FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-04-2014 01
Ran by user (administrator) on NOTEBOOK on 14-04-2014 16:44:54
Running from C:\Users\user\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\windows\system32\WLANExt.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Just Develop It) C:\Program Files (x86)\MyPC Backup\BackupStack.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\windows\system32\dashost.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
() C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Citrix Systems, Inc) C:\Program Files\Citrix\Secure Access Client\nsverctl.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(GridinSoft LLC.) C:\Program Files\GridinSoft Trojan Killer\trojankiller.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Updater) C:\ProgramData\Updater\updater.exe
(Citrix Systems, Inc) C:\Program Files\Citrix\Secure Access Client\nsload.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(simplitec) C:\Program Files (x86)\simplitec\simplicheck\simplicheck.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Dropbox, Inc.) C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe
(MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe
(CANON INC.) C:\Program Files (x86)\Canon\My Image Garden\cnmigmain.exe
(WatchDog) C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe
(WatchDog) C:\ProgramData\RHelpers\FireFoxHelper\FireFoxHelper.exe
(WatchDog) C:\ProgramData\RHelpers\IEHelper\IeHelper.exe
(Microsoft Corporation) C:\windows\syswow64\wwahost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\swriter.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
() C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
(Smart PC Solutions) C:\Program Files (x86)\PC Speed Maximizer\SPMSmartScan.exe
() C:\Program Files (x86)\BrowseMark\updateBrowseMark.exe
() C:\Program Files (x86)\BrowseMark\BrowseMark.FirstRun.exe
() C:\Program Files (x86)\OpenIt\Open It!\openit.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11554688 2012-08-08] (Motorola Solutions, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2862448 2012-08-06] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IgfxTray] => C:\windows\system32\igfxtray.exe [170304 2012-07-27] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] => C:\windows\system32\hkcmd.exe [398656 2012-07-27] (Intel Corporation)
HKLM\...\Run: [Persistence] => C:\windows\system32\igfxpers.exe [440640 2012-07-27] (Intel Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-11] (Symantec Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-05-23] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [Updater] => C:\ProgramData\Updater\Updater.exe [486264 2013-12-19] (Updater)
HKLM-x32\...\Run: [BrowserSafeguard] => C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe [465408 2014-04-11] ()
HKLM-x32\...\Runonce: [Del17531671] - cmd.exe /Q /D /c del "C:\Users\user\AppData\Local\Temp\0.del" [X]
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-807486987-1310922522-2315296771-1002\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1106288 2013-05-23] (Samsung)
HKU\S-1-5-21-807486987-1310922522-2315296771-1002\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1561968 2013-05-23] (Samsung)
HKU\S-1-5-21-807486987-1310922522-2315296771-1002\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-807486987-1310922522-2315296771-1002\...\Run: [NextLive] => C:\windows\SysWOW64\rundll32.exe "C:\Users\user\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKU\S-1-5-21-807486987-1310922522-2315296771-1002\...\Run: [Updater] => C:\ProgramData\Updater\updater.exe [486264 2013-12-19] (Updater)
HKU\S-1-5-21-807486987-1310922522-2315296771-1002\...\Run: [PC Speed Maximizer] => C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe [134456 2013-03-09] (Smart PC Solutions)
HKU\S-1-5-21-807486987-1310922522-2315296771-1002\...\RunOnce: [Del17531671] - cmd.exe /Q /D /c del "C:\Users\user\AppData\Local\Temp\0.del"
AppInit_DLLs: C:\Program Files (x86)\SupTab\SearchProtect64.dll => C:\Program Files (x86)\SupTab\SearchProtect64.dll [102512 2014-04-02] (Skytech Co., Ltd.)
AppInit_DLLs-x32: C:\Program Files (x86)\SupTab\SearchProtect32.dll => C:\Program Files (x86)\SupTab\SearchProtect32.dll [91248 2014-04-02] (Skytech Co., Ltd.)
Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
==================== Internet (Whitelisted) ====================
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:49334;https=127.0.0.1:49334
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=86593597-40fd-43cf-89e9-f9d0452ec0bd&searchtype=ds&q={searchTerms}&installDate=10/09/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=dsites05_14_16_ff&cd=2XzuyEtN2Y1L1Qzu0CyCzzyDtDzz0D0DtCyC0CyCyBzy0EtAtN0D0Tzu0SzztAyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StD0DyD0BtCtD0CtDtGzztB0D0CtGtByE0FtBtGzztByE0CtGyE0Czy0E0F0AyEyD0F0C0ByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByCyByCtAyC0EyEtGyE0FzytBtGzzzyyD0DtGzz0F0D0DtGtAyBtD0AtB0Azy0BtDyEtD0E2Q&cr=2072263815&ir=
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.qone8.com/?type=hp&ts=1397462469&from=adks&uid=ST500LM012XHN-M500MBB_S2RSJ9CC870096
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=86593597-40fd-43cf-89e9-f9d0452ec0bd&searchtype=ds&q={searchTerms}&installDate=10/09/2013
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.qone8.com/web/?type=ds&ts=1397462469&from=adks&uid=ST500LM012XHN-M500MBB_S2RSJ9CC870096&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.qone8.com/?type=hp&ts=1397462469&from=adks&uid=ST500LM012XHN-M500MBB_S2RSJ9CC870096
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=dsites05_14_16_ff&cd=2XzuyEtN2Y1L1Qzu0CyCzzyDtDzz0D0DtCyC0CyCyBzy0EtAtN0D0Tzu0SzztAyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StD0DyD0BtCtD0CtDtGzztB0D0CtGtByE0FtBtGzztByE0CtGyE0Czy0E0F0AyEyD0F0C0ByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByCyByCtAyC0EyEtGyE0FzytBtGzzzyyD0DtGzz0F0D0DtGtAyBtD0AtB0Azy0BtDyEtD0E2Q&cr=2072263815&ir=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.qone8.com/web/?type=ds&ts=1397462469&from=adks&uid=ST500LM012XHN-M500MBB_S2RSJ9CC870096&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.qone8.com/web/?type=ds&ts=1397462469&from=adks&uid=ST500LM012XHN-M500MBB_S2RSJ9CC870096&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.qone8.com/?type=hp&ts=1397462469&from=adks&uid=ST500LM012XHN-M500MBB_S2RSJ9CC870096
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=dsites05_14_16_ff&cd=2XzuyEtN2Y1L1Qzu0CyCzzyDtDzz0D0DtCyC0CyCyBzy0EtAtN0D0Tzu0SzztAyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StD0DyD0BtCtD0CtDtGzztB0D0CtGtByE0FtBtGzztByE0CtGyE0Czy0E0F0AyEyD0F0C0ByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByCyByCtAyC0EyEtGyE0FzytBtGzzzyyD0DtGzz0F0D0DtGtAyBtD0AtB0Azy0BtDyEtD0E2Q&cr=2072263815&ir=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.qone8.com/web/?type=ds&ts=1397462469&from=adks&uid=ST500LM012XHN-M500MBB_S2RSJ9CC870096&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://start.qone8.com/?type=sc&ts=1397462469&from=adks&uid=ST500LM012XHN-M500MBB_S2RSJ9CC870096
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites05_14_16_ff&cd=2XzuyEtN2Y1L1Qzu0CyCzzyDtDzz0D0DtCyC0CyCyBzy0EtAtN0D0Tzu0SzztAyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StD0DyD0BtCtD0CtDtGzztB0D0CtGtByE0FtBtGzztByE0CtGyE0Czy0E0F0AyEyD0F0C0ByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByCyByCtAyC0EyEtGyE0FzytBtGzzzyyD0DtGzz0F0D0DtGtAyBtD0AtB0Azy0BtDyEtD0E2Q&cr=2072263815&ir=
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites05_14_16_ff&cd=2XzuyEtN2Y1L1Qzu0CyCzzyDtDzz0D0DtCyC0CyCyBzy0EtAtN0D0Tzu0SzztAyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StD0DyD0BtCtD0CtDtGzztB0D0CtGtByE0FtBtGzztByE0CtGyE0Czy0E0F0AyEyD0F0C0ByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByCyByCtAyC0EyEtGyE0FzytBtGzzzyyD0DtGzz0F0D0DtGtAyBtD0AtB0Azy0BtDyEtD0E2Q&cr=2072263815&ir=
SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://www.qone8.com/web/?type=ds&ts=1397462469&from=adks&uid=ST500LM012XHN-M500MBB_S2RSJ9CC870096&q={searchTerms}
SearchScopes: HKLM - {7ABB8B5C-935A-4B30-84E2-9C5BBA49D5F0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1397462469&from=adks&uid=ST500LM012XHN-M500MBB_S2RSJ9CC870096&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1397462469&from=adks&uid=ST500LM012XHN-M500MBB_S2RSJ9CC870096&q={searchTerms}
SearchScopes: HKLM-x32 - {7ABB8B5C-935A-4B30-84E2-9C5BBA49D5F0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites05_14_16_ff&cd=2XzuyEtN2Y1L1Qzu0CyCzzyDtDzz0D0DtCyC0CyCyBzy0EtAtN0D0Tzu0SzztAyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StD0DyD0BtCtD0CtDtGzztB0D0CtGtByE0FtBtGzztByE0CtGyE0Czy0E0F0AyEyD0F0C0ByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByCyByCtAyC0EyEtGyE0FzytBtGzzzyyD0DtGzz0F0D0DtGtAyBtD0AtB0Azy0BtDyEtD0E2Q&cr=2072263815&ir=
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=86593597-40fd-43cf-89e9-f9d0452ec0bd&searchtype=ds&q={searchTerms}&installDate=10/09/2013
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3314932&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP5CA0DD16-BACC-4936-83FE-FCD1E018130C&q={searchTerms}&SSPV=
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites05_14_16_ff&cd=2XzuyEtN2Y1L1Qzu0CyCzzyDtDzz0D0DtCyC0CyCyBzy0EtAtN0D0Tzu0SzztAyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StD0DyD0BtCtD0CtDtGzztB0D0CtGtByE0FtBtGzztByE0CtGyE0Czy0E0F0AyEyD0F0C0ByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByCyByCtAyC0EyEtGyE0FzytBtGzzzyyD0DtGzz0F0D0DtGtAyBtD0AtB0Azy0BtDyEtD0E2Q&cr=2072263815&ir=
SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://www.qone8.com/web/?type=ds&ts=1397462469&from=adks&uid=ST500LM012XHN-M500MBB_S2RSJ9CC870096&q={searchTerms}
SearchScopes: HKCU - {84C9C423-40AA-4F27-9F91-907798BCF822} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=MGX&o=15359&src=kw&q={searchTerms}&locale=&apn_ptnrs=^JQ&apn_dtid=^YYYYYY^YY^DE&apn_uid=9AB39053-BA6C-400C-BFC2-6FFA8C7C67C8&apn_sauid=AE5D254E-0A69-49A8-ADBC-44B5975CA8DF
BHO: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: HQvidPv1.1 - {11111111-1111-1111-1111-110511301198} - C:\Program Files (x86)\HQvidPv1.1\HQvidPv1.1-bho.dll (HQvidPv1.1)
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Websteroids - {44ed99e2-16a6-4b89-80d6-5b21cf42e78b} - C:\ProgramData\Websteroids\IE\common.dll (Creative Island Media, LLC)
BHO-x32: IEiRobinHoodAddon Class - {54E67346-EE5A-45B6-82AA-4F0BB28C79C2} - C:\Program Files (x86)\iRobinHood\iRobinHood Addon\iRobinHood.dll (iRobinHood)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: BrowseMark - {aeac172e-2e4b-4b92-9af6-b0cdb1acecdb} - C:\Program Files (x86)\BrowseMark\BrowseMarkbho.dll (BrowseMark)
BHO-x32: Softonic Helper Object - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files (x86)\Softonic\Softonic\1.8.21.14\bh\Softonic.dll (Softonic.com)
BHO-x32: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: mysearchdial Helper Object - {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - C:\Program Files (x86)\Mysearchdial\1.8.29.0\bh\mysearchdial.dll (MySearchDial)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files (x86)\Softonic\Softonic\1.8.21.14\SoftonicTlbr.dll (Softonic.com)
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialTlbr.dll (MySearchDial)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\zgn0cf4s.default-1397463064757
FF user.js: detected! => C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\zgn0cf4s.default-1397463064757\user.js
FF DefaultSearchEngine: qone8
FF SelectedSearchEngine: Mysearchdial
FF Homepage: hxxp://start.qone8.com/?type=hppp&ts=1397486012&from=adks&uid=ST500LM012XHN-M500MBB_S2RSJ9CC870096
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @Citrix.com/npagee64,version=10.1.119.7 - C:\Program Files\Citrix\Secure Access Client\npagee64.dll (Citrix Systems, Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @Citrix.com/npagee,version=10.1.119.7 - C:\Program Files\Citrix\Secure Access Client\npagee.dll (Citrix Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\user\AppData\Roaming\mozilla\plugins\npagee.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\user\AppData\Roaming\mozilla\plugins\npagee64.dll (Citrix Systems, Inc.)
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\zgn0cf4s.default-1397463064757\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\qone8.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: mysearchdial.com - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\zgn0cf4s.default-1397463064757\Extensions\ffxtlbr@mysearchdial.com [2014-04-14]
FF Extension: Yahoo! Toolbar - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\zgn0cf4s.default-1397463064757\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2014-04-14]
FF Extension: MySearchDial NewTab - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\zgn0cf4s.default-1397463064757\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8} [2014-04-14]
FF Extension: BrowseMark - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\zgn0cf4s.default-1397463064757\Extensions\{b99c8534-7800-48fa-bd71-519a46cdc7e1}.xpi [2014-04-12]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFF [2013-10-12]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\4qrsudvd.default-1359299008498\extensions\quick_start@gmail.com
FF HKCU\...\Firefox\Extensions: [autolyrics@man-soft.net] - C:\Program Files (x86)\AutoLyrics\FF\
FF Extension: Auto Lyrics - C:\Program Files (x86)\AutoLyrics\FF\ []
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://start.qone8.com/?type=sc&ts=1397462469&from=adks&uid=ST500LM012XHN-M500MBB_S2RSJ9CC870096
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (Softonic Chrome Toolbar) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf [2013-11-26]
CHR HKLM-x32\...\Chrome\Extension: [elchiiiejkobdbblfejjkbphbddgmljf] - C:\Program Files (x86)\Softonic\Softonic\1.8.21.14\Softonic.crx [2013-06-11]
CHR HKLM-x32\...\Chrome\Extension: [iidmoehhpbghchkaogkhmcckhlhebekn] - C:\Program Files (x86)\iRobinHood\iRobinHood Addon\iRobinHoodPartnersVExtension1_42.crx [2013-08-02]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\Exts\Chrome.crx [2014-04-09]
CHR HKLM-x32\...\Chrome\Extension: [pkcdkfohdadbjmlfejhncigcbfkiaamf] - C:\Program Files (x86)\AutoLyrics\Chrome.crx [2013-04-23]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36392 2014-03-14] (Just Develop It)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593976 2012-08-26] (Samsung Electronics CO., LTD.)
R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [102224 2012-08-17] (Condusiv Technologies)
R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [705136 2014-04-11] (Cherished Technololgy LIMITED)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 irstrtsv; C:\windows\SysWOW64\irstrtsv.exe [193576 2012-07-19] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-11] (Symantec Corporation)
R2 nsverctl; C:\Program Files\Citrix\Secure Access Client\nsverctl.exe [157744 2013-07-29] (Citrix Systems, Inc)
R2 Update BrowseMark; C:\Program Files (x86)\BrowseMark\updateBrowseMark.exe [350496 2014-04-12] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [566272 2014-04-14] (Cherished Technololgy LIMITED)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
R3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20140319.001\BHDrvx64.sys [1525976 2014-03-19] (Symantec Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R2 cag; C:\Program Files\Common Files\Deterministic Networks\Common Files\cag.sys [102160 2013-04-01] (Citrix Systems, Inc.)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00B\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 ctxva51; C:\Windows\system32\DRIVERS\ctxva51.sys [46640 2013-07-29] (Citrix Systems, Inc.)
R1 DNE; C:\Windows\system32\DRIVERS\dnelwf64.sys [119120 2013-02-20] (Citrix Systems, Inc.)
R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-21] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-21] (Symantec Corporation)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23376 2012-08-17] (Condusiv Technologies)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [103248 2012-08-17] (Condusiv Technologies)
R3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20140411.001\IDSvia64.sys [525016 2014-03-26] (Symantec Corporation)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-20] (Intel Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20140413.021\ENG64.SYS [126040 2013-09-27] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20140413.021\EX64.SYS [2099288 2013-09-27] (Symantec Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-10-08] (Intel Corporation)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-10-10] (Windows (R) 2003 DDK 3790 provider)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
R3 SymDS; C:\Windows\system32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R3 SymEFA; C:\Windows\system32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1404000.028\SymELAM.sys [23448 2012-06-20] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-19] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R3 SymNetS; C:\Windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
R3 TrojanKillerDriver; C:\Windows\System32\DRIVERS\gtkdrv.sys [16640 2014-02-11] (Windows (R) Win 7 DDK provider)
S3 SBIOSIO; \??\C:\windiag\SBIOSIO64.SYS [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-14 16:44 - 2014-04-14 16:45 - 00033351 _____ () C:\Users\user\Downloads\FRST.txt
2014-04-14 16:44 - 2014-04-14 16:44 - 00000000 ____D () C:\FRST
2014-04-14 16:43 - 2014-04-14 16:43 - 02157568 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe
2014-04-14 16:41 - 2014-04-14 16:41 - 01146368 _____ (Farbar) C:\Users\user\Downloads\FRST.exe
2014-04-14 16:38 - 2014-04-14 16:38 - 00000000 ____D () C:\Users\user\Documents\PC Speed Maximizer
2014-04-14 16:38 - 2014-04-14 16:38 - 00000000 ____D () C:\Users\user\AppData\Roaming\PC Speed Maximizer
2014-04-14 16:35 - 2014-04-14 16:35 - 00000000 ____D () C:\Users\user\AppData\Roaming\0D0S1L2Z1P1B
2014-04-14 16:34 - 2014-04-14 16:35 - 00000000 ____D () C:\Program Files (x86)\BrowseMark
2014-04-14 16:33 - 2014-04-14 16:33 - 00002660 _____ () C:\windows\System32\Tasks\Digital Sites
2014-04-14 16:33 - 2014-04-14 16:33 - 00001145 _____ () C:\Users\user\Desktop\PC Speed Maximizer.lnk
2014-04-14 16:33 - 2014-04-14 16:33 - 00001120 _____ () C:\Users\Public\Desktop\Open It!.lnk
2014-04-14 16:33 - 2014-04-14 16:33 - 00000322 _____ () C:\windows\Tasks\Digital Sites.job
2014-04-14 16:33 - 2014-04-14 16:33 - 00000000 ____D () C:\Users\user\AppData\Roaming\mysearchdial
2014-04-14 16:33 - 2014-04-14 16:33 - 00000000 ____D () C:\Users\user\AppData\Roaming\DigitalSites
2014-04-14 16:33 - 2014-04-14 16:33 - 00000000 ____D () C:\Program Files (x86)\PC Speed Maximizer
2014-04-14 16:33 - 2014-04-14 16:33 - 00000000 ____D () C:\Program Files (x86)\OpenIt
2014-04-14 16:33 - 2014-04-14 16:33 - 00000000 ____D () C:\Program Files (x86)\Mysearchdial
2014-04-14 16:32 - 2014-04-14 16:32 - 00675608 _____ ( ) C:\Users\user\Downloads\ZipExtractorSetup(1).exe
2014-04-14 12:13 - 2014-04-14 12:13 - 00000000 ___SH () C:\DkHyperbootSync
2014-04-14 11:42 - 2014-03-31 23:18 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-04-14 11:42 - 2014-03-31 23:18 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-14 11:04 - 2014-04-14 11:04 - 00000968 _____ () C:\Users\Public\Desktop\Trojan Killer.lnk
2014-04-14 11:04 - 2014-04-14 11:04 - 00000000 ____D () C:\ProgramData\GridinSoft
2014-04-14 11:04 - 2014-04-14 11:04 - 00000000 ____D () C:\Program Files\GridinSoft Trojan Killer
2014-04-14 11:01 - 2014-04-14 11:02 - 47141056 _____ (GridinSoft LLC) C:\Users\user\Downloads\gtk-2.2.2.5-setup.exe
2014-04-14 10:20 - 2013-12-27 18:10 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\windows\system32\roboot64.exe
2014-04-14 10:19 - 2014-04-14 11:30 - 00000000 ____D () C:\Users\user\AppData\Roaming\systweak
2014-04-14 10:18 - 2014-04-14 10:18 - 00001983 _____ () C:\Users\user\Desktop\Sync Folder.lnk
2014-04-14 10:16 - 2014-04-14 10:21 - 00001101 _____ () C:\Users\user\Desktop\MyPC Backup.lnk
2014-04-14 10:16 - 2014-04-14 10:16 - 00000000 ____D () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-04-14 10:16 - 2014-04-14 10:16 - 00000000 ____D () C:\Program Files (x86)\PriceGong
2014-04-14 10:11 - 2014-04-14 10:11 - 00000000 ____D () C:\Users\user\Desktop\Alte Firefox-Daten-1
2014-04-14 10:09 - 2014-04-14 16:09 - 00002788 _____ () C:\windows\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-3.job
2014-04-14 10:09 - 2014-04-14 16:09 - 00002166 _____ () C:\windows\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-4.job
2014-04-14 10:09 - 2014-04-14 16:09 - 00001388 _____ () C:\windows\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-1.job
2014-04-14 10:09 - 2014-04-14 10:09 - 00005792 _____ () C:\windows\System32\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-3
2014-04-14 10:09 - 2014-04-14 10:09 - 00005170 _____ () C:\windows\System32\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-4
2014-04-14 10:09 - 2014-04-14 10:09 - 00004392 _____ () C:\windows\System32\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-1
2014-04-14 10:08 - 2014-04-14 10:09 - 00000000 ____D () C:\Program Files (x86)\HQvidPv1.1
2014-04-14 10:07 - 2014-04-14 10:07 - 00000000 ____D () C:\Users\user\AppData\Local\VisualBeeClient
2014-04-14 10:06 - 2014-04-14 10:07 - 00000000 ____D () C:\Users\user\AppData\Local\VisualBeeExe
2014-04-14 10:06 - 2014-04-14 10:06 - 00001240 _____ () C:\Users\user\Desktop\Create Amazing Presentations.lnk
2014-04-14 10:06 - 2014-04-14 10:06 - 00001240 _____ () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Create Amazing Presentations.lnk
2014-04-14 10:06 - 2014-04-14 10:06 - 00000000 ____D () C:\Users\user\AppData\Local\emaze
2014-04-14 10:06 - 2014-04-14 10:06 - 00000000 ____D () C:\ProgramData\VisualBee
2014-04-14 10:05 - 2014-04-14 10:08 - 00000000 ____D () C:\ProgramData\IePluginService
2014-04-14 10:05 - 2014-04-14 10:05 - 00004384 _____ () C:\windows\System32\Tasks\BrowserSafeguard Update Task
2014-04-14 10:05 - 2014-04-14 10:05 - 00000000 ____D () C:\Users\user\AppData\Roaming\SupTab
2014-04-14 10:05 - 2014-04-14 10:05 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-04-14 10:05 - 2014-04-14 10:05 - 00000000 ____D () C:\Program Files (x86)\Browsersafeguard
2014-04-14 10:04 - 2014-04-14 10:04 - 00000000 ____D () C:\ProgramData\WPM
2014-04-14 10:03 - 2014-04-14 10:03 - 00000000 ____D () C:\Users\user\AppData\Roaming\qone8
2014-04-14 09:57 - 2014-04-14 09:57 - 00240416 _____ (Fusion Install ) C:\Users\user\Downloads\Groovestream.exe
2014-04-13 11:39 - 2014-01-27 05:42 - 02232664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-04-13 11:39 - 2014-01-27 05:39 - 01939288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2014-04-13 11:39 - 2014-01-27 02:52 - 17561088 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-04-13 11:39 - 2014-01-27 02:31 - 19752448 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-04-13 11:39 - 2014-01-11 08:48 - 05979648 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-04-13 11:38 - 2014-03-07 02:08 - 19273216 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-04-13 11:38 - 2014-02-04 01:56 - 00332632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2014-04-13 11:38 - 2014-02-04 01:56 - 00278872 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2014-04-13 11:38 - 2014-01-31 05:55 - 00209712 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2014-04-13 11:38 - 2014-01-31 02:48 - 00564736 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-04-13 11:38 - 2014-01-31 02:48 - 00485888 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSDApi.dll
2014-04-13 11:38 - 2014-01-31 02:48 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-04-13 11:38 - 2014-01-31 02:48 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-13 11:38 - 2014-01-31 02:06 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-04-13 11:38 - 2014-01-31 02:06 - 00599040 _____ (Microsoft Corporation) C:\windows\system32\WSDApi.dll
2014-04-13 11:38 - 2014-01-31 02:06 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-13 11:38 - 2014-01-27 01:17 - 00386722 _____ () C:\windows\system32\ApnDatabase.xml
2014-04-13 11:38 - 2014-01-16 01:42 - 00118784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dfsc.sys
2014-04-13 11:38 - 2014-01-11 07:06 - 05092352 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-04-13 11:38 - 2014-01-03 01:35 - 00365568 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsGdiConverter.dll
2014-04-13 11:38 - 2014-01-03 01:32 - 00523264 _____ (Microsoft Corporation) C:\windows\system32\XpsGdiConverter.dll
2014-04-13 11:38 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-04-13 11:36 - 2014-03-07 02:47 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-04-13 11:36 - 2014-03-07 02:08 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-04-13 11:36 - 2014-03-07 02:08 - 03959808 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-04-13 11:36 - 2014-03-07 02:08 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-04-13 11:35 - 2014-03-07 02:47 - 14357504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-04-13 11:35 - 2014-03-07 02:08 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-04-13 11:35 - 2014-03-07 02:08 - 02240000 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-04-13 11:35 - 2014-03-07 02:08 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-04-13 11:34 - 2014-03-07 02:48 - 01766400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-04-13 11:34 - 2014-03-07 02:48 - 01140736 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-04-13 11:34 - 2014-03-07 02:47 - 13760512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-04-13 11:34 - 2014-03-07 02:47 - 02877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-04-13 11:34 - 2014-03-07 02:47 - 02049536 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-04-13 11:34 - 2014-03-07 02:47 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-04-13 11:34 - 2014-03-07 02:47 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-04-13 11:34 - 2014-03-07 02:08 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-04-13 11:34 - 2014-03-07 02:08 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-04-13 11:34 - 2014-03-07 02:08 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-04-13 11:34 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-04-13 11:34 - 2013-05-14 15:14 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-04-13 11:34 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-04-13 11:34 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-04-13 11:34 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-04-13 11:34 - 2012-07-26 05:06 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-04-09 11:31 - 2014-04-09 11:32 - 00306264 _____ () C:\windows\Minidump\040914-58156-01.dmp
2014-04-09 08:47 - 2014-02-06 01:41 - 01257984 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-04-09 08:47 - 2014-02-06 01:41 - 00978432 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-04-09 08:47 - 2014-02-06 01:26 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2014-04-09 08:47 - 2014-02-06 01:19 - 00974848 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2014-04-04 17:25 - 2014-04-04 17:25 - 02372543 _____ () C:\Users\user\Downloads\erziehender-sportunterricht(1)
2014-04-04 17:23 - 2014-04-04 17:23 - 02372543 _____ () C:\Users\user\Downloads\erziehender-sportunterricht
2014-04-03 11:50 - 2014-04-03 11:50 - 00000000 ____D () C:\Program Files (x86)\emagic
2014-04-03 11:50 - 1999-12-17 10:13 - 00086016 _____ (MindVision Software) C:\windows\unvise32.exe
2014-04-03 09:39 - 2014-04-03 09:39 - 00264792 _____ () C:\windows\msxml4-KB2758694-enu.LOG
2014-03-30 20:20 - 2014-03-30 20:20 - 00000000 ____D () C:\Users\user\AppData\Roaming\simplitec
2014-03-30 20:09 - 2014-03-30 20:10 - 00000000 ____D () C:\Users\Public\Documents\MAGIX
2014-03-30 20:09 - 2014-03-30 20:09 - 00001193 _____ () C:\Users\Public\Desktop\MAGIX Music Maker 2014 Premium.lnk
2014-03-30 20:09 - 2014-03-30 20:09 - 00000000 ____D () C:\Users\user\Documents\MAGIX_MusicEditor
2014-03-30 20:08 - 2014-03-30 20:20 - 00000000 ___RD () C:\Users\user\Documents\MAGIX
2014-03-30 20:07 - 2014-04-03 11:59 - 00000000 ____D () C:\ProgramData\simplitec
2014-03-30 20:07 - 2014-03-30 20:08 - 00000000 ____D () C:\Program Files (x86)\MAGIX
2014-03-30 20:07 - 2014-03-30 20:07 - 00001125 _____ () C:\Users\Public\Desktop\simplicheck.lnk
2014-03-30 20:07 - 2014-03-30 20:07 - 00000000 ____D () C:\Program Files (x86)\simplitec
2014-03-30 20:06 - 2014-03-30 20:20 - 00000000 ____D () C:\ProgramData\MAGIX
2014-03-30 20:06 - 2014-03-30 20:06 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-03-30 19:49 - 2014-03-30 20:20 - 00000000 ____D () C:\Users\user\AppData\Roaming\MAGIX
2014-03-30 19:48 - 2014-03-30 19:48 - 02877736 _____ (MAGIX AG) C:\Users\user\Downloads\trial_musicmaker2014premium_dlm.exe
2014-03-30 16:35 - 2014-03-30 16:35 - 00921000 _____ (Oracle Corporation) C:\Users\user\Downloads\jxpiinstall.exe
2014-03-26 09:08 - 2014-03-30 20:14 - 00388232 _____ () C:\windows\system32\FNTCACHE.DAT
2014-03-18 17:42 - 2014-03-18 17:42 - 00685456 _____ () C:\Users\user\Downloads\ZipExtractorSetup.exe
2014-03-16 14:41 - 2013-10-25 09:34 - 00035856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdBoot.sys
2014-03-16 14:41 - 2013-10-25 00:34 - 00248240 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdFilter.sys
2014-03-16 14:40 - 2014-01-31 02:48 - 01339392 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2014-03-16 14:40 - 2014-01-31 02:06 - 01628160 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
==================== One Month Modified Files and Folders =======
2014-04-14 16:45 - 2014-04-14 16:44 - 00033351 _____ () C:\Users\user\Downloads\FRST.txt
2014-04-14 16:44 - 2014-04-14 16:44 - 00000000 ____D () C:\FRST
2014-04-14 16:43 - 2014-04-14 16:43 - 02157568 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe
2014-04-14 16:41 - 2014-04-14 16:41 - 01146368 _____ (Farbar) C:\Users\user\Downloads\FRST.exe
2014-04-14 16:38 - 2014-04-14 16:38 - 00000000 ____D () C:\Users\user\Documents\PC Speed Maximizer
2014-04-14 16:38 - 2014-04-14 16:38 - 00000000 ____D () C:\Users\user\AppData\Roaming\PC Speed Maximizer
2014-04-14 16:35 - 2014-04-14 16:35 - 00000000 ____D () C:\Users\user\AppData\Roaming\0D0S1L2Z1P1B
2014-04-14 16:35 - 2014-04-14 16:34 - 00000000 ____D () C:\Program Files (x86)\BrowseMark
2014-04-14 16:33 - 2014-04-14 16:33 - 00002660 _____ () C:\windows\System32\Tasks\Digital Sites
2014-04-14 16:33 - 2014-04-14 16:33 - 00001145 _____ () C:\Users\user\Desktop\PC Speed Maximizer.lnk
2014-04-14 16:33 - 2014-04-14 16:33 - 00001120 _____ () C:\Users\Public\Desktop\Open It!.lnk
2014-04-14 16:33 - 2014-04-14 16:33 - 00000322 _____ () C:\windows\Tasks\Digital Sites.job
2014-04-14 16:33 - 2014-04-14 16:33 - 00000000 ____D () C:\Users\user\AppData\Roaming\mysearchdial
2014-04-14 16:33 - 2014-04-14 16:33 - 00000000 ____D () C:\Users\user\AppData\Roaming\DigitalSites
2014-04-14 16:33 - 2014-04-14 16:33 - 00000000 ____D () C:\Program Files (x86)\PC Speed Maximizer
2014-04-14 16:33 - 2014-04-14 16:33 - 00000000 ____D () C:\Program Files (x86)\OpenIt
2014-04-14 16:33 - 2014-04-14 16:33 - 00000000 ____D () C:\Program Files (x86)\Mysearchdial
2014-04-14 16:32 - 2014-04-14 16:32 - 00675608 _____ ( ) C:\Users\user\Downloads\ZipExtractorSetup(1).exe
2014-04-14 16:09 - 2014-04-14 10:09 - 00002788 _____ () C:\windows\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-3.job
2014-04-14 16:09 - 2014-04-14 10:09 - 00002166 _____ () C:\windows\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-4.job
2014-04-14 16:09 - 2014-04-14 10:09 - 00001388 _____ () C:\windows\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-1.job
2014-04-14 16:02 - 2012-08-22 11:34 - 00000360 _____ () C:\windows\Tasks\Xerox PhotoCafe Communicator.job
2014-04-14 16:00 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\sru
2014-04-14 15:55 - 2013-01-31 22:25 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-04-14 15:51 - 2012-08-22 10:34 - 02010424 _____ () C:\windows\WindowsUpdate.log
2014-04-14 12:13 - 2014-04-14 12:13 - 00000000 ___SH () C:\DkHyperbootSync
2014-04-14 12:11 - 2012-08-22 11:23 - 00000000 ____D () C:\ProgramData\WinClon
2014-04-14 12:04 - 2013-08-31 11:26 - 00000000 ___RD () C:\Users\user\Dropbox
2014-04-14 12:04 - 2013-08-21 10:44 - 00000000 ____D () C:\Users\user\AppData\Roaming\Dropbox
2014-04-14 12:03 - 2014-01-10 23:34 - 00000000 ____D () C:\Users\user\AppData\Roaming\newnext.me
2014-04-14 12:03 - 2012-10-24 17:35 - 00000000 ___RD () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-14 12:03 - 2012-10-24 17:35 - 00000000 ___RD () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-14 11:42 - 2013-09-10 21:54 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-04-14 11:41 - 2012-08-05 23:07 - 00045788 _____ () C:\windows\PFRO.log
2014-04-14 11:41 - 2012-07-26 09:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-04-14 11:40 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-04-14 11:37 - 2012-07-26 10:12 - 00000000 ___RD () C:\windows\ToastData
2014-04-14 11:37 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\WinStore
2014-04-14 11:30 - 2014-04-14 10:19 - 00000000 ____D () C:\Users\user\AppData\Roaming\systweak
2014-04-14 11:22 - 2013-02-04 10:52 - 00000000 ____D () C:\Users\user\Documents\Sport
2014-04-14 11:04 - 2014-04-14 11:04 - 00000968 _____ () C:\Users\Public\Desktop\Trojan Killer.lnk
2014-04-14 11:04 - 2014-04-14 11:04 - 00000000 ____D () C:\ProgramData\GridinSoft
2014-04-14 11:04 - 2014-04-14 11:04 - 00000000 ____D () C:\Program Files\GridinSoft Trojan Killer
2014-04-14 11:02 - 2014-04-14 11:01 - 47141056 _____ (GridinSoft LLC) C:\Users\user\Downloads\gtk-2.2.2.5-setup.exe
2014-04-14 10:36 - 2014-01-12 22:35 - 00000000 ____D () C:\Users\user\AppData\Roaming\Audacity
2014-04-14 10:21 - 2014-04-14 10:16 - 00001101 _____ () C:\Users\user\Desktop\MyPC Backup.lnk
2014-04-14 10:18 - 2014-04-14 10:18 - 00001983 _____ () C:\Users\user\Desktop\Sync Folder.lnk
2014-04-14 10:16 - 2014-04-14 10:16 - 00000000 ____D () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-04-14 10:16 - 2014-04-14 10:16 - 00000000 ____D () C:\Program Files (x86)\PriceGong
2014-04-14 10:11 - 2014-04-14 10:11 - 00000000 ____D () C:\Users\user\Desktop\Alte Firefox-Daten-1
2014-04-14 10:10 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-04-14 10:09 - 2014-04-14 10:09 - 00005792 _____ () C:\windows\System32\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-3
2014-04-14 10:09 - 2014-04-14 10:09 - 00005170 _____ () C:\windows\System32\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-4
2014-04-14 10:09 - 2014-04-14 10:09 - 00004392 _____ () C:\windows\System32\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-1
2014-04-14 10:09 - 2014-04-14 10:08 - 00000000 ____D () C:\Program Files (x86)\HQvidPv1.1
2014-04-14 10:08 - 2014-04-14 10:05 - 00000000 ____D () C:\ProgramData\IePluginService
2014-04-14 10:07 - 2014-04-14 10:07 - 00000000 ____D () C:\Users\user\AppData\Local\VisualBeeClient
2014-04-14 10:07 - 2014-04-14 10:06 - 00000000 ____D () C:\Users\user\AppData\Local\VisualBeeExe
2014-04-14 10:06 - 2014-04-14 10:06 - 00001240 _____ () C:\Users\user\Desktop\Create Amazing Presentations.lnk
2014-04-14 10:06 - 2014-04-14 10:06 - 00001240 _____ () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Create Amazing Presentations.lnk
2014-04-14 10:06 - 2014-04-14 10:06 - 00000000 ____D () C:\Users\user\AppData\Local\emaze
2014-04-14 10:06 - 2014-04-14 10:06 - 00000000 ____D () C:\ProgramData\VisualBee
2014-04-14 10:05 - 2014-04-14 10:05 - 00004384 _____ () C:\windows\System32\Tasks\BrowserSafeguard Update Task
2014-04-14 10:05 - 2014-04-14 10:05 - 00000000 ____D () C:\Users\user\AppData\Roaming\SupTab
2014-04-14 10:05 - 2014-04-14 10:05 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-04-14 10:05 - 2014-04-14 10:05 - 00000000 ____D () C:\Program Files (x86)\Browsersafeguard
2014-04-14 10:04 - 2014-04-14 10:04 - 00000000 ____D () C:\ProgramData\WPM
2014-04-14 10:04 - 2012-08-23 02:48 - 00753134 _____ () C:\windows\system32\perfh007.dat
2014-04-14 10:04 - 2012-08-23 02:48 - 00155826 _____ () C:\windows\system32\perfc007.dat
2014-04-14 10:04 - 2012-07-26 09:28 - 01745416 _____ () C:\windows\system32\PerfStringBackup.INI
2014-04-14 10:03 - 2014-04-14 10:03 - 00000000 ____D () C:\Users\user\AppData\Roaming\qone8
2014-04-14 10:02 - 2013-01-17 16:16 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-04-14 10:02 - 2012-10-24 17:34 - 00001656 _____ () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-14 09:57 - 2014-04-14 09:57 - 00240416 _____ (Fusion Install ) C:\Users\user\Downloads\Groovestream.exe
2014-04-13 17:18 - 2014-01-12 22:34 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-04-11 11:16 - 2013-09-03 14:54 - 00000000 ____D () C:\windows\system32\MRT
2014-04-11 11:10 - 2013-01-07 11:47 - 90655440 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-04-09 11:38 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-04-09 11:32 - 2014-04-09 11:31 - 00306264 _____ () C:\windows\Minidump\040914-58156-01.dmp
2014-04-09 11:31 - 2013-09-15 21:06 - 00000000 ____D () C:\windows\Minidump
2014-04-09 11:30 - 2013-09-15 21:06 - 893009178 _____ () C:\windows\MEMORY.DMP
2014-04-04 17:25 - 2014-04-04 17:25 - 02372543 _____ () C:\Users\user\Downloads\erziehender-sportunterricht(1)
2014-04-04 17:23 - 2014-04-04 17:23 - 02372543 _____ () C:\Users\user\Downloads\erziehender-sportunterricht
2014-04-03 11:59 - 2014-03-30 20:07 - 00000000 ____D () C:\ProgramData\simplitec
2014-04-03 11:50 - 2014-04-03 11:50 - 00000000 ____D () C:\Program Files (x86)\emagic
2014-04-03 09:39 - 2014-04-03 09:39 - 00264792 _____ () C:\windows\msxml4-KB2758694-enu.LOG
2014-04-01 09:10 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-03-31 23:18 - 2014-04-14 11:42 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-03-31 23:18 - 2014-04-14 11:42 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-30 20:20 - 2014-03-30 20:20 - 00000000 ____D () C:\Users\user\AppData\Roaming\simplitec
2014-03-30 20:20 - 2014-03-30 20:08 - 00000000 ___RD () C:\Users\user\Documents\MAGIX
2014-03-30 20:20 - 2014-03-30 20:06 - 00000000 ____D () C:\ProgramData\MAGIX
2014-03-30 20:20 - 2014-03-30 19:49 - 00000000 ____D () C:\Users\user\AppData\Roaming\MAGIX
2014-03-30 20:14 - 2014-03-26 09:08 - 00388232 _____ () C:\windows\system32\FNTCACHE.DAT
2014-03-30 20:13 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-30 20:13 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-30 20:13 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-30 20:13 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-30 20:10 - 2014-03-30 20:09 - 00000000 ____D () C:\Users\Public\Documents\MAGIX
2014-03-30 20:09 - 2014-03-30 20:09 - 00001193 _____ () C:\Users\Public\Desktop\MAGIX Music Maker 2014 Premium.lnk
2014-03-30 20:09 - 2014-03-30 20:09 - 00000000 ____D () C:\Users\user\Documents\MAGIX_MusicEditor
2014-03-30 20:08 - 2014-03-30 20:07 - 00000000 ____D () C:\Program Files (x86)\MAGIX
2014-03-30 20:07 - 2014-03-30 20:07 - 00001125 _____ () C:\Users\Public\Desktop\simplicheck.lnk
2014-03-30 20:07 - 2014-03-30 20:07 - 00000000 ____D () C:\Program Files (x86)\simplitec
2014-03-30 20:06 - 2014-03-30 20:06 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-03-30 20:06 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\Help
2014-03-30 19:48 - 2014-03-30 19:48 - 02877736 _____ (MAGIX AG) C:\Users\user\Downloads\trial_musicmaker2014premium_dlm.exe
2014-03-30 16:35 - 2014-03-30 16:35 - 00921000 _____ (Oracle Corporation) C:\Users\user\Downloads\jxpiinstall.exe
2014-03-28 12:48 - 2013-02-11 10:03 - 00000000 ____D () C:\Users\user\Documents\Ref allgemeines
2014-03-18 17:42 - 2014-03-18 17:42 - 00685456 _____ () C:\Users\user\Downloads\ZipExtractorSetup.exe
Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe
Some content of TEMP:
====================
C:\Users\Gast\AppData\Local\Temp\install_flashplayer11x32_mssd_aih.exe
C:\Users\user\AppData\Local\Temp\1366617001itinstallerp.exe
C:\Users\user\AppData\Local\Temp\1366617002itinstallerp.exe
C:\Users\user\AppData\Local\Temp\1_Offer_6.exe
C:\Users\user\AppData\Local\Temp\228965-671337-outlook-2013.exe
C:\Users\user\AppData\Local\Temp\BackupSetup.exe
C:\Users\user\AppData\Local\Temp\COMAP.EXE
C:\Users\user\AppData\Local\Temp\ForteDependencies.exe
C:\Users\user\AppData\Local\Temp\ICReinstall_ZipExtractorSetup.exe
C:\Users\user\AppData\Local\Temp\installerp.exe
C:\Users\user\AppData\Local\Temp\instloffer.exe
C:\Users\user\AppData\Local\Temp\nsk6680.exe
C:\Users\user\AppData\Local\Temp\nsnD366.exe
C:\Users\user\AppData\Local\Temp\nsqC328.exe
C:\Users\user\AppData\Local\Temp\nst7100.exe
C:\Users\user\AppData\Local\Temp\Optimizer_Pro.exe
C:\Users\user\AppData\Local\Temp\SearchProtectINT.exe
C:\Users\user\AppData\Local\Temp\SendMsg.dll
C:\Users\user\AppData\Local\Temp\setup{90B2A168-34E5-40DD-816D-50D9CB3CDAAD}.exe
C:\Users\user\AppData\Local\Temp\SmartbarExeInstaller.exe
C:\Users\user\AppData\Local\Temp\speedupmypc.exe
C:\Users\user\AppData\Local\Temp\SPSetup.exe
C:\Users\user\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\user\AppData\Local\Temp\System.Data.SQLite17313.dll
C:\Users\user\AppData\Local\Temp\System.Data.SQLite72594.dll
C:\Users\user\AppData\Local\Temp\vbmz10.exe
C:\Users\user\AppData\Local\Temp\vcredist_x64.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-14 11:56
==================== End Of Log ============================
--- --- ---
--- --- ---
FRST Additions Logfile: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-04-2014 01
Ran by user at 2014-04-14 16:46:50
Running from C:\Users\user\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
==================== Installed Programs ======================
Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.1.0.8 - Absolute Software)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1380 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.9.0.1380 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Allshare Play Link (HKLM-x32\...\{91786428-D4AA-476D-8AF9-A63FFAC2901F}) (Version: 1.0.0 - Samsung)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Auto Lyrics (HKLM-x32\...\autolyrics@man-soft.net) (Version: - Mansoft Union) <==== ATTENTION
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BrowseMark (HKLM\...\BrowseMark) (Version: 2014.04.12.002348 - BrowseMark)
BrowserSafeguard with RocketTab (HKLM-x32\...\BrowserSafeguard) (Version: - BrowserSafeguard with RocketTab) <==== ATTENTION
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: - )
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MG6300 series Benutzerregistrierung (HKLM-x32\...\Canon MG6300 series Benutzerregistrierung) (Version: - Canon Inc.)
Canon MG6300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6300_series) (Version: 1.00 - Canon Inc.)
Canon MG6300 series On-screen Manual (HKLM-x32\...\Canon MG6300 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
capella 7 (HKLM-x32\...\{3D174772-F96E-4302-9BD5-8D84288604ED}) (Version: 7.1.20 - capella software AG)
capella start 7 (HKLM-x32\...\{CAFCB29B-DDCA-4D3A-B32A-E7D3AF7F4B2E}) (Version: 7.1.20 - capella software AG)
Citrix Access Gateway Plug-in (HKLM\...\{D822223D-F82A-4B20-A6A7-56C0A3849FB1}) (Version: 10.1.119.7 - Citrix Systems, Inc.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1912 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1912 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4415.02 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.4415.02 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
Easy File Share (HKLM-x32\...\{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}) (Version: 1.3.4 - Samsung Electronics CO.,LTD.)
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.)
ETDWare PS/2-X64 11.7.2.1_WHQL (HKLM\...\Elantech) (Version: 11.7.2.1 - ELAN Microelectronic Corp.)
ExpressCache (HKLM\...\{3EA6AB5D-D434-4ACA-9609-48F1319518EF}) (Version: 1.0.94 - Condusiv Technologies)
Fast Flash Sleep Resume (x32 Version: 1.1.0 - Samsung) Hidden
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
FORTE 4 - Free Edition (HKLM-x32\...\FORTE 4 Free) (Version: 4 - Lugert Verlag)
Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
fotokasten comfort 5.0 (HKLM-x32\...\fotokasten comfort_is1) (Version: - )
Free Audio Converter version 5.0.32.1230 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.32.1230 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.17.1125 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.17.1125 - DVDVideoSoft Ltd.)
Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Help Desk (HKLM\...\{C85A891D-7AB4-46AE-84F0-B0C3FAC82280}) (Version: 1.0.4 - Samsung Electronics CO., LTD.)
HQvidPv1.1 (HKLM-x32\...\HQvidPv1.1) (Version: 1.34.3.28 - HQvidPv1.1)
iCloud (HKLM\...\{EAFB2AD8-D92B-464C-8D97-B9CB94703C4A}) (Version: 3.0.2.163 - Apple Inc.)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33070) (Version: 3.6.1.33070.11 - Intel)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36702 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) PRO/Wireless Driver (Version: 16.01.5000.0577 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2817 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{89478C31-5CE8-461A-9084-9A0AF059F84F}) (Version: 15.5.0.0344 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{7854AA22-A2F0-4F29-A2E9-D0C5A2B685E7}) (Version: 2.5.0.0248 - Motorola Solutions, Inc)
Intel(R) Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 2.1.0.1002 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.2.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 16.01.5000.0269 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
iRobinHood Partners V Addon (HKLM-x32\...\iRobinHood Addon) (Version: 1.3.5 - iRobinHood)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Logic Fun 4.8 (HKLM-x32\...\Logic Fun 4.8) (Version: - )
MAGIX Content und Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Music Maker 2014 Premium (HKLM-x32\...\MX.{BB514EEA-B3EB-4713-8DD2-B76CA5619F11}) (Version: 20.0.2.35 - MAGIX AG)
MAGIX Music Maker 2014 Premium (Version: 20.0.2.35 - MAGIX AG) Hidden
MAGIX Music Maker 2014 Trial Soundpools (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{44CD9DB4-74FD-41BD-A138-AC8F279E6959}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40820 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40825 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.40820 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.40820 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 16.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 16.0 (x86 de)) (Version: 16.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 16.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyPC Backup (HKLM\...\MyPC Backup) (Version: - JDi Backup Ltd) <==== ATTENTION
Mysearchdial (HKLM-x32\...\mysearchdial) (Version: - Mysearchdial) <==== ATTENTION
Norton Internet Security (HKLM-x32\...\NIS) (Version: 20.4.0.40 - Symantec Corporation)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.45 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.1.0.11 - Symantec Corporation) Hidden
NVIDIA Grafiktreiber 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 306.97 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.85.551 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.10.8 (Version: 1.10.8 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0613 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Systemsteuerung 306.97 (Version: 306.97 - NVIDIA Corporation) Hidden
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
Open It! (HKLM-x32\...\OpenIt Open It!) (Version: 1.1.1 - OpenIt)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
PC Speed Maximizer v3.2 (HKLM-x32\...\PC Speed Maximizer_is1) (Version: 3.2 - Smart PC Solutions)
Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
PriceGong 2.6.11 (HKLM-x32\...\PriceGong) (Version: 2.6.11 - PriceGong) <==== ATTENTION
qone8 uninstaller (HKLM-x32\...\qone8 uninstaller) (Version: - qone8)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Ravensburger tiptoi (HKLM-x32\...\Ravensburger tiptoi) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6699 - Realtek Semiconductor Corp.)
Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.5.0 - Samsung Electronics CO., LTD.)
S Agent (Version: 1.0.7 - Samsung Electronics CO., LTD.) Hidden
Saal Design Software (HKLM-x32\...\SaalDesignSoftware) (Version: 3.2.27 - SSW Software GmbH)
Saal Design Software (x32 Version: 3.2.27 - SSW Software GmbH) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13052_10 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.3.13052_10 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.24.0 - SAMSUNG Electronics Co., Ltd.)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.12.20.154 - Conduit) <==== ATTENTION
Settings (HKLM-x32\...\{52E5DE60-C96B-42CC-9A37-FE04725940AE}) (Version: 2.0.0 - Samsung Electronics CO., LTD.)
simplitec simplicheck (HKLM-x32\...\{183D780B-28F9-41BA-A2CB-605F324A5781}) (Version: 1.3.10.0 - simplitec GmbH)
Softonic toolbar on IE and Chrome (HKLM-x32\...\Softonic) (Version: 1.8.21.14 - Softonic) <==== ATTENTION
Support Center (HKLM\...\{332518C0-0D31-4FFA-9D15-24C9C3D70B08}) (Version: 2.0.7 - Samsung Electronics CO., LTD.)
Support Center FAQ (x32 Version: 1.0.0 - Samsung Electronics CO., LTD.) Hidden
SW Update (HKLM-x32\...\{3B4E6027-AED5-4169-B030-B450E5A0F396}) (Version: 2.0.14 - Samsung Electronics CO., LTD.)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
Trojan Killer (HKLM-x32\...\GridinSoft Trojan Killer) (Version: 2.2.2.5 - GridinSoft LLC)
Update for Zip Extractor (HKCU\...\Digital Sites) (Version: - Update for Zip Extractor) <==== ATTENTION
Updater (HKLM-x32\...\{D54E3D9F-FEB8-4D2D-A138-B69A5C80080B}) (Version: 2.6.53 - Creative Island Media, LLC) <==== ATTENTION
User Guide (HKLM-x32\...\{5D4E117D-FC6A-4FB8-81E3-BEFFAE2F7BE6}) (Version: 1.1.00 - Samsung Electronics CO., LTD.)
VisualBee for Microsoft PowerPoint (HKCU\...\VisualBee for Microsoft PowerPoint) (Version: V4.1 - VisualBee.com)
Websteroids (HKLM-x32\...\Websteroids) (Version: 2.6.53 - Creative Island Media, LLC) <==== ATTENTION
Windows Driver Package - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass (07/27/2012 20.57.1.735) (HKLM\...\9F04C462DAB591BDCCE784F77E4D4F1736010B92) (Version: 07/27/2012 20.57.1.735 - Samsung Electronics Co. Ltd.)
Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WPM18.8.0.212 (HKLM-x32\...\WPM) (Version: 18.8.0.212 - Cherished Technololgy LIMITED) <==== ATTENTION
Xerox PhotoCafe (HKLM-x32\...\Xerox PhotoCafe) (Version: 1.0.0.6162 - Xerox)
Zip Extractor Packages (HKCU\...\Zip Extractor Packages) (Version: - ) <==== ATTENTION
==================== Restore Points =========================
04-03-2014 19:16:54 Windows Update
09-03-2014 20:24:08 Windows Update
16-03-2014 11:42:00 Windows Update
30-03-2014 09:44:52 Windows Update
03-04-2014 07:38:22 Windows Update
11-04-2014 09:07:48 Windows Update
14-04-2014 08:29:27 RegClean Pro Mo, Apr 14, 14 10:29
==================== Hosts content: ==========================
2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0810D624-08A8-4AA7-B03F-18F8A68B9907} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {16B55B81-46E2-46EB-A377-D369A16B96F2} - System32\Tasks\Intel® Rapid Start Technology Manager => C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe [2012-07-19] (Intel)
Task: {179EBFA6-896F-4E76-B047-0D0D33E8C5AD} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2012-08-23] (SEC)
Task: {1A5B57D2-4A4F-4C88-B7CD-9E23DDD997EC} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2012-08-26] (Samsung Electronics CO., LTD.)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {39DC11E8-4CD5-435F-884A-8FAFA36F85FE} - System32\Tasks\Xerox PhotoCafe Communicator => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe [2011-10-26] ()
Task: {3E1B711F-0EAD-45C9-B842-B2777D84A77F} - System32\Tasks\WLANStartup => C:\Program Files (x86)\Samsung\Easy Settings\WLANStartup.exe
Task: {61086126-0CE2-4178-9A18-5BA073EBA262} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2012-08-17] (Samsung Electronics CO., LTD.)
Task: {6C2797B9-5499-4BE3-8794-DC5D7894C7D3} - System32\Tasks\SWUpdateAgent => C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe [2012-08-22] (Samsung Electronics CO., LTD.)
Task: {70C9BCE1-059F-40D1-85C6-997EA9DE0CFD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {94C77FE8-A294-416E-A422-80D1A8950144} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-01-31] (Microsoft Corporation)
Task: {97034F17-0AF7-4F6B-BAE9-CF8693C0C3C7} - System32\Tasks\BrowserSafeguard Update Task => C:\Program Files (x86)\Browsersafeguard\uninstall.BrowserSafeguard.exe [2014-04-14] () <==== ATTENTION
Task: {9E99A1DA-4515-445B-87E1-AE7A12584CD5} - System32\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-4 => C:\Program Files (x86)\HQvidPv1.1\90ea0056-47b8-4705-bc6a-783c6f594e02-4.exe
Task: {A13DEE6B-5C9D-44B7-905E-B6B00F35D924} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {AA979738-6FE0-439D-BE98-AE2B9D7B6D0F} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {B04E7120-62A4-49AB-B0F6-555D61B39F37} - System32\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-3 => C:\Program Files (x86)\HQvidPv1.1\90ea0056-47b8-4705-bc6a-783c6f594e02-3.exe
Task: {B12D653B-A466-48DF-AE3C-918403201574} - System32\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-1 => C:\Program Files (x86)\HQvidPv1.1\HQvidPv1.1-codedownloader.exe
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {CADEA582-53F7-4769-9871-783BDA930BF0} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {CF2ED087-19F4-411A-8C48-F50B4C0E7D00} - System32\Tasks\FFSRConfigurer => C:\Program Files (x86)\Samsung\Fast Flash Sleep Resume\FFSRConfigurer.exe [2012-08-10] (Samsung)
Task: {E8E9ED25-423E-4ED7-A8C8-7D56CD754912} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe [2013-06-04] (Symantec Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F403B5E3-EF39-44CE-B42B-61F435A9E651} - System32\Tasks\DealPly => C:\Users\user\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe <==== ATTENTION
Task: {F6E1B828-B41B-4C3C-B497-6B18F115D98C} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {F9D5844E-1DF0-433B-8914-44A27A098EF4} - System32\Tasks\Digital Sites => C:\Users\user\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: C:\windows\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-1.job => C:\Program Files (x86)\HQvidPv1.1\HQvidPv1.1-codedownloader.exe
Task: C:\windows\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-3.job => C:\Program Files (x86)\HQvidPv1.1\90ea0056-47b8-4705-bc6a-783c6f594e02-3.exe
Task: C:\windows\Tasks\90ea0056-47b8-4705-bc6a-783c6f594e02-4.job => C:\Program Files (x86)\HQvidPv1.1\90ea0056-47b8-4705-bc6a-783c6f594e02-4.exe
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\Digital Sites.job => C:\Users\user\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe <==== ATTENTION
Task: C:\windows\Tasks\Xerox PhotoCafe Communicator.job => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe
==================== Loaded Modules (whitelisted) =============
2014-03-14 16:00 - 2014-03-14 16:00 - 01102336 _____ () C:\Program Files (x86)\MyPC Backup\x64\System.Data.SQLite.dll
2013-01-17 18:13 - 2012-03-28 14:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2012-07-30 08:41 - 2012-07-25 05:08 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-03-14 16:06 - 2014-03-14 16:06 - 00012288 _____ () C:\Program Files (x86)\MyPC Backup\GetText.dll
2014-04-03 17:00 - 2014-04-11 23:04 - 00465408 _____ () C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe
2012-07-24 05:06 - 2012-07-24 05:06 - 00119808 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
2014-04-12 02:33 - 2014-04-12 02:33 - 00350496 _____ () C:\Program Files (x86)\BrowseMark\updateBrowseMark.exe
2014-04-14 16:35 - 2014-04-12 02:33 - 01122592 _____ () C:\Program Files (x86)\BrowseMark\BrowseMark.FirstRun.exe
2013-04-09 00:19 - 2013-04-09 00:19 - 01143296 _____ () C:\Program Files (x86)\OpenIt\Open It!\openit.exe
2012-10-11 22:56 - 2012-10-11 22:56 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-10-11 22:56 - 2012-10-11 22:56 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-08-22 11:11 - 2012-06-25 20:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-06-08 09:46 - 2012-05-30 08:51 - 00699280 ____R () C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\wincfi39.dll
2012-08-26 11:48 - 2012-08-26 11:48 - 00026232 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2012-08-26 11:48 - 2012-08-26 11:48 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2012-08-26 11:48 - 2012-08-26 11:48 - 00029816 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2012-08-26 11:48 - 2012-08-26 11:48 - 00091768 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2012-08-22 11:32 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 04:34 - 2012-06-08 04:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\user\AppData\Roaming\Dropbox\bin\libcef.dll
2011-08-15 13:12 - 2011-08-15 13:12 - 02603520 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll
2012-06-14 04:57 - 2012-06-14 04:57 - 00015872 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll
2011-08-15 13:12 - 2011-08-15 13:12 - 01006592 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll
2011-08-15 13:15 - 2011-08-15 13:15 - 00382464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll
2011-08-17 09:41 - 2011-08-17 09:41 - 00400384 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll
2011-08-17 09:48 - 2011-08-17 09:48 - 00322048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll
2011-08-17 09:48 - 2011-08-17 09:48 - 00195584 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll
2011-08-15 12:23 - 2011-08-15 12:23 - 00062464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll
2012-06-14 04:56 - 2012-06-14 04:56 - 00481792 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll
2012-06-14 05:06 - 2012-06-14 05:06 - 00500064 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\plugin\PServerPlugin.dll
2012-06-14 04:55 - 2012-06-14 04:55 - 00013824 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll
2012-08-10 17:51 - 2012-08-10 17:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2012-08-10 17:50 - 2012-08-10 17:50 - 00170496 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxslt.dll
2011-07-19 09:05 - 2011-07-19 09:05 - 14978048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtWebKit4.dll
2011-08-15 13:17 - 2011-08-15 13:17 - 09224704 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtGui4.dll
2011-07-19 09:04 - 2011-07-19 09:04 - 00317952 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\phonon4.dll
2013-03-27 23:50 - 2013-03-27 23:50 - 00020480 _____ () C:\Program Files (x86)\OpenIt\Open It!\libgcc_s_dw2-1.dll
2011-12-02 02:30 - 2011-12-02 02:30 - 00979982 _____ () C:\Program Files (x86)\OpenIt\Open It!\libstdc++-6.dll
2013-03-27 23:50 - 2013-03-27 23:50 - 00009826 _____ () C:\Program Files (x86)\OpenIt\Open It!\mingwm10.dll
2014-01-10 23:45 - 2012-10-06 04:14 - 02294240 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:373E1720
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/14/2014 01:38:27 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2500
Error: (04/14/2014 01:38:27 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2500
Error: (04/14/2014 01:38:27 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (04/14/2014 00:10:20 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: EasySettingsCmdServer.exe, Version: 0.0.0.0, Zeitstempel: 0x50376629
Name des fehlerhaften Moduls: EasySettingsBase.dll, Version: 0.0.0.0, Zeitstempel: 0x5039da3f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00001610
ID des fehlerhaften Prozesses: 0xfd4
Startzeit der fehlerhaften Anwendung: 0xEasySettingsCmdServer.exe0
Pfad der fehlerhaften Anwendung: EasySettingsCmdServer.exe1
Pfad des fehlerhaften Moduls: EasySettingsCmdServer.exe2
Berichtskennung: EasySettingsCmdServer.exe3
Vollständiger Name des fehlerhaften Pakets: EasySettingsCmdServer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: EasySettingsCmdServer.exe5
Error: (04/14/2014 00:08:35 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: CommonAgent.exe, Version: 1.0.7.5, Zeitstempel: 0x502ddd20
Name des fehlerhaften Moduls: CommonAgent.exe, Version: 1.0.7.5, Zeitstempel: 0x502ddd20
Ausnahmecode: 0x40000015
Fehleroffset: 0x0000000000183835
ID des fehlerhaften Prozesses: 0x1604
Startzeit der fehlerhaften Anwendung: 0xCommonAgent.exe0
Pfad der fehlerhaften Anwendung: CommonAgent.exe1
Pfad des fehlerhaften Moduls: CommonAgent.exe2
Berichtskennung: CommonAgent.exe3
Vollständiger Name des fehlerhaften Pakets: CommonAgent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CommonAgent.exe5
Error: (04/14/2014 00:08:27 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: CommonAgent.exe, Version: 1.0.7.5, Zeitstempel: 0x502ddd20
Name des fehlerhaften Moduls: CommonAgent.exe, Version: 1.0.7.5, Zeitstempel: 0x502ddd20
Ausnahmecode: 0x40000015
Fehleroffset: 0x0000000000183835
ID des fehlerhaften Prozesses: 0xe2c
Startzeit der fehlerhaften Anwendung: 0xCommonAgent.exe0
Pfad der fehlerhaften Anwendung: CommonAgent.exe1
Pfad des fehlerhaften Moduls: CommonAgent.exe2
Berichtskennung: CommonAgent.exe3
Vollständiger Name des fehlerhaften Pakets: CommonAgent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CommonAgent.exe5
Error: (04/14/2014 10:02:51 AM) (Source: Application Hang) (User: )
Description: Programm firefox.exe, Version 16.0.0.4661 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 6a40
Startzeit: 01cf57b7cabd609d
Endzeit: 39
Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID: 1c5915c7-c3ab-11e3-becd-c48508dd16c9
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (04/14/2014 08:58:23 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 49541359
Error: (04/14/2014 08:58:23 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 49541359
Error: (04/14/2014 08:58:23 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
System errors:
=============
Error: (04/14/2014 10:05:12 AM) (Source: Service Control Manager) (User: )
Description: Dienst "Search Protect by Conduit Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (04/10/2014 05:43:24 PM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.
Error: (04/10/2014 04:34:05 PM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.
Error: (04/10/2014 04:33:57 PM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.
Error: (04/10/2014 04:33:47 PM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.
Error: (04/09/2014 11:34:32 AM) (Source: Service Control Manager) (User: )
Description: Dienst "Intel(R) PROSet/Wireless Zero Configuration Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (04/09/2014 11:32:40 AM) (Source: BugCheck) (User: )
Description: 0x0000007a (0xfffff6fc50003198, 0xffffffffc000000e, 0x00000000a303d880, 0xfffff8a000633ca4)C:\windows\MEMORY.DMP040914-58156-01
Error: (04/09/2014 11:31:43 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 09.04.2014 um 11:20:40 unerwartet heruntergefahren.
Error: (04/09/2014 08:42:25 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Spooler erreicht.
Error: (04/09/2014 08:41:55 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Spooler erreicht.
Microsoft Office Sessions:
=========================
Error: (04/14/2014 01:38:27 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2500
Error: (04/14/2014 01:38:27 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2500
Error: (04/14/2014 01:38:27 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (04/14/2014 00:10:20 PM) (Source: Application Error)(User: )
Description: EasySettingsCmdServer.exe0.0.0.050376629EasySettingsBase.dll0.0.0.05039da3fc000000500001610fd401cf57c8be3282d7C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exeC:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dllfbcf5c6b-c3bc-11e3-bece-c48508dd16c9
Error: (04/14/2014 00:08:35 PM) (Source: Application Error)(User: )
Description: CommonAgent.exe1.0.7.5502ddd20CommonAgent.exe1.0.7.5502ddd20400000150000000000183835160401cf57c97f33d7aeC:\Program Files\Samsung\S Agent\CommonAgent.exeC:\Program Files\Samsung\S Agent\CommonAgent.exebd3e32fc-c3bc-11e3-bece-c48508dd16c9
Error: (04/14/2014 00:08:27 PM) (Source: Application Error)(User: )
Description: CommonAgent.exe1.0.7.5502ddd20CommonAgent.exe1.0.7.5502ddd20400000150000000000183835e2c01cf57c8e341a846C:\Program Files\Samsung\S Agent\CommonAgent.exeC:\Program Files\Samsung\S Agent\CommonAgent.exeb8187721-c3bc-11e3-bece-c48508dd16c9
Error: (04/14/2014 10:02:51 AM) (Source: Application Hang)(User: )
Description: firefox.exe16.0.0.46616a4001cf57b7cabd609d39C:\Program Files (x86)\Mozilla Firefox\firefox.exe1c5915c7-c3ab-11e3-becd-c48508dd16c9
Error: (04/14/2014 08:58:23 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 49541359
Error: (04/14/2014 08:58:23 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 49541359
Error: (04/14/2014 08:58:23 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
==================== Memory info ===========================
Percentage of memory in use: 39%
Total physical RAM: 7893.53 MB
Available physical RAM: 4773.18 MB
Total Pagefile: 15829.53 MB
Available Pagefile: 12823.79 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:440.18 GB) (Free:340.35 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 029B5B55)
Partition: GPT Partition Type.
========================================================
Disk: 1 (Size: 22 GB) (Disk ID: 2D572FD1)
Partition: GPT Partition Type.
==================== End Of Log ============================
--- --- --- |
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
