Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Sart Quon8 blockiert alles\ Windows 8

Sart Quon8 blockiert alles\ Windows 8


Plagegeister aller Art und deren Bekämpfung: Sart Quon8 blockiert alles\ Windows 8

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 15.04.2014, 14:49   #1
meikedw
 
Sart Quon8 blockiert alles\ Windows 8 - Standard

Sart Quon8 blockiert alles\ Windows 8



FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-04-2014
Ran by user (administrator) on NOTEBOOK on 15-04-2014 15:45:16
Running from C:\Users\user\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\windows\system32\WLANExt.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Just Develop It) C:\Program Files (x86)\MyPC Backup\BackupStack.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\windows\system32\dashost.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
() C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Citrix Systems, Inc) C:\Program Files\Citrix\Secure Access Client\nsverctl.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Updater) C:\ProgramData\Updater\updater.exe
(Citrix Systems, Inc) C:\Program Files\Citrix\Secure Access Client\nsload.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Dropbox, Inc.) C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe
(MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe
(CANON INC.) C:\Program Files (x86)\Canon\My Image Garden\cnmigmain.exe
(WatchDog) C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe
(WatchDog) C:\ProgramData\RHelpers\FireFoxHelper\FireFoxHelper.exe
(WatchDog) C:\ProgramData\RHelpers\IEHelper\IeHelper.exe
(Microsoft Corporation) C:\windows\syswow64\wwahost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\swriter.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
() C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
(Smart PC Solutions) C:\Program Files (x86)\PC Speed Maximizer\SPMSmartScan.exe
(Microsoft Corporation) C:\windows\syswow64\wwahost.exe
(Microsoft Corporation) C:\windows\syswow64\wwahost.exe
() C:\Program Files (x86)\BrowseMark\updateBrowseMark.exe
() C:\Program Files (x86)\BrowseMark\bin\utilBrowseMark.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Microsoft Corporation) C:\windows\syswow64\wwahost.exe
(Microsoft Corporation) C:\windows\syswow64\wwahost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Farbar) C:\Users\user\Downloads\FRST64(1).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11554688 2012-08-08] (Motorola Solutions, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2862448 2012-08-06] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IgfxTray] => C:\windows\system32\igfxtray.exe [170304 2012-07-27] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] => C:\windows\system32\hkcmd.exe [398656 2012-07-27] (Intel Corporation)
HKLM\...\Run: [Persistence] => C:\windows\system32\igfxpers.exe [440640 2012-07-27] (Intel Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-11] (Symantec Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-05-23] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [Updater] => C:\ProgramData\Updater\Updater.exe [486264 2013-12-19] (Updater)
HKLM-x32\...\Run: [BrowserSafeguard] => C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe [465408 2014-04-11] ()
HKLM-x32\...\Runonce: [Del17531671] - cmd.exe /Q /D /c del "C:\Users\user\AppData\Local\Temp\0.del" [X]
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-807486987-1310922522-2315296771-1002\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1106288 2013-05-23] (Samsung)
HKU\S-1-5-21-807486987-1310922522-2315296771-1002\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1561968 2013-05-23] (Samsung)
HKU\S-1-5-21-807486987-1310922522-2315296771-1002\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-807486987-1310922522-2315296771-1002\...\Run: [NextLive] => C:\windows\SysWOW64\rundll32.exe "C:\Users\user\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKU\S-1-5-21-807486987-1310922522-2315296771-1002\...\Run: [Updater] => C:\ProgramData\Updater\updater.exe [486264 2013-12-19] (Updater)
HKU\S-1-5-21-807486987-1310922522-2315296771-1002\...\Run: [PC Speed Maximizer] => C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe [134456 2013-03-09] (Smart PC Solutions)
HKU\S-1-5-21-807486987-1310922522-2315296771-1002\...\RunOnce: [Del17531671] - cmd.exe /Q /D /c del "C:\Users\user\AppData\Local\Temp\0.del"
AppInit_DLLs: C:\Program Files (x86)\SupTab\SearchProtect64.dll => C:\Program Files (x86)\SupTab\SearchProtect64.dll [102512 2014-04-02] (Skytech Co., Ltd.)
AppInit_DLLs-x32: C:\Program Files (x86)\SupTab\SearchProtect32.dll => C:\Program Files (x86)\SupTab\SearchProtect32.dll [91248 2014-04-02] (Skytech Co., Ltd.)
Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:49334;https=127.0.0.1:49334
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=86593597-40fd-43cf-89e9-f9d0452ec0bd&searchtype=ds&q={searchTerms}&installDate=10/09/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Mysearchdial Search
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Qone8
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=86593597-40fd-43cf-89e9-f9d0452ec0bd&searchtype=ds&q={searchTerms}&installDate=10/09/2013
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.qone8.com/web/?type=ds&ts=1397462469&from=adks&uid=ST500LM012XHN-M500MBB_S2RSJ9CC870096&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Qone8
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Mysearchdial Search
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.qone8.com/web/?type=ds&ts=1397462469&from=adks&uid=ST500LM012XHN-M500MBB_S2RSJ9CC870096&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.qone8.com/web/?type=ds&ts=1397462469&from=adks&uid=ST500LM012XHN-M500MBB_S2RSJ9CC870096&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = Qone8
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = Mysearchdial Search
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.qone8.com/web/?type=ds&ts=1397462469&from=adks&uid=ST500LM012XHN-M500MBB_S2RSJ9CC870096&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe Qone8
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites05_14_16_ff&cd=2XzuyEtN2Y1L1Qzu0CyCzzyDtDzz0D0DtCyC0CyCyBzy0EtAtN0D0Tzu0SzztAyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StD0DyD0BtCtD0CtDtGzztB0D0CtGtByE0FtBtGzztByE0CtGyE0Czy0E0F0AyEyD0F0C0ByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByCyByCtAyC0EyEtGyE0FzytBtGzzzyyD0DtGzz0F0D0DtGtAyBtD0AtB0Azy0BtDyEtD0E2Q&cr=2072263815&ir=
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites05_14_16_ff&cd=2XzuyEtN2Y1L1Qzu0CyCzzyDtDzz0D0DtCyC0CyCyBzy0EtAtN0D0Tzu0SzztAyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StD0DyD0BtCtD0CtDtGzztB0D0CtGtByE0FtBtGzztByE0CtGyE0Czy0E0F0AyEyD0F0C0ByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByCyByCtAyC0EyEtGyE0FzytBtGzzzyyD0DtGzz0F0D0DtGtAyBtD0AtB0Azy0BtDyEtD0E2Q&cr=2072263815&ir=
SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://www.qone8.com/web/?type=ds&ts=1397462469&from=adks&uid=ST500LM012XHN-M500MBB_S2RSJ9CC870096&q={searchTerms}
SearchScopes: HKLM - {7ABB8B5C-935A-4B30-84E2-9C5BBA49D5F0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1397462469&from=adks&uid=ST500LM012XHN-M500MBB_S2RSJ9CC870096&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1397462469&from=adks&uid=ST500LM012XHN-M500MBB_S2RSJ9CC870096&q={searchTerms}
SearchScopes: HKLM-x32 - {7ABB8B5C-935A-4B30-84E2-9C5BBA49D5F0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites05_14_16_ff&cd=2XzuyEtN2Y1L1Qzu0CyCzzyDtDzz0D0DtCyC0CyCyBzy0EtAtN0D0Tzu0SzztAyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StD0DyD0BtCtD0CtDtGzztB0D0CtGtByE0FtBtGzztByE0CtGyE0Czy0E0F0AyEyD0F0C0ByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByCyByCtAyC0EyEtGyE0FzytBtGzzzyyD0DtGzz0F0D0DtGtAyBtD0AtB0Azy0BtDyEtD0E2Q&cr=2072263815&ir=
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=86593597-40fd-43cf-89e9-f9d0452ec0bd&searchtype=ds&q={searchTerms}&installDate=10/09/2013
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3314932&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP5CA0DD16-BACC-4936-83FE-FCD1E018130C&q={searchTerms}&SSPV=
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites05_14_16_ff&cd=2XzuyEtN2Y1L1Qzu0CyCzzyDtDzz0D0DtCyC0CyCyBzy0EtAtN0D0Tzu0SzztAyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StD0DyD0BtCtD0CtDtGzztB0D0CtGtByE0FtBtGzztByE0CtGyE0Czy0E0F0AyEyD0F0C0ByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByCyByCtAyC0EyEtGyE0FzytBtGzzzyyD0DtGzz0F0D0DtGtAyBtD0AtB0Azy0BtDyEtD0E2Q&cr=2072263815&ir=
SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://www.qone8.com/web/?type=ds&ts=1397462469&from=adks&uid=ST500LM012XHN-M500MBB_S2RSJ9CC870096&q={searchTerms}
SearchScopes: HKCU - {84C9C423-40AA-4F27-9F91-907798BCF822} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=MGX&o=15359&src=kw&q={searchTerms}&locale=&apn_ptnrs=^JQ&apn_dtid=^YYYYYY^YY^DE&apn_uid=9AB39053-BA6C-400C-BFC2-6FFA8C7C67C8&apn_sauid=AE5D254E-0A69-49A8-ADBC-44B5975CA8DF
BHO: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: HQvidPv1.1 - {11111111-1111-1111-1111-110511301198} - C:\Program Files (x86)\HQvidPv1.1\HQvidPv1.1-bho.dll (HQvidPv1.1)
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Websteroids - {44ed99e2-16a6-4b89-80d6-5b21cf42e78b} - C:\ProgramData\Websteroids\IE\common.dll (Creative Island Media, LLC)
BHO-x32: IEiRobinHoodAddon Class - {54E67346-EE5A-45B6-82AA-4F0BB28C79C2} - C:\Program Files (x86)\iRobinHood\iRobinHood Addon\iRobinHood.dll (iRobinHood)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: BrowseMark - {aeac172e-2e4b-4b92-9af6-b0cdb1acecdb} - C:\Program Files (x86)\BrowseMark\BrowseMarkbho.dll (BrowseMark)
BHO-x32: Softonic Helper Object - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files (x86)\Softonic\Softonic\1.8.21.14\bh\Softonic.dll (Softonic.com)
BHO-x32: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: mysearchdial Helper Object - {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - C:\Program Files (x86)\Mysearchdial\1.8.29.0\bh\mysearchdial.dll (MySearchDial)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files (x86)\Softonic\Softonic\1.8.21.14\SoftonicTlbr.dll (Softonic.com)
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialTlbr.dll (MySearchDial)

FireFox:
========
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\zgn0cf4s.default-1397463064757
FF user.js: detected! => C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\zgn0cf4s.default-1397463064757\user.js
FF DefaultSearchEngine: qone8
FF SelectedSearchEngine: Google
FF Homepage: hxxp://start.qone8.com/?type=hppp&ts=1397486012&from=adks&uid=ST500LM012XHN-M500MBB_S2RSJ9CC870096
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @Citrix.com/npagee64,version=10.1.119.7 - C:\Program Files\Citrix\Secure Access Client\npagee64.dll (Citrix Systems, Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @Citrix.com/npagee,version=10.1.119.7 - C:\Program Files\Citrix\Secure Access Client\npagee.dll (Citrix Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\user\AppData\Roaming\mozilla\plugins\npagee.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\user\AppData\Roaming\mozilla\plugins\npagee64.dll (Citrix Systems, Inc.)
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\zgn0cf4s.default-1397463064757\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\qone8.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: mysearchdial.com - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\zgn0cf4s.default-1397463064757\Extensions\ffxtlbr@mysearchdial.com [2014-04-14]
FF Extension: Yahoo! Toolbar - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\zgn0cf4s.default-1397463064757\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2014-04-14]
FF Extension: MySearchDial - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\zgn0cf4s.default-1397463064757\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}.xpi [2014-04-15]
FF Extension: BrowseMark - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\zgn0cf4s.default-1397463064757\Extensions\{b99c8534-7800-48fa-bd71-519a46cdc7e1}.xpi [2014-04-12]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFF [2013-10-12]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\4qrsudvd.default-1359299008498\extensions\quick_start@gmail.com
FF HKCU\...\Firefox\Extensions: [autolyrics@man-soft.net] - C:\Program Files (x86)\AutoLyrics\FF\
FF Extension: Auto Lyrics - C:\Program Files (x86)\AutoLyrics\FF\ []
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe Qone8

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (Softonic Chrome Toolbar) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf [2013-11-26]
CHR HKLM-x32\...\Chrome\Extension: [elchiiiejkobdbblfejjkbphbddgmljf] - C:\Program Files (x86)\Softonic\Softonic\1.8.21.14\Softonic.crx [2013-06-11]
CHR HKLM-x32\...\Chrome\Extension: [iidmoehhpbghchkaogkhmcckhlhebekn] - C:\Program Files (x86)\iRobinHood\iRobinHood Addon\iRobinHoodPartnersVExtension1_42.crx [2013-08-02]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\Exts\Chrome.crx [2014-04-09]
CHR HKLM-x32\...\Chrome\Extension: [pkcdkfohdadbjmlfejhncigcbfkiaamf] - C:\Program Files (x86)\AutoLyrics\Chrome.crx [2013-04-23]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36392 2014-03-14] (Just Develop It)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593976 2012-08-26] (Samsung Electronics CO., LTD.)
R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [102224 2012-08-17] (Condusiv Technologies)
R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [705136 2014-04-11] (Cherished Technololgy LIMITED)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 irstrtsv; C:\windows\SysWOW64\irstrtsv.exe [193576 2012-07-19] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-11] (Symantec Corporation)
R2 nsverctl; C:\Program Files\Citrix\Secure Access Client\nsverctl.exe [157744 2013-07-29] (Citrix Systems, Inc)
R2 Update BrowseMark; C:\Program Files (x86)\BrowseMark\updateBrowseMark.exe [350496 2014-04-15] ()
R2 Util BrowseMark; C:\Program Files (x86)\BrowseMark\bin\utilBrowseMark.exe [350496 2014-04-15] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [566272 2014-04-14] (Cherished Technololgy LIMITED)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20140319.001\BHDrvx64.sys [1525976 2014-03-19] (Symantec Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R2 cag; C:\Program Files\Common Files\Deterministic Networks\Common Files\cag.sys [102160 2013-04-01] (Citrix Systems, Inc.)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00B\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 ctxva51; C:\Windows\system32\DRIVERS\ctxva51.sys [46640 2013-07-29] (Citrix Systems, Inc.)
R1 DNE; C:\Windows\system32\DRIVERS\dnelwf64.sys [119120 2013-02-20] (Citrix Systems, Inc.)
R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-21] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-21] (Symantec Corporation)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23376 2012-08-17] (Condusiv Technologies)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [103248 2012-08-17] (Condusiv Technologies)
R3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20140414.001\IDSvia64.sys [525016 2014-03-26] (Symantec Corporation)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-20] (Intel Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20140414.032\ENG64.SYS [126040 2014-04-14] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20140414.032\EX64.SYS [2099288 2014-04-14] (Symantec Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-10-08] (Intel Corporation)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-10-10] (Windows (R) 2003 DDK 3790 provider)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
R3 SymDS; C:\Windows\system32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R3 SymEFA; C:\Windows\system32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1404000.028\SymELAM.sys [23448 2012-06-20] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-19] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R3 SymNetS; C:\Windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61120 2014-04-14] (StdLib)
S3 SBIOSIO; \??\C:\windiag\SBIOSIO64.SYS [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-15 15:45 - 2014-04-15 15:45 - 00033791 _____ () C:\Users\user\Downloads\FRST.txt
2014-04-15 15:44 - 2014-04-15 15:44 - 02054144 _____ (Farbar) C:\Users\user\Downloads\FRST64(1).exe
2014-04-15 15:41 - 2014-04-15 15:41 - 00000116 _____ () C:\Users\user\Desktop\Fixlist.txt
2014-04-14 19:34 - 2014-04-14 19:34 - 00061120 _____ (StdLib) C:\windows\system32\Drivers\wStLibG64.sys
2014-04-14 19:33 - 2014-04-15 12:03 - 00000061 _____ () C:\Users\user\AppData\Roaming\WB.CFG
2014-04-14 16:46 - 2014-04-14 16:48 - 00037579 _____ () C:\Users\user\Downloads\Addition.txt
2014-04-14 16:44 - 2014-04-14 16:48 - 00000000 ____D () C:\FRST
2014-04-14 16:43 - 2014-04-14 16:43 - 02157568 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe
2014-04-14 16:41 - 2014-04-14 16:41 - 01146368 _____ (Farbar) C:\Users\user\Downloads\FRST.exe
2014-04-14 16:38 - 2014-04-14 16:38 - 00000000 ____D () C:\Users\user\Documents\PC Speed Maximizer
2014-04-14 16:38 - 2014-04-14 16:38 - 00000000 ____D () C:\Users\user\AppData\Roaming\PC Speed Maximizer
2014-04-14 16:35 - 2014-04-14 16:35 - 00000000 ____D () C:\Users\user\AppData\Roaming\0D0S1L2Z1P1B
2014-04-14 16:34 - 2014-04-14 17:48 - 00000000 ____D () C:\Program Files (x86)\BrowseMark
2014-04-14 16:33 - 2014-04-15 14:33 - 00000322 _____ () C:\windows\Tasks\Digital Sites.job
2014-04-14 16:33 - 2014-04-14 16:33 - 00002660 _____ () C:\windows\System32\Tasks\Digital Sites
2014-04-14 16:33 - 2014-04-14 16:33 - 00001145 _____ () C:\Users\user\Desktop\PC Speed Maximizer.lnk
2014-04-14 16:33 - 2014-04-14 16:33 - 00001120 _____ () C:\Users\Public\Desktop\Open It!.lnk
2014-04-14 16:33 - 2014-04-14 16:33 - 00000000 ____D () C:\Users\user\AppData\Roaming\mysearchdial
2014-04-14 16:33 - 2014-04-14 16:33 - 00000000 ____D () C:\Users\user\AppData\Roaming\DigitalSites
2014-04-14 16:33 - 2014-04-14 16:33 - 00000000 ____D () C:\Program Files (x86)\PC Speed Maximizer
2014-04-14 16:33 - 2014-04-14 16:33 - 00000000 ____D () C:\Program Files (x86)\OpenIt
2014-04-14 16:33 - 2014-04-14 16:33 - 00000000 ____D () C:\Program Files (x86)\Mysearchdial
2014-04-14 16:32 - 2014-04-14 16:32 - 00675608 _____ ( ) C:\Users\user\Downloads\ZipExtractorSetup(1).exe
2014-04-14 12:13 - 2014-04-14 12:13 - 00000000 ___SH () C:\DkHyperbootSync
2014-04-14 11:42 - 2014-03-31 23:18 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-04-14 11:42 - 2014-03-31 23:18 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-14 11:04 - 2014-04-14 11:04 - 00000000 ____D () C:\ProgramData\GridinSoft
2014-04-14 11:01 - 2014-04-14 11:02 - 47141056 _____ (GridinSoft LLC) C:\Users\user\Downloads\gtk-2.2.2.5-setup.exe
2014-04-14 10:20 - 2013-12-27 18:10 - 00020312 _____ (Systweak Inc., (Systweak - Download Software utilities for Windows optimization, Scan & Clean Spyware for Free)) C:\windows\system32\roboot64.exe
2014-04-14 10:19 - 2014-04-14 11:30 - 00000000 ____D () C:\Users\user\AppData\Roaming\systweak
2014-04-14 10:18 - 2014-04-14 10:18 - 00001983 _____ () C:\Users\user\Desktop\Sync Folder.lnk
2014-04-14 10:16 - 2014-04-14 10:21 - 00001101 _____ () C:\Users\user\Desktop\MyPC Backup.lnk
2014-04-14 10:16 - 2014-04-14 10:16 - 00000000 ____D () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-04-14 10:16 - 2014-04-14 10:16 - 00000000 ____D () C:\Program Files (x86)\PriceGong
2014-04-14 10:11 - 2014-04-14 10:11 - 00000000 ____D () C:\Users\user\Desktop\Alte Firefox-Daten-1
2014-04-14 10:09 - 2014-04-15 10:09 - 00002788 _____ () C:\windows\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-3.job
2014-04-14 10:09 - 2014-04-15 10:09 - 00002166 _____ () C:\windows\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-4.job
2014-04-14 10:09 - 2014-04-15 10:09 - 00001388 _____ () C:\windows\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-1.job
2014-04-14 10:09 - 2014-04-14 10:09 - 00005792 _____ () C:\windows\System32\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-3
2014-04-14 10:09 - 2014-04-14 10:09 - 00005170 _____ () C:\windows\System32\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-4
2014-04-14 10:09 - 2014-04-14 10:09 - 00004392 _____ () C:\windows\System32\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-1
2014-04-14 10:08 - 2014-04-14 10:09 - 00000000 ____D () C:\Program Files (x86)\HQvidPv1.1
2014-04-14 10:07 - 2014-04-14 10:07 - 00000000 ____D () C:\Users\user\AppData\Local\VisualBeeClient
2014-04-14 10:06 - 2014-04-14 10:07 - 00000000 ____D () C:\Users\user\AppData\Local\VisualBeeExe
2014-04-14 10:06 - 2014-04-14 10:06 - 00001240 _____ () C:\Users\user\Desktop\Create Amazing Presentations.lnk
2014-04-14 10:06 - 2014-04-14 10:06 - 00001240 _____ () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Create Amazing Presentations.lnk
2014-04-14 10:06 - 2014-04-14 10:06 - 00000000 ____D () C:\Users\user\AppData\Local\emaze
2014-04-14 10:06 - 2014-04-14 10:06 - 00000000 ____D () C:\ProgramData\VisualBee
2014-04-14 10:05 - 2014-04-14 10:08 - 00000000 ____D () C:\ProgramData\IePluginService
2014-04-14 10:05 - 2014-04-14 10:05 - 00004384 _____ () C:\windows\System32\Tasks\BrowserSafeguard Update Task
2014-04-14 10:05 - 2014-04-14 10:05 - 00000000 ____D () C:\Users\user\AppData\Roaming\SupTab
2014-04-14 10:05 - 2014-04-14 10:05 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-04-14 10:05 - 2014-04-14 10:05 - 00000000 ____D () C:\Program Files (x86)\Browsersafeguard
2014-04-14 10:04 - 2014-04-14 10:04 - 00000000 ____D () C:\ProgramData\WPM
2014-04-14 10:03 - 2014-04-14 10:03 - 00000000 ____D () C:\Users\user\AppData\Roaming\qone8
2014-04-14 09:57 - 2014-04-14 09:57 - 00240416 _____ (Fusion Install ) C:\Users\user\Downloads\Groovestream.exe
2014-04-13 11:39 - 2014-01-27 05:42 - 02232664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-04-13 11:39 - 2014-01-27 05:39 - 01939288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2014-04-13 11:39 - 2014-01-27 02:52 - 17561088 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-04-13 11:39 - 2014-01-27 02:31 - 19752448 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-04-13 11:39 - 2014-01-11 08:48 - 05979648 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-04-13 11:38 - 2014-03-07 02:08 - 19273216 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-04-13 11:38 - 2014-02-04 01:56 - 00332632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2014-04-13 11:38 - 2014-02-04 01:56 - 00278872 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2014-04-13 11:38 - 2014-01-31 05:55 - 00209712 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2014-04-13 11:38 - 2014-01-31 02:48 - 00564736 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-04-13 11:38 - 2014-01-31 02:48 - 00485888 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSDApi.dll
2014-04-13 11:38 - 2014-01-31 02:48 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-04-13 11:38 - 2014-01-31 02:48 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-13 11:38 - 2014-01-31 02:06 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-04-13 11:38 - 2014-01-31 02:06 - 00599040 _____ (Microsoft Corporation) C:\windows\system32\WSDApi.dll
2014-04-13 11:38 - 2014-01-31 02:06 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-13 11:38 - 2014-01-27 01:17 - 00386722 _____ () C:\windows\system32\ApnDatabase.xml
2014-04-13 11:38 - 2014-01-16 01:42 - 00118784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dfsc.sys
2014-04-13 11:38 - 2014-01-11 07:06 - 05092352 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-04-13 11:38 - 2014-01-03 01:35 - 00365568 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsGdiConverter.dll
2014-04-13 11:38 - 2014-01-03 01:32 - 00523264 _____ (Microsoft Corporation) C:\windows\system32\XpsGdiConverter.dll
2014-04-13 11:38 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-04-13 11:36 - 2014-03-07 02:47 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-04-13 11:36 - 2014-03-07 02:08 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-04-13 11:36 - 2014-03-07 02:08 - 03959808 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-04-13 11:36 - 2014-03-07 02:08 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-04-13 11:35 - 2014-03-07 02:47 - 14357504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-04-13 11:35 - 2014-03-07 02:08 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-04-13 11:35 - 2014-03-07 02:08 - 02240000 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-04-13 11:35 - 2014-03-07 02:08 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-04-13 11:34 - 2014-03-07 02:48 - 01766400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-04-13 11:34 - 2014-03-07 02:48 - 01140736 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-04-13 11:34 - 2014-03-07 02:47 - 13760512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-04-13 11:34 - 2014-03-07 02:47 - 02877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-04-13 11:34 - 2014-03-07 02:47 - 02049536 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-04-13 11:34 - 2014-03-07 02:47 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-04-13 11:34 - 2014-03-07 02:47 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-04-13 11:34 - 2014-03-07 02:08 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-04-13 11:34 - 2014-03-07 02:08 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-04-13 11:34 - 2014-03-07 02:08 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-04-13 11:34 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-04-13 11:34 - 2013-05-14 15:14 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-04-13 11:34 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-04-13 11:34 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-04-13 11:34 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-04-13 11:34 - 2012-07-26 05:06 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-04-09 11:31 - 2014-04-09 11:32 - 00306264 _____ () C:\windows\Minidump\040914-58156-01.dmp
2014-04-09 08:47 - 2014-02-06 01:41 - 01257984 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-04-09 08:47 - 2014-02-06 01:41 - 00978432 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-04-09 08:47 - 2014-02-06 01:26 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2014-04-09 08:47 - 2014-02-06 01:19 - 00974848 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2014-04-04 17:25 - 2014-04-04 17:25 - 02372543 _____ () C:\Users\user\Downloads\erziehender-sportunterricht(1)
2014-04-04 17:23 - 2014-04-04 17:23 - 02372543 _____ () C:\Users\user\Downloads\erziehender-sportunterricht
2014-04-03 11:50 - 2014-04-03 11:50 - 00000000 ____D () C:\Program Files (x86)\emagic
2014-04-03 11:50 - 1999-12-17 10:13 - 00086016 _____ (MindVision Software) C:\windows\unvise32.exe
2014-04-03 09:39 - 2014-04-03 09:39 - 00264792 _____ () C:\windows\msxml4-KB2758694-enu.LOG
2014-03-30 20:20 - 2014-03-30 20:20 - 00000000 ____D () C:\Users\user\AppData\Roaming\simplitec
2014-03-30 20:09 - 2014-03-30 20:10 - 00000000 ____D () C:\Users\Public\Documents\MAGIX
2014-03-30 20:09 - 2014-03-30 20:09 - 00001193 _____ () C:\Users\Public\Desktop\MAGIX Music Maker 2014 Premium.lnk
2014-03-30 20:09 - 2014-03-30 20:09 - 00000000 ____D () C:\Users\user\Documents\MAGIX_MusicEditor
2014-03-30 20:08 - 2014-03-30 20:20 - 00000000 ___RD () C:\Users\user\Documents\MAGIX
2014-03-30 20:07 - 2014-04-03 11:59 - 00000000 ____D () C:\ProgramData\simplitec
2014-03-30 20:07 - 2014-03-30 20:08 - 00000000 ____D () C:\Program Files (x86)\MAGIX
2014-03-30 20:07 - 2014-03-30 20:07 - 00001125 _____ () C:\Users\Public\Desktop\simplicheck.lnk
2014-03-30 20:07 - 2014-03-30 20:07 - 00000000 ____D () C:\Program Files (x86)\simplitec
2014-03-30 20:06 - 2014-03-30 20:20 - 00000000 ____D () C:\ProgramData\MAGIX
2014-03-30 20:06 - 2014-03-30 20:06 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-03-30 19:49 - 2014-03-30 20:20 - 00000000 ____D () C:\Users\user\AppData\Roaming\MAGIX
2014-03-30 19:48 - 2014-03-30 19:48 - 02877736 _____ (MAGIX AG) C:\Users\user\Downloads\trial_musicmaker2014premium_dlm.exe
2014-03-30 16:35 - 2014-03-30 16:35 - 00921000 _____ (Oracle Corporation) C:\Users\user\Downloads\jxpiinstall.exe
2014-03-26 09:08 - 2014-03-30 20:14 - 00388232 _____ () C:\windows\system32\FNTCACHE.DAT
2014-03-18 17:42 - 2014-03-18 17:42 - 00685456 _____ () C:\Users\user\Downloads\ZipExtractorSetup.exe
2014-03-16 14:41 - 2013-10-25 09:34 - 00035856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdBoot.sys
2014-03-16 14:41 - 2013-10-25 00:34 - 00248240 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdFilter.sys
2014-03-16 14:40 - 2014-01-31 02:48 - 01339392 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2014-03-16 14:40 - 2014-01-31 02:06 - 01628160 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll

==================== One Month Modified Files and Folders =======

2014-04-15 15:45 - 2014-04-15 15:45 - 00033791 _____ () C:\Users\user\Downloads\FRST.txt
2014-04-15 15:45 - 2014-04-14 16:44 - 00000000 ____D () C:\FRST
2014-04-15 15:44 - 2014-04-15 15:44 - 02054144 _____ (Farbar) C:\Users\user\Downloads\FRST64(1).exe
2014-04-15 15:41 - 2014-04-15 15:41 - 00000116 _____ () C:\Users\user\Desktop\Fixlist.txt
2014-04-15 15:02 - 2012-08-22 11:34 - 00000360 _____ () C:\windows\Tasks\Xerox PhotoCafe Communicator.job
2014-04-15 15:00 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\sru
2014-04-15 14:55 - 2013-01-31 22:25 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-04-15 14:33 - 2014-04-14 16:33 - 00000322 _____ () C:\windows\Tasks\Digital Sites.job
2014-04-15 12:03 - 2014-04-14 19:33 - 00000061 _____ () C:\Users\user\AppData\Roaming\WB.CFG
2014-04-15 11:26 - 2012-08-22 10:34 - 02066640 _____ () C:\windows\WindowsUpdate.log
2014-04-15 10:39 - 2013-02-04 10:52 - 00000000 ____D () C:\Users\user\Documents\Sport
2014-04-15 10:09 - 2014-04-14 10:09 - 00002788 _____ () C:\windows\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-3.job
2014-04-15 10:09 - 2014-04-14 10:09 - 00002166 _____ () C:\windows\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-4.job
2014-04-15 10:09 - 2014-04-14 10:09 - 00001388 _____ () C:\windows\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-1.job
2014-04-14 19:34 - 2014-04-14 19:34 - 00061120 _____ (StdLib) C:\windows\system32\Drivers\wStLibG64.sys
2014-04-14 17:48 - 2014-04-14 16:34 - 00000000 ____D () C:\Program Files (x86)\BrowseMark
2014-04-14 16:48 - 2014-04-14 16:46 - 00037579 _____ () C:\Users\user\Downloads\Addition.txt
2014-04-14 16:43 - 2014-04-14 16:43 - 02157568 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe
2014-04-14 16:41 - 2014-04-14 16:41 - 01146368 _____ (Farbar) C:\Users\user\Downloads\FRST.exe
2014-04-14 16:38 - 2014-04-14 16:38 - 00000000 ____D () C:\Users\user\Documents\PC Speed Maximizer
2014-04-14 16:38 - 2014-04-14 16:38 - 00000000 ____D () C:\Users\user\AppData\Roaming\PC Speed Maximizer
2014-04-14 16:35 - 2014-04-14 16:35 - 00000000 ____D () C:\Users\user\AppData\Roaming\0D0S1L2Z1P1B
2014-04-14 16:33 - 2014-04-14 16:33 - 00002660 _____ () C:\windows\System32\Tasks\Digital Sites
2014-04-14 16:33 - 2014-04-14 16:33 - 00001145 _____ () C:\Users\user\Desktop\PC Speed Maximizer.lnk
2014-04-14 16:33 - 2014-04-14 16:33 - 00001120 _____ () C:\Users\Public\Desktop\Open It!.lnk
2014-04-14 16:33 - 2014-04-14 16:33 - 00000000 ____D () C:\Users\user\AppData\Roaming\mysearchdial
2014-04-14 16:33 - 2014-04-14 16:33 - 00000000 ____D () C:\Users\user\AppData\Roaming\DigitalSites
2014-04-14 16:33 - 2014-04-14 16:33 - 00000000 ____D () C:\Program Files (x86)\PC Speed Maximizer
2014-04-14 16:33 - 2014-04-14 16:33 - 00000000 ____D () C:\Program Files (x86)\OpenIt
2014-04-14 16:33 - 2014-04-14 16:33 - 00000000 ____D () C:\Program Files (x86)\Mysearchdial
2014-04-14 16:32 - 2014-04-14 16:32 - 00675608 _____ ( ) C:\Users\user\Downloads\ZipExtractorSetup(1).exe
2014-04-14 12:13 - 2014-04-14 12:13 - 00000000 ___SH () C:\DkHyperbootSync
2014-04-14 12:11 - 2012-08-22 11:23 - 00000000 ____D () C:\ProgramData\WinClon
2014-04-14 12:04 - 2013-08-31 11:26 - 00000000 ___RD () C:\Users\user\Dropbox
2014-04-14 12:04 - 2013-08-21 10:44 - 00000000 ____D () C:\Users\user\AppData\Roaming\Dropbox
2014-04-14 12:03 - 2014-01-10 23:34 - 00000000 ____D () C:\Users\user\AppData\Roaming\newnext.me
2014-04-14 12:03 - 2012-10-24 17:35 - 00000000 ___RD () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-14 12:03 - 2012-10-24 17:35 - 00000000 ___RD () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-14 11:42 - 2013-09-10 21:54 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-04-14 11:41 - 2012-08-05 23:07 - 00045788 _____ () C:\windows\PFRO.log
2014-04-14 11:41 - 2012-07-26 09:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-04-14 11:40 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-04-14 11:37 - 2012-07-26 10:12 - 00000000 ___RD () C:\windows\ToastData
2014-04-14 11:37 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\WinStore
2014-04-14 11:30 - 2014-04-14 10:19 - 00000000 ____D () C:\Users\user\AppData\Roaming\systweak
2014-04-14 11:04 - 2014-04-14 11:04 - 00000000 ____D () C:\ProgramData\GridinSoft
2014-04-14 11:02 - 2014-04-14 11:01 - 47141056 _____ (GridinSoft LLC) C:\Users\user\Downloads\gtk-2.2.2.5-setup.exe
2014-04-14 10:36 - 2014-01-12 22:35 - 00000000 ____D () C:\Users\user\AppData\Roaming\Audacity
2014-04-14 10:21 - 2014-04-14 10:16 - 00001101 _____ () C:\Users\user\Desktop\MyPC Backup.lnk
2014-04-14 10:18 - 2014-04-14 10:18 - 00001983 _____ () C:\Users\user\Desktop\Sync Folder.lnk
2014-04-14 10:16 - 2014-04-14 10:16 - 00000000 ____D () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-04-14 10:16 - 2014-04-14 10:16 - 00000000 ____D () C:\Program Files (x86)\PriceGong
2014-04-14 10:11 - 2014-04-14 10:11 - 00000000 ____D () C:\Users\user\Desktop\Alte Firefox-Daten-1
2014-04-14 10:10 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-04-14 10:09 - 2014-04-14 10:09 - 00005792 _____ () C:\windows\System32\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-3
2014-04-14 10:09 - 2014-04-14 10:09 - 00005170 _____ () C:\windows\System32\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-4
2014-04-14 10:09 - 2014-04-14 10:09 - 00004392 _____ () C:\windows\System32\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-1
2014-04-14 10:09 - 2014-04-14 10:08 - 00000000 ____D () C:\Program Files (x86)\HQvidPv1.1
2014-04-14 10:08 - 2014-04-14 10:05 - 00000000 ____D () C:\ProgramData\IePluginService
2014-04-14 10:07 - 2014-04-14 10:07 - 00000000 ____D () C:\Users\user\AppData\Local\VisualBeeClient
2014-04-14 10:07 - 2014-04-14 10:06 - 00000000 ____D () C:\Users\user\AppData\Local\VisualBeeExe
2014-04-14 10:06 - 2014-04-14 10:06 - 00001240 _____ () C:\Users\user\Desktop\Create Amazing Presentations.lnk
2014-04-14 10:06 - 2014-04-14 10:06 - 00001240 _____ () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Create Amazing Presentations.lnk
2014-04-14 10:06 - 2014-04-14 10:06 - 00000000 ____D () C:\Users\user\AppData\Local\emaze
2014-04-14 10:06 - 2014-04-14 10:06 - 00000000 ____D () C:\ProgramData\VisualBee
2014-04-14 10:05 - 2014-04-14 10:05 - 00004384 _____ () C:\windows\System32\Tasks\BrowserSafeguard Update Task
2014-04-14 10:05 - 2014-04-14 10:05 - 00000000 ____D () C:\Users\user\AppData\Roaming\SupTab
2014-04-14 10:05 - 2014-04-14 10:05 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-04-14 10:05 - 2014-04-14 10:05 - 00000000 ____D () C:\Program Files (x86)\Browsersafeguard
2014-04-14 10:04 - 2014-04-14 10:04 - 00000000 ____D () C:\ProgramData\WPM
2014-04-14 10:04 - 2012-08-23 02:48 - 00753134 _____ () C:\windows\system32\perfh007.dat
2014-04-14 10:04 - 2012-08-23 02:48 - 00155826 _____ () C:\windows\system32\perfc007.dat
2014-04-14 10:04 - 2012-07-26 09:28 - 01745416 _____ () C:\windows\system32\PerfStringBackup.INI
2014-04-14 10:03 - 2014-04-14 10:03 - 00000000 ____D () C:\Users\user\AppData\Roaming\qone8
2014-04-14 10:02 - 2013-01-17 16:16 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-04-14 10:02 - 2012-10-24 17:34 - 00001656 _____ () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-14 09:57 - 2014-04-14 09:57 - 00240416 _____ (Fusion Install ) C:\Users\user\Downloads\Groovestream.exe
2014-04-13 17:18 - 2014-01-12 22:34 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-04-11 11:16 - 2013-09-03 14:54 - 00000000 ____D () C:\windows\system32\MRT
2014-04-11 11:10 - 2013-01-07 11:47 - 90655440 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-04-09 11:38 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-04-09 11:32 - 2014-04-09 11:31 - 00306264 _____ () C:\windows\Minidump\040914-58156-01.dmp
2014-04-09 11:31 - 2013-09-15 21:06 - 00000000 ____D () C:\windows\Minidump
2014-04-09 11:30 - 2013-09-15 21:06 - 893009178 _____ () C:\windows\MEMORY.DMP
2014-04-04 17:25 - 2014-04-04 17:25 - 02372543 _____ () C:\Users\user\Downloads\erziehender-sportunterricht(1)
2014-04-04 17:23 - 2014-04-04 17:23 - 02372543 _____ () C:\Users\user\Downloads\erziehender-sportunterricht
2014-04-03 11:59 - 2014-03-30 20:07 - 00000000 ____D () C:\ProgramData\simplitec
2014-04-03 11:50 - 2014-04-03 11:50 - 00000000 ____D () C:\Program Files (x86)\emagic
2014-04-03 09:39 - 2014-04-03 09:39 - 00264792 _____ () C:\windows\msxml4-KB2758694-enu.LOG
2014-04-01 09:10 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-03-31 23:18 - 2014-04-14 11:42 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-03-31 23:18 - 2014-04-14 11:42 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-30 20:20 - 2014-03-30 20:20 - 00000000 ____D () C:\Users\user\AppData\Roaming\simplitec
2014-03-30 20:20 - 2014-03-30 20:08 - 00000000 ___RD () C:\Users\user\Documents\MAGIX
2014-03-30 20:20 - 2014-03-30 20:06 - 00000000 ____D () C:\ProgramData\MAGIX
2014-03-30 20:20 - 2014-03-30 19:49 - 00000000 ____D () C:\Users\user\AppData\Roaming\MAGIX
2014-03-30 20:14 - 2014-03-26 09:08 - 00388232 _____ () C:\windows\system32\FNTCACHE.DAT
2014-03-30 20:13 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-30 20:13 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-30 20:13 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-30 20:13 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-30 20:10 - 2014-03-30 20:09 - 00000000 ____D () C:\Users\Public\Documents\MAGIX
2014-03-30 20:09 - 2014-03-30 20:09 - 00001193 _____ () C:\Users\Public\Desktop\MAGIX Music Maker 2014 Premium.lnk
2014-03-30 20:09 - 2014-03-30 20:09 - 00000000 ____D () C:\Users\user\Documents\MAGIX_MusicEditor
2014-03-30 20:08 - 2014-03-30 20:07 - 00000000 ____D () C:\Program Files (x86)\MAGIX
2014-03-30 20:07 - 2014-03-30 20:07 - 00001125 _____ () C:\Users\Public\Desktop\simplicheck.lnk
2014-03-30 20:07 - 2014-03-30 20:07 - 00000000 ____D () C:\Program Files (x86)\simplitec
2014-03-30 20:06 - 2014-03-30 20:06 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-03-30 20:06 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\Help
2014-03-30 19:48 - 2014-03-30 19:48 - 02877736 _____ (MAGIX AG) C:\Users\user\Downloads\trial_musicmaker2014premium_dlm.exe
2014-03-30 16:35 - 2014-03-30 16:35 - 00921000 _____ (Oracle Corporation) C:\Users\user\Downloads\jxpiinstall.exe
2014-03-28 12:48 - 2013-02-11 10:03 - 00000000 ____D () C:\Users\user\Documents\Ref allgemeines
2014-03-18 17:42 - 2014-03-18 17:42 - 00685456 _____ () C:\Users\user\Downloads\ZipExtractorSetup.exe

Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe


Some content of TEMP:
====================
C:\Users\Gast\AppData\Local\Temp\install_flashplayer11x32_mssd_aih.exe
C:\Users\user\AppData\Local\Temp\1366617001itinstallerp.exe
C:\Users\user\AppData\Local\Temp\1366617002itinstallerp.exe
C:\Users\user\AppData\Local\Temp\1_Offer_6.exe
C:\Users\user\AppData\Local\Temp\228965-671337-outlook-2013.exe
C:\Users\user\AppData\Local\Temp\BackupSetup.exe
C:\Users\user\AppData\Local\Temp\COMAP.EXE
C:\Users\user\AppData\Local\Temp\ForteDependencies.exe
C:\Users\user\AppData\Local\Temp\ICReinstall_ZipExtractorSetup.exe
C:\Users\user\AppData\Local\Temp\installerp.exe
C:\Users\user\AppData\Local\Temp\instloffer.exe
C:\Users\user\AppData\Local\Temp\nsk6680.exe
C:\Users\user\AppData\Local\Temp\nsnD366.exe
C:\Users\user\AppData\Local\Temp\nsqC328.exe
C:\Users\user\AppData\Local\Temp\nst7100.exe
C:\Users\user\AppData\Local\Temp\Optimizer_Pro.exe
C:\Users\user\AppData\Local\Temp\SearchProtectINT.exe
C:\Users\user\AppData\Local\Temp\SendMsg.dll
C:\Users\user\AppData\Local\Temp\setup{90B2A168-34E5-40DD-816D-50D9CB3CDAAD}.exe
C:\Users\user\AppData\Local\Temp\SmartbarExeInstaller.exe
C:\Users\user\AppData\Local\Temp\speedupmypc.exe
C:\Users\user\AppData\Local\Temp\SPSetup.exe
C:\Users\user\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\user\AppData\Local\Temp\System.Data.SQLite17313.dll
C:\Users\user\AppData\Local\Temp\System.Data.SQLite62588.dll
C:\Users\user\AppData\Local\Temp\System.Data.SQLite72594.dll
C:\Users\user\AppData\Local\Temp\System.Data.SQLite90102.dll
C:\Users\user\AppData\Local\Temp\System.Data.SQLite91302.dll
C:\Users\user\AppData\Local\Temp\vbmz10.exe
C:\Users\user\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-14 11:56

==================== End Of Log ============================
--- --- ---
Antwort

Themen zu Sart Quon8 blockiert alles\ Windows 8
blockiert, compu, computer, computern, dankbar, drucker, herunterladen, hilfe, lernen, quona 8, treiber, windows, windows 8, youtube


« VIRUS Werbung bei lila unterstrichenen Wörtern | ADWARE/Downware.H (Avira Fund) »


Ähnliche Themen: Sart Quon8 blockiert alles\ Windows 8


  1. Popup Konsolenregistrierungsprogramm verlangt Admin Rechte und blockiert alles
    Plagegeister aller Art und deren Bekämpfung - 24.11.2014 (19)
  2. Avira Update blockiert alles
    Antiviren-, Firewall- und andere Schutzprogramme - 30.08.2014 (17)
  3. Popup Konsolenregistrierungsprogramm verlangt Admin Rechte und blockiert alles
    Log-Analyse und Auswertung - 30.05.2014 (5)
  4. Alles blockiert
    Plagegeister aller Art und deren Bekämpfung - 15.05.2014 (3)
  5. Snap.do blockiert alles! Programm deinstallieren nicht möglich etc.etc.
    Plagegeister aller Art und deren Bekämpfung - 20.07.2013 (11)
  6. GVU-Trojaner blockiert alles! (unter Windows Vista)
    Plagegeister aller Art und deren Bekämpfung - 13.01.2013 (5)
  7. Viren,Trojaner,Spyware,System Progressive Protectin blockiert alles....Abzocke?
    Log-Analyse und Auswertung - 17.11.2012 (47)
  8. GVU Trojaner blockiert alles - Windows 7 64 bit
    Plagegeister aller Art und deren Bekämpfung - 05.09.2012 (9)
  9. Virus blockiert Task-Manager und alles
    Log-Analyse und Auswertung - 06.04.2012 (11)
  10. Win 7 Antivirus 2012 auf PC, fast alles blockiert, wie bekomme ich das los
    Plagegeister aller Art und deren Bekämpfung - 09.01.2012 (32)
  11. BKA Trojaner blockiert alles
    Plagegeister aller Art und deren Bekämpfung - 09.08.2011 (1)
  12. Bundestrojaner blockiert alles an meinen Rechner und verlangt 100 Euro
    Plagegeister aller Art und deren Bekämpfung - 07.08.2011 (26)
  13. Virus blockiert alles
    Log-Analyse und Auswertung - 05.12.2010 (6)
  14. Alles blockiert, Antivir, Anti-Malware, etc.
    Plagegeister aller Art und deren Bekämpfung - 26.12.2009 (1)
  15. Irgendwas blockiert fast alles ...
    Plagegeister aller Art und deren Bekämpfung - 15.12.2005 (4)
  16. W32.Tibick blockiert alles
    Plagegeister aller Art und deren Bekämpfung - 27.10.2004 (14)
  17. Help - BDS/Afcore blockiert alles
    Plagegeister aller Art und deren Bekämpfung - 29.09.2004 (16)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Sart Quon8 blockiert alles\ Windows 8 - FRST Logfile: Code: Alles auswählen Aufklappen ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-04-2014 Ran by user (administrator) on NOTEBOOK on 15-04-2014 15:45:16 Running from C:\Users\user\Downloads - Sart Quon8 blockiert alles\ Windows 8...
Archiv
Du betrachtest: Sart Quon8 blockiert alles\ Windows 8 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131