid=HitachiXHTS547550A9E384_J21P0053H9DYHCH9DYHCX&q={searchTerms}
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1393264780&from=tugs&uid=HitachiXHTS547550A9E384_J21P0053H9DYHCH9DYHCX&q={searchTerms}
SearchScopes: HKLM-x32 - {3BC70585-04B1-4BF3-BD1B-E829876E5EDA} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=341&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1393264780&from=tugs&uid=HitachiXHTS547550A9E384_J21P0053H9DYHCH9DYHCX&q={searchTerms}
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.searchgol.com/?q={searchTerms}&affID=119816&babsrc=SP_ss_Btisdt7&mntrId=0E67441EA1D90405
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1393264780&from=tugs&uid=HitachiXHTS547550A9E384_J21P0053H9DYHCH9DYHCX&q={searchTerms}
SearchScopes: HKCU - {3BC70585-04B1-4BF3-BD1B-E829876E5EDA} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - {4327FABE-3C22-4689-8DBF-D226CF777FE9} URL = hxxp://www.searchplusnetwork.com/?sp=vit4&q={searchTerms}
SearchScopes: HKCU - {46C36099-85EC-4CEF-BE80-1309B3D6FB81} URL = hxxp://search.softonic.com/MOY00009/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=0e674d10000000000000441ea1d90405&r=137
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?ch_id=sk27211&q={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://search.fbdownloader.com/search.php?channel=sfde203fbdgy21&q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=341&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredibar.com/?a=6PR4FpD2gH&loc=skw&search={searchTerms}
SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Nati\AppData\Roaming\Complitly\64\Complitly64.dll (SimplyGen)
BHO: MediaPlayerEnhance - {11111111-1111-1111-1111-110411411150} - C:\Program Files (x86)\MediaPlayerEnhance\MediaPlayerEnhance-bho64.dll (Feven)
BHO: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Nati\AppData\Roaming\Complitly\Complitly.dll (SimplyGen)
BHO-x32: MediaPlayerEnhance - {11111111-1111-1111-1111-110411411150} - C:\Program Files (x86)\MediaPlayerEnhance\MediaPlayerEnhance-bho.dll (Feven)
BHO-x32: OKitSpace Object - {3543619C-D563-43f7-95EA-4DA7E1CC396A} - C:\Windows\SysWow64\config\systemprofile\AppData\Roaming\okitSpace\IE\OkitSpace.dll ()
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Winload Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWinl.dll (Conduit Ltd.)
BHO-x32: IEAddonBHO Class - {47B614AF-B4CC-485B-B331-BE26F02ED4CC} - C:\Program Files (x86)\Internet Explorer\IEAddon.dll (APC)
BHO-x32: FBDownloader - {553318DA-D010-469E-84B1-496563CAE1BF} - C:\Users\Nati\AppData\Local\fbDownloader\Extensions\FBDownloader.dll No File
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - No Name - !{40c3cc16-7269-4b32-9531-17f2950fb06f} - No File
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - No Name - !{40c3cc16-7269-4b32-9531-17f2950fb06f} - No File
Toolbar: HKLM-x32 - No Name - {98889811-442D-49dd-99D7-DC866BE87DBC} - No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-07-15] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Chrome:
=======
CHR HomePage: hxxp://www2.delta-search.com/?affID=119816&babsrc=HP_ss&mntrId=0E67441EA1D90405
CHR Extension: (Running Fred) - C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfalcbcdebaemokjapphcfnldiogddk [2014-02-24]
CHR Extension: (Monster Dash) - C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknghehebaconkajgiobncfleofebcog [2014-02-24]
CHR Extension: (Stylish) - C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2012-12-16]
CHR Extension: (Pockie Ninja) - C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnllmdekhoodfjggoncakndldjihiiol [2014-02-24]
CHR Extension: (OfferMosquito) - C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbmdkmlcnbapgegninelmjbfibaghdmk [2013-07-23]
CHR Extension: (Subway Surfers) - C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdcgjdgfhfjfcdeljojllmljhejfmccd [2014-02-24]
CHR Extension: (Naruto Match) - C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihbdflepjfcmdandccpmmfgnpjjfgpic [2014-02-24]
CHR Extension: (Browser Helper Object) - C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkkeikdkpjenmoiicggnnodbkebafgpc [2014-02-20]
CHR Extension: (Little Alchemy) - C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2014-02-24]
CHR Extension: (MediaPlayerEnhance) - C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo [2014-02-24]
CHR Extension: (Webcam Toy) - C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2014-02-24]
CHR Extension: (Nyan Cat For Chrome) - C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnkmgffjikcoloemlppcoplajnppiihk [2014-02-24]
CHR Extension: (Google Wallet) - C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]
CHR Extension: (Mein Chrome-Design) - C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2014-02-24]
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2014-02-24]
CHR HKCU\...\Chrome\Extension: [anpiogajjmckmlehhpjnojhebaidkeod] - C:\Users\Nati\AppData\Local\CRE\anpiogajjmckmlehhpjnojhebaidkeod.crx [2012-11-19]
CHR HKCU\...\Chrome\Extension: [gbmdkmlcnbapgegninelmjbfibaghdmk] - C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\ext_offermosquito\ext_offermosquito.crx [2013-12-19]
CHR HKCU\...\Chrome\Extension: [ngnjhfpfhadncgafgbneeljaginimmmk] - C:\Users\Nati\AppData\Local\CRE\ngnjhfpfhadncgafgbneeljaginimmmk.crx [2012-09-20]
CHR HKLM-x32\...\Chrome\Extension: [anpiogajjmckmlehhpjnojhebaidkeod] - C:\Users\Nati\AppData\Local\CRE\anpiogajjmckmlehhpjnojhebaidkeod.crx [2012-11-19]
CHR HKLM-x32\...\Chrome\Extension: [ccbgjfdieajmokelnlapbedknchgenne] - C:\Users\Nati\AppData\Local\Temp\ccex.crx [2012-11-19]
CHR HKLM-x32\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Users\Nati\AppData\Roaming\BabylonToolbar\CR\BabylonChrome1.crx [2012-11-19]
CHR HKLM-x32\...\Chrome\Extension: [dlfienamagdnkekbbbocojppncdambda] - C:\Program Files (x86)\Complitly\chrome\ComplitlyChrome.crx [2012-02-22]
CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2012-02-22]
CHR HKLM-x32\...\Chrome\Extension: [fgfdfcbeamjnjdejakdidpniblllnbpg] - C:\Windows\SysWOW64\jmdp\pnte.crx [2012-02-22]
CHR HKLM-x32\...\Chrome\Extension: [hdhihajbmafmgilcciomnamcjfkdhikl] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx [2011-04-14]
CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx [2012-03-10]
CHR HKLM-x32\...\Chrome\Extension: [kkkeikdkpjenmoiicggnnodbkebafgpc] - C:\Program Files (x86)\Internet Explorer\cr_addon.crx [2012-11-12]
CHR HKLM-x32\...\Chrome\Extension: [lbidgdoiglndbjlcnnifemecdhnpeabo] - C:\Users\Nati\AppData\Roaming\okitSpace\Chrome\OKitSpace.crx [2013-12-03]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\Exts\Chrome.crx [2013-02-06]
CHR HKLM-x32\...\Chrome\Extension: [mmiopbgcekanlhpjkonogoljpfmhpkhf] - C:\Program Files (x86)\XingHaoLyrics\Chrome.crx [2013-06-03]
CHR HKLM-x32\...\Chrome\Extension: [ngnjhfpfhadncgafgbneeljaginimmmk] - C:\Users\Nati\AppData\Local\CRE\ngnjhfpfhadncgafgbneeljaginimmmk.crx [2012-09-20]
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx [2014-02-24]
CHR StartMenuInternet: Google Chrome - C:\Users\Nati\AppData\Local\Google\Chrome\Application\chrome.exe hxxp://www.awesomehp.com/?type=sc&ts=1393264780&from=tugs&uid=HitachiXHTS547550A9E384_J21P0053H9DYHCH9DYHCX
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86224 2012-07-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110032 2012-07-18] (Avira Operations GmbH & Co. KG)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-01-28] (WildTangent)
R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [508016 2014-02-20] (Cherished Technololgy LIMITED)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [138272 2012-06-16] (Symantec Corporation)
R2 srvPlgProtect; C:\Users\Nati\AppData\Roaming\okitspace\protect\PluginProtect.exe [109056 2014-01-26] ()
R2 SrvUpdater; C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe [29696 2013-11-05] ()
R2 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-09-04] ()
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [493568 2014-02-24] (Cherished Technololgy LIMITED)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98848 2012-07-18] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132832 2012-07-18] (Avira GmbH)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [27760 2012-07-18] (Avira GmbH)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\BASHDefs\20120215.001\BHDrvx64.sys [1157240 2011-12-01] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys [167072 2012-06-07] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [482936 2012-02-04] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138360 2012-02-04] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\IPSDefs\20120303.003\IDSvia64.sys [488568 2011-12-16] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\VirusDefs\20120302.017\ENG64.SYS [117880 2012-03-03] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\VirusDefs\20120302.017\EX64.SYS [2048632 2012-03-03] (Symantec Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [28416 2008-04-16] (Research In Motion Limited)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS [737952 2012-07-06] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS [37536 2012-07-06] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMDS64.SYS [451192 2011-05-16] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMEFA64.SYS [1129120 2012-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-03-27] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS [190072 2012-04-18] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS [405624 2012-04-18] (Symantec Corporation)
S3 BTCFilterService; system32\DRIVERS\motfilt.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 motccgp; system32\DRIVERS\motccgp.sys [X]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
S3 motmodem; system32\DRIVERS\motmodem.sys [X]
S3 MotoSwitchService; system32\DRIVERS\motswch.sys [X]
S3 Motousbnet; system32\DRIVERS\Motousbnet.sys [X]
S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-25 17:44 - 2014-02-25 17:44 - 00034651 _____ () C:\Users\Nati\Desktop\FRST.txt
2014-02-25 17:44 - 2014-02-25 17:44 - 00000000 ____D () C:\FRST
2014-02-25 17:44 - 2014-02-25 17:43 - 02156032 _____ (Farbar) C:\Users\Nati\Desktop\FRST64.exe
2014-02-25 17:43 - 2014-02-25 17:43 - 02156032 _____ (Farbar) C:\Users\Nati\Downloads\FRST64.exe
2014-02-25 17:24 - 2014-02-25 17:25 - 00000000 ____D () C:\Users\Nati\AppData\Local\{DF0D7EC4-AD3C-44F0-BE81-B00A7E820824}
2014-02-25 17:22 - 2014-02-25 17:22 - 00001486 _____ () C:\Windows\PFRO.log
2014-02-24 19:43 - 2014-02-24 22:09 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-24 19:43 - 2014-02-24 20:11 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-24 19:23 - 2014-02-24 19:23 - 00003110 _____ () C:\Windows\System32\Tasks\{A6C7AE68-2A02-49FB-B8C7-7EF1C80B3CD9}
2014-02-24 19:03 - 2014-02-25 17:22 - 00002404 _____ () C:\Windows\Tasks\MediaPlayerEnhance-firefoxinstaller.job
2014-02-24 19:03 - 2014-02-25 17:22 - 00001604 _____ () C:\Windows\Tasks\MediaPlayerEnhance-updater.job
2014-02-24 19:03 - 2014-02-25 17:22 - 00001560 _____ () C:\Windows\Tasks\MediaPlayerEnhance-codedownloader.job
2014-02-24 19:03 - 2014-02-25 17:22 - 00001458 _____ () C:\Windows\Tasks\MediaPlayerEnhance-enabler.job
2014-02-24 19:03 - 2014-02-24 19:03 - 00004634 _____ () C:\Windows\System32\Tasks\MediaPlayerEnhance-updater
2014-02-24 19:03 - 2014-02-24 19:03 - 00004590 _____ () C:\Windows\System32\Tasks\MediaPlayerEnhance-codedownloader
2014-02-24 19:03 - 2014-02-24 19:03 - 00004488 _____ () C:\Windows\System32\Tasks\MediaPlayerEnhance-enabler
2014-02-24 19:02 - 2014-02-25 17:22 - 00003118 _____ () C:\Windows\Tasks\MediaPlayerEnhance-chromeinstaller.job
2014-02-24 19:02 - 2014-02-24 19:03 - 00000000 ____D () C:\Program Files (x86)\MediaPlayerEnhance
2014-02-24 19:01 - 2014-02-24 19:02 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-02-24 19:01 - 2014-02-24 19:01 - 00000000 ____D () C:\Users\Nati\Documents\Optimizer Pro
2014-02-24 19:01 - 2014-02-24 19:01 - 00000000 ____D () C:\Users\Nati\AppData\Roaming\SupTab
2014-02-24 19:01 - 2014-02-24 19:01 - 00000000 ____D () C:\ProgramData\WPM
2014-02-24 19:01 - 2014-02-24 19:01 - 00000000 ____D () C:\ProgramData\IePluginService
2014-02-24 19:00 - 2014-02-24 19:24 - 00000000 ____D () C:\Users\Nati\AppData\Roaming\awesomehp
2014-02-24 18:58 - 2014-02-24 18:58 - 00000000 ____D () C:\Users\Nati\AppData\Local\SearchProtect
2014-02-24 18:58 - 2014-02-24 18:58 - 00000000 _____ () C:\END
2014-02-24 18:57 - 2014-02-24 18:57 - 00379616 _____ () C:\Users\Nati\Downloads\Setup.exe
2014-02-24 18:57 - 2014-02-24 18:57 - 00379616 _____ () C:\Users\Nati\Downloads\Setup (1).exe
2014-02-24 16:47 - 2014-02-24 16:48 - 00000000 ____D () C:\Users\Nati\AppData\Local\{B43A5BFB-8DCB-4BE0-91B1-922257E32910}
2014-02-22 18:56 - 2014-02-22 18:56 - 00000000 ____D () C:\Users\Nati\AppData\Local\{00153E18-588B-4134-9B19-17E9431AB6E7}
2014-02-20 14:11 - 2014-02-20 14:11 - 00000000 ____D () C:\Users\Nati\AppData\Local\{3193E9A0-5972-455C-90AD-75465CA0C010}
2014-02-19 19:20 - 2014-02-25 17:25 - 00000000 ___RD () C:\Users\Nati\Dropbox
2014-02-19 19:19 - 2014-02-19 19:20 - 00000000 ____D () C:\Users\Nati\AppData\Roaming\DropboxMaster
2014-02-19 19:19 - 2014-02-19 19:19 - 00000000 ____D () C:\Users\Nati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-02-19 19:18 - 2014-02-25 17:25 - 00000000 ____D () C:\Users\Nati\AppData\Roaming\Dropbox
2014-02-19 19:01 - 2014-02-19 19:05 - 36316528 _____ (Dropbox, Inc.) C:\Users\Nati\Downloads\Dropbox 2.6.7.exe
2014-02-19 18:03 - 2014-02-19 18:03 - 00000000 ____D () C:\Users\Nati\AppData\Local\{48910DD0-F51F-4AF3-96DD-AB1034DA61C9}
2014-02-18 22:46 - 2014-02-18 22:46 - 00000000 ____D () C:\Users\Nati\Desktop\Marc-Uwe-Kling_Känguru
2014-02-18 17:51 - 2014-02-18 17:51 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-18 17:44 - 2014-02-18 17:43 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-18 17:43 - 2014-02-18 17:43 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-18 17:26 - 2014-02-18 17:26 - 00342560 _____ () C:\Users\Nati\Downloads\Java.exe
2014-02-18 17:24 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-18 17:24 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-18 17:23 - 2014-02-18 17:24 - 00000000 ____D () C:\Users\Nati\AppData\Local\{A7C4CED5-1F98-492A-A841-050A4DBBCF70}
2014-02-18 17:21 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-18 17:21 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-18 17:21 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-18 17:21 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-18 17:21 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-18 17:21 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-18 17:21 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-18 17:21 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-18 17:21 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-18 17:21 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-18 17:21 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-18 17:21 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-18 17:21 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-18 17:21 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-18 17:21 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-18 17:21 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-18 17:21 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-18 17:21 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-18 17:21 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-18 17:21 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-18 17:21 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-18 17:21 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-18 17:21 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-18 17:21 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-18 17:21 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-18 17:21 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-18 17:21 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-18 17:21 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-18 17:21 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-18 17:21 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-18 17:21 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-18 17:21 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-18 17:21 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-18 17:21 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-18 17:21 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-18 17:21 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-18 17:21 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-18 17:21 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-18 17:20 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-16 01:00 - 2014-02-25 17:22 - 00000392 _____ () C:\Windows\setupact.log
2014-02-16 01:00 - 2014-02-16 01:00 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-15 00:08 - 2014-02-15 00:08 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-02-15 00:08 - 2014-02-15 00:08 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-15 00:08 - 2014-02-15 00:08 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-15 00:06 - 2014-02-15 00:06 - 03645064 _____ (Piriform Ltd) C:\Users\Nati\Downloads\ccsetup410_slim.exe
2014-02-14 22:36 - 2014-02-19 22:10 - 00000000 ____D () C:\Users\Nati\Desktop\Miau
2014-02-14 18:36 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-14 18:36 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-14 18:35 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-14 18:35 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-14 18:35 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-14 18:35 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-14 18:35 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-14 18:35 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-14 18:35 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-14 18:35 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-14 18:35 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-14 18:35 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-14 18:35 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-14 18:35 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-14 18:35 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-14 18:35 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-14 18:35 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-14 18:35 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-14 18:35 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-14 18:35 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-14 18:35 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-14 18:35 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-14 18:35 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-14 18:35 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-14 18:35 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-14 18:35 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-14 18:35 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-14 18:35 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-14 18:19 - 2014-02-14 18:20 - 00000000 ____D () C:\Users\Nati\AppData\Local\{EB557069-C7F7-490F-AC65-767E68A2D4BB}
2014-02-12 20:42 - 2014-02-12 20:42 - 00000000 ____D () C:\Users\Nati\AppData\Local\{9BA35B97-5694-4A3D-A459-E951F9429D90}
2014-02-11 16:59 - 2014-02-11 16:59 - 00000000 ____D () C:\Users\Nati\AppData\Local\{12EFE7B7-680E-4670-A300-502E0A9E37F0}
2014-02-10 11:55 - 2014-02-10 11:55 - 00000000 ____D () C:\Users\Nati\AppData\Local\{7C9ACBCC-3FD9-4739-A600-340DC99AC698}
2014-02-06 10:04 - 2014-02-06 10:05 - 00000000 ____D () C:\Users\Nati\AppData\Local\{5F1097FF-8F17-4208-B401-94C27DE3E23F}
2014-02-03 11:00 - 2014-02-03 11:00 - 00000000 ____D () C:\Users\Nati\AppData\Local\{957703DD-0D0E-4DA9-881D-90A35826479D}
2014-02-01 20:03 - 2014-02-01 20:04 - 00000000 ____D () C:\Users\Nati\AppData\Local\Quark
2014-02-01 20:02 - 2014-02-07 14:41 - 00000356 _____ () C:\Windows\Tasks\Quark Updater.job
2014-02-01 20:02 - 2014-02-01 20:02 - 00003042 _____ () C:\Windows\System32\Tasks\Quark Updater
2014-02-01 20:02 - 2014-02-01 20:02 - 00000000 ____D () C:\Users\Nati\AppData\Roaming\Quark
2014-02-01 19:58 - 2014-02-01 20:02 - 00000000 ____D () C:\ProgramData\Quark
2014-02-01 19:58 - 2014-02-01 20:02 - 00000000 ____D () C:\Program Files (x86)\Quark
2014-02-01 19:55 - 2014-02-24 19:34 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-02-01 19:36 - 2014-02-01 19:36 - 00094414 _____ () C:\Users\Nati\Downloads\image.jpeg
2014-02-01 19:13 - 2014-02-25 17:23 - 00000000 ____D () C:\Users\Nati\AppData\Roaming\newnext.me
2014-02-01 19:13 - 2014-02-24 19:25 - 00000000 ____D () C:\Users\Nati\AppData\Local\Mobogenie
2014-02-01 19:13 - 2014-02-01 19:17 - 00000000 ____D () C:\Users\Nati\AppData\Local\cache
2014-02-01 19:13 - 2014-02-01 19:13 - 00000000 ____D () C:\Users\Nati\Documents\Mobogenie
2014-02-01 19:13 - 2014-02-01 19:13 - 00000000 ____D () C:\Users\Nati\AppData\Local\genienext
2014-02-01 19:13 - 2014-02-01 19:13 - 00000000 ____D () C:\Users\Nati\.android
2014-02-01 19:13 - 2014-02-01 19:13 - 00000000 _____ () C:\Users\Nati\daemonprocess.txt
2014-02-01 18:51 - 2014-02-01 18:51 - 00401752 _____ (Softonic ) C:\Users\Nati\Downloads\SoftonicDownloader_fuer_quarkxpress.exe
2014-02-01 17:04 - 2014-02-01 17:05 - 00000000 ____D () C:\Users\Nati\AppData\Local\{EF490645-5198-431A-B109-7B4D563BAFEF}
2014-01-31 22:04 - 2014-01-31 22:04 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-01-31 21:56 - 2014-01-31 21:56 - 00003498 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Nati-HP-Nati
2014-01-31 21:54 - 2014-01-31 21:55 - 00000000 ____D () C:\Program Files (x86)\Atheros
2014-01-31 21:54 - 2014-01-31 21:54 - 00000000 ____D () C:\Windows\system32\nn-NO
2014-01-31 21:54 - 2014-01-31 21:54 - 00000000 ____D () C:\Windows\Options
2014-01-31 21:54 - 2014-01-31 21:54 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-01-31 21:54 - 2011-08-31 23:08 - 00443040 _____ (Atheros) C:\Windows\system32\athihvs.dll
2014-01-31 21:54 - 2011-08-31 23:08 - 00063648 _____ (Atheros) C:\Windows\system32\athihvui.dll
2014-01-31 21:54 - 2011-08-21 20:16 - 02769408 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\athrx.sys
2014-01-31 21:53 - 2014-01-31 21:55 - 00000184 _____ () C:\setup.log
2014-01-31 21:53 - 2014-01-31 21:53 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-01-31 21:48 - 2014-01-31 21:52 - 00000000 ____D () C:\Program Files\Adobe
2014-01-31 21:47 - 2014-01-31 21:53 - 00000000 ____D () C:\Program Files\Common Files\Adobe
==================== One Month Modified Files and Folders =======
2014-02-25 17:44 - 2014-02-25 17:44 - 00034651 _____ () C:\Users\Nati\Desktop\FRST.txt
2014-02-25 17:44 - 2014-02-25 17:44 - 00000000 ____D () C:\FRST
2014-02-25 17:43 - 2014-02-25 17:44 - 02156032 _____ (Farbar) C:\Users\Nati\Desktop\FRST64.exe
2014-02-25 17:43 - 2014-02-25 17:43 - 02156032 _____ (Farbar) C:\Users\Nati\Downloads\FRST64.exe
2014-02-25 17:42 - 2012-02-25 22:36 - 00000000 ____D () C:\Users\Nati\AppData\Roaming\Skype
2014-02-25 17:32 - 2012-04-13 15:26 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1144517153-2922543115-1289146031-1000UA.job
2014-02-25 17:30 - 2009-07-14 05:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-25 17:30 - 2009-07-14 05:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-25 17:27 - 2012-03-25 00:31 - 01508503 _____ () C:\Windows\WindowsUpdate.log
2014-02-25 17:25 - 2014-02-25 17:24 - 00000000 ____D () C:\Users\Nati\AppData\Local\{DF0D7EC4-AD3C-44F0-BE81-B00A7E820824}
2014-02-25 17:25 - 2014-02-19 19:20 - 00000000 ___RD () C:\Users\Nati\Dropbox
2014-02-25 17:25 - 2014-02-19 19:18 - 00000000 ____D () C:\Users\Nati\AppData\Roaming\Dropbox
2014-02-25 17:25 - 2012-03-10 23:07 - 00000000 ____D () C:\Users\Nati\Tracing
2014-02-25 17:25 - 2012-01-06 18:58 - 00000000 ____D () C:\Users\Nati\AppData\Local\CrashDumps
2014-02-25 17:23 - 2014-02-01 19:13 - 00000000 ____D () C:\Users\Nati\AppData\Roaming\newnext.me
2014-02-25 17:22 - 2014-02-25 17:22 - 00001486 _____ () C:\Windows\PFRO.log
2014-02-25 17:22 - 2014-02-24 19:03 - 00002404 _____ () C:\Windows\Tasks\MediaPlayerEnhance-firefoxinstaller.job
2014-02-25 17:22 - 2014-02-24 19:03 - 00001604 _____ () C:\Windows\Tasks\MediaPlayerEnhance-updater.job
2014-02-25 17:22 - 2014-02-24 19:03 - 00001560 _____ () C:\Windows\Tasks\MediaPlayerEnhance-codedownloader.job
2014-02-25 17:22 - 2014-02-24 19:03 - 00001458 _____ () C:\Windows\Tasks\MediaPlayerEnhance-enabler.job
2014-02-25 17:22 - 2014-02-24 19:02 - 00003118 _____ () C:\Windows\Tasks\MediaPlayerEnhance-chromeinstaller.job
2014-02-25 17:22 - 2014-02-16 01:00 - 00000392 _____ () C:\Windows\setupact.log
2014-02-25 17:22 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-24 22:09 - 2014-02-24 19:43 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-24 20:21 - 2012-01-04 20:39 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{5C1CD4E6-459A-4AD3-A1FF-8482958AA9B3}
2014-02-24 20:11 - 2014-02-24 19:43 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-24 20:11 - 2013-12-03 01:57 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-24 20:11 - 2011-07-15 19:33 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-24 19:45 - 2012-05-06 11:37 - 00000000 ____D () C:\Users\Nati\AppData\Local\Adobe
2014-02-24 19:34 - 2014-02-01 19:55 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-02-24 19:25 - 2014-02-01 19:13 - 00000000 ____D () C:\Users\Nati\AppData\Local\Mobogenie
2014-02-24 19:25 - 2012-01-04 20:39 - 00000000 ___RD () C:\Users\Nati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-24 19:24 - 2014-02-24 19:00 - 00000000 ____D () C:\Users\Nati\AppData\Roaming\awesomehp
2014-02-24 19:24 - 2013-10-14 17:57 - 00001425 _____ () C:\Users\Nati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-24 19:23 - 2014-02-24 19:23 - 00003110 _____ () C:\Windows\System32\Tasks\{A6C7AE68-2A02-49FB-B8C7-7EF1C80B3CD9}
2014-02-24 19:11 - 2012-10-28 17:33 - 00000000 ____D () C:\Users\Nati\AppData\Local\Conduit
2014-02-24 19:03 - 2014-02-24 19:03 - 00004634 _____ () C:\Windows\System32\Tasks\MediaPlayerEnhance-updater
2014-02-24 19:03 - 2014-02-24 19:03 - 00004590 _____ () C:\Windows\System32\Tasks\MediaPlayerEnhance-codedownloader
2014-02-24 19:03 - 2014-02-24 19:03 - 00004488 _____ () C:\Windows\System32\Tasks\MediaPlayerEnhance-enabler
2014-02-24 19:03 - 2014-02-24 19:02 - 00000000 ____D () C:\Program Files (x86)\MediaPlayerEnhance
2014-02-24 19:02 - 2014-02-24 19:01 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-02-24 19:01 - 2014-02-24 19:01 - 00000000 ____D () C:\Users\Nati\Documents\Optimizer Pro
2014-02-24 19:01 - 2014-02-24 19:01 - 00000000 ____D () C:\Users\Nati\AppData\Roaming\SupTab
2014-02-24 19:01 - 2014-02-24 19:01 - 00000000 ____D () C:\ProgramData\WPM
2014-02-24 19:01 - 2014-02-24 19:01 - 00000000 ____D () C:\ProgramData\IePluginService
2014-02-24 18:58 - 2014-02-24 18:58 - 00000000 ____D () C:\Users\Nati\AppData\Local\SearchProtect
2014-02-24 18:58 - 2014-02-24 18:58 - 00000000 _____ () C:\END
2014-02-24 18:57 - 2014-02-24 18:57 - 00379616 _____ () C:\Users\Nati\Downloads\Setup.exe
2014-02-24 18:57 - 2014-02-24 18:57 - 00379616 _____ () C:\Users\Nati\Downloads\Setup (1).exe
2014-02-24 16:48 - 2014-02-24 16:47 - 00000000 ____D () C:\Users\Nati\AppData\Local\{B43A5BFB-8DCB-4BE0-91B1-922257E32910}
2014-02-24 16:48 - 2012-01-07 01:46 - 00000000 ____D () C:\Users\Nati\AppData\Local\Windows Live
2014-02-24 16:44 - 2012-05-11 15:31 - 00000328 _____ () C:\Windows\Tasks\HPCeeScheduleForNati.job
2014-02-23 20:03 - 2011-07-16 05:07 - 00700118 _____ () C:\Windows\system32\perfh007.dat
2014-02-23 20:03 - 2011-07-16 05:07 - 00149968 _____ () C:\Windows\system32\perfc007.dat
2014-02-23 20:03 - 2009-07-14 06:13 - 01622164 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-23 14:32 - 2012-04-13 15:26 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1144517153-2922543115-1289146031-1000Core.job
2014-02-22 22:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-22 19:10 - 2012-05-11 15:31 - 00003180 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForNati
2014-02-22 19:09 - 2012-01-20 17:13 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-02-22 19:09 - 2012-01-13 16:34 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-02-22 18:56 - 2014-02-22 18:56 - 00000000 ____D () C:\Users\Nati\AppData\Local\{00153E18-588B-4134-9B19-17E9431AB6E7}
2014-02-20 21:04 - 2012-01-05 21:17 - 00000000 ____D () C:\Users\Nati\Documents\Youcam
2014-02-20 15:51 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-20 14:27 - 2012-04-13 15:26 - 00004084 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1144517153-2922543115-1289146031-1000UA
2014-02-20 14:27 - 2012-04-13 15:26 - 00003688 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1144517153-2922543115-1289146031-1000Core
2014-02-20 14:11 - 2014-02-20 14:11 - 00000000 ____D () C:\Users\Nati\AppData\Local\{3193E9A0-5972-455C-90AD-75465CA0C010}
2014-02-19 22:10 - 2014-02-14 22:36 - 00000000 ____D () C:\Users\Nati\Desktop\Miau
2014-02-19 19:22 - 2013-03-30 00:43 - 00155136 ___SH () C:\Users\Nati\Thumbs.db
2014-02-19 19:20 - 2014-02-19 19:19 - 00000000 ____D () C:\Users\Nati\AppData\Roaming\DropboxMaster
2014-02-19 19:20 - 2012-01-04 20:34 - 00000000 ____D () C:\Users\Nati
2014-02-19 19:19 - 2014-02-19 19:19 - 00000000 ____D () C:\Users\Nati\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-02-19 19:05 - 2014-02-19 19:01 - 36316528 _____ (Dropbox, Inc.) C:\Users\Nati\Downloads\Dropbox 2.6.7.exe
2014-02-19 18:03 - 2014-02-19 18:03 - 00000000 ____D () C:\Users\Nati\AppData\Local\{48910DD0-F51F-4AF3-96DD-AB1034DA61C9}
2014-02-18 22:52 - 2012-05-06 11:41 - 00000000 ____D () C:\Users\Nati\AppData\Roaming\SoftGrid Client
2014-02-18 22:47 - 2012-01-06 15:33 - 00000000 ____D () C:\Users\Nati\Desktop\♥Music♥
2014-02-18 22:46 - 2014-02-18 22:46 - 00000000 ____D () C:\Users\Nati\Desktop\Marc-Uwe-Kling_Känguru
2014-02-18 22:33 - 2013-06-26 16:40 - 00000000 ____D () C:\Program Files (x86)\osu!
2014-02-18 21:31 - 2013-02-14 15:02 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2014-02-18 21:30 - 2012-01-06 19:55 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-18 21:26 - 2012-08-11 00:15 - 00000000 ____D () C:\Users\Nati\AppData\Roaming\BrowserCompanion
2014-02-18 21:26 - 2012-08-11 00:15 - 00000000 ____D () C:\Program Files (x86)\BrowserCompanion
2014-02-18 17:51 - 2014-02-18 17:51 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-18 17:43 - 2014-02-18 17:44 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-18 17:43 - 2014-02-18 17:43 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-18 17:43 - 2012-04-20 17:35 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-18 17:43 - 2012-04-20 17:35 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-02-18 17:38 - 2013-08-15 02:03 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-18 17:36 - 2012-03-10 13:44 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-18 17:31 - 2012-05-06 11:41 - 01596444 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-18 17:26 - 2014-02-18 17:26 - 00342560 _____ () C:\Users\Nati\Downloads\Java.exe
2014-02-18 17:24 - 2014-02-18 17:23 - 00000000 ____D () C:\Users\Nati\AppData\Local\{A7C4CED5-1F98-492A-A841-050A4DBBCF70}
2014-02-16 01:38 - 2012-07-21 16:51 - 00005120 ____H () C:\Users\Nati\Desktop\photothumb.db
2014-02-16 01:00 - 2014-02-16 01:00 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-15 19:44 - 2012-10-11 22:50 - 00000000 ____D () C:\Users\Nati\Desktop\Anime Bases
2014-02-15 19:09 - 2013-11-19 22:08 - 00000000 ____D () C:\Users\Nati\Desktop\Zeichenreferezen
2014-02-15 17:53 - 2012-09-13 13:25 - 00000000 ____D () C:\Windows\Minidump
2014-02-15 17:53 - 2007-01-02 02:25 - 00000000 ____D () C:\Windows\Panther
2014-02-15 00:08 - 2014-02-15 00:08 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-02-15 00:08 - 2014-02-15 00:08 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-15 00:08 - 2014-02-15 00:08 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-15 00:06 - 2014-02-15 00:06 - 03645064 _____ (Piriform Ltd) C:\Users\Nati\Downloads\ccsetup410_slim.exe
2014-02-14 18:20 - 2014-02-14 18:19 - 00000000 ____D () C:\Users\Nati\AppData\Local\{EB557069-C7F7-490F-AC65-767E68A2D4BB}
2014-02-12 20:42 - 2014-02-12 20:42 - 00000000 ____D () C:\Users\Nati\AppData\Local\{9BA35B97-5694-4A3D-A459-E951F9429D90}
2014-02-11 16:59 - 2014-02-11 16:59 - 00000000 ____D () C:\Users\Nati\AppData\Local\{12EFE7B7-680E-4670-A300-502E0A9E37F0}
2014-02-10 15:13 - 2012-01-04 21:00 - 00000000 ____D () C:\Users\Nati\AppData\Roaming\Adobe
2014-02-10 11:55 - 2014-02-10 11:55 - 00000000 ____D () C:\Users\Nati\AppData\Local\{7C9ACBCC-3FD9-4739-A600-340DC99AC698}
2014-02-07 14:41 - 2014-02-01 20:02 - 00000356 _____ () C:\Windows\Tasks\Quark Updater.job
2014-02-06 13:16 - 2014-02-18 17:21 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-18 17:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-18 17:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-18 17:21 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-18 17:21 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-18 17:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-18 17:21 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-18 17:21 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-18 17:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-18 17:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-18 17:21 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-18 17:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-18 17:21 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-18 17:21 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-18 17:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-18 17:21 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-18 17:20 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-18 17:21 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-18 17:21 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-18 17:21 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-18 17:21 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-18 17:21 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-18 17:21 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-18 17:21 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-18 17:21 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-18 17:21 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-18 17:21 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-18 17:21 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-18 17:21 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-18 17:21 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-18 17:21 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-18 17:21 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-18 17:21 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:05 - 2014-02-06 10:04 - 00000000 ____D () C:\Users\Nati\AppData\Local\{5F1097FF-8F17-4208-B401-94C27DE3E23F}
2014-02-06 10:03 - 2014-02-18 17:21 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-18 17:21 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-18 17:21 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-18 17:21 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-18 17:21 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-18 17:21 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-03 11:00 - 2014-02-03 11:00 - 00000000 ____D () C:\Users\Nati\AppData\Local\{957703DD-0D0E-4DA9-881D-90A35826479D}
2014-02-03 10:56 - 2009-07-14 05:45 - 05002216 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-02 18:50 - 2011-07-15 19:43 - 00000000 ____D () C:\ProgramData\Adobe
2014-02-01 20:04 - 2014-02-01 20:03 - 00000000 ____D () C:\Users\Nati\AppData\Local\Quark
2014-02-01 20:03 - 2012-01-04 20:37 - 00116880 _____ () C:\Users\Nati\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-01 20:02 - 2014-02-01 20:02 - 00003042 _____ () C:\Windows\System32\Tasks\Quark Updater
2014-02-01 20:02 - 2014-02-01 20:02 - 00000000 ____D () C:\Users\Nati\AppData\Roaming\Quark
2014-02-01 20:02 - 2014-02-01 19:58 - 00000000 ____D () C:\ProgramData\Quark
2014-02-01 20:02 - 2014-02-01 19:58 - 00000000 ____D () C:\Program Files (x86)\Quark
2014-02-01 19:36 - 2014-02-01 19:36 - 00094414 _____ () C:\Users\Nati\Downloads\image.jpeg
2014-02-01 19:22 - 2012-01-06 20:47 - 00007168 _____ () C:\Users\Nati\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-01 19:17 - 2014-02-01 19:13 - 00000000 ____D () C:\Users\Nati\AppData\Local\cache
2014-02-01 19:13 - 2014-02-01 19:13 - 00000000 ____D () C:\Users\Nati\Documents\Mobogenie
2014-02-01 19:13 - 2014-02-01 19:13 - 00000000 ____D () C:\Users\Nati\AppData\Local\genienext
2014-02-01 19:13 - 2014-02-01 19:13 - 00000000 ____D () C:\Users\Nati\.android
2014-02-01 19:13 - 2014-02-01 19:13 - 00000000 _____ () C:\Users\Nati\daemonprocess.txt
2014-02-01 18:51 - 2014-02-01 18:51 - 00401752 _____ (Softonic ) C:\Users\Nati\Downloads\SoftonicDownloader_fuer_quarkxpress.exe
2014-02-01 17:05 - 2014-02-01 17:04 - 00000000 ____D () C:\Users\Nati\AppData\Local\{EF490645-5198-431A-B109-7B4D563BAFEF}
2014-02-01 17:02 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-31 22:04 - 2014-01-31 22:04 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-01-31 22:04 - 2012-06-17 13:38 - 00000000 ____D () C:\Users\Nati\AppData\Roaming\WildTangent
2014-01-31 22:04 - 2011-07-15 19:34 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2014-01-31 22:03 - 2011-07-15 19:34 - 00000000 ____D () C:\ProgramData\WildTangent
2014-01-31 21:56 - 2014-01-31 21:56 - 00003498 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Nati-HP-Nati
2014-01-31 21:55 - 2014-01-31 21:54 - 00000000 ____D () C:\Program Files (x86)\Atheros
2014-01-31 21:55 - 2014-01-31 21:53 - 00000184 _____ () C:\setup.log
2014-01-31 21:54 - 2014-01-31 21:54 - 00000000 ____D () C:\Windows\system32\nn-NO
2014-01-31 21:54 - 2014-01-31 21:54 - 00000000 ____D () C:\Windows\Options
2014-01-31 21:54 - 2014-01-31 21:54 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-01-31 21:54 - 2011-07-15 19:47 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-01-31 21:54 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-01-31 21:53 - 2014-01-31 21:53 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-01-31 21:53 - 2014-01-31 21:47 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-01-31 21:53 - 2011-02-10 20:23 - 00000000 ____D () C:\SWSetup
2014-01-31 21:52 - 2014-01-31 21:48 - 00000000 ____D () C:\Program Files\Adobe
2014-01-31 21:49 - 2011-07-15 19:43 - 00000000 ____D () C:\Program Files (x86)\Adobe
Some content of TEMP:
====================
C:\Users\Nati\AppData\Local\Temp\BackupSetup.exe
C:\Users\Nati\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpr6it6e.dll
C:\Users\Nati\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-20 15:44
==================== End Of Log ============================
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-02-2014 01
Ran by Nati at 2014-02-25 17:45:20
Running from C:\Users\Nati\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Norton Internet Security (Disabled - Out of date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Out of date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
==================== Installed Programs ======================
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19140 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.6.0.19140 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Community Help (x32 Version: 3.4.980 - Adobe Systems Incorporated.) Hidden
Adobe Digital Editions (HKLM-x32\...\Digital Editions) (Version: - )
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Photoshop CS5.1 (HKLM-x32\...\{9158FF30-78D7-40EF-B83E-451AC5334640}) (Version: 12.1 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.9.620 - Adobe Systems, Inc.)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{B066BF95-890E-A532-A58F-D13E0805DC04}) (Version: 3.0.816.0 - ATI Technologies, Inc.)
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
AuthenTec TrueAPI (Version: 1.3.0.111 - AuthenTec, Inc.) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 12.1.9.2500 - Avira)
awesomehp uninstaller (HKLM-x32\...\awesomehp uninstaller) (Version: - awesomehp) <==== ATTENTION
Bamboo (HKLM\...\Pen Tablet Driver) (Version: 5.2.5-5 - Wacom Technology Corp.)
Bamboo Dock (HKLM-x32\...\Bamboo Dock) (Version: 4.0 - Wacom Co., Ltd.)
Bamboo Dock (x32 Version: 4.0.0 - Wacom Europe GmbH) Hidden
Bamboo Tablets Tutorial (x32 Version: 3.0.20 - Wacom) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bounce Symphony (x32 Version: 2.2.0.97 - WildTangent) Hidden
Browser Helper Object (HKLM-x32\...\Browser Helper Object1.4) (Version: 1.4 - APC Soft)
Bundled software uninstaller (HKLM-x32\...\bi_uninstaller) (Version: - ) <==== ATTENTION
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center (x32 Version: 2011.0508.224.2391 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0508.224.2391 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0508.224.2391 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0508.224.2391 - ATI) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2011.0508.224.2391 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0508.0223.2391 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0508.0223.2391 - ATI) Hidden
CCC Help Czech (x32 Version: 2011.0508.0223.2391 - ATI) Hidden
CCC Help Danish (x32 Version: 2011.0508.0223.2391 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0508.0223.2391 - ATI) Hidden
CCC Help English (x32 Version: 2011.0508.0223.2391 - ATI) Hidden
CCC Help Finnish (x32 Version: 2011.0508.0223.2391 - ATI) Hidden
CCC Help French (x32 Version: 2011.0508.0223.2391 - ATI) Hidden
CCC Help German (x32 Version: 2011.0508.0223.2391 - ATI) Hidden
CCC Help Greek (x32 Version: 2011.0508.0223.2391 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2011.0508.0223.2391 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0508.0223.2391 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0508.0223.2391 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0508.0223.2391 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2011.0508.0223.2391 - ATI) Hidden
CCC Help Polish (x32 Version: 2011.0508.0223.2391 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0508.0223.2391 - ATI) Hidden
CCC Help Russian (x32 Version: 2011.0508.0223.2391 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0508.0223.2391 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0508.0223.2391 - ATI) Hidden
CCC Help Thai (x32 Version: 2011.0508.0223.2391 - ATI) Hidden
CCC Help Turkish (x32 Version: 2011.0508.0223.2391 - ATI) Hidden
ccc-utility64 (Version: 2011.0508.224.2391 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Chronicles of Albian (x32 Version: 2.2.0.95 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Complitly (HKLM-x32\...\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1) (Version: - Complitly) <==== ATTENTION
Cradle of Rome 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.1.4119 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.1.4119 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DMUninstaller (HKLM-x32\...\DMUninstaller) (Version: - ) <==== ATTENTION
Dropbox (HKCU\...\Dropbox) (Version: 2.6.7 - Dropbox, Inc.)
DS4 Default Content (HKLM-x32\...\DS4 Default Content 4.0.0.8) (Version: 4.0.0.8 - DAZ 3D)
Elsword_DE (HKLM-x32\...\Elsword_DE_is1) (Version: - )
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
FILSHtray (HKLM-x32\...\{5928359F-BF46-4646-BF19-B64E55171EB5}) (Version: 0.12 - FILSH Media GmbH)
Free Video Converter V 3.1 (HKLM-x32\...\Free Video Converter_is1) (Version: 3.1.0.0 - Koyote Soft)
Gameforge Live 1.9.0 "Legend" (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 1.9.0 - Gameforge)
Google Chrome (HKCU\...\Google Chrome) (Version: 33.0.1750.117 - Google Inc.)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{DE15C5EC-7C30-44BF-ACEB-03960FC5601D}) (Version: 1.1.1.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent)
HP Launch Box (HKLM\...\{9CAB2212-0732-4827-8EC4-61D8EF0AA65B}) (Version: 1.0.11 - Hewlett-Packard Company)
HP On Screen Display (HKLM-x32\...\{9B9B8EE4-2EDB-41C2-AF2E-63E75D37CDDF}) (Version: 1.1.2 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{872B1C80-38EC-4A31-A25C-980820593900}) (Version: 1.2.3 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{ABEF00D0-FCAE-4E47-8D4E-D4AE5FD72B15}) (Version: 2.4.3 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{8B52057C-15DB-433E-957C-E279BC7D07E3}) (Version: 3.1.0.9742 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{5036764A-435D-40C9-869C-31085A3D741D}) (Version: 8.7.4751.3798 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13476.3753 - Hewlett-Packard Company)
HP SimplePass PE 2011 (HKLM-x32\...\{31CEFF4E-B6D1-46A5-9169-7C67570E7FFA}) (Version: 5.3.0.163 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{18F4179A-385F-40EE-AE2D-FA0E1BE62753}) (Version: 4.5.12.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HyperCam 2 (HKLM-x32\...\HyperCam 2) (Version: 2.27.00 - Hyperionics Technology LLC)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6341.0 - IDT)
IePluginService12.27.0.3326 (HKLM-x32\...\IePlugins) (Version: 12.27.0.3326 - Cherished Technololgy LIMITED) <==== ATTENTION
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation)
Intel(R) Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
iTunes (HKLM\...\{76FF0F03-B707-4332-B5D1-A56C8303514E}) (Version: 11.0.4.4 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest: The Sleepless Star - Collector's Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
L&H TTS3000 Deutsch (HKLM-x32\...\LHTTSGED) (Version: - )
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
MediaPlayerEnhance (HKLM-x32\...\MediaPlayerEnhance) (Version: 1.34.2.13 - Feven)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional 2007 (HKLM-x32\...\PROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5128.5002 - Microsoft Corporation)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
MotoHelper MergeModules (x32 Version: 1.0.0 - Motorola) Hidden
Movie Studio Platinum 12.0 (64-bit) (HKLM\...\{FE8F3D0F-1CD8-11E2-AABD-F04DA23A5C58}) (Version: 12.0.576 - Sony)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.97 - WildTangent) Hidden
Namco All-Stars: PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
Norton Internet Security (HKLM-x32\...\NIS) (Version: 19.9.1.14 - Symantec Corporation)
Nostale(DE) (HKLM-x32\...\NosTale(DE)_is1) (Version: - Gameforge 4D GmbH)
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
osu! (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284C}) (Version: 0.0.0.0 - peppy)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
PaintTool SAI Ver.1 (HKLM-x32\...\PaintToolSAI) (Version: - )
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Quark Update (HKLM-x32\...\{82154114-943B-4A6F-9B20-073C9573E93E}) (Version: 1.0.0.2 - Ihr Firmenname)
QuarkXPress (HKLM-x32\...\{EACCA5D3-5E48-4181-B953-1842BA6FED32}) (Version: 10.0.0.1 - Quark Software Inc.)
Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard) Hidden
Skype™ 6.3 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.107 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
SoftwareUpdater (HKLM-x32\...\SoftwareUpdater) (Version: - )
Sumo Paint Bamboo 2.2 (HKLM-x32\...\com.sumopaint.bamboo.E63110E28E55D139F7D67D94E57B73BDB07BA618.1) (Version: v2.2 - UNKNOWN)
Sumo Paint Bamboo 2.2 (x32 Version: 2.2 - UNKNOWN) Hidden
SupTab (HKLM-x32\...\SupTab) (Version: 1.1.1.0 - ) <==== ATTENTION
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.11.0 - Synaptics Incorporated)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.26038 - TeamViewer)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PROR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROR_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{128A5449-CF71-4DA4-A746-F49E3B5DB584}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_PROR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROR_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_PROR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_PROR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Vacation Quest - The Hawaiian Islands (x32 Version: 2.2.0.97 - WildTangent) Hidden
Vampires vs. Zombies (x32 Version: 2.2.0.98 - WildTangent) Hidden
Vegas Pro 10.0 (HKLM-x32\...\{3C8CDDCF-D09A-11DF-8BB6-0013D3D69929}) (Version: 10.0.387 - Sony)
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
WebTablet FB Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.0.0.1 - Wacom Technology Corp.)
WebTablet IE Plugin (HKLM-x32\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.12 - Wacom Technology Corp.)
WebTablet Netscape Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.10 - Wacom Technology Corp.)
WildTangent Games App für HP (x32 Version: 4.0.11.2 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Winload Toolbar (HKLM-x32\...\Winload Toolbar) (Version: 6.9.0.16 - Winload)
WinRAR 4.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
WPM17.8.0.3325 (HKLM-x32\...\WPM) (Version: 17.8.0.3325 - Cherished Technololgy LIMITED) <==== ATTENTION
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
==================== Restore Points =========================
18-02-2014 16:18:50 Windows Update
18-02-2014 16:26:30 Windows-Sicherung
18-02-2014 16:42:15 Installed Java 7 Update 51
18-02-2014 20:29:38 Removed Java(TM) 6 Update 22
18-02-2014 20:30:45 Removed Livestream for Producers
18-02-2014 20:31:25 Removed Livestream Procaster
23-02-2014 18:00:03 Windows-Sicherung
24-02-2014 18:33:45 Removed QuickTime
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {004A583B-7921-4A72-AECA-96A355EBA8AF} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\WSCStub.exe [2013-02-02] (Symantec Corporation)
Task: {044078B9-0E3F-4586-A775-EE62758FB36F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(Yes) => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe [2014-01-14] (Hewlett-Packard)
Task: {05E5FFF2-C614-4ED8-90F8-C1AC6D3756AA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1144517153-2922543115-1289146031-1000UA => C:\Users\Nati\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-13] (Google Inc.)
Task: {0A4EB82F-FEE6-4683-8D24-31B236CF5E50} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {12D8D855-1CFD-4E4A-9926-7397B93E1853} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1144517153-2922543115-1289146031-1000Core => C:\Users\Nati\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-13] (Google Inc.)
Task: {23169B4F-40E5-428C-961E-7B2CD7B2B83E} - System32\Tasks\BHO updater => C:\Program Files (x86)\Internet Explorer\Updater.exe
Task: {30AC618D-E387-4584-96F7-B6C3B83E3313} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {336EBD03-B143-4AD6-A7BF-B19FB6FC30F5} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {35737B07-9591-4FD8-B40D-A5A92EE630E6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {35E41132-7E5F-48FB-A28A-E8F811446C30} - System32\Tasks\Quark Updater => C:\Program Files (x86)\Quark\Quark Update\AutoUpdate.exe [2011-11-25] ()
Task: {446387CC-E0FB-40BC-AB81-189238A0CC61} - System32\Tasks\MediaPlayerEnhance-codedownloader => C:\Program Files (x86)\MediaPlayerEnhance\MediaPlayerEnhance-codedownloader.exe [2014-02-24] (Feven)
Task: {4E4E022D-CF9E-419D-B484-25B720CB061F} - System32\Tasks\MediaPlayerEnhance-enabler => C:\Program Files (x86)\MediaPlayerEnhance\MediaPlayerEnhance-enabler.exe [2014-02-24] (Feven) <==== ATTENTION
Task: {4F2F973E-8674-4256-96E8-AD0EC4BFB0E5} - System32\Tasks\Test TimeTrigger => C:\Users\Nati\AppData\Local\Temp\Runner.exe <==== ATTENTION
Task: {4F4B6DEF-1187-4F68-92D6-115D28960CFE} - System32\Tasks\DealPly => C:\Users\Nati\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {566A333C-0EA3-4E9C-9E0B-4FB3A3114424} - System32\Tasks\HPCeeScheduleForNati => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {58673C4F-2968-4C52-8D96-58742ED037E4} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {675ACC17-E10F-432F-8D0E-42EC0DEE1D8E} - System32\Tasks\SpottyFiles Update => C:\Program Files (x86)\SpottyFiles\SpottyFilesUpdater.exe
Task: {6970AA61-60F7-4849-B10A-A3CC4AB3DA41} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(No) => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe [2014-01-14] (Hewlett-Packard)
Task: {7BBE0FAC-7672-41F7-BD46-192ED03BC031} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {82A76FDA-C17D-401D-93AC-2BA0E142B9C9} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe [2012-02-04] (Symantec Corporation)
Task: {8B64EEFE-3F4B-4166-B284-6F2EB6F3FC9E} - System32\Tasks\MediaPlayerEnhance-updater => C:\Program Files (x86)\MediaPlayerEnhance\MediaPlayerEnhance-updater.exe [2014-02-24] (Feven)
Task: {9433591E-3DFC-4FC6-94E9-CB54B36A35C1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-11-22] (Hewlett-Packard)
Task: {A00DBD25-B917-4437-AB32-1B00BEDD6680} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-06-15] (CyberLink)
Task: {A5FF3EC2-9E3F-429F-B45A-812AC731403A} - System32\Tasks\MediaPlayerEnhance-chromeinstaller => C:\Program Files (x86)\MediaPlayerEnhance\MediaPlayerEnhance-chromeinstaller.exe [2014-02-24] (Feven)
Task: {ACDBA9FB-D1EA-4A5B-BAE2-0D6C7EED1224} - System32\Tasks\AdobeAAMUpdater-1.0-Nati-HP-Nati => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15] (Adobe Systems Incorporated)
Task: {B91E97B4-4F8E-4AE5-B081-7C778B49D670} - System32\Tasks\MediaPlayerEnhance-firefoxinstaller => C:\Program Files (x86)\MediaPlayerEnhance\MediaPlayerEnhance-firefoxinstaller.exe [2014-02-24] (Feven)
Task: {C31B8A33-439B-4924-BBDE-1CFACE1FC8CE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {C36E3EE7-A60C-4E45-A014-3F1742C7ACF1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-11-22] (Hewlett-Packard)
Task: {C8200ED9-570A-443E-BA36-9E053DA420D0} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2011-06-27] ()
Task: {CDC4A4CA-601A-4551-9CBE-43150EFE1949} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {D2E1B0A4-3A82-4425-90F4-83C99BA34510} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-24] (Adobe Systems Incorporated)
Task: {F6332ADC-3BA4-4BBF-A504-48BC096EE7F5} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe [2012-02-04] (Symantec Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1144517153-2922543115-1289146031-1000Core.job => C:\Users\Nati\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1144517153-2922543115-1289146031-1000UA.job => C:\Users\Nati\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForNati.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\MediaPlayerEnhance-chromeinstaller.job => C:\Program Files (x86)\MediaPlayerEnhance\MediaPlayerEnhance-chromeinstaller.exe
Task: C:\Windows\Tasks\MediaPlayerEnhance-codedownloader.job => C:\Program Files (x86)\MediaPlayerEnhance\MediaPlayerEnhance-codedownloader.exe
Task: C:\Windows\Tasks\MediaPlayerEnhance-enabler.job => C:\Program Files (x86)\MediaPlayerEnhance\MediaPlayerEnhance-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\MediaPlayerEnhance-firefoxinstaller.job => C:\Program Files (x86)\MediaPlayerEnhance\MediaPlayerEnhance-firefoxinstaller.exe
Task: C:\Windows\Tasks\MediaPlayerEnhance-updater.job => C:\Program Files (x86)\MediaPlayerEnhance\MediaPlayerEnhance-updater.exe
Task: C:\Windows\Tasks\Quark Updater.job => C:\Program Files (x86)\Quark\Quark Update\AutoUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-11-20 13:38 - 2014-01-26 12:38 - 00109056 _____ () C:\Users\Nati\AppData\Roaming\okitspace\protect\PluginProtect.exe
2013-11-20 13:38 - 2013-11-05 08:34 - 00029696 _____ () C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe
2012-08-10 18:19 - 2011-09-08 16:48 - 01183096 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2013-09-04 19:33 - 2013-09-04 19:33 - 03233806 _____ () C:\Program Files (x86)\Tor\tor.exe
2012-02-25 15:55 - 2012-02-17 20:55 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2011-04-15 19:16 - 2011-04-15 19:16 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-09-27 04:45 - 2011-09-27 04:45 - 00646232 _____ () C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
2011-05-12 14:13 - 2011-05-12 14:13 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-05-08 02:23 - 2011-05-08 02:23 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2012-09-01 17:27 - 2012-07-18 17:04 - 00398288 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-04-21 20:44 - 2013-04-21 20:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 20:44 - 2013-04-21 20:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-11-20 13:38 - 2013-11-20 13:38 - 00088576 _____ () C:\Users\Nati\AppData\Roaming\okitspace\protect\utilsDll.dll
2014-02-25 17:24 - 2014-02-25 17:24 - 00041984 _____ () c:\users\nati\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpr6it6e.dll
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\Nati\AppData\Roaming\Dropbox\bin\libcef.dll
2011-01-17 15:19 - 2012-04-20 17:37 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2014-02-19 18:49 - 2014-02-19 18:49 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ae685719bd599604bdf031cdad0ba38a\IsdiInterop.ni.dll
2012-03-25 00:32 - 2011-04-30 00:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-02-22 19:39 - 2014-02-20 02:02 - 00051016 _____ () C:\Users\Nati\AppData\Local\Google\Chrome\Application\33.0.1750.117\chrome_elf.dll
2014-02-22 19:39 - 2014-02-20 02:02 - 00716616 _____ () C:\Users\Nati\AppData\Local\Google\Chrome\Application\33.0.1750.117\libglesv2.dll
2014-02-22 19:39 - 2014-02-20 02:02 - 00100168 _____ () C:\Users\Nati\AppData\Local\Google\Chrome\Application\33.0.1750.117\libegl.dll
2014-02-22 19:39 - 2014-02-20 02:03 - 04060488 _____ () C:\Users\Nati\AppData\Local\Google\Chrome\Application\33.0.1750.117\pdf.dll
2014-02-22 19:39 - 2014-02-20 02:03 - 00394568 _____ () C:\Users\Nati\AppData\Local\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll
2014-02-22 19:39 - 2014-02-20 02:02 - 01647432 _____ () C:\Users\Nati\AppData\Local\Google\Chrome\Application\33.0.1750.117\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:B1FBBD09
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/25/2014 05:25:21 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: msnmsgr.exe, Version: 15.4.3555.308, Zeitstempel: 0x4f596cbb
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002dfc1
ID des fehlerhaften Prozesses: 0x1760
Startzeit der fehlerhaften Anwendung: 0xmsnmsgr.exe0
Pfad der fehlerhaften Anwendung: msnmsgr.exe1
Pfad des fehlerhaften Moduls: msnmsgr.exe2
Berichtskennung: msnmsgr.exe3
Error: (02/25/2014 05:23:13 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/24/2014 10:28:01 PM) (Source: ATIeRecord) (User: )
Description: ATI EEU failed to post message to CCC
Error: (02/24/2014 04:45:28 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/23/2014 11:52:34 PM) (Source: ATIeRecord) (User: )
Description: ATI EEU failed to post message to CCC
Error: (02/23/2014 11:52:34 PM) (Source: ATIeRecord) (User: )
Description: ATI EEU failed to post message to CCC
Error: (02/23/2014 11:52:34 PM) (Source: ATIeRecord) (User: )
Description: ATI EEU failed to post message to CCC
Error: (02/23/2014 11:52:34 PM) (Source: ATIeRecord) (User: )
Description: ATI EEU failed to post message to CCC
Error: (02/23/2014 07:04:22 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: "Auf diesem Laufwerk ist nicht genügend Speicherplatz zum Speichern der Sicherung verfügbar. Löschen Sie ältere Sicherungen und nicht benötigte Daten, um Speicherplatz freizugeben, oder ändern Sie die Sicherungseinstellungen. (0x81000005)"
Error: (02/22/2014 06:55:03 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (02/15/2014 06:45:19 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (02/12/2014 08:40:56 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft .NET Framework NGEN v4.0.30319_X86 erreicht.
Error: (02/10/2014 11:34:56 AM) (Source: BROWSER) (User: )
Description: Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport "\Device\NetBT_Tcpip_{66138D49-003E-49E9-A037-134C1451B56C}" zu oft fehl.
Der Sicherungssuchdienst wird beendet.
Error: (02/06/2014 10:05:17 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (02/06/2014 10:05:17 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Presentation Foundation-Schriftartcache 3.0.0.0 erreicht.
Error: (02/06/2014 10:04:13 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft .NET Framework NGEN v4.0.30319_X64 erreicht.
Error: (02/05/2014 11:28:14 PM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (02/04/2014 06:54:49 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "NATASCHAWICK-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{66138D49-003E-49E9-A037-134C1451B56C}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (02/04/2014 06:13:07 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "NATASCHAWICK-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{66138D49-003E-49E9-A037-134C1451B56C}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (02/01/2014 07:16:52 PM) (Source: Service Control Manager) (User: )
Description: Dienst "MgAssist Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 44%
Total physical RAM: 6091.86 MB
Available physical RAM: 3366.62 MB
Total Pagefile: 12181.9 MB
Available Pagefile: 8741.17 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:445.86 GB) (Free:318.88 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery) (Fixed) (Total:15.74 GB) (Free:1.71 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:0.01 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: CF92579A)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
