| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Sart Quon8 blockiert alles\ Windows 8Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
14.04.2014, 14:54
| #1 |
| |  Sart Quon8 blockiert alles\ Windows 8 Hallo ! Ich habe leider nicht viel Ahnuing von Computern und wollte mir einen Treiber für einen Drucker herunterladen und jetzt komme ich nicht mal auf youtube! Wäre sehr Dankbar für Hilfe, da ich gerade fürs Examen lernen muss... Lg Meike. |
|
14.04.2014, 15:18
| #2 |
| /// the machine /// TB-Ausbilder    | Sart Quon8 blockiert alles\ Windows 8 hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
14.04.2014, 15:56
| #3 |
| | Sart Quon8 blockiert alles\ Windows 8 FRST Logfile:
__________________FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-04-2014 01
Ran by user (administrator) on NOTEBOOK on 14-04-2014 16:44:54
Running from C:\Users\user\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\windows\system32\WLANExt.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Just Develop It) C:\Program Files (x86)\MyPC Backup\BackupStack.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\windows\system32\dashost.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
() C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Citrix Systems, Inc) C:\Program Files\Citrix\Secure Access Client\nsverctl.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(GridinSoft LLC.) C:\Program Files\GridinSoft Trojan Killer\trojankiller.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Updater) C:\ProgramData\Updater\updater.exe
(Citrix Systems, Inc) C:\Program Files\Citrix\Secure Access Client\nsload.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(simplitec) C:\Program Files (x86)\simplitec\simplicheck\simplicheck.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Dropbox, Inc.) C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe
(MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe
(CANON INC.) C:\Program Files (x86)\Canon\My Image Garden\cnmigmain.exe
(WatchDog) C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe
(WatchDog) C:\ProgramData\RHelpers\FireFoxHelper\FireFoxHelper.exe
(WatchDog) C:\ProgramData\RHelpers\IEHelper\IeHelper.exe
(Microsoft Corporation) C:\windows\syswow64\wwahost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\swriter.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
() C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
(Smart PC Solutions) C:\Program Files (x86)\PC Speed Maximizer\SPMSmartScan.exe
() C:\Program Files (x86)\BrowseMark\updateBrowseMark.exe
() C:\Program Files (x86)\BrowseMark\BrowseMark.FirstRun.exe
() C:\Program Files (x86)\OpenIt\Open It!\openit.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11554688 2012-08-08] (Motorola Solutions, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2862448 2012-08-06] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IgfxTray] => C:\windows\system32\igfxtray.exe [170304 2012-07-27] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] => C:\windows\system32\hkcmd.exe [398656 2012-07-27] (Intel Corporation)
HKLM\...\Run: [Persistence] => C:\windows\system32\igfxpers.exe [440640 2012-07-27] (Intel Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-11] (Symantec Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-05-23] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [Updater] => C:\ProgramData\Updater\Updater.exe [486264 2013-12-19] (Updater)
HKLM-x32\...\Run: [BrowserSafeguard] => C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe [465408 2014-04-11] ()
HKLM-x32\...\Runonce: [Del17531671] - cmd.exe /Q /D /c del "C:\Users\user\AppData\Local\Temp\0.del" [X]
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-807486987-1310922522-2315296771-1002\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1106288 2013-05-23] (Samsung)
HKU\S-1-5-21-807486987-1310922522-2315296771-1002\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1561968 2013-05-23] (Samsung)
HKU\S-1-5-21-807486987-1310922522-2315296771-1002\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-807486987-1310922522-2315296771-1002\...\Run: [NextLive] => C:\windows\SysWOW64\rundll32.exe "C:\Users\user\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKU\S-1-5-21-807486987-1310922522-2315296771-1002\...\Run: [Updater] => C:\ProgramData\Updater\updater.exe [486264 2013-12-19] (Updater)
HKU\S-1-5-21-807486987-1310922522-2315296771-1002\...\Run: [PC Speed Maximizer] => C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe [134456 2013-03-09] (Smart PC Solutions)
HKU\S-1-5-21-807486987-1310922522-2315296771-1002\...\RunOnce: [Del17531671] - cmd.exe /Q /D /c del "C:\Users\user\AppData\Local\Temp\0.del"
AppInit_DLLs: C:\Program Files (x86)\SupTab\SearchProtect64.dll => C:\Program Files (x86)\SupTab\SearchProtect64.dll [102512 2014-04-02] (Skytech Co., Ltd.)
AppInit_DLLs-x32: C:\Program Files (x86)\SupTab\SearchProtect32.dll => C:\Program Files (x86)\SupTab\SearchProtect32.dll [91248 2014-04-02] (Skytech Co., Ltd.)
Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
==================== Internet (Whitelisted) ====================
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:49334;https=127.0.0.1:49334
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=86593597-40fd-43cf-89e9-f9d0452ec0bd&searchtype=ds&q={searchTerms}&installDate=10/09/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=dsites05_14_16_ff&cd=2XzuyEtN2Y1L1Qzu0CyCzzyDtDzz0D0DtCyC0CyCyBzy0EtAtN0D0Tzu0SzztAyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StD0DyD0BtCtD0CtDtGzztB0D0CtGtByE0FtBtGzztByE0CtGyE0Czy0E0F0AyEyD0F0C0ByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByCyByCtAyC0EyEtGyE0FzytBtGzzzyyD0DtGzz0F0D0DtGtAyBtD0AtB0Azy0BtDyEtD0E2Q&cr=2072263815&ir=
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.qone8.com/?type=hp&ts=1397462469&from=adks&uid=ST500LM012XHN-M500MBB_S2RSJ9CC870096
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=86593597-40fd-43cf-89e9-f9d0452ec0bd&searchtype=ds&q={searchTerms}&installDate=10/09/2013
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.qone8.com/web/?type=ds&ts=1397462469&from=adks&uid=ST500LM012XHN-M500MBB_S2RSJ9CC870096&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.qone8.com/?type=hp&ts=1397462469&from=adks&uid=ST500LM012XHN-M500MBB_S2RSJ9CC870096
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=dsites05_14_16_ff&cd=2XzuyEtN2Y1L1Qzu0CyCzzyDtDzz0D0DtCyC0CyCyBzy0EtAtN0D0Tzu0SzztAyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StD0DyD0BtCtD0CtDtGzztB0D0CtGtByE0FtBtGzztByE0CtGyE0Czy0E0F0AyEyD0F0C0ByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByCyByCtAyC0EyEtGyE0FzytBtGzzzyyD0DtGzz0F0D0DtGtAyBtD0AtB0Azy0BtDyEtD0E2Q&cr=2072263815&ir=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.qone8.com/web/?type=ds&ts=1397462469&from=adks&uid=ST500LM012XHN-M500MBB_S2RSJ9CC870096&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.qone8.com/web/?type=ds&ts=1397462469&from=adks&uid=ST500LM012XHN-M500MBB_S2RSJ9CC870096&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.qone8.com/?type=hp&ts=1397462469&from=adks&uid=ST500LM012XHN-M500MBB_S2RSJ9CC870096
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=dsites05_14_16_ff&cd=2XzuyEtN2Y1L1Qzu0CyCzzyDtDzz0D0DtCyC0CyCyBzy0EtAtN0D0Tzu0SzztAyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StD0DyD0BtCtD0CtDtGzztB0D0CtGtByE0FtBtGzztByE0CtGyE0Czy0E0F0AyEyD0F0C0ByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByCyByCtAyC0EyEtGyE0FzytBtGzzzyyD0DtGzz0F0D0DtGtAyBtD0AtB0Azy0BtDyEtD0E2Q&cr=2072263815&ir=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.qone8.com/web/?type=ds&ts=1397462469&from=adks&uid=ST500LM012XHN-M500MBB_S2RSJ9CC870096&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://start.qone8.com/?type=sc&ts=1397462469&from=adks&uid=ST500LM012XHN-M500MBB_S2RSJ9CC870096
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites05_14_16_ff&cd=2XzuyEtN2Y1L1Qzu0CyCzzyDtDzz0D0DtCyC0CyCyBzy0EtAtN0D0Tzu0SzztAyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StD0DyD0BtCtD0CtDtGzztB0D0CtGtByE0FtBtGzztByE0CtGyE0Czy0E0F0AyEyD0F0C0ByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByCyByCtAyC0EyEtGyE0FzytBtGzzzyyD0DtGzz0F0D0DtGtAyBtD0AtB0Azy0BtDyEtD0E2Q&cr=2072263815&ir=
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites05_14_16_ff&cd=2XzuyEtN2Y1L1Qzu0CyCzzyDtDzz0D0DtCyC0CyCyBzy0EtAtN0D0Tzu0SzztAyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StD0DyD0BtCtD0CtDtGzztB0D0CtGtByE0FtBtGzztByE0CtGyE0Czy0E0F0AyEyD0F0C0ByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByCyByCtAyC0EyEtGyE0FzytBtGzzzyyD0DtGzz0F0D0DtGtAyBtD0AtB0Azy0BtDyEtD0E2Q&cr=2072263815&ir=
SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://www.qone8.com/web/?type=ds&ts=1397462469&from=adks&uid=ST500LM012XHN-M500MBB_S2RSJ9CC870096&q={searchTerms}
SearchScopes: HKLM - {7ABB8B5C-935A-4B30-84E2-9C5BBA49D5F0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1397462469&from=adks&uid=ST500LM012XHN-M500MBB_S2RSJ9CC870096&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1397462469&from=adks&uid=ST500LM012XHN-M500MBB_S2RSJ9CC870096&q={searchTerms}
SearchScopes: HKLM-x32 - {7ABB8B5C-935A-4B30-84E2-9C5BBA49D5F0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites05_14_16_ff&cd=2XzuyEtN2Y1L1Qzu0CyCzzyDtDzz0D0DtCyC0CyCyBzy0EtAtN0D0Tzu0SzztAyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StD0DyD0BtCtD0CtDtGzztB0D0CtGtByE0FtBtGzztByE0CtGyE0Czy0E0F0AyEyD0F0C0ByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByCyByCtAyC0EyEtGyE0FzytBtGzzzyyD0DtGzz0F0D0DtGtAyBtD0AtB0Azy0BtDyEtD0E2Q&cr=2072263815&ir=
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=86593597-40fd-43cf-89e9-f9d0452ec0bd&searchtype=ds&q={searchTerms}&installDate=10/09/2013
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3314932&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP5CA0DD16-BACC-4936-83FE-FCD1E018130C&q={searchTerms}&SSPV=
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites05_14_16_ff&cd=2XzuyEtN2Y1L1Qzu0CyCzzyDtDzz0D0DtCyC0CyCyBzy0EtAtN0D0Tzu0SzztAyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StD0DyD0BtCtD0CtDtGzztB0D0CtGtByE0FtBtGzztByE0CtGyE0Czy0E0F0AyEyD0F0C0ByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByCyByCtAyC0EyEtGyE0FzytBtGzzzyyD0DtGzz0F0D0DtGtAyBtD0AtB0Azy0BtDyEtD0E2Q&cr=2072263815&ir=
SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://www.qone8.com/web/?type=ds&ts=1397462469&from=adks&uid=ST500LM012XHN-M500MBB_S2RSJ9CC870096&q={searchTerms}
SearchScopes: HKCU - {84C9C423-40AA-4F27-9F91-907798BCF822} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=MGX&o=15359&src=kw&q={searchTerms}&locale=&apn_ptnrs=^JQ&apn_dtid=^YYYYYY^YY^DE&apn_uid=9AB39053-BA6C-400C-BFC2-6FFA8C7C67C8&apn_sauid=AE5D254E-0A69-49A8-ADBC-44B5975CA8DF
BHO: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: HQvidPv1.1 - {11111111-1111-1111-1111-110511301198} - C:\Program Files (x86)\HQvidPv1.1\HQvidPv1.1-bho.dll (HQvidPv1.1)
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Websteroids - {44ed99e2-16a6-4b89-80d6-5b21cf42e78b} - C:\ProgramData\Websteroids\IE\common.dll (Creative Island Media, LLC)
BHO-x32: IEiRobinHoodAddon Class - {54E67346-EE5A-45B6-82AA-4F0BB28C79C2} - C:\Program Files (x86)\iRobinHood\iRobinHood Addon\iRobinHood.dll (iRobinHood)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: BrowseMark - {aeac172e-2e4b-4b92-9af6-b0cdb1acecdb} - C:\Program Files (x86)\BrowseMark\BrowseMarkbho.dll (BrowseMark)
BHO-x32: Softonic Helper Object - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files (x86)\Softonic\Softonic\1.8.21.14\bh\Softonic.dll (Softonic.com)
BHO-x32: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: mysearchdial Helper Object - {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - C:\Program Files (x86)\Mysearchdial\1.8.29.0\bh\mysearchdial.dll (MySearchDial)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files (x86)\Softonic\Softonic\1.8.21.14\SoftonicTlbr.dll (Softonic.com)
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialTlbr.dll (MySearchDial)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\zgn0cf4s.default-1397463064757
FF user.js: detected! => C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\zgn0cf4s.default-1397463064757\user.js
FF DefaultSearchEngine: qone8
FF SelectedSearchEngine: Mysearchdial
FF Homepage: hxxp://start.qone8.com/?type=hppp&ts=1397486012&from=adks&uid=ST500LM012XHN-M500MBB_S2RSJ9CC870096
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @Citrix.com/npagee64,version=10.1.119.7 - C:\Program Files\Citrix\Secure Access Client\npagee64.dll (Citrix Systems, Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @Citrix.com/npagee,version=10.1.119.7 - C:\Program Files\Citrix\Secure Access Client\npagee.dll (Citrix Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\user\AppData\Roaming\mozilla\plugins\npagee.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\user\AppData\Roaming\mozilla\plugins\npagee64.dll (Citrix Systems, Inc.)
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\zgn0cf4s.default-1397463064757\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\qone8.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: mysearchdial.com - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\zgn0cf4s.default-1397463064757\Extensions\ffxtlbr@mysearchdial.com [2014-04-14]
FF Extension: Yahoo! Toolbar - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\zgn0cf4s.default-1397463064757\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2014-04-14]
FF Extension: MySearchDial NewTab - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\zgn0cf4s.default-1397463064757\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8} [2014-04-14]
FF Extension: BrowseMark - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\zgn0cf4s.default-1397463064757\Extensions\{b99c8534-7800-48fa-bd71-519a46cdc7e1}.xpi [2014-04-12]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFF [2013-10-12]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\4qrsudvd.default-1359299008498\extensions\quick_start@gmail.com
FF HKCU\...\Firefox\Extensions: [autolyrics@man-soft.net] - C:\Program Files (x86)\AutoLyrics\FF\
FF Extension: Auto Lyrics - C:\Program Files (x86)\AutoLyrics\FF\ []
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://start.qone8.com/?type=sc&ts=1397462469&from=adks&uid=ST500LM012XHN-M500MBB_S2RSJ9CC870096
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (Softonic Chrome Toolbar) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf [2013-11-26]
CHR HKLM-x32\...\Chrome\Extension: [elchiiiejkobdbblfejjkbphbddgmljf] - C:\Program Files (x86)\Softonic\Softonic\1.8.21.14\Softonic.crx [2013-06-11]
CHR HKLM-x32\...\Chrome\Extension: [iidmoehhpbghchkaogkhmcckhlhebekn] - C:\Program Files (x86)\iRobinHood\iRobinHood Addon\iRobinHoodPartnersVExtension1_42.crx [2013-08-02]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\Exts\Chrome.crx [2014-04-09]
CHR HKLM-x32\...\Chrome\Extension: [pkcdkfohdadbjmlfejhncigcbfkiaamf] - C:\Program Files (x86)\AutoLyrics\Chrome.crx [2013-04-23]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36392 2014-03-14] (Just Develop It)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593976 2012-08-26] (Samsung Electronics CO., LTD.)
R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [102224 2012-08-17] (Condusiv Technologies)
R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [705136 2014-04-11] (Cherished Technololgy LIMITED)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 irstrtsv; C:\windows\SysWOW64\irstrtsv.exe [193576 2012-07-19] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-11] (Symantec Corporation)
R2 nsverctl; C:\Program Files\Citrix\Secure Access Client\nsverctl.exe [157744 2013-07-29] (Citrix Systems, Inc)
R2 Update BrowseMark; C:\Program Files (x86)\BrowseMark\updateBrowseMark.exe [350496 2014-04-12] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [566272 2014-04-14] (Cherished Technololgy LIMITED)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
R3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20140319.001\BHDrvx64.sys [1525976 2014-03-19] (Symantec Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R2 cag; C:\Program Files\Common Files\Deterministic Networks\Common Files\cag.sys [102160 2013-04-01] (Citrix Systems, Inc.)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00B\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 ctxva51; C:\Windows\system32\DRIVERS\ctxva51.sys [46640 2013-07-29] (Citrix Systems, Inc.)
R1 DNE; C:\Windows\system32\DRIVERS\dnelwf64.sys [119120 2013-02-20] (Citrix Systems, Inc.)
R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-21] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-21] (Symantec Corporation)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23376 2012-08-17] (Condusiv Technologies)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [103248 2012-08-17] (Condusiv Technologies)
R3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20140411.001\IDSvia64.sys [525016 2014-03-26] (Symantec Corporation)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-20] (Intel Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20140413.021\ENG64.SYS [126040 2013-09-27] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20140413.021\EX64.SYS [2099288 2013-09-27] (Symantec Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-10-08] (Intel Corporation)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-10-10] (Windows (R) 2003 DDK 3790 provider)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
R3 SymDS; C:\Windows\system32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R3 SymEFA; C:\Windows\system32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1404000.028\SymELAM.sys [23448 2012-06-20] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-19] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R3 SymNetS; C:\Windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
R3 TrojanKillerDriver; C:\Windows\System32\DRIVERS\gtkdrv.sys [16640 2014-02-11] (Windows (R) Win 7 DDK provider)
S3 SBIOSIO; \??\C:\windiag\SBIOSIO64.SYS [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-14 16:44 - 2014-04-14 16:45 - 00033351 _____ () C:\Users\user\Downloads\FRST.txt
2014-04-14 16:44 - 2014-04-14 16:44 - 00000000 ____D () C:\FRST
2014-04-14 16:43 - 2014-04-14 16:43 - 02157568 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe
2014-04-14 16:41 - 2014-04-14 16:41 - 01146368 _____ (Farbar) C:\Users\user\Downloads\FRST.exe
2014-04-14 16:38 - 2014-04-14 16:38 - 00000000 ____D () C:\Users\user\Documents\PC Speed Maximizer
2014-04-14 16:38 - 2014-04-14 16:38 - 00000000 ____D () C:\Users\user\AppData\Roaming\PC Speed Maximizer
2014-04-14 16:35 - 2014-04-14 16:35 - 00000000 ____D () C:\Users\user\AppData\Roaming\0D0S1L2Z1P1B
2014-04-14 16:34 - 2014-04-14 16:35 - 00000000 ____D () C:\Program Files (x86)\BrowseMark
2014-04-14 16:33 - 2014-04-14 16:33 - 00002660 _____ () C:\windows\System32\Tasks\Digital Sites
2014-04-14 16:33 - 2014-04-14 16:33 - 00001145 _____ () C:\Users\user\Desktop\PC Speed Maximizer.lnk
2014-04-14 16:33 - 2014-04-14 16:33 - 00001120 _____ () C:\Users\Public\Desktop\Open It!.lnk
2014-04-14 16:33 - 2014-04-14 16:33 - 00000322 _____ () C:\windows\Tasks\Digital Sites.job
2014-04-14 16:33 - 2014-04-14 16:33 - 00000000 ____D () C:\Users\user\AppData\Roaming\mysearchdial
2014-04-14 16:33 - 2014-04-14 16:33 - 00000000 ____D () C:\Users\user\AppData\Roaming\DigitalSites
2014-04-14 16:33 - 2014-04-14 16:33 - 00000000 ____D () C:\Program Files (x86)\PC Speed Maximizer
2014-04-14 16:33 - 2014-04-14 16:33 - 00000000 ____D () C:\Program Files (x86)\OpenIt
2014-04-14 16:33 - 2014-04-14 16:33 - 00000000 ____D () C:\Program Files (x86)\Mysearchdial
2014-04-14 16:32 - 2014-04-14 16:32 - 00675608 _____ ( ) C:\Users\user\Downloads\ZipExtractorSetup(1).exe
2014-04-14 12:13 - 2014-04-14 12:13 - 00000000 ___SH () C:\DkHyperbootSync
2014-04-14 11:42 - 2014-03-31 23:18 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-04-14 11:42 - 2014-03-31 23:18 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-14 11:04 - 2014-04-14 11:04 - 00000968 _____ () C:\Users\Public\Desktop\Trojan Killer.lnk
2014-04-14 11:04 - 2014-04-14 11:04 - 00000000 ____D () C:\ProgramData\GridinSoft
2014-04-14 11:04 - 2014-04-14 11:04 - 00000000 ____D () C:\Program Files\GridinSoft Trojan Killer
2014-04-14 11:01 - 2014-04-14 11:02 - 47141056 _____ (GridinSoft LLC) C:\Users\user\Downloads\gtk-2.2.2.5-setup.exe
2014-04-14 10:20 - 2013-12-27 18:10 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\windows\system32\roboot64.exe
2014-04-14 10:19 - 2014-04-14 11:30 - 00000000 ____D () C:\Users\user\AppData\Roaming\systweak
2014-04-14 10:18 - 2014-04-14 10:18 - 00001983 _____ () C:\Users\user\Desktop\Sync Folder.lnk
2014-04-14 10:16 - 2014-04-14 10:21 - 00001101 _____ () C:\Users\user\Desktop\MyPC Backup.lnk
2014-04-14 10:16 - 2014-04-14 10:16 - 00000000 ____D () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-04-14 10:16 - 2014-04-14 10:16 - 00000000 ____D () C:\Program Files (x86)\PriceGong
2014-04-14 10:11 - 2014-04-14 10:11 - 00000000 ____D () C:\Users\user\Desktop\Alte Firefox-Daten-1
2014-04-14 10:09 - 2014-04-14 16:09 - 00002788 _____ () C:\windows\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-3.job
2014-04-14 10:09 - 2014-04-14 16:09 - 00002166 _____ () C:\windows\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-4.job
2014-04-14 10:09 - 2014-04-14 16:09 - 00001388 _____ () C:\windows\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-1.job
2014-04-14 10:09 - 2014-04-14 10:09 - 00005792 _____ () C:\windows\System32\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-3
2014-04-14 10:09 - 2014-04-14 10:09 - 00005170 _____ () C:\windows\System32\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-4
2014-04-14 10:09 - 2014-04-14 10:09 - 00004392 _____ () C:\windows\System32\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-1
2014-04-14 10:08 - 2014-04-14 10:09 - 00000000 ____D () C:\Program Files (x86)\HQvidPv1.1
2014-04-14 10:07 - 2014-04-14 10:07 - 00000000 ____D () C:\Users\user\AppData\Local\VisualBeeClient
2014-04-14 10:06 - 2014-04-14 10:07 - 00000000 ____D () C:\Users\user\AppData\Local\VisualBeeExe
2014-04-14 10:06 - 2014-04-14 10:06 - 00001240 _____ () C:\Users\user\Desktop\Create Amazing Presentations.lnk
2014-04-14 10:06 - 2014-04-14 10:06 - 00001240 _____ () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Create Amazing Presentations.lnk
2014-04-14 10:06 - 2014-04-14 10:06 - 00000000 ____D () C:\Users\user\AppData\Local\emaze
2014-04-14 10:06 - 2014-04-14 10:06 - 00000000 ____D () C:\ProgramData\VisualBee
2014-04-14 10:05 - 2014-04-14 10:08 - 00000000 ____D () C:\ProgramData\IePluginService
2014-04-14 10:05 - 2014-04-14 10:05 - 00004384 _____ () C:\windows\System32\Tasks\BrowserSafeguard Update Task
2014-04-14 10:05 - 2014-04-14 10:05 - 00000000 ____D () C:\Users\user\AppData\Roaming\SupTab
2014-04-14 10:05 - 2014-04-14 10:05 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-04-14 10:05 - 2014-04-14 10:05 - 00000000 ____D () C:\Program Files (x86)\Browsersafeguard
2014-04-14 10:04 - 2014-04-14 10:04 - 00000000 ____D () C:\ProgramData\WPM
2014-04-14 10:03 - 2014-04-14 10:03 - 00000000 ____D () C:\Users\user\AppData\Roaming\qone8
2014-04-14 09:57 - 2014-04-14 09:57 - 00240416 _____ (Fusion Install ) C:\Users\user\Downloads\Groovestream.exe
2014-04-13 11:39 - 2014-01-27 05:42 - 02232664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-04-13 11:39 - 2014-01-27 05:39 - 01939288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2014-04-13 11:39 - 2014-01-27 02:52 - 17561088 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-04-13 11:39 - 2014-01-27 02:31 - 19752448 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-04-13 11:39 - 2014-01-11 08:48 - 05979648 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-04-13 11:38 - 2014-03-07 02:08 - 19273216 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-04-13 11:38 - 2014-02-04 01:56 - 00332632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2014-04-13 11:38 - 2014-02-04 01:56 - 00278872 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2014-04-13 11:38 - 2014-01-31 05:55 - 00209712 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2014-04-13 11:38 - 2014-01-31 02:48 - 00564736 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-04-13 11:38 - 2014-01-31 02:48 - 00485888 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSDApi.dll
2014-04-13 11:38 - 2014-01-31 02:48 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-04-13 11:38 - 2014-01-31 02:48 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-13 11:38 - 2014-01-31 02:06 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-04-13 11:38 - 2014-01-31 02:06 - 00599040 _____ (Microsoft Corporation) C:\windows\system32\WSDApi.dll
2014-04-13 11:38 - 2014-01-31 02:06 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-13 11:38 - 2014-01-27 01:17 - 00386722 _____ () C:\windows\system32\ApnDatabase.xml
2014-04-13 11:38 - 2014-01-16 01:42 - 00118784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dfsc.sys
2014-04-13 11:38 - 2014-01-11 07:06 - 05092352 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-04-13 11:38 - 2014-01-03 01:35 - 00365568 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsGdiConverter.dll
2014-04-13 11:38 - 2014-01-03 01:32 - 00523264 _____ (Microsoft Corporation) C:\windows\system32\XpsGdiConverter.dll
2014-04-13 11:38 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-04-13 11:36 - 2014-03-07 02:47 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-04-13 11:36 - 2014-03-07 02:08 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-04-13 11:36 - 2014-03-07 02:08 - 03959808 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-04-13 11:36 - 2014-03-07 02:08 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-04-13 11:35 - 2014-03-07 02:47 - 14357504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-04-13 11:35 - 2014-03-07 02:08 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-04-13 11:35 - 2014-03-07 02:08 - 02240000 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-04-13 11:35 - 2014-03-07 02:08 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-04-13 11:34 - 2014-03-07 02:48 - 01766400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-04-13 11:34 - 2014-03-07 02:48 - 01140736 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-04-13 11:34 - 2014-03-07 02:47 - 13760512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-04-13 11:34 - 2014-03-07 02:47 - 02877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-04-13 11:34 - 2014-03-07 02:47 - 02049536 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-04-13 11:34 - 2014-03-07 02:47 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-04-13 11:34 - 2014-03-07 02:47 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-04-13 11:34 - 2014-03-07 02:08 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-04-13 11:34 - 2014-03-07 02:08 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-04-13 11:34 - 2014-03-07 02:08 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-04-13 11:34 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-04-13 11:34 - 2013-05-14 15:14 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-04-13 11:34 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-04-13 11:34 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-04-13 11:34 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-04-13 11:34 - 2012-07-26 05:06 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-04-09 11:31 - 2014-04-09 11:32 - 00306264 _____ () C:\windows\Minidump\040914-58156-01.dmp
2014-04-09 08:47 - 2014-02-06 01:41 - 01257984 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-04-09 08:47 - 2014-02-06 01:41 - 00978432 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-04-09 08:47 - 2014-02-06 01:26 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2014-04-09 08:47 - 2014-02-06 01:19 - 00974848 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2014-04-04 17:25 - 2014-04-04 17:25 - 02372543 _____ () C:\Users\user\Downloads\erziehender-sportunterricht(1)
2014-04-04 17:23 - 2014-04-04 17:23 - 02372543 _____ () C:\Users\user\Downloads\erziehender-sportunterricht
2014-04-03 11:50 - 2014-04-03 11:50 - 00000000 ____D () C:\Program Files (x86)\emagic
2014-04-03 11:50 - 1999-12-17 10:13 - 00086016 _____ (MindVision Software) C:\windows\unvise32.exe
2014-04-03 09:39 - 2014-04-03 09:39 - 00264792 _____ () C:\windows\msxml4-KB2758694-enu.LOG
2014-03-30 20:20 - 2014-03-30 20:20 - 00000000 ____D () C:\Users\user\AppData\Roaming\simplitec
2014-03-30 20:09 - 2014-03-30 20:10 - 00000000 ____D () C:\Users\Public\Documents\MAGIX
2014-03-30 20:09 - 2014-03-30 20:09 - 00001193 _____ () C:\Users\Public\Desktop\MAGIX Music Maker 2014 Premium.lnk
2014-03-30 20:09 - 2014-03-30 20:09 - 00000000 ____D () C:\Users\user\Documents\MAGIX_MusicEditor
2014-03-30 20:08 - 2014-03-30 20:20 - 00000000 ___RD () C:\Users\user\Documents\MAGIX
2014-03-30 20:07 - 2014-04-03 11:59 - 00000000 ____D () C:\ProgramData\simplitec
2014-03-30 20:07 - 2014-03-30 20:08 - 00000000 ____D () C:\Program Files (x86)\MAGIX
2014-03-30 20:07 - 2014-03-30 20:07 - 00001125 _____ () C:\Users\Public\Desktop\simplicheck.lnk
2014-03-30 20:07 - 2014-03-30 20:07 - 00000000 ____D () C:\Program Files (x86)\simplitec
2014-03-30 20:06 - 2014-03-30 20:20 - 00000000 ____D () C:\ProgramData\MAGIX
2014-03-30 20:06 - 2014-03-30 20:06 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-03-30 19:49 - 2014-03-30 20:20 - 00000000 ____D () C:\Users\user\AppData\Roaming\MAGIX
2014-03-30 19:48 - 2014-03-30 19:48 - 02877736 _____ (MAGIX AG) C:\Users\user\Downloads\trial_musicmaker2014premium_dlm.exe
2014-03-30 16:35 - 2014-03-30 16:35 - 00921000 _____ (Oracle Corporation) C:\Users\user\Downloads\jxpiinstall.exe
2014-03-26 09:08 - 2014-03-30 20:14 - 00388232 _____ () C:\windows\system32\FNTCACHE.DAT
2014-03-18 17:42 - 2014-03-18 17:42 - 00685456 _____ () C:\Users\user\Downloads\ZipExtractorSetup.exe
2014-03-16 14:41 - 2013-10-25 09:34 - 00035856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdBoot.sys
2014-03-16 14:41 - 2013-10-25 00:34 - 00248240 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdFilter.sys
2014-03-16 14:40 - 2014-01-31 02:48 - 01339392 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2014-03-16 14:40 - 2014-01-31 02:06 - 01628160 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
==================== One Month Modified Files and Folders =======
2014-04-14 16:45 - 2014-04-14 16:44 - 00033351 _____ () C:\Users\user\Downloads\FRST.txt
2014-04-14 16:44 - 2014-04-14 16:44 - 00000000 ____D () C:\FRST
2014-04-14 16:43 - 2014-04-14 16:43 - 02157568 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe
2014-04-14 16:41 - 2014-04-14 16:41 - 01146368 _____ (Farbar) C:\Users\user\Downloads\FRST.exe
2014-04-14 16:38 - 2014-04-14 16:38 - 00000000 ____D () C:\Users\user\Documents\PC Speed Maximizer
2014-04-14 16:38 - 2014-04-14 16:38 - 00000000 ____D () C:\Users\user\AppData\Roaming\PC Speed Maximizer
2014-04-14 16:35 - 2014-04-14 16:35 - 00000000 ____D () C:\Users\user\AppData\Roaming\0D0S1L2Z1P1B
2014-04-14 16:35 - 2014-04-14 16:34 - 00000000 ____D () C:\Program Files (x86)\BrowseMark
2014-04-14 16:33 - 2014-04-14 16:33 - 00002660 _____ () C:\windows\System32\Tasks\Digital Sites
2014-04-14 16:33 - 2014-04-14 16:33 - 00001145 _____ () C:\Users\user\Desktop\PC Speed Maximizer.lnk
2014-04-14 16:33 - 2014-04-14 16:33 - 00001120 _____ () C:\Users\Public\Desktop\Open It!.lnk
2014-04-14 16:33 - 2014-04-14 16:33 - 00000322 _____ () C:\windows\Tasks\Digital Sites.job
2014-04-14 16:33 - 2014-04-14 16:33 - 00000000 ____D () C:\Users\user\AppData\Roaming\mysearchdial
2014-04-14 16:33 - 2014-04-14 16:33 - 00000000 ____D () C:\Users\user\AppData\Roaming\DigitalSites
2014-04-14 16:33 - 2014-04-14 16:33 - 00000000 ____D () C:\Program Files (x86)\PC Speed Maximizer
2014-04-14 16:33 - 2014-04-14 16:33 - 00000000 ____D () C:\Program Files (x86)\OpenIt
2014-04-14 16:33 - 2014-04-14 16:33 - 00000000 ____D () C:\Program Files (x86)\Mysearchdial
2014-04-14 16:32 - 2014-04-14 16:32 - 00675608 _____ ( ) C:\Users\user\Downloads\ZipExtractorSetup(1).exe
2014-04-14 16:09 - 2014-04-14 10:09 - 00002788 _____ () C:\windows\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-3.job
2014-04-14 16:09 - 2014-04-14 10:09 - 00002166 _____ () C:\windows\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-4.job
2014-04-14 16:09 - 2014-04-14 10:09 - 00001388 _____ () C:\windows\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-1.job
2014-04-14 16:02 - 2012-08-22 11:34 - 00000360 _____ () C:\windows\Tasks\Xerox PhotoCafe Communicator.job
2014-04-14 16:00 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\sru
2014-04-14 15:55 - 2013-01-31 22:25 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-04-14 15:51 - 2012-08-22 10:34 - 02010424 _____ () C:\windows\WindowsUpdate.log
2014-04-14 12:13 - 2014-04-14 12:13 - 00000000 ___SH () C:\DkHyperbootSync
2014-04-14 12:11 - 2012-08-22 11:23 - 00000000 ____D () C:\ProgramData\WinClon
2014-04-14 12:04 - 2013-08-31 11:26 - 00000000 ___RD () C:\Users\user\Dropbox
2014-04-14 12:04 - 2013-08-21 10:44 - 00000000 ____D () C:\Users\user\AppData\Roaming\Dropbox
2014-04-14 12:03 - 2014-01-10 23:34 - 00000000 ____D () C:\Users\user\AppData\Roaming\newnext.me
2014-04-14 12:03 - 2012-10-24 17:35 - 00000000 ___RD () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-14 12:03 - 2012-10-24 17:35 - 00000000 ___RD () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-14 11:42 - 2013-09-10 21:54 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-04-14 11:41 - 2012-08-05 23:07 - 00045788 _____ () C:\windows\PFRO.log
2014-04-14 11:41 - 2012-07-26 09:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-04-14 11:40 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-04-14 11:37 - 2012-07-26 10:12 - 00000000 ___RD () C:\windows\ToastData
2014-04-14 11:37 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\WinStore
2014-04-14 11:30 - 2014-04-14 10:19 - 00000000 ____D () C:\Users\user\AppData\Roaming\systweak
2014-04-14 11:22 - 2013-02-04 10:52 - 00000000 ____D () C:\Users\user\Documents\Sport
2014-04-14 11:04 - 2014-04-14 11:04 - 00000968 _____ () C:\Users\Public\Desktop\Trojan Killer.lnk
2014-04-14 11:04 - 2014-04-14 11:04 - 00000000 ____D () C:\ProgramData\GridinSoft
2014-04-14 11:04 - 2014-04-14 11:04 - 00000000 ____D () C:\Program Files\GridinSoft Trojan Killer
2014-04-14 11:02 - 2014-04-14 11:01 - 47141056 _____ (GridinSoft LLC) C:\Users\user\Downloads\gtk-2.2.2.5-setup.exe
2014-04-14 10:36 - 2014-01-12 22:35 - 00000000 ____D () C:\Users\user\AppData\Roaming\Audacity
2014-04-14 10:21 - 2014-04-14 10:16 - 00001101 _____ () C:\Users\user\Desktop\MyPC Backup.lnk
2014-04-14 10:18 - 2014-04-14 10:18 - 00001983 _____ () C:\Users\user\Desktop\Sync Folder.lnk
2014-04-14 10:16 - 2014-04-14 10:16 - 00000000 ____D () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-04-14 10:16 - 2014-04-14 10:16 - 00000000 ____D () C:\Program Files (x86)\PriceGong
2014-04-14 10:11 - 2014-04-14 10:11 - 00000000 ____D () C:\Users\user\Desktop\Alte Firefox-Daten-1
2014-04-14 10:10 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-04-14 10:09 - 2014-04-14 10:09 - 00005792 _____ () C:\windows\System32\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-3
2014-04-14 10:09 - 2014-04-14 10:09 - 00005170 _____ () C:\windows\System32\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-4
2014-04-14 10:09 - 2014-04-14 10:09 - 00004392 _____ () C:\windows\System32\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-1
2014-04-14 10:09 - 2014-04-14 10:08 - 00000000 ____D () C:\Program Files (x86)\HQvidPv1.1
2014-04-14 10:08 - 2014-04-14 10:05 - 00000000 ____D () C:\ProgramData\IePluginService
2014-04-14 10:07 - 2014-04-14 10:07 - 00000000 ____D () C:\Users\user\AppData\Local\VisualBeeClient
2014-04-14 10:07 - 2014-04-14 10:06 - 00000000 ____D () C:\Users\user\AppData\Local\VisualBeeExe
2014-04-14 10:06 - 2014-04-14 10:06 - 00001240 _____ () C:\Users\user\Desktop\Create Amazing Presentations.lnk
2014-04-14 10:06 - 2014-04-14 10:06 - 00001240 _____ () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Create Amazing Presentations.lnk
2014-04-14 10:06 - 2014-04-14 10:06 - 00000000 ____D () C:\Users\user\AppData\Local\emaze
2014-04-14 10:06 - 2014-04-14 10:06 - 00000000 ____D () C:\ProgramData\VisualBee
2014-04-14 10:05 - 2014-04-14 10:05 - 00004384 _____ () C:\windows\System32\Tasks\BrowserSafeguard Update Task
2014-04-14 10:05 - 2014-04-14 10:05 - 00000000 ____D () C:\Users\user\AppData\Roaming\SupTab
2014-04-14 10:05 - 2014-04-14 10:05 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-04-14 10:05 - 2014-04-14 10:05 - 00000000 ____D () C:\Program Files (x86)\Browsersafeguard
2014-04-14 10:04 - 2014-04-14 10:04 - 00000000 ____D () C:\ProgramData\WPM
2014-04-14 10:04 - 2012-08-23 02:48 - 00753134 _____ () C:\windows\system32\perfh007.dat
2014-04-14 10:04 - 2012-08-23 02:48 - 00155826 _____ () C:\windows\system32\perfc007.dat
2014-04-14 10:04 - 2012-07-26 09:28 - 01745416 _____ () C:\windows\system32\PerfStringBackup.INI
2014-04-14 10:03 - 2014-04-14 10:03 - 00000000 ____D () C:\Users\user\AppData\Roaming\qone8
2014-04-14 10:02 - 2013-01-17 16:16 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-04-14 10:02 - 2012-10-24 17:34 - 00001656 _____ () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-14 09:57 - 2014-04-14 09:57 - 00240416 _____ (Fusion Install ) C:\Users\user\Downloads\Groovestream.exe
2014-04-13 17:18 - 2014-01-12 22:34 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-04-11 11:16 - 2013-09-03 14:54 - 00000000 ____D () C:\windows\system32\MRT
2014-04-11 11:10 - 2013-01-07 11:47 - 90655440 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-04-09 11:38 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-04-09 11:32 - 2014-04-09 11:31 - 00306264 _____ () C:\windows\Minidump\040914-58156-01.dmp
2014-04-09 11:31 - 2013-09-15 21:06 - 00000000 ____D () C:\windows\Minidump
2014-04-09 11:30 - 2013-09-15 21:06 - 893009178 _____ () C:\windows\MEMORY.DMP
2014-04-04 17:25 - 2014-04-04 17:25 - 02372543 _____ () C:\Users\user\Downloads\erziehender-sportunterricht(1)
2014-04-04 17:23 - 2014-04-04 17:23 - 02372543 _____ () C:\Users\user\Downloads\erziehender-sportunterricht
2014-04-03 11:59 - 2014-03-30 20:07 - 00000000 ____D () C:\ProgramData\simplitec
2014-04-03 11:50 - 2014-04-03 11:50 - 00000000 ____D () C:\Program Files (x86)\emagic
2014-04-03 09:39 - 2014-04-03 09:39 - 00264792 _____ () C:\windows\msxml4-KB2758694-enu.LOG
2014-04-01 09:10 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-03-31 23:18 - 2014-04-14 11:42 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-03-31 23:18 - 2014-04-14 11:42 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-30 20:20 - 2014-03-30 20:20 - 00000000 ____D () C:\Users\user\AppData\Roaming\simplitec
2014-03-30 20:20 - 2014-03-30 20:08 - 00000000 ___RD () C:\Users\user\Documents\MAGIX
2014-03-30 20:20 - 2014-03-30 20:06 - 00000000 ____D () C:\ProgramData\MAGIX
2014-03-30 20:20 - 2014-03-30 19:49 - 00000000 ____D () C:\Users\user\AppData\Roaming\MAGIX
2014-03-30 20:14 - 2014-03-26 09:08 - 00388232 _____ () C:\windows\system32\FNTCACHE.DAT
2014-03-30 20:13 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-30 20:13 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-30 20:13 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-30 20:13 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-30 20:10 - 2014-03-30 20:09 - 00000000 ____D () C:\Users\Public\Documents\MAGIX
2014-03-30 20:09 - 2014-03-30 20:09 - 00001193 _____ () C:\Users\Public\Desktop\MAGIX Music Maker 2014 Premium.lnk
2014-03-30 20:09 - 2014-03-30 20:09 - 00000000 ____D () C:\Users\user\Documents\MAGIX_MusicEditor
2014-03-30 20:08 - 2014-03-30 20:07 - 00000000 ____D () C:\Program Files (x86)\MAGIX
2014-03-30 20:07 - 2014-03-30 20:07 - 00001125 _____ () C:\Users\Public\Desktop\simplicheck.lnk
2014-03-30 20:07 - 2014-03-30 20:07 - 00000000 ____D () C:\Program Files (x86)\simplitec
2014-03-30 20:06 - 2014-03-30 20:06 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-03-30 20:06 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\Help
2014-03-30 19:48 - 2014-03-30 19:48 - 02877736 _____ (MAGIX AG) C:\Users\user\Downloads\trial_musicmaker2014premium_dlm.exe
2014-03-30 16:35 - 2014-03-30 16:35 - 00921000 _____ (Oracle Corporation) C:\Users\user\Downloads\jxpiinstall.exe
2014-03-28 12:48 - 2013-02-11 10:03 - 00000000 ____D () C:\Users\user\Documents\Ref allgemeines
2014-03-18 17:42 - 2014-03-18 17:42 - 00685456 _____ () C:\Users\user\Downloads\ZipExtractorSetup.exe
Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe
Some content of TEMP:
====================
C:\Users\Gast\AppData\Local\Temp\install_flashplayer11x32_mssd_aih.exe
C:\Users\user\AppData\Local\Temp\1366617001itinstallerp.exe
C:\Users\user\AppData\Local\Temp\1366617002itinstallerp.exe
C:\Users\user\AppData\Local\Temp\1_Offer_6.exe
C:\Users\user\AppData\Local\Temp\228965-671337-outlook-2013.exe
C:\Users\user\AppData\Local\Temp\BackupSetup.exe
C:\Users\user\AppData\Local\Temp\COMAP.EXE
C:\Users\user\AppData\Local\Temp\ForteDependencies.exe
C:\Users\user\AppData\Local\Temp\ICReinstall_ZipExtractorSetup.exe
C:\Users\user\AppData\Local\Temp\installerp.exe
C:\Users\user\AppData\Local\Temp\instloffer.exe
C:\Users\user\AppData\Local\Temp\nsk6680.exe
C:\Users\user\AppData\Local\Temp\nsnD366.exe
C:\Users\user\AppData\Local\Temp\nsqC328.exe
C:\Users\user\AppData\Local\Temp\nst7100.exe
C:\Users\user\AppData\Local\Temp\Optimizer_Pro.exe
C:\Users\user\AppData\Local\Temp\SearchProtectINT.exe
C:\Users\user\AppData\Local\Temp\SendMsg.dll
C:\Users\user\AppData\Local\Temp\setup{90B2A168-34E5-40DD-816D-50D9CB3CDAAD}.exe
C:\Users\user\AppData\Local\Temp\SmartbarExeInstaller.exe
C:\Users\user\AppData\Local\Temp\speedupmypc.exe
C:\Users\user\AppData\Local\Temp\SPSetup.exe
C:\Users\user\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\user\AppData\Local\Temp\System.Data.SQLite17313.dll
C:\Users\user\AppData\Local\Temp\System.Data.SQLite72594.dll
C:\Users\user\AppData\Local\Temp\vbmz10.exe
C:\Users\user\AppData\Local\Temp\vcredist_x64.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-14 11:56
==================== End Of Log ============================
--- --- --- FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-04-2014 01
Ran by user at 2014-04-14 16:46:50
Running from C:\Users\user\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
==================== Installed Programs ======================
Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.1.0.8 - Absolute Software)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1380 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.9.0.1380 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Allshare Play Link (HKLM-x32\...\{91786428-D4AA-476D-8AF9-A63FFAC2901F}) (Version: 1.0.0 - Samsung)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Auto Lyrics (HKLM-x32\...\autolyrics@man-soft.net) (Version: - Mansoft Union) <==== ATTENTION
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BrowseMark (HKLM\...\BrowseMark) (Version: 2014.04.12.002348 - BrowseMark)
BrowserSafeguard with RocketTab (HKLM-x32\...\BrowserSafeguard) (Version: - BrowserSafeguard with RocketTab) <==== ATTENTION
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: - )
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MG6300 series Benutzerregistrierung (HKLM-x32\...\Canon MG6300 series Benutzerregistrierung) (Version: - Canon Inc.)
Canon MG6300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6300_series) (Version: 1.00 - Canon Inc.)
Canon MG6300 series On-screen Manual (HKLM-x32\...\Canon MG6300 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
capella 7 (HKLM-x32\...\{3D174772-F96E-4302-9BD5-8D84288604ED}) (Version: 7.1.20 - capella software AG)
capella start 7 (HKLM-x32\...\{CAFCB29B-DDCA-4D3A-B32A-E7D3AF7F4B2E}) (Version: 7.1.20 - capella software AG)
Citrix Access Gateway Plug-in (HKLM\...\{D822223D-F82A-4B20-A6A7-56C0A3849FB1}) (Version: 10.1.119.7 - Citrix Systems, Inc.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1912 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1912 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4415.02 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.4415.02 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
Easy File Share (HKLM-x32\...\{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}) (Version: 1.3.4 - Samsung Electronics CO.,LTD.)
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.)
ETDWare PS/2-X64 11.7.2.1_WHQL (HKLM\...\Elantech) (Version: 11.7.2.1 - ELAN Microelectronic Corp.)
ExpressCache (HKLM\...\{3EA6AB5D-D434-4ACA-9609-48F1319518EF}) (Version: 1.0.94 - Condusiv Technologies)
Fast Flash Sleep Resume (x32 Version: 1.1.0 - Samsung) Hidden
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
FORTE 4 - Free Edition (HKLM-x32\...\FORTE 4 Free) (Version: 4 - Lugert Verlag)
Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
fotokasten comfort 5.0 (HKLM-x32\...\fotokasten comfort_is1) (Version: - )
Free Audio Converter version 5.0.32.1230 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.32.1230 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.17.1125 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.17.1125 - DVDVideoSoft Ltd.)
Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Help Desk (HKLM\...\{C85A891D-7AB4-46AE-84F0-B0C3FAC82280}) (Version: 1.0.4 - Samsung Electronics CO., LTD.)
HQvidPv1.1 (HKLM-x32\...\HQvidPv1.1) (Version: 1.34.3.28 - HQvidPv1.1)
iCloud (HKLM\...\{EAFB2AD8-D92B-464C-8D97-B9CB94703C4A}) (Version: 3.0.2.163 - Apple Inc.)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33070) (Version: 3.6.1.33070.11 - Intel)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36702 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) PRO/Wireless Driver (Version: 16.01.5000.0577 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2817 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{89478C31-5CE8-461A-9084-9A0AF059F84F}) (Version: 15.5.0.0344 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{7854AA22-A2F0-4F29-A2E9-D0C5A2B685E7}) (Version: 2.5.0.0248 - Motorola Solutions, Inc)
Intel(R) Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 2.1.0.1002 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.2.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 16.01.5000.0269 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
iRobinHood Partners V Addon (HKLM-x32\...\iRobinHood Addon) (Version: 1.3.5 - iRobinHood)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Logic Fun 4.8 (HKLM-x32\...\Logic Fun 4.8) (Version: - )
MAGIX Content und Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Music Maker 2014 Premium (HKLM-x32\...\MX.{BB514EEA-B3EB-4713-8DD2-B76CA5619F11}) (Version: 20.0.2.35 - MAGIX AG)
MAGIX Music Maker 2014 Premium (Version: 20.0.2.35 - MAGIX AG) Hidden
MAGIX Music Maker 2014 Trial Soundpools (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{44CD9DB4-74FD-41BD-A138-AC8F279E6959}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40820 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40825 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.40820 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.40820 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 16.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 16.0 (x86 de)) (Version: 16.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 16.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyPC Backup (HKLM\...\MyPC Backup) (Version: - JDi Backup Ltd) <==== ATTENTION
Mysearchdial (HKLM-x32\...\mysearchdial) (Version: - Mysearchdial) <==== ATTENTION
Norton Internet Security (HKLM-x32\...\NIS) (Version: 20.4.0.40 - Symantec Corporation)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.45 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.1.0.11 - Symantec Corporation) Hidden
NVIDIA Grafiktreiber 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 306.97 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.85.551 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.10.8 (Version: 1.10.8 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0613 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Systemsteuerung 306.97 (Version: 306.97 - NVIDIA Corporation) Hidden
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
Open It! (HKLM-x32\...\OpenIt Open It!) (Version: 1.1.1 - OpenIt)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
PC Speed Maximizer v3.2 (HKLM-x32\...\PC Speed Maximizer_is1) (Version: 3.2 - Smart PC Solutions)
Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
PriceGong 2.6.11 (HKLM-x32\...\PriceGong) (Version: 2.6.11 - PriceGong) <==== ATTENTION
qone8 uninstaller (HKLM-x32\...\qone8 uninstaller) (Version: - qone8)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Ravensburger tiptoi (HKLM-x32\...\Ravensburger tiptoi) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6699 - Realtek Semiconductor Corp.)
Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.5.0 - Samsung Electronics CO., LTD.)
S Agent (Version: 1.0.7 - Samsung Electronics CO., LTD.) Hidden
Saal Design Software (HKLM-x32\...\SaalDesignSoftware) (Version: 3.2.27 - SSW Software GmbH)
Saal Design Software (x32 Version: 3.2.27 - SSW Software GmbH) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13052_10 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.3.13052_10 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.24.0 - SAMSUNG Electronics Co., Ltd.)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.12.20.154 - Conduit) <==== ATTENTION
Settings (HKLM-x32\...\{52E5DE60-C96B-42CC-9A37-FE04725940AE}) (Version: 2.0.0 - Samsung Electronics CO., LTD.)
simplitec simplicheck (HKLM-x32\...\{183D780B-28F9-41BA-A2CB-605F324A5781}) (Version: 1.3.10.0 - simplitec GmbH)
Softonic toolbar on IE and Chrome (HKLM-x32\...\Softonic) (Version: 1.8.21.14 - Softonic) <==== ATTENTION
Support Center (HKLM\...\{332518C0-0D31-4FFA-9D15-24C9C3D70B08}) (Version: 2.0.7 - Samsung Electronics CO., LTD.)
Support Center FAQ (x32 Version: 1.0.0 - Samsung Electronics CO., LTD.) Hidden
SW Update (HKLM-x32\...\{3B4E6027-AED5-4169-B030-B450E5A0F396}) (Version: 2.0.14 - Samsung Electronics CO., LTD.)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
Trojan Killer (HKLM-x32\...\GridinSoft Trojan Killer) (Version: 2.2.2.5 - GridinSoft LLC)
Update for Zip Extractor (HKCU\...\Digital Sites) (Version: - Update for Zip Extractor) <==== ATTENTION
Updater (HKLM-x32\...\{D54E3D9F-FEB8-4D2D-A138-B69A5C80080B}) (Version: 2.6.53 - Creative Island Media, LLC) <==== ATTENTION
User Guide (HKLM-x32\...\{5D4E117D-FC6A-4FB8-81E3-BEFFAE2F7BE6}) (Version: 1.1.00 - Samsung Electronics CO., LTD.)
VisualBee for Microsoft PowerPoint (HKCU\...\VisualBee for Microsoft PowerPoint) (Version: V4.1 - VisualBee.com)
Websteroids (HKLM-x32\...\Websteroids) (Version: 2.6.53 - Creative Island Media, LLC) <==== ATTENTION
Windows Driver Package - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass (07/27/2012 20.57.1.735) (HKLM\...\9F04C462DAB591BDCCE784F77E4D4F1736010B92) (Version: 07/27/2012 20.57.1.735 - Samsung Electronics Co. Ltd.)
Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WPM18.8.0.212 (HKLM-x32\...\WPM) (Version: 18.8.0.212 - Cherished Technololgy LIMITED) <==== ATTENTION
Xerox PhotoCafe (HKLM-x32\...\Xerox PhotoCafe) (Version: 1.0.0.6162 - Xerox)
Zip Extractor Packages (HKCU\...\Zip Extractor Packages) (Version: - ) <==== ATTENTION
==================== Restore Points =========================
04-03-2014 19:16:54 Windows Update
09-03-2014 20:24:08 Windows Update
16-03-2014 11:42:00 Windows Update
30-03-2014 09:44:52 Windows Update
03-04-2014 07:38:22 Windows Update
11-04-2014 09:07:48 Windows Update
14-04-2014 08:29:27 RegClean Pro Mo, Apr 14, 14 10:29
==================== Hosts content: ==========================
2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0810D624-08A8-4AA7-B03F-18F8A68B9907} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {16B55B81-46E2-46EB-A377-D369A16B96F2} - System32\Tasks\Intel® Rapid Start Technology Manager => C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe [2012-07-19] (Intel)
Task: {179EBFA6-896F-4E76-B047-0D0D33E8C5AD} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2012-08-23] (SEC)
Task: {1A5B57D2-4A4F-4C88-B7CD-9E23DDD997EC} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2012-08-26] (Samsung Electronics CO., LTD.)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {39DC11E8-4CD5-435F-884A-8FAFA36F85FE} - System32\Tasks\Xerox PhotoCafe Communicator => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe [2011-10-26] ()
Task: {3E1B711F-0EAD-45C9-B842-B2777D84A77F} - System32\Tasks\WLANStartup => C:\Program Files (x86)\Samsung\Easy Settings\WLANStartup.exe
Task: {61086126-0CE2-4178-9A18-5BA073EBA262} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2012-08-17] (Samsung Electronics CO., LTD.)
Task: {6C2797B9-5499-4BE3-8794-DC5D7894C7D3} - System32\Tasks\SWUpdateAgent => C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe [2012-08-22] (Samsung Electronics CO., LTD.)
Task: {70C9BCE1-059F-40D1-85C6-997EA9DE0CFD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {94C77FE8-A294-416E-A422-80D1A8950144} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-01-31] (Microsoft Corporation)
Task: {97034F17-0AF7-4F6B-BAE9-CF8693C0C3C7} - System32\Tasks\BrowserSafeguard Update Task => C:\Program Files (x86)\Browsersafeguard\uninstall.BrowserSafeguard.exe [2014-04-14] () <==== ATTENTION
Task: {9E99A1DA-4515-445B-87E1-AE7A12584CD5} - System32\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-4 => C:\Program Files (x86)\HQvidPv1.1\90ea0056-47b8-4705-bc6a-783c6f594e02-4.exe
Task: {A13DEE6B-5C9D-44B7-905E-B6B00F35D924} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {AA979738-6FE0-439D-BE98-AE2B9D7B6D0F} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {B04E7120-62A4-49AB-B0F6-555D61B39F37} - System32\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-3 => C:\Program Files (x86)\HQvidPv1.1\90ea0056-47b8-4705-bc6a-783c6f594e02-3.exe
Task: {B12D653B-A466-48DF-AE3C-918403201574} - System32\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-1 => C:\Program Files (x86)\HQvidPv1.1\HQvidPv1.1-codedownloader.exe
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {CADEA582-53F7-4769-9871-783BDA930BF0} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {CF2ED087-19F4-411A-8C48-F50B4C0E7D00} - System32\Tasks\FFSRConfigurer => C:\Program Files (x86)\Samsung\Fast Flash Sleep Resume\FFSRConfigurer.exe [2012-08-10] (Samsung)
Task: {E8E9ED25-423E-4ED7-A8C8-7D56CD754912} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe [2013-06-04] (Symantec Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F403B5E3-EF39-44CE-B42B-61F435A9E651} - System32\Tasks\DealPly => C:\Users\user\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe <==== ATTENTION
Task: {F6E1B828-B41B-4C3C-B497-6B18F115D98C} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {F9D5844E-1DF0-433B-8914-44A27A098EF4} - System32\Tasks\Digital Sites => C:\Users\user\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: C:\windows\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-1.job => C:\Program Files (x86)\HQvidPv1.1\HQvidPv1.1-codedownloader.exe
Task: C:\windows\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-3.job => C:\Program Files (x86)\HQvidPv1.1\90ea0056-47b8-4705-bc6a-783c6f594e02-3.exe
Task: C:\windows\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-4.job => C:\Program Files (x86)\HQvidPv1.1\90ea0056-47b8-4705-bc6a-783c6f594e02-4.exe
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\Digital Sites.job => C:\Users\user\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe <==== ATTENTION
Task: C:\windows\Tasks\Xerox PhotoCafe Communicator.job => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe
==================== Loaded Modules (whitelisted) =============
2014-03-14 16:00 - 2014-03-14 16:00 - 01102336 _____ () C:\Program Files (x86)\MyPC Backup\x64\System.Data.SQLite.dll
2013-01-17 18:13 - 2012-03-28 14:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2012-07-30 08:41 - 2012-07-25 05:08 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-03-14 16:06 - 2014-03-14 16:06 - 00012288 _____ () C:\Program Files (x86)\MyPC Backup\GetText.dll
2014-04-03 17:00 - 2014-04-11 23:04 - 00465408 _____ () C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe
2012-07-24 05:06 - 2012-07-24 05:06 - 00119808 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
2014-04-12 02:33 - 2014-04-12 02:33 - 00350496 _____ () C:\Program Files (x86)\BrowseMark\updateBrowseMark.exe
2014-04-14 16:35 - 2014-04-12 02:33 - 01122592 _____ () C:\Program Files (x86)\BrowseMark\BrowseMark.FirstRun.exe
2013-04-09 00:19 - 2013-04-09 00:19 - 01143296 _____ () C:\Program Files (x86)\OpenIt\Open It!\openit.exe
2012-10-11 22:56 - 2012-10-11 22:56 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-10-11 22:56 - 2012-10-11 22:56 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-08-22 11:11 - 2012-06-25 20:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-06-08 09:46 - 2012-05-30 08:51 - 00699280 ____R () C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\wincfi39.dll
2012-08-26 11:48 - 2012-08-26 11:48 - 00026232 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2012-08-26 11:48 - 2012-08-26 11:48 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2012-08-26 11:48 - 2012-08-26 11:48 - 00029816 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2012-08-26 11:48 - 2012-08-26 11:48 - 00091768 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2012-08-22 11:32 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 04:34 - 2012-06-08 04:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\user\AppData\Roaming\Dropbox\bin\libcef.dll
2011-08-15 13:12 - 2011-08-15 13:12 - 02603520 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll
2012-06-14 04:57 - 2012-06-14 04:57 - 00015872 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll
2011-08-15 13:12 - 2011-08-15 13:12 - 01006592 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll
2011-08-15 13:15 - 2011-08-15 13:15 - 00382464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll
2011-08-17 09:41 - 2011-08-17 09:41 - 00400384 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll
2011-08-17 09:48 - 2011-08-17 09:48 - 00322048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll
2011-08-17 09:48 - 2011-08-17 09:48 - 00195584 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll
2011-08-15 12:23 - 2011-08-15 12:23 - 00062464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll
2012-06-14 04:56 - 2012-06-14 04:56 - 00481792 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll
2012-06-14 05:06 - 2012-06-14 05:06 - 00500064 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\plugin\PServerPlugin.dll
2012-06-14 04:55 - 2012-06-14 04:55 - 00013824 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll
2012-08-10 17:51 - 2012-08-10 17:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2012-08-10 17:50 - 2012-08-10 17:50 - 00170496 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxslt.dll
2011-07-19 09:05 - 2011-07-19 09:05 - 14978048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtWebKit4.dll
2011-08-15 13:17 - 2011-08-15 13:17 - 09224704 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtGui4.dll
2011-07-19 09:04 - 2011-07-19 09:04 - 00317952 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\phonon4.dll
2013-03-27 23:50 - 2013-03-27 23:50 - 00020480 _____ () C:\Program Files (x86)\OpenIt\Open It!\libgcc_s_dw2-1.dll
2011-12-02 02:30 - 2011-12-02 02:30 - 00979982 _____ () C:\Program Files (x86)\OpenIt\Open It!\libstdc++-6.dll
2013-03-27 23:50 - 2013-03-27 23:50 - 00009826 _____ () C:\Program Files (x86)\OpenIt\Open It!\mingwm10.dll
2014-01-10 23:45 - 2012-10-06 04:14 - 02294240 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:373E1720
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/14/2014 01:38:27 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2500
Error: (04/14/2014 01:38:27 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2500
Error: (04/14/2014 01:38:27 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (04/14/2014 00:10:20 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: EasySettingsCmdServer.exe, Version: 0.0.0.0, Zeitstempel: 0x50376629
Name des fehlerhaften Moduls: EasySettingsBase.dll, Version: 0.0.0.0, Zeitstempel: 0x5039da3f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00001610
ID des fehlerhaften Prozesses: 0xfd4
Startzeit der fehlerhaften Anwendung: 0xEasySettingsCmdServer.exe0
Pfad der fehlerhaften Anwendung: EasySettingsCmdServer.exe1
Pfad des fehlerhaften Moduls: EasySettingsCmdServer.exe2
Berichtskennung: EasySettingsCmdServer.exe3
Vollständiger Name des fehlerhaften Pakets: EasySettingsCmdServer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: EasySettingsCmdServer.exe5
Error: (04/14/2014 00:08:35 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: CommonAgent.exe, Version: 1.0.7.5, Zeitstempel: 0x502ddd20
Name des fehlerhaften Moduls: CommonAgent.exe, Version: 1.0.7.5, Zeitstempel: 0x502ddd20
Ausnahmecode: 0x40000015
Fehleroffset: 0x0000000000183835
ID des fehlerhaften Prozesses: 0x1604
Startzeit der fehlerhaften Anwendung: 0xCommonAgent.exe0
Pfad der fehlerhaften Anwendung: CommonAgent.exe1
Pfad des fehlerhaften Moduls: CommonAgent.exe2
Berichtskennung: CommonAgent.exe3
Vollständiger Name des fehlerhaften Pakets: CommonAgent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CommonAgent.exe5
Error: (04/14/2014 00:08:27 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: CommonAgent.exe, Version: 1.0.7.5, Zeitstempel: 0x502ddd20
Name des fehlerhaften Moduls: CommonAgent.exe, Version: 1.0.7.5, Zeitstempel: 0x502ddd20
Ausnahmecode: 0x40000015
Fehleroffset: 0x0000000000183835
ID des fehlerhaften Prozesses: 0xe2c
Startzeit der fehlerhaften Anwendung: 0xCommonAgent.exe0
Pfad der fehlerhaften Anwendung: CommonAgent.exe1
Pfad des fehlerhaften Moduls: CommonAgent.exe2
Berichtskennung: CommonAgent.exe3
Vollständiger Name des fehlerhaften Pakets: CommonAgent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CommonAgent.exe5
Error: (04/14/2014 10:02:51 AM) (Source: Application Hang) (User: )
Description: Programm firefox.exe, Version 16.0.0.4661 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 6a40
Startzeit: 01cf57b7cabd609d
Endzeit: 39
Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID: 1c5915c7-c3ab-11e3-becd-c48508dd16c9
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (04/14/2014 08:58:23 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 49541359
Error: (04/14/2014 08:58:23 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 49541359
Error: (04/14/2014 08:58:23 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
System errors:
=============
Error: (04/14/2014 10:05:12 AM) (Source: Service Control Manager) (User: )
Description: Dienst "Search Protect by Conduit Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (04/10/2014 05:43:24 PM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.
Error: (04/10/2014 04:34:05 PM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.
Error: (04/10/2014 04:33:57 PM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.
Error: (04/10/2014 04:33:47 PM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.
Error: (04/09/2014 11:34:32 AM) (Source: Service Control Manager) (User: )
Description: Dienst "Intel(R) PROSet/Wireless Zero Configuration Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (04/09/2014 11:32:40 AM) (Source: BugCheck) (User: )
Description: 0x0000007a (0xfffff6fc50003198, 0xffffffffc000000e, 0x00000000a303d880, 0xfffff8a000633ca4)C:\windows\MEMORY.DMP040914-58156-01
Error: (04/09/2014 11:31:43 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 09.04.2014 um 11:20:40 unerwartet heruntergefahren.
Error: (04/09/2014 08:42:25 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Spooler erreicht.
Error: (04/09/2014 08:41:55 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Spooler erreicht.
Microsoft Office Sessions:
=========================
Error: (04/14/2014 01:38:27 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2500
Error: (04/14/2014 01:38:27 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2500
Error: (04/14/2014 01:38:27 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (04/14/2014 00:10:20 PM) (Source: Application Error)(User: )
Description: EasySettingsCmdServer.exe0.0.0.050376629EasySettingsBase.dll0.0.0.05039da3fc000000500001610fd401cf57c8be3282d7C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exeC:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dllfbcf5c6b-c3bc-11e3-bece-c48508dd16c9
Error: (04/14/2014 00:08:35 PM) (Source: Application Error)(User: )
Description: CommonAgent.exe1.0.7.5502ddd20CommonAgent.exe1.0.7.5502ddd20400000150000000000183835160401cf57c97f33d7aeC:\Program Files\Samsung\S Agent\CommonAgent.exeC:\Program Files\Samsung\S Agent\CommonAgent.exebd3e32fc-c3bc-11e3-bece-c48508dd16c9
Error: (04/14/2014 00:08:27 PM) (Source: Application Error)(User: )
Description: CommonAgent.exe1.0.7.5502ddd20CommonAgent.exe1.0.7.5502ddd20400000150000000000183835e2c01cf57c8e341a846C:\Program Files\Samsung\S Agent\CommonAgent.exeC:\Program Files\Samsung\S Agent\CommonAgent.exeb8187721-c3bc-11e3-bece-c48508dd16c9
Error: (04/14/2014 10:02:51 AM) (Source: Application Hang)(User: )
Description: firefox.exe16.0.0.46616a4001cf57b7cabd609d39C:\Program Files (x86)\Mozilla Firefox\firefox.exe1c5915c7-c3ab-11e3-becd-c48508dd16c9
Error: (04/14/2014 08:58:23 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 49541359
Error: (04/14/2014 08:58:23 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 49541359
Error: (04/14/2014 08:58:23 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
==================== Memory info ===========================
Percentage of memory in use: 39%
Total physical RAM: 7893.53 MB
Available physical RAM: 4773.18 MB
Total Pagefile: 15829.53 MB
Available Pagefile: 12823.79 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:440.18 GB) (Free:340.35 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 029B5B55)
Partition: GPT Partition Type.
========================================================
Disk: 1 (Size: 22 GB) (Disk ID: 2D572FD1)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
|
14.04.2014, 18:51
| #4 |
| | Sart Quon8 blockiert alles\ Windows 8 FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-04-2014 01
Ran by user at 2014-04-14 16:46:50
Running from C:\Users\user\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
==================== Installed Programs ======================
Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.1.0.8 - Absolute Software)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1380 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.9.0.1380 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Allshare Play Link (HKLM-x32\...\{91786428-D4AA-476D-8AF9-A63FFAC2901F}) (Version: 1.0.0 - Samsung)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Auto Lyrics (HKLM-x32\...\autolyrics@man-soft.net) (Version: - Mansoft Union) <==== ATTENTION
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BrowseMark (HKLM\...\BrowseMark) (Version: 2014.04.12.002348 - BrowseMark)
BrowserSafeguard with RocketTab (HKLM-x32\...\BrowserSafeguard) (Version: - BrowserSafeguard with RocketTab) <==== ATTENTION
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: - )
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MG6300 series Benutzerregistrierung (HKLM-x32\...\Canon MG6300 series Benutzerregistrierung) (Version: - Canon Inc.)
Canon MG6300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6300_series) (Version: 1.00 - Canon Inc.)
Canon MG6300 series On-screen Manual (HKLM-x32\...\Canon MG6300 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
capella 7 (HKLM-x32\...\{3D174772-F96E-4302-9BD5-8D84288604ED}) (Version: 7.1.20 - capella software AG)
capella start 7 (HKLM-x32\...\{CAFCB29B-DDCA-4D3A-B32A-E7D3AF7F4B2E}) (Version: 7.1.20 - capella software AG)
Citrix Access Gateway Plug-in (HKLM\...\{D822223D-F82A-4B20-A6A7-56C0A3849FB1}) (Version: 10.1.119.7 - Citrix Systems, Inc.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1912 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1912 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4415.02 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.4415.02 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
Easy File Share (HKLM-x32\...\{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}) (Version: 1.3.4 - Samsung Electronics CO.,LTD.)
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.)
ETDWare PS/2-X64 11.7.2.1_WHQL (HKLM\...\Elantech) (Version: 11.7.2.1 - ELAN Microelectronic Corp.)
ExpressCache (HKLM\...\{3EA6AB5D-D434-4ACA-9609-48F1319518EF}) (Version: 1.0.94 - Condusiv Technologies)
Fast Flash Sleep Resume (x32 Version: 1.1.0 - Samsung) Hidden
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
FORTE 4 - Free Edition (HKLM-x32\...\FORTE 4 Free) (Version: 4 - Lugert Verlag)
Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
fotokasten comfort 5.0 (HKLM-x32\...\fotokasten comfort_is1) (Version: - )
Free Audio Converter version 5.0.32.1230 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.32.1230 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.17.1125 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.17.1125 - DVDVideoSoft Ltd.)
Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Help Desk (HKLM\...\{C85A891D-7AB4-46AE-84F0-B0C3FAC82280}) (Version: 1.0.4 - Samsung Electronics CO., LTD.)
HQvidPv1.1 (HKLM-x32\...\HQvidPv1.1) (Version: 1.34.3.28 - HQvidPv1.1)
iCloud (HKLM\...\{EAFB2AD8-D92B-464C-8D97-B9CB94703C4A}) (Version: 3.0.2.163 - Apple Inc.)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33070) (Version: 3.6.1.33070.11 - Intel)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36702 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) PRO/Wireless Driver (Version: 16.01.5000.0577 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2817 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{89478C31-5CE8-461A-9084-9A0AF059F84F}) (Version: 15.5.0.0344 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{7854AA22-A2F0-4F29-A2E9-D0C5A2B685E7}) (Version: 2.5.0.0248 - Motorola Solutions, Inc)
Intel(R) Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 2.1.0.1002 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.2.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 16.01.5000.0269 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
iRobinHood Partners V Addon (HKLM-x32\...\iRobinHood Addon) (Version: 1.3.5 - iRobinHood)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Logic Fun 4.8 (HKLM-x32\...\Logic Fun 4.8) (Version: - )
MAGIX Content und Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Music Maker 2014 Premium (HKLM-x32\...\MX.{BB514EEA-B3EB-4713-8DD2-B76CA5619F11}) (Version: 20.0.2.35 - MAGIX AG)
MAGIX Music Maker 2014 Premium (Version: 20.0.2.35 - MAGIX AG) Hidden
MAGIX Music Maker 2014 Trial Soundpools (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{44CD9DB4-74FD-41BD-A138-AC8F279E6959}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40820 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40825 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.40820 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.40820 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 16.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 16.0 (x86 de)) (Version: 16.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 16.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyPC Backup (HKLM\...\MyPC Backup) (Version: - JDi Backup Ltd) <==== ATTENTION
Mysearchdial (HKLM-x32\...\mysearchdial) (Version: - Mysearchdial) <==== ATTENTION
Norton Internet Security (HKLM-x32\...\NIS) (Version: 20.4.0.40 - Symantec Corporation)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.45 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.1.0.11 - Symantec Corporation) Hidden
NVIDIA Grafiktreiber 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 306.97 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.85.551 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.10.8 (Version: 1.10.8 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0613 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Systemsteuerung 306.97 (Version: 306.97 - NVIDIA Corporation) Hidden
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
Open It! (HKLM-x32\...\OpenIt Open It!) (Version: 1.1.1 - OpenIt)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
PC Speed Maximizer v3.2 (HKLM-x32\...\PC Speed Maximizer_is1) (Version: 3.2 - Smart PC Solutions)
Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
PriceGong 2.6.11 (HKLM-x32\...\PriceGong) (Version: 2.6.11 - PriceGong) <==== ATTENTION
qone8 uninstaller (HKLM-x32\...\qone8 uninstaller) (Version: - qone8)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Ravensburger tiptoi (HKLM-x32\...\Ravensburger tiptoi) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6699 - Realtek Semiconductor Corp.)
Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.5.0 - Samsung Electronics CO., LTD.)
S Agent (Version: 1.0.7 - Samsung Electronics CO., LTD.) Hidden
Saal Design Software (HKLM-x32\...\SaalDesignSoftware) (Version: 3.2.27 - SSW Software GmbH)
Saal Design Software (x32 Version: 3.2.27 - SSW Software GmbH) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13052_10 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.3.13052_10 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.24.0 - SAMSUNG Electronics Co., Ltd.)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.12.20.154 - Conduit) <==== ATTENTION
Settings (HKLM-x32\...\{52E5DE60-C96B-42CC-9A37-FE04725940AE}) (Version: 2.0.0 - Samsung Electronics CO., LTD.)
simplitec simplicheck (HKLM-x32\...\{183D780B-28F9-41BA-A2CB-605F324A5781}) (Version: 1.3.10.0 - simplitec GmbH)
Softonic toolbar on IE and Chrome (HKLM-x32\...\Softonic) (Version: 1.8.21.14 - Softonic) <==== ATTENTION
Support Center (HKLM\...\{332518C0-0D31-4FFA-9D15-24C9C3D70B08}) (Version: 2.0.7 - Samsung Electronics CO., LTD.)
Support Center FAQ (x32 Version: 1.0.0 - Samsung Electronics CO., LTD.) Hidden
SW Update (HKLM-x32\...\{3B4E6027-AED5-4169-B030-B450E5A0F396}) (Version: 2.0.14 - Samsung Electronics CO., LTD.)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
Trojan Killer (HKLM-x32\...\GridinSoft Trojan Killer) (Version: 2.2.2.5 - GridinSoft LLC)
Update for Zip Extractor (HKCU\...\Digital Sites) (Version: - Update for Zip Extractor) <==== ATTENTION
Updater (HKLM-x32\...\{D54E3D9F-FEB8-4D2D-A138-B69A5C80080B}) (Version: 2.6.53 - Creative Island Media, LLC) <==== ATTENTION
User Guide (HKLM-x32\...\{5D4E117D-FC6A-4FB8-81E3-BEFFAE2F7BE6}) (Version: 1.1.00 - Samsung Electronics CO., LTD.)
VisualBee for Microsoft PowerPoint (HKCU\...\VisualBee for Microsoft PowerPoint) (Version: V4.1 - VisualBee.com)
Websteroids (HKLM-x32\...\Websteroids) (Version: 2.6.53 - Creative Island Media, LLC) <==== ATTENTION
Windows Driver Package - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass (07/27/2012 20.57.1.735) (HKLM\...\9F04C462DAB591BDCCE784F77E4D4F1736010B92) (Version: 07/27/2012 20.57.1.735 - Samsung Electronics Co. Ltd.)
Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WPM18.8.0.212 (HKLM-x32\...\WPM) (Version: 18.8.0.212 - Cherished Technololgy LIMITED) <==== ATTENTION
Xerox PhotoCafe (HKLM-x32\...\Xerox PhotoCafe) (Version: 1.0.0.6162 - Xerox)
Zip Extractor Packages (HKCU\...\Zip Extractor Packages) (Version: - ) <==== ATTENTION
==================== Restore Points =========================
04-03-2014 19:16:54 Windows Update
09-03-2014 20:24:08 Windows Update
16-03-2014 11:42:00 Windows Update
30-03-2014 09:44:52 Windows Update
03-04-2014 07:38:22 Windows Update
11-04-2014 09:07:48 Windows Update
14-04-2014 08:29:27 RegClean Pro Mo, Apr 14, 14 10:29
==================== Hosts content: ==========================
2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0810D624-08A8-4AA7-B03F-18F8A68B9907} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {16B55B81-46E2-46EB-A377-D369A16B96F2} - System32\Tasks\Intel® Rapid Start Technology Manager => C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe [2012-07-19] (Intel)
Task: {179EBFA6-896F-4E76-B047-0D0D33E8C5AD} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2012-08-23] (SEC)
Task: {1A5B57D2-4A4F-4C88-B7CD-9E23DDD997EC} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2012-08-26] (Samsung Electronics CO., LTD.)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {39DC11E8-4CD5-435F-884A-8FAFA36F85FE} - System32\Tasks\Xerox PhotoCafe Communicator => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe [2011-10-26] ()
Task: {3E1B711F-0EAD-45C9-B842-B2777D84A77F} - System32\Tasks\WLANStartup => C:\Program Files (x86)\Samsung\Easy Settings\WLANStartup.exe
Task: {61086126-0CE2-4178-9A18-5BA073EBA262} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2012-08-17] (Samsung Electronics CO., LTD.)
Task: {6C2797B9-5499-4BE3-8794-DC5D7894C7D3} - System32\Tasks\SWUpdateAgent => C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe [2012-08-22] (Samsung Electronics CO., LTD.)
Task: {70C9BCE1-059F-40D1-85C6-997EA9DE0CFD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {94C77FE8-A294-416E-A422-80D1A8950144} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-01-31] (Microsoft Corporation)
Task: {97034F17-0AF7-4F6B-BAE9-CF8693C0C3C7} - System32\Tasks\BrowserSafeguard Update Task => C:\Program Files (x86)\Browsersafeguard\uninstall.BrowserSafeguard.exe [2014-04-14] () <==== ATTENTION
Task: {9E99A1DA-4515-445B-87E1-AE7A12584CD5} - System32\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-4 => C:\Program Files (x86)\HQvidPv1.1\90ea0056-47b8-4705-bc6a-783c6f594e02-4.exe
Task: {A13DEE6B-5C9D-44B7-905E-B6B00F35D924} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {AA979738-6FE0-439D-BE98-AE2B9D7B6D0F} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {B04E7120-62A4-49AB-B0F6-555D61B39F37} - System32\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-3 => C:\Program Files (x86)\HQvidPv1.1\90ea0056-47b8-4705-bc6a-783c6f594e02-3.exe
Task: {B12D653B-A466-48DF-AE3C-918403201574} - System32\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-1 => C:\Program Files (x86)\HQvidPv1.1\HQvidPv1.1-codedownloader.exe
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {CADEA582-53F7-4769-9871-783BDA930BF0} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {CF2ED087-19F4-411A-8C48-F50B4C0E7D00} - System32\Tasks\FFSRConfigurer => C:\Program Files (x86)\Samsung\Fast Flash Sleep Resume\FFSRConfigurer.exe [2012-08-10] (Samsung)
Task: {E8E9ED25-423E-4ED7-A8C8-7D56CD754912} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe [2013-06-04] (Symantec Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F403B5E3-EF39-44CE-B42B-61F435A9E651} - System32\Tasks\DealPly => C:\Users\user\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe <==== ATTENTION
Task: {F6E1B828-B41B-4C3C-B497-6B18F115D98C} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {F9D5844E-1DF0-433B-8914-44A27A098EF4} - System32\Tasks\Digital Sites => C:\Users\user\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: C:\windows\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-1.job => C:\Program Files (x86)\HQvidPv1.1\HQvidPv1.1-codedownloader.exe
Task: C:\windows\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-3.job => C:\Program Files (x86)\HQvidPv1.1\90ea0056-47b8-4705-bc6a-783c6f594e02-3.exe
Task: C:\windows\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-4.job => C:\Program Files (x86)\HQvidPv1.1\90ea0056-47b8-4705-bc6a-783c6f594e02-4.exe
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\Digital Sites.job => C:\Users\user\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe <==== ATTENTION
Task: C:\windows\Tasks\Xerox PhotoCafe Communicator.job => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe
==================== Loaded Modules (whitelisted) =============
2014-03-14 16:00 - 2014-03-14 16:00 - 01102336 _____ () C:\Program Files (x86)\MyPC Backup\x64\System.Data.SQLite.dll
2013-01-17 18:13 - 2012-03-28 14:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2012-07-30 08:41 - 2012-07-25 05:08 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-03-14 16:06 - 2014-03-14 16:06 - 00012288 _____ () C:\Program Files (x86)\MyPC Backup\GetText.dll
2014-04-03 17:00 - 2014-04-11 23:04 - 00465408 _____ () C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe
2012-07-24 05:06 - 2012-07-24 05:06 - 00119808 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
2014-04-12 02:33 - 2014-04-12 02:33 - 00350496 _____ () C:\Program Files (x86)\BrowseMark\updateBrowseMark.exe
2014-04-14 16:35 - 2014-04-12 02:33 - 01122592 _____ () C:\Program Files (x86)\BrowseMark\BrowseMark.FirstRun.exe
2013-04-09 00:19 - 2013-04-09 00:19 - 01143296 _____ () C:\Program Files (x86)\OpenIt\Open It!\openit.exe
2012-10-11 22:56 - 2012-10-11 22:56 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-10-11 22:56 - 2012-10-11 22:56 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-08-22 11:11 - 2012-06-25 20:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-06-08 09:46 - 2012-05-30 08:51 - 00699280 ____R () C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\wincfi39.dll
2012-08-26 11:48 - 2012-08-26 11:48 - 00026232 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2012-08-26 11:48 - 2012-08-26 11:48 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2012-08-26 11:48 - 2012-08-26 11:48 - 00029816 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2012-08-26 11:48 - 2012-08-26 11:48 - 00091768 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2012-08-22 11:32 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 04:34 - 2012-06-08 04:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\user\AppData\Roaming\Dropbox\bin\libcef.dll
2011-08-15 13:12 - 2011-08-15 13:12 - 02603520 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll
2012-06-14 04:57 - 2012-06-14 04:57 - 00015872 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll
2011-08-15 13:12 - 2011-08-15 13:12 - 01006592 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll
2011-08-15 13:15 - 2011-08-15 13:15 - 00382464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll
2011-08-17 09:41 - 2011-08-17 09:41 - 00400384 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll
2011-08-17 09:48 - 2011-08-17 09:48 - 00322048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll
2011-08-17 09:48 - 2011-08-17 09:48 - 00195584 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll
2011-08-15 12:23 - 2011-08-15 12:23 - 00062464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll
2012-06-14 04:56 - 2012-06-14 04:56 - 00481792 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll
2012-06-14 05:06 - 2012-06-14 05:06 - 00500064 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\plugin\PServerPlugin.dll
2012-06-14 04:55 - 2012-06-14 04:55 - 00013824 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll
2012-08-10 17:51 - 2012-08-10 17:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2012-08-10 17:50 - 2012-08-10 17:50 - 00170496 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxslt.dll
2011-07-19 09:05 - 2011-07-19 09:05 - 14978048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtWebKit4.dll
2011-08-15 13:17 - 2011-08-15 13:17 - 09224704 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtGui4.dll
2011-07-19 09:04 - 2011-07-19 09:04 - 00317952 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\phonon4.dll
2013-03-27 23:50 - 2013-03-27 23:50 - 00020480 _____ () C:\Program Files (x86)\OpenIt\Open It!\libgcc_s_dw2-1.dll
2011-12-02 02:30 - 2011-12-02 02:30 - 00979982 _____ () C:\Program Files (x86)\OpenIt\Open It!\libstdc++-6.dll
2013-03-27 23:50 - 2013-03-27 23:50 - 00009826 _____ () C:\Program Files (x86)\OpenIt\Open It!\mingwm10.dll
2014-01-10 23:45 - 2012-10-06 04:14 - 02294240 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:373E1720
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/14/2014 01:38:27 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2500
Error: (04/14/2014 01:38:27 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2500
Error: (04/14/2014 01:38:27 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (04/14/2014 00:10:20 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: EasySettingsCmdServer.exe, Version: 0.0.0.0, Zeitstempel: 0x50376629
Name des fehlerhaften Moduls: EasySettingsBase.dll, Version: 0.0.0.0, Zeitstempel: 0x5039da3f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00001610
ID des fehlerhaften Prozesses: 0xfd4
Startzeit der fehlerhaften Anwendung: 0xEasySettingsCmdServer.exe0
Pfad der fehlerhaften Anwendung: EasySettingsCmdServer.exe1
Pfad des fehlerhaften Moduls: EasySettingsCmdServer.exe2
Berichtskennung: EasySettingsCmdServer.exe3
Vollständiger Name des fehlerhaften Pakets: EasySettingsCmdServer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: EasySettingsCmdServer.exe5
Error: (04/14/2014 00:08:35 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: CommonAgent.exe, Version: 1.0.7.5, Zeitstempel: 0x502ddd20
Name des fehlerhaften Moduls: CommonAgent.exe, Version: 1.0.7.5, Zeitstempel: 0x502ddd20
Ausnahmecode: 0x40000015
Fehleroffset: 0x0000000000183835
ID des fehlerhaften Prozesses: 0x1604
Startzeit der fehlerhaften Anwendung: 0xCommonAgent.exe0
Pfad der fehlerhaften Anwendung: CommonAgent.exe1
Pfad des fehlerhaften Moduls: CommonAgent.exe2
Berichtskennung: CommonAgent.exe3
Vollständiger Name des fehlerhaften Pakets: CommonAgent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CommonAgent.exe5
Error: (04/14/2014 00:08:27 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: CommonAgent.exe, Version: 1.0.7.5, Zeitstempel: 0x502ddd20
Name des fehlerhaften Moduls: CommonAgent.exe, Version: 1.0.7.5, Zeitstempel: 0x502ddd20
Ausnahmecode: 0x40000015
Fehleroffset: 0x0000000000183835
ID des fehlerhaften Prozesses: 0xe2c
Startzeit der fehlerhaften Anwendung: 0xCommonAgent.exe0
Pfad der fehlerhaften Anwendung: CommonAgent.exe1
Pfad des fehlerhaften Moduls: CommonAgent.exe2
Berichtskennung: CommonAgent.exe3
Vollständiger Name des fehlerhaften Pakets: CommonAgent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CommonAgent.exe5
Error: (04/14/2014 10:02:51 AM) (Source: Application Hang) (User: )
Description: Programm firefox.exe, Version 16.0.0.4661 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 6a40
Startzeit: 01cf57b7cabd609d
Endzeit: 39
Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID: 1c5915c7-c3ab-11e3-becd-c48508dd16c9
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (04/14/2014 08:58:23 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 49541359
Error: (04/14/2014 08:58:23 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 49541359
Error: (04/14/2014 08:58:23 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
System errors:
=============
Error: (04/14/2014 10:05:12 AM) (Source: Service Control Manager) (User: )
Description: Dienst "Search Protect by Conduit Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (04/10/2014 05:43:24 PM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.
Error: (04/10/2014 04:34:05 PM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.
Error: (04/10/2014 04:33:57 PM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.
Error: (04/10/2014 04:33:47 PM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.
Error: (04/09/2014 11:34:32 AM) (Source: Service Control Manager) (User: )
Description: Dienst "Intel(R) PROSet/Wireless Zero Configuration Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (04/09/2014 11:32:40 AM) (Source: BugCheck) (User: )
Description: 0x0000007a (0xfffff6fc50003198, 0xffffffffc000000e, 0x00000000a303d880, 0xfffff8a000633ca4)C:\windows\MEMORY.DMP040914-58156-01
Error: (04/09/2014 11:31:43 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 09.04.2014 um 11:20:40 unerwartet heruntergefahren.
Error: (04/09/2014 08:42:25 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Spooler erreicht.
Error: (04/09/2014 08:41:55 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Spooler erreicht.
Microsoft Office Sessions:
=========================
Error: (04/14/2014 01:38:27 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2500
Error: (04/14/2014 01:38:27 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2500
Error: (04/14/2014 01:38:27 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (04/14/2014 00:10:20 PM) (Source: Application Error)(User: )
Description: EasySettingsCmdServer.exe0.0.0.050376629EasySettingsBase.dll0.0.0.05039da3fc000000500001610fd401cf57c8be3282d7C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exeC:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dllfbcf5c6b-c3bc-11e3-bece-c48508dd16c9
Error: (04/14/2014 00:08:35 PM) (Source: Application Error)(User: )
Description: CommonAgent.exe1.0.7.5502ddd20CommonAgent.exe1.0.7.5502ddd20400000150000000000183835160401cf57c97f33d7aeC:\Program Files\Samsung\S Agent\CommonAgent.exeC:\Program Files\Samsung\S Agent\CommonAgent.exebd3e32fc-c3bc-11e3-bece-c48508dd16c9
Error: (04/14/2014 00:08:27 PM) (Source: Application Error)(User: )
Description: CommonAgent.exe1.0.7.5502ddd20CommonAgent.exe1.0.7.5502ddd20400000150000000000183835e2c01cf57c8e341a846C:\Program Files\Samsung\S Agent\CommonAgent.exeC:\Program Files\Samsung\S Agent\CommonAgent.exeb8187721-c3bc-11e3-bece-c48508dd16c9
Error: (04/14/2014 10:02:51 AM) (Source: Application Hang)(User: )
Description: firefox.exe16.0.0.46616a4001cf57b7cabd609d39C:\Program Files (x86)\Mozilla Firefox\firefox.exe1c5915c7-c3ab-11e3-becd-c48508dd16c9
Error: (04/14/2014 08:58:23 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 49541359
Error: (04/14/2014 08:58:23 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 49541359
Error: (04/14/2014 08:58:23 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
==================== Memory info ===========================
Percentage of memory in use: 39%
Total physical RAM: 7893.53 MB
Available physical RAM: 4773.18 MB
Total Pagefile: 15829.53 MB
Available Pagefile: 12823.79 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:440.18 GB) (Free:340.35 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 029B5B55)
Partition: GPT Partition Type.
========================================================
Disk: 1 (Size: 22 GB) (Disk ID: 2D572FD1)
Partition: GPT Partition Type.
==================== End Of Log ============================
Hallo! Sehe gerade, was ich da vorhin in aller Eile und Verzweiflung in der Überschrift geschrieben habe... Es handelt sich natürlich um Start Qone8! Ich komme noch nicht einmal mehr in mein gmx Postfach rein. Habe soetwas noch nicht gehabt! Ich hoffe, da lässt sich was machen, denn ich bin nicht besonders versiert, was Computer anbelangt. Habe diese Web-Adresse von meinem Schwager empfohlen bekommen und hoffe nun das Beste. Das mit den Logfiles hat ja wider Erwarten schon geklappt. Vielen, vielen Dank im Voraus !! lg meike. |
|
15.04.2014, 13:58
| #5 |
| /// the machine /// TB-Ausbilder | Sart Quon8 blockiert alles\ Windows 8 hi Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:49334;https=127.0.0.1:49334
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Revo Uninstaller - Download - Filepony Damit alles deinstallieren was Du in der Additional.txt findest mit dem Zusatz <== ATTENTION Mit Revo auch Moderat die Reste entfernen lassen. Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
15.04.2014, 14:49
| #6 |
| | Sart Quon8 blockiert alles\ Windows 8FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-04-2014
Ran by user (administrator) on NOTEBOOK on 15-04-2014 15:45:16
Running from C:\Users\user\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\windows\system32\WLANExt.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Just Develop It) C:\Program Files (x86)\MyPC Backup\BackupStack.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\windows\system32\dashost.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
() C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Citrix Systems, Inc) C:\Program Files\Citrix\Secure Access Client\nsverctl.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Updater) C:\ProgramData\Updater\updater.exe
(Citrix Systems, Inc) C:\Program Files\Citrix\Secure Access Client\nsload.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Dropbox, Inc.) C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe
(MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe
(CANON INC.) C:\Program Files (x86)\Canon\My Image Garden\cnmigmain.exe
(WatchDog) C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe
(WatchDog) C:\ProgramData\RHelpers\FireFoxHelper\FireFoxHelper.exe
(WatchDog) C:\ProgramData\RHelpers\IEHelper\IeHelper.exe
(Microsoft Corporation) C:\windows\syswow64\wwahost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\swriter.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
() C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
(Smart PC Solutions) C:\Program Files (x86)\PC Speed Maximizer\SPMSmartScan.exe
(Microsoft Corporation) C:\windows\syswow64\wwahost.exe
(Microsoft Corporation) C:\windows\syswow64\wwahost.exe
() C:\Program Files (x86)\BrowseMark\updateBrowseMark.exe
() C:\Program Files (x86)\BrowseMark\bin\utilBrowseMark.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Microsoft Corporation) C:\windows\syswow64\wwahost.exe
(Microsoft Corporation) C:\windows\syswow64\wwahost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Farbar) C:\Users\user\Downloads\FRST64(1).exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11554688 2012-08-08] (Motorola Solutions, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2862448 2012-08-06] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IgfxTray] => C:\windows\system32\igfxtray.exe [170304 2012-07-27] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] => C:\windows\system32\hkcmd.exe [398656 2012-07-27] (Intel Corporation)
HKLM\...\Run: [Persistence] => C:\windows\system32\igfxpers.exe [440640 2012-07-27] (Intel Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-11] (Symantec Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-05-23] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [Updater] => C:\ProgramData\Updater\Updater.exe [486264 2013-12-19] (Updater)
HKLM-x32\...\Run: [BrowserSafeguard] => C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe [465408 2014-04-11] ()
HKLM-x32\...\Runonce: [Del17531671] - cmd.exe /Q /D /c del "C:\Users\user\AppData\Local\Temp\0.del" [X]
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-807486987-1310922522-2315296771-1002\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1106288 2013-05-23] (Samsung)
HKU\S-1-5-21-807486987-1310922522-2315296771-1002\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1561968 2013-05-23] (Samsung)
HKU\S-1-5-21-807486987-1310922522-2315296771-1002\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-807486987-1310922522-2315296771-1002\...\Run: [NextLive] => C:\windows\SysWOW64\rundll32.exe "C:\Users\user\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKU\S-1-5-21-807486987-1310922522-2315296771-1002\...\Run: [Updater] => C:\ProgramData\Updater\updater.exe [486264 2013-12-19] (Updater)
HKU\S-1-5-21-807486987-1310922522-2315296771-1002\...\Run: [PC Speed Maximizer] => C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe [134456 2013-03-09] (Smart PC Solutions)
HKU\S-1-5-21-807486987-1310922522-2315296771-1002\...\RunOnce: [Del17531671] - cmd.exe /Q /D /c del "C:\Users\user\AppData\Local\Temp\0.del"
AppInit_DLLs: C:\Program Files (x86)\SupTab\SearchProtect64.dll => C:\Program Files (x86)\SupTab\SearchProtect64.dll [102512 2014-04-02] (Skytech Co., Ltd.)
AppInit_DLLs-x32: C:\Program Files (x86)\SupTab\SearchProtect32.dll => C:\Program Files (x86)\SupTab\SearchProtect32.dll [91248 2014-04-02] (Skytech Co., Ltd.)
Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
==================== Internet (Whitelisted) ====================
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:49334;https=127.0.0.1:49334
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=86593597-40fd-43cf-89e9-f9d0452ec0bd&searchtype=ds&q={searchTerms}&installDate=10/09/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Mysearchdial Search
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Qone8
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=86593597-40fd-43cf-89e9-f9d0452ec0bd&searchtype=ds&q={searchTerms}&installDate=10/09/2013
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.qone8.com/web/?type=ds&ts=1397462469&from=adks&uid=ST500LM012XHN-M500MBB_S2RSJ9CC870096&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Qone8
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Mysearchdial Search
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.qone8.com/web/?type=ds&ts=1397462469&from=adks&uid=ST500LM012XHN-M500MBB_S2RSJ9CC870096&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.qone8.com/web/?type=ds&ts=1397462469&from=adks&uid=ST500LM012XHN-M500MBB_S2RSJ9CC870096&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = Qone8
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = Mysearchdial Search
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.qone8.com/web/?type=ds&ts=1397462469&from=adks&uid=ST500LM012XHN-M500MBB_S2RSJ9CC870096&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe Qone8
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites05_14_16_ff&cd=2XzuyEtN2Y1L1Qzu0CyCzzyDtDzz0D0DtCyC0CyCyBzy0EtAtN0D0Tzu0SzztAyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StD0DyD0BtCtD0CtDtGzztB0D0CtGtByE0FtBtGzztByE0CtGyE0Czy0E0F0AyEyD0F0C0ByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByCyByCtAyC0EyEtGyE0FzytBtGzzzyyD0DtGzz0F0D0DtGtAyBtD0AtB0Azy0BtDyEtD0E2Q&cr=2072263815&ir=
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites05_14_16_ff&cd=2XzuyEtN2Y1L1Qzu0CyCzzyDtDzz0D0DtCyC0CyCyBzy0EtAtN0D0Tzu0SzztAyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StD0DyD0BtCtD0CtDtGzztB0D0CtGtByE0FtBtGzztByE0CtGyE0Czy0E0F0AyEyD0F0C0ByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByCyByCtAyC0EyEtGyE0FzytBtGzzzyyD0DtGzz0F0D0DtGtAyBtD0AtB0Azy0BtDyEtD0E2Q&cr=2072263815&ir=
SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://www.qone8.com/web/?type=ds&ts=1397462469&from=adks&uid=ST500LM012XHN-M500MBB_S2RSJ9CC870096&q={searchTerms}
SearchScopes: HKLM - {7ABB8B5C-935A-4B30-84E2-9C5BBA49D5F0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1397462469&from=adks&uid=ST500LM012XHN-M500MBB_S2RSJ9CC870096&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1397462469&from=adks&uid=ST500LM012XHN-M500MBB_S2RSJ9CC870096&q={searchTerms}
SearchScopes: HKLM-x32 - {7ABB8B5C-935A-4B30-84E2-9C5BBA49D5F0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites05_14_16_ff&cd=2XzuyEtN2Y1L1Qzu0CyCzzyDtDzz0D0DtCyC0CyCyBzy0EtAtN0D0Tzu0SzztAyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StD0DyD0BtCtD0CtDtGzztB0D0CtGtByE0FtBtGzztByE0CtGyE0Czy0E0F0AyEyD0F0C0ByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByCyByCtAyC0EyEtGyE0FzytBtGzzzyyD0DtGzz0F0D0DtGtAyBtD0AtB0Azy0BtDyEtD0E2Q&cr=2072263815&ir=
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=86593597-40fd-43cf-89e9-f9d0452ec0bd&searchtype=ds&q={searchTerms}&installDate=10/09/2013
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3314932&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP5CA0DD16-BACC-4936-83FE-FCD1E018130C&q={searchTerms}&SSPV=
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites05_14_16_ff&cd=2XzuyEtN2Y1L1Qzu0CyCzzyDtDzz0D0DtCyC0CyCyBzy0EtAtN0D0Tzu0SzztAyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StD0DyD0BtCtD0CtDtGzztB0D0CtGtByE0FtBtGzztByE0CtGyE0Czy0E0F0AyEyD0F0C0ByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByCyByCtAyC0EyEtGyE0FzytBtGzzzyyD0DtGzz0F0D0DtGtAyBtD0AtB0Azy0BtDyEtD0E2Q&cr=2072263815&ir=
SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://www.qone8.com/web/?type=ds&ts=1397462469&from=adks&uid=ST500LM012XHN-M500MBB_S2RSJ9CC870096&q={searchTerms}
SearchScopes: HKCU - {84C9C423-40AA-4F27-9F91-907798BCF822} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=MGX&o=15359&src=kw&q={searchTerms}&locale=&apn_ptnrs=^JQ&apn_dtid=^YYYYYY^YY^DE&apn_uid=9AB39053-BA6C-400C-BFC2-6FFA8C7C67C8&apn_sauid=AE5D254E-0A69-49A8-ADBC-44B5975CA8DF
BHO: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: HQvidPv1.1 - {11111111-1111-1111-1111-110511301198} - C:\Program Files (x86)\HQvidPv1.1\HQvidPv1.1-bho.dll (HQvidPv1.1)
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Websteroids - {44ed99e2-16a6-4b89-80d6-5b21cf42e78b} - C:\ProgramData\Websteroids\IE\common.dll (Creative Island Media, LLC)
BHO-x32: IEiRobinHoodAddon Class - {54E67346-EE5A-45B6-82AA-4F0BB28C79C2} - C:\Program Files (x86)\iRobinHood\iRobinHood Addon\iRobinHood.dll (iRobinHood)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: BrowseMark - {aeac172e-2e4b-4b92-9af6-b0cdb1acecdb} - C:\Program Files (x86)\BrowseMark\BrowseMarkbho.dll (BrowseMark)
BHO-x32: Softonic Helper Object - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files (x86)\Softonic\Softonic\1.8.21.14\bh\Softonic.dll (Softonic.com)
BHO-x32: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: mysearchdial Helper Object - {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - C:\Program Files (x86)\Mysearchdial\1.8.29.0\bh\mysearchdial.dll (MySearchDial)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files (x86)\Softonic\Softonic\1.8.21.14\SoftonicTlbr.dll (Softonic.com)
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialTlbr.dll (MySearchDial)
FireFox:
========
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\zgn0cf4s.default-1397463064757
FF user.js: detected! => C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\zgn0cf4s.default-1397463064757\user.js
FF DefaultSearchEngine: qone8
FF SelectedSearchEngine: Google
FF Homepage: hxxp://start.qone8.com/?type=hppp&ts=1397486012&from=adks&uid=ST500LM012XHN-M500MBB_S2RSJ9CC870096
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @Citrix.com/npagee64,version=10.1.119.7 - C:\Program Files\Citrix\Secure Access Client\npagee64.dll (Citrix Systems, Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @Citrix.com/npagee,version=10.1.119.7 - C:\Program Files\Citrix\Secure Access Client\npagee.dll (Citrix Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\user\AppData\Roaming\mozilla\plugins\npagee.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\user\AppData\Roaming\mozilla\plugins\npagee64.dll (Citrix Systems, Inc.)
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\zgn0cf4s.default-1397463064757\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\qone8.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: mysearchdial.com - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\zgn0cf4s.default-1397463064757\Extensions\ffxtlbr@mysearchdial.com [2014-04-14]
FF Extension: Yahoo! Toolbar - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\zgn0cf4s.default-1397463064757\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2014-04-14]
FF Extension: MySearchDial - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\zgn0cf4s.default-1397463064757\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}.xpi [2014-04-15]
FF Extension: BrowseMark - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\zgn0cf4s.default-1397463064757\Extensions\{b99c8534-7800-48fa-bd71-519a46cdc7e1}.xpi [2014-04-12]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFF [2013-10-12]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\4qrsudvd.default-1359299008498\extensions\quick_start@gmail.com
FF HKCU\...\Firefox\Extensions: [autolyrics@man-soft.net] - C:\Program Files (x86)\AutoLyrics\FF\
FF Extension: Auto Lyrics - C:\Program Files (x86)\AutoLyrics\FF\ []
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe Qone8
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (Softonic Chrome Toolbar) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf [2013-11-26]
CHR HKLM-x32\...\Chrome\Extension: [elchiiiejkobdbblfejjkbphbddgmljf] - C:\Program Files (x86)\Softonic\Softonic\1.8.21.14\Softonic.crx [2013-06-11]
CHR HKLM-x32\...\Chrome\Extension: [iidmoehhpbghchkaogkhmcckhlhebekn] - C:\Program Files (x86)\iRobinHood\iRobinHood Addon\iRobinHoodPartnersVExtension1_42.crx [2013-08-02]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\Exts\Chrome.crx [2014-04-09]
CHR HKLM-x32\...\Chrome\Extension: [pkcdkfohdadbjmlfejhncigcbfkiaamf] - C:\Program Files (x86)\AutoLyrics\Chrome.crx [2013-04-23]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36392 2014-03-14] (Just Develop It)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593976 2012-08-26] (Samsung Electronics CO., LTD.)
R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [102224 2012-08-17] (Condusiv Technologies)
R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [705136 2014-04-11] (Cherished Technololgy LIMITED)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 irstrtsv; C:\windows\SysWOW64\irstrtsv.exe [193576 2012-07-19] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-11] (Symantec Corporation)
R2 nsverctl; C:\Program Files\Citrix\Secure Access Client\nsverctl.exe [157744 2013-07-29] (Citrix Systems, Inc)
R2 Update BrowseMark; C:\Program Files (x86)\BrowseMark\updateBrowseMark.exe [350496 2014-04-15] ()
R2 Util BrowseMark; C:\Program Files (x86)\BrowseMark\bin\utilBrowseMark.exe [350496 2014-04-15] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [566272 2014-04-14] (Cherished Technololgy LIMITED)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
R3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20140319.001\BHDrvx64.sys [1525976 2014-03-19] (Symantec Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R2 cag; C:\Program Files\Common Files\Deterministic Networks\Common Files\cag.sys [102160 2013-04-01] (Citrix Systems, Inc.)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00B\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 ctxva51; C:\Windows\system32\DRIVERS\ctxva51.sys [46640 2013-07-29] (Citrix Systems, Inc.)
R1 DNE; C:\Windows\system32\DRIVERS\dnelwf64.sys [119120 2013-02-20] (Citrix Systems, Inc.)
R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-21] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-21] (Symantec Corporation)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23376 2012-08-17] (Condusiv Technologies)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [103248 2012-08-17] (Condusiv Technologies)
R3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20140414.001\IDSvia64.sys [525016 2014-03-26] (Symantec Corporation)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-20] (Intel Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20140414.032\ENG64.SYS [126040 2014-04-14] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20140414.032\EX64.SYS [2099288 2014-04-14] (Symantec Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-10-08] (Intel Corporation)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-10-10] (Windows (R) 2003 DDK 3790 provider)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
R3 SymDS; C:\Windows\system32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R3 SymEFA; C:\Windows\system32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1404000.028\SymELAM.sys [23448 2012-06-20] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-19] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R3 SymNetS; C:\Windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61120 2014-04-14] (StdLib)
S3 SBIOSIO; \??\C:\windiag\SBIOSIO64.SYS [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-15 15:45 - 2014-04-15 15:45 - 00033791 _____ () C:\Users\user\Downloads\FRST.txt
2014-04-15 15:44 - 2014-04-15 15:44 - 02054144 _____ (Farbar) C:\Users\user\Downloads\FRST64(1).exe
2014-04-15 15:41 - 2014-04-15 15:41 - 00000116 _____ () C:\Users\user\Desktop\Fixlist.txt
2014-04-14 19:34 - 2014-04-14 19:34 - 00061120 _____ (StdLib) C:\windows\system32\Drivers\wStLibG64.sys
2014-04-14 19:33 - 2014-04-15 12:03 - 00000061 _____ () C:\Users\user\AppData\Roaming\WB.CFG
2014-04-14 16:46 - 2014-04-14 16:48 - 00037579 _____ () C:\Users\user\Downloads\Addition.txt
2014-04-14 16:44 - 2014-04-14 16:48 - 00000000 ____D () C:\FRST
2014-04-14 16:43 - 2014-04-14 16:43 - 02157568 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe
2014-04-14 16:41 - 2014-04-14 16:41 - 01146368 _____ (Farbar) C:\Users\user\Downloads\FRST.exe
2014-04-14 16:38 - 2014-04-14 16:38 - 00000000 ____D () C:\Users\user\Documents\PC Speed Maximizer
2014-04-14 16:38 - 2014-04-14 16:38 - 00000000 ____D () C:\Users\user\AppData\Roaming\PC Speed Maximizer
2014-04-14 16:35 - 2014-04-14 16:35 - 00000000 ____D () C:\Users\user\AppData\Roaming\0D0S1L2Z1P1B
2014-04-14 16:34 - 2014-04-14 17:48 - 00000000 ____D () C:\Program Files (x86)\BrowseMark
2014-04-14 16:33 - 2014-04-15 14:33 - 00000322 _____ () C:\windows\Tasks\Digital Sites.job
2014-04-14 16:33 - 2014-04-14 16:33 - 00002660 _____ () C:\windows\System32\Tasks\Digital Sites
2014-04-14 16:33 - 2014-04-14 16:33 - 00001145 _____ () C:\Users\user\Desktop\PC Speed Maximizer.lnk
2014-04-14 16:33 - 2014-04-14 16:33 - 00001120 _____ () C:\Users\Public\Desktop\Open It!.lnk
2014-04-14 16:33 - 2014-04-14 16:33 - 00000000 ____D () C:\Users\user\AppData\Roaming\mysearchdial
2014-04-14 16:33 - 2014-04-14 16:33 - 00000000 ____D () C:\Users\user\AppData\Roaming\DigitalSites
2014-04-14 16:33 - 2014-04-14 16:33 - 00000000 ____D () C:\Program Files (x86)\PC Speed Maximizer
2014-04-14 16:33 - 2014-04-14 16:33 - 00000000 ____D () C:\Program Files (x86)\OpenIt
2014-04-14 16:33 - 2014-04-14 16:33 - 00000000 ____D () C:\Program Files (x86)\Mysearchdial
2014-04-14 16:32 - 2014-04-14 16:32 - 00675608 _____ ( ) C:\Users\user\Downloads\ZipExtractorSetup(1).exe
2014-04-14 12:13 - 2014-04-14 12:13 - 00000000 ___SH () C:\DkHyperbootSync
2014-04-14 11:42 - 2014-03-31 23:18 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-04-14 11:42 - 2014-03-31 23:18 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-14 11:04 - 2014-04-14 11:04 - 00000000 ____D () C:\ProgramData\GridinSoft
2014-04-14 11:01 - 2014-04-14 11:02 - 47141056 _____ (GridinSoft LLC) C:\Users\user\Downloads\gtk-2.2.2.5-setup.exe
2014-04-14 10:20 - 2013-12-27 18:10 - 00020312 _____ (Systweak Inc., (Systweak - Download Software utilities for Windows optimization, Scan & Clean Spyware for Free)) C:\windows\system32\roboot64.exe
2014-04-14 10:19 - 2014-04-14 11:30 - 00000000 ____D () C:\Users\user\AppData\Roaming\systweak
2014-04-14 10:18 - 2014-04-14 10:18 - 00001983 _____ () C:\Users\user\Desktop\Sync Folder.lnk
2014-04-14 10:16 - 2014-04-14 10:21 - 00001101 _____ () C:\Users\user\Desktop\MyPC Backup.lnk
2014-04-14 10:16 - 2014-04-14 10:16 - 00000000 ____D () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-04-14 10:16 - 2014-04-14 10:16 - 00000000 ____D () C:\Program Files (x86)\PriceGong
2014-04-14 10:11 - 2014-04-14 10:11 - 00000000 ____D () C:\Users\user\Desktop\Alte Firefox-Daten-1
2014-04-14 10:09 - 2014-04-15 10:09 - 00002788 _____ () C:\windows\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-3.job
2014-04-14 10:09 - 2014-04-15 10:09 - 00002166 _____ () C:\windows\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-4.job
2014-04-14 10:09 - 2014-04-15 10:09 - 00001388 _____ () C:\windows\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-1.job
2014-04-14 10:09 - 2014-04-14 10:09 - 00005792 _____ () C:\windows\System32\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-3
2014-04-14 10:09 - 2014-04-14 10:09 - 00005170 _____ () C:\windows\System32\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-4
2014-04-14 10:09 - 2014-04-14 10:09 - 00004392 _____ () C:\windows\System32\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-1
2014-04-14 10:08 - 2014-04-14 10:09 - 00000000 ____D () C:\Program Files (x86)\HQvidPv1.1
2014-04-14 10:07 - 2014-04-14 10:07 - 00000000 ____D () C:\Users\user\AppData\Local\VisualBeeClient
2014-04-14 10:06 - 2014-04-14 10:07 - 00000000 ____D () C:\Users\user\AppData\Local\VisualBeeExe
2014-04-14 10:06 - 2014-04-14 10:06 - 00001240 _____ () C:\Users\user\Desktop\Create Amazing Presentations.lnk
2014-04-14 10:06 - 2014-04-14 10:06 - 00001240 _____ () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Create Amazing Presentations.lnk
2014-04-14 10:06 - 2014-04-14 10:06 - 00000000 ____D () C:\Users\user\AppData\Local\emaze
2014-04-14 10:06 - 2014-04-14 10:06 - 00000000 ____D () C:\ProgramData\VisualBee
2014-04-14 10:05 - 2014-04-14 10:08 - 00000000 ____D () C:\ProgramData\IePluginService
2014-04-14 10:05 - 2014-04-14 10:05 - 00004384 _____ () C:\windows\System32\Tasks\BrowserSafeguard Update Task
2014-04-14 10:05 - 2014-04-14 10:05 - 00000000 ____D () C:\Users\user\AppData\Roaming\SupTab
2014-04-14 10:05 - 2014-04-14 10:05 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-04-14 10:05 - 2014-04-14 10:05 - 00000000 ____D () C:\Program Files (x86)\Browsersafeguard
2014-04-14 10:04 - 2014-04-14 10:04 - 00000000 ____D () C:\ProgramData\WPM
2014-04-14 10:03 - 2014-04-14 10:03 - 00000000 ____D () C:\Users\user\AppData\Roaming\qone8
2014-04-14 09:57 - 2014-04-14 09:57 - 00240416 _____ (Fusion Install ) C:\Users\user\Downloads\Groovestream.exe
2014-04-13 11:39 - 2014-01-27 05:42 - 02232664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-04-13 11:39 - 2014-01-27 05:39 - 01939288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2014-04-13 11:39 - 2014-01-27 02:52 - 17561088 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-04-13 11:39 - 2014-01-27 02:31 - 19752448 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-04-13 11:39 - 2014-01-11 08:48 - 05979648 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-04-13 11:38 - 2014-03-07 02:08 - 19273216 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-04-13 11:38 - 2014-02-04 01:56 - 00332632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2014-04-13 11:38 - 2014-02-04 01:56 - 00278872 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2014-04-13 11:38 - 2014-01-31 05:55 - 00209712 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2014-04-13 11:38 - 2014-01-31 02:48 - 00564736 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-04-13 11:38 - 2014-01-31 02:48 - 00485888 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSDApi.dll
2014-04-13 11:38 - 2014-01-31 02:48 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-04-13 11:38 - 2014-01-31 02:48 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-13 11:38 - 2014-01-31 02:06 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-04-13 11:38 - 2014-01-31 02:06 - 00599040 _____ (Microsoft Corporation) C:\windows\system32\WSDApi.dll
2014-04-13 11:38 - 2014-01-31 02:06 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-13 11:38 - 2014-01-27 01:17 - 00386722 _____ () C:\windows\system32\ApnDatabase.xml
2014-04-13 11:38 - 2014-01-16 01:42 - 00118784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dfsc.sys
2014-04-13 11:38 - 2014-01-11 07:06 - 05092352 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-04-13 11:38 - 2014-01-03 01:35 - 00365568 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsGdiConverter.dll
2014-04-13 11:38 - 2014-01-03 01:32 - 00523264 _____ (Microsoft Corporation) C:\windows\system32\XpsGdiConverter.dll
2014-04-13 11:38 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-04-13 11:36 - 2014-03-07 02:47 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-04-13 11:36 - 2014-03-07 02:08 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-04-13 11:36 - 2014-03-07 02:08 - 03959808 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-04-13 11:36 - 2014-03-07 02:08 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-04-13 11:35 - 2014-03-07 02:47 - 14357504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-04-13 11:35 - 2014-03-07 02:08 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-04-13 11:35 - 2014-03-07 02:08 - 02240000 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-04-13 11:35 - 2014-03-07 02:08 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-04-13 11:34 - 2014-03-07 02:48 - 01766400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-04-13 11:34 - 2014-03-07 02:48 - 01140736 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-04-13 11:34 - 2014-03-07 02:47 - 13760512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-04-13 11:34 - 2014-03-07 02:47 - 02877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-04-13 11:34 - 2014-03-07 02:47 - 02049536 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-04-13 11:34 - 2014-03-07 02:47 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-04-13 11:34 - 2014-03-07 02:47 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-04-13 11:34 - 2014-03-07 02:08 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-04-13 11:34 - 2014-03-07 02:08 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-04-13 11:34 - 2014-03-07 02:08 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-04-13 11:34 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-04-13 11:34 - 2013-05-14 15:14 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-04-13 11:34 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-04-13 11:34 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-04-13 11:34 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-04-13 11:34 - 2012-07-26 05:06 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-04-09 11:31 - 2014-04-09 11:32 - 00306264 _____ () C:\windows\Minidump\040914-58156-01.dmp
2014-04-09 08:47 - 2014-02-06 01:41 - 01257984 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-04-09 08:47 - 2014-02-06 01:41 - 00978432 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-04-09 08:47 - 2014-02-06 01:26 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2014-04-09 08:47 - 2014-02-06 01:19 - 00974848 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2014-04-04 17:25 - 2014-04-04 17:25 - 02372543 _____ () C:\Users\user\Downloads\erziehender-sportunterricht(1)
2014-04-04 17:23 - 2014-04-04 17:23 - 02372543 _____ () C:\Users\user\Downloads\erziehender-sportunterricht
2014-04-03 11:50 - 2014-04-03 11:50 - 00000000 ____D () C:\Program Files (x86)\emagic
2014-04-03 11:50 - 1999-12-17 10:13 - 00086016 _____ (MindVision Software) C:\windows\unvise32.exe
2014-04-03 09:39 - 2014-04-03 09:39 - 00264792 _____ () C:\windows\msxml4-KB2758694-enu.LOG
2014-03-30 20:20 - 2014-03-30 20:20 - 00000000 ____D () C:\Users\user\AppData\Roaming\simplitec
2014-03-30 20:09 - 2014-03-30 20:10 - 00000000 ____D () C:\Users\Public\Documents\MAGIX
2014-03-30 20:09 - 2014-03-30 20:09 - 00001193 _____ () C:\Users\Public\Desktop\MAGIX Music Maker 2014 Premium.lnk
2014-03-30 20:09 - 2014-03-30 20:09 - 00000000 ____D () C:\Users\user\Documents\MAGIX_MusicEditor
2014-03-30 20:08 - 2014-03-30 20:20 - 00000000 ___RD () C:\Users\user\Documents\MAGIX
2014-03-30 20:07 - 2014-04-03 11:59 - 00000000 ____D () C:\ProgramData\simplitec
2014-03-30 20:07 - 2014-03-30 20:08 - 00000000 ____D () C:\Program Files (x86)\MAGIX
2014-03-30 20:07 - 2014-03-30 20:07 - 00001125 _____ () C:\Users\Public\Desktop\simplicheck.lnk
2014-03-30 20:07 - 2014-03-30 20:07 - 00000000 ____D () C:\Program Files (x86)\simplitec
2014-03-30 20:06 - 2014-03-30 20:20 - 00000000 ____D () C:\ProgramData\MAGIX
2014-03-30 20:06 - 2014-03-30 20:06 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-03-30 19:49 - 2014-03-30 20:20 - 00000000 ____D () C:\Users\user\AppData\Roaming\MAGIX
2014-03-30 19:48 - 2014-03-30 19:48 - 02877736 _____ (MAGIX AG) C:\Users\user\Downloads\trial_musicmaker2014premium_dlm.exe
2014-03-30 16:35 - 2014-03-30 16:35 - 00921000 _____ (Oracle Corporation) C:\Users\user\Downloads\jxpiinstall.exe
2014-03-26 09:08 - 2014-03-30 20:14 - 00388232 _____ () C:\windows\system32\FNTCACHE.DAT
2014-03-18 17:42 - 2014-03-18 17:42 - 00685456 _____ () C:\Users\user\Downloads\ZipExtractorSetup.exe
2014-03-16 14:41 - 2013-10-25 09:34 - 00035856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdBoot.sys
2014-03-16 14:41 - 2013-10-25 00:34 - 00248240 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdFilter.sys
2014-03-16 14:40 - 2014-01-31 02:48 - 01339392 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2014-03-16 14:40 - 2014-01-31 02:06 - 01628160 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
==================== One Month Modified Files and Folders =======
2014-04-15 15:45 - 2014-04-15 15:45 - 00033791 _____ () C:\Users\user\Downloads\FRST.txt
2014-04-15 15:45 - 2014-04-14 16:44 - 00000000 ____D () C:\FRST
2014-04-15 15:44 - 2014-04-15 15:44 - 02054144 _____ (Farbar) C:\Users\user\Downloads\FRST64(1).exe
2014-04-15 15:41 - 2014-04-15 15:41 - 00000116 _____ () C:\Users\user\Desktop\Fixlist.txt
2014-04-15 15:02 - 2012-08-22 11:34 - 00000360 _____ () C:\windows\Tasks\Xerox PhotoCafe Communicator.job
2014-04-15 15:00 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\sru
2014-04-15 14:55 - 2013-01-31 22:25 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-04-15 14:33 - 2014-04-14 16:33 - 00000322 _____ () C:\windows\Tasks\Digital Sites.job
2014-04-15 12:03 - 2014-04-14 19:33 - 00000061 _____ () C:\Users\user\AppData\Roaming\WB.CFG
2014-04-15 11:26 - 2012-08-22 10:34 - 02066640 _____ () C:\windows\WindowsUpdate.log
2014-04-15 10:39 - 2013-02-04 10:52 - 00000000 ____D () C:\Users\user\Documents\Sport
2014-04-15 10:09 - 2014-04-14 10:09 - 00002788 _____ () C:\windows\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-3.job
2014-04-15 10:09 - 2014-04-14 10:09 - 00002166 _____ () C:\windows\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-4.job
2014-04-15 10:09 - 2014-04-14 10:09 - 00001388 _____ () C:\windows\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-1.job
2014-04-14 19:34 - 2014-04-14 19:34 - 00061120 _____ (StdLib) C:\windows\system32\Drivers\wStLibG64.sys
2014-04-14 17:48 - 2014-04-14 16:34 - 00000000 ____D () C:\Program Files (x86)\BrowseMark
2014-04-14 16:48 - 2014-04-14 16:46 - 00037579 _____ () C:\Users\user\Downloads\Addition.txt
2014-04-14 16:43 - 2014-04-14 16:43 - 02157568 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe
2014-04-14 16:41 - 2014-04-14 16:41 - 01146368 _____ (Farbar) C:\Users\user\Downloads\FRST.exe
2014-04-14 16:38 - 2014-04-14 16:38 - 00000000 ____D () C:\Users\user\Documents\PC Speed Maximizer
2014-04-14 16:38 - 2014-04-14 16:38 - 00000000 ____D () C:\Users\user\AppData\Roaming\PC Speed Maximizer
2014-04-14 16:35 - 2014-04-14 16:35 - 00000000 ____D () C:\Users\user\AppData\Roaming\0D0S1L2Z1P1B
2014-04-14 16:33 - 2014-04-14 16:33 - 00002660 _____ () C:\windows\System32\Tasks\Digital Sites
2014-04-14 16:33 - 2014-04-14 16:33 - 00001145 _____ () C:\Users\user\Desktop\PC Speed Maximizer.lnk
2014-04-14 16:33 - 2014-04-14 16:33 - 00001120 _____ () C:\Users\Public\Desktop\Open It!.lnk
2014-04-14 16:33 - 2014-04-14 16:33 - 00000000 ____D () C:\Users\user\AppData\Roaming\mysearchdial
2014-04-14 16:33 - 2014-04-14 16:33 - 00000000 ____D () C:\Users\user\AppData\Roaming\DigitalSites
2014-04-14 16:33 - 2014-04-14 16:33 - 00000000 ____D () C:\Program Files (x86)\PC Speed Maximizer
2014-04-14 16:33 - 2014-04-14 16:33 - 00000000 ____D () C:\Program Files (x86)\OpenIt
2014-04-14 16:33 - 2014-04-14 16:33 - 00000000 ____D () C:\Program Files (x86)\Mysearchdial
2014-04-14 16:32 - 2014-04-14 16:32 - 00675608 _____ ( ) C:\Users\user\Downloads\ZipExtractorSetup(1).exe
2014-04-14 12:13 - 2014-04-14 12:13 - 00000000 ___SH () C:\DkHyperbootSync
2014-04-14 12:11 - 2012-08-22 11:23 - 00000000 ____D () C:\ProgramData\WinClon
2014-04-14 12:04 - 2013-08-31 11:26 - 00000000 ___RD () C:\Users\user\Dropbox
2014-04-14 12:04 - 2013-08-21 10:44 - 00000000 ____D () C:\Users\user\AppData\Roaming\Dropbox
2014-04-14 12:03 - 2014-01-10 23:34 - 00000000 ____D () C:\Users\user\AppData\Roaming\newnext.me
2014-04-14 12:03 - 2012-10-24 17:35 - 00000000 ___RD () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-14 12:03 - 2012-10-24 17:35 - 00000000 ___RD () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-14 11:42 - 2013-09-10 21:54 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-04-14 11:41 - 2012-08-05 23:07 - 00045788 _____ () C:\windows\PFRO.log
2014-04-14 11:41 - 2012-07-26 09:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-04-14 11:40 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-04-14 11:37 - 2012-07-26 10:12 - 00000000 ___RD () C:\windows\ToastData
2014-04-14 11:37 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\WinStore
2014-04-14 11:30 - 2014-04-14 10:19 - 00000000 ____D () C:\Users\user\AppData\Roaming\systweak
2014-04-14 11:04 - 2014-04-14 11:04 - 00000000 ____D () C:\ProgramData\GridinSoft
2014-04-14 11:02 - 2014-04-14 11:01 - 47141056 _____ (GridinSoft LLC) C:\Users\user\Downloads\gtk-2.2.2.5-setup.exe
2014-04-14 10:36 - 2014-01-12 22:35 - 00000000 ____D () C:\Users\user\AppData\Roaming\Audacity
2014-04-14 10:21 - 2014-04-14 10:16 - 00001101 _____ () C:\Users\user\Desktop\MyPC Backup.lnk
2014-04-14 10:18 - 2014-04-14 10:18 - 00001983 _____ () C:\Users\user\Desktop\Sync Folder.lnk
2014-04-14 10:16 - 2014-04-14 10:16 - 00000000 ____D () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-04-14 10:16 - 2014-04-14 10:16 - 00000000 ____D () C:\Program Files (x86)\PriceGong
2014-04-14 10:11 - 2014-04-14 10:11 - 00000000 ____D () C:\Users\user\Desktop\Alte Firefox-Daten-1
2014-04-14 10:10 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-04-14 10:09 - 2014-04-14 10:09 - 00005792 _____ () C:\windows\System32\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-3
2014-04-14 10:09 - 2014-04-14 10:09 - 00005170 _____ () C:\windows\System32\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-4
2014-04-14 10:09 - 2014-04-14 10:09 - 00004392 _____ () C:\windows\System32\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-1
2014-04-14 10:09 - 2014-04-14 10:08 - 00000000 ____D () C:\Program Files (x86)\HQvidPv1.1
2014-04-14 10:08 - 2014-04-14 10:05 - 00000000 ____D () C:\ProgramData\IePluginService
2014-04-14 10:07 - 2014-04-14 10:07 - 00000000 ____D () C:\Users\user\AppData\Local\VisualBeeClient
2014-04-14 10:07 - 2014-04-14 10:06 - 00000000 ____D () C:\Users\user\AppData\Local\VisualBeeExe
2014-04-14 10:06 - 2014-04-14 10:06 - 00001240 _____ () C:\Users\user\Desktop\Create Amazing Presentations.lnk
2014-04-14 10:06 - 2014-04-14 10:06 - 00001240 _____ () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Create Amazing Presentations.lnk
2014-04-14 10:06 - 2014-04-14 10:06 - 00000000 ____D () C:\Users\user\AppData\Local\emaze
2014-04-14 10:06 - 2014-04-14 10:06 - 00000000 ____D () C:\ProgramData\VisualBee
2014-04-14 10:05 - 2014-04-14 10:05 - 00004384 _____ () C:\windows\System32\Tasks\BrowserSafeguard Update Task
2014-04-14 10:05 - 2014-04-14 10:05 - 00000000 ____D () C:\Users\user\AppData\Roaming\SupTab
2014-04-14 10:05 - 2014-04-14 10:05 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-04-14 10:05 - 2014-04-14 10:05 - 00000000 ____D () C:\Program Files (x86)\Browsersafeguard
2014-04-14 10:04 - 2014-04-14 10:04 - 00000000 ____D () C:\ProgramData\WPM
2014-04-14 10:04 - 2012-08-23 02:48 - 00753134 _____ () C:\windows\system32\perfh007.dat
2014-04-14 10:04 - 2012-08-23 02:48 - 00155826 _____ () C:\windows\system32\perfc007.dat
2014-04-14 10:04 - 2012-07-26 09:28 - 01745416 _____ () C:\windows\system32\PerfStringBackup.INI
2014-04-14 10:03 - 2014-04-14 10:03 - 00000000 ____D () C:\Users\user\AppData\Roaming\qone8
2014-04-14 10:02 - 2013-01-17 16:16 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-04-14 10:02 - 2012-10-24 17:34 - 00001656 _____ () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-14 09:57 - 2014-04-14 09:57 - 00240416 _____ (Fusion Install ) C:\Users\user\Downloads\Groovestream.exe
2014-04-13 17:18 - 2014-01-12 22:34 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-04-11 11:16 - 2013-09-03 14:54 - 00000000 ____D () C:\windows\system32\MRT
2014-04-11 11:10 - 2013-01-07 11:47 - 90655440 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-04-09 11:38 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-04-09 11:32 - 2014-04-09 11:31 - 00306264 _____ () C:\windows\Minidump\040914-58156-01.dmp
2014-04-09 11:31 - 2013-09-15 21:06 - 00000000 ____D () C:\windows\Minidump
2014-04-09 11:30 - 2013-09-15 21:06 - 893009178 _____ () C:\windows\MEMORY.DMP
2014-04-04 17:25 - 2014-04-04 17:25 - 02372543 _____ () C:\Users\user\Downloads\erziehender-sportunterricht(1)
2014-04-04 17:23 - 2014-04-04 17:23 - 02372543 _____ () C:\Users\user\Downloads\erziehender-sportunterricht
2014-04-03 11:59 - 2014-03-30 20:07 - 00000000 ____D () C:\ProgramData\simplitec
2014-04-03 11:50 - 2014-04-03 11:50 - 00000000 ____D () C:\Program Files (x86)\emagic
2014-04-03 09:39 - 2014-04-03 09:39 - 00264792 _____ () C:\windows\msxml4-KB2758694-enu.LOG
2014-04-01 09:10 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-03-31 23:18 - 2014-04-14 11:42 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-03-31 23:18 - 2014-04-14 11:42 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-30 20:20 - 2014-03-30 20:20 - 00000000 ____D () C:\Users\user\AppData\Roaming\simplitec
2014-03-30 20:20 - 2014-03-30 20:08 - 00000000 ___RD () C:\Users\user\Documents\MAGIX
2014-03-30 20:20 - 2014-03-30 20:06 - 00000000 ____D () C:\ProgramData\MAGIX
2014-03-30 20:20 - 2014-03-30 19:49 - 00000000 ____D () C:\Users\user\AppData\Roaming\MAGIX
2014-03-30 20:14 - 2014-03-26 09:08 - 00388232 _____ () C:\windows\system32\FNTCACHE.DAT
2014-03-30 20:13 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-30 20:13 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-30 20:13 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-30 20:13 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-30 20:10 - 2014-03-30 20:09 - 00000000 ____D () C:\Users\Public\Documents\MAGIX
2014-03-30 20:09 - 2014-03-30 20:09 - 00001193 _____ () C:\Users\Public\Desktop\MAGIX Music Maker 2014 Premium.lnk
2014-03-30 20:09 - 2014-03-30 20:09 - 00000000 ____D () C:\Users\user\Documents\MAGIX_MusicEditor
2014-03-30 20:08 - 2014-03-30 20:07 - 00000000 ____D () C:\Program Files (x86)\MAGIX
2014-03-30 20:07 - 2014-03-30 20:07 - 00001125 _____ () C:\Users\Public\Desktop\simplicheck.lnk
2014-03-30 20:07 - 2014-03-30 20:07 - 00000000 ____D () C:\Program Files (x86)\simplitec
2014-03-30 20:06 - 2014-03-30 20:06 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-03-30 20:06 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\Help
2014-03-30 19:48 - 2014-03-30 19:48 - 02877736 _____ (MAGIX AG) C:\Users\user\Downloads\trial_musicmaker2014premium_dlm.exe
2014-03-30 16:35 - 2014-03-30 16:35 - 00921000 _____ (Oracle Corporation) C:\Users\user\Downloads\jxpiinstall.exe
2014-03-28 12:48 - 2013-02-11 10:03 - 00000000 ____D () C:\Users\user\Documents\Ref allgemeines
2014-03-18 17:42 - 2014-03-18 17:42 - 00685456 _____ () C:\Users\user\Downloads\ZipExtractorSetup.exe
Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe
Some content of TEMP:
====================
C:\Users\Gast\AppData\Local\Temp\install_flashplayer11x32_mssd_aih.exe
C:\Users\user\AppData\Local\Temp\1366617001itinstallerp.exe
C:\Users\user\AppData\Local\Temp\1366617002itinstallerp.exe
C:\Users\user\AppData\Local\Temp\1_Offer_6.exe
C:\Users\user\AppData\Local\Temp\228965-671337-outlook-2013.exe
C:\Users\user\AppData\Local\Temp\BackupSetup.exe
C:\Users\user\AppData\Local\Temp\COMAP.EXE
C:\Users\user\AppData\Local\Temp\ForteDependencies.exe
C:\Users\user\AppData\Local\Temp\ICReinstall_ZipExtractorSetup.exe
C:\Users\user\AppData\Local\Temp\installerp.exe
C:\Users\user\AppData\Local\Temp\instloffer.exe
C:\Users\user\AppData\Local\Temp\nsk6680.exe
C:\Users\user\AppData\Local\Temp\nsnD366.exe
C:\Users\user\AppData\Local\Temp\nsqC328.exe
C:\Users\user\AppData\Local\Temp\nst7100.exe
C:\Users\user\AppData\Local\Temp\Optimizer_Pro.exe
C:\Users\user\AppData\Local\Temp\SearchProtectINT.exe
C:\Users\user\AppData\Local\Temp\SendMsg.dll
C:\Users\user\AppData\Local\Temp\setup{90B2A168-34E5-40DD-816D-50D9CB3CDAAD}.exe
C:\Users\user\AppData\Local\Temp\SmartbarExeInstaller.exe
C:\Users\user\AppData\Local\Temp\speedupmypc.exe
C:\Users\user\AppData\Local\Temp\SPSetup.exe
C:\Users\user\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\user\AppData\Local\Temp\System.Data.SQLite17313.dll
C:\Users\user\AppData\Local\Temp\System.Data.SQLite62588.dll
C:\Users\user\AppData\Local\Temp\System.Data.SQLite72594.dll
C:\Users\user\AppData\Local\Temp\System.Data.SQLite90102.dll
C:\Users\user\AppData\Local\Temp\System.Data.SQLite91302.dll
C:\Users\user\AppData\Local\Temp\vbmz10.exe
C:\Users\user\AppData\Local\Temp\vcredist_x64.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-14 11:56
==================== End Of Log ============================
|
|
16.04.2014, 18:41
| #7 |
| /// the machine /// TB-Ausbilder | Sart Quon8 blockiert alles\ Windows 8 andere Logfiles? ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
16.04.2014, 19:19
| #8 |
| | Sart Quon8 blockiert alles\ Windows 8 Hallo! Vielen Dank für Ihre Hilfe!!! Ich war wohl auf dem richtigen Weg, aber irgendetwas wurde durch den Virus so eingestellt, dass ich nicht einmal mehr ins Internet kam. Deshalb musste ich mir heute jemanden vor Ort kommen lassen müssen, der das wieder in Ordnung bringt. Er hat es aber nach meiner Beurteilung ähnlich gemacht, wie sie es gesagt haben. Ich bin trotzdem sehr dankbar, dass sie mir erstmal so schnell geholfen haben! Lg Meike. |
|
17.04.2014, 13:37
| #9 |
| /// the machine /// TB-Ausbilder | Sart Quon8 blockiert alles\ Windows 8 ok.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Sart Quon8 blockiert alles\ Windows 8 |
| blockiert, compu, computer, computern, dankbar, drucker, herunterladen, hilfe, lernen, quona 8, treiber, windows, windows 8, youtube |
Linear-Darstellung
