Hallo Schrauber,
Danke für die schnelle Meldung hier die Logfiles:
Grüße
Sams Code:
# AdwCleaner v3.019 - Bericht erstellt am 19/02/2014 um 15:27:41
# Aktualisiert 17/02/2014 von Xplode
# Betriebssystem : Windows 8.1 (64 bits)
# Benutzername : Oksana - LAPTOP
# Gestartet von : C:\Users\Oksana\Desktop\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\SoftwareUpdater
Ordner Gelöscht : C:\ProgramData\NCH Software
Ordner Gelöscht : C:\Program Files (x86)\Mail.Ru
Ordner Gelöscht : C:\Program Files (x86)\NCH Software
Ordner Gelöscht : C:\Program Files (x86)\VideoPerformer
Ordner Gelöscht : C:\Users\Oksana\AppData\Local\iac
Ordner Gelöscht : C:\Users\Oksana\AppData\Local\Mail.Ru
Ordner Gelöscht : C:\Users\Oksana\AppData\LocalLow\boost_interprocess
Ordner Gelöscht : C:\Users\Oksana\AppData\LocalLow\SimplyTech
Ordner Gelöscht : C:\Users\Oksana\AppData\Roaming\Mail.Ru
Ordner Gelöscht : C:\Users\Oksana\AppData\Roaming\NCH Software
Ordner Gelöscht : C:\Users\Oksana\AppData\Roaming\pdfforge
Ordner Gelöscht : C:\Users\Oksana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mail.Ru
Ordner Gelöscht : C:\Users\Oksana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VideoPerformer
Ordner Gelöscht : C:\Users\Oksana_2\AppData\Roaming\Mozilla\Firefox\Profiles\rub1om2b.default\Extensions\{ad7ef860-f366-4be1-8d12-4363b9356947}
Datei Gelöscht : C:\WINDOWS\System32\roboot64.exe
Datei Gelöscht : C:\Users\Oksana\AppData\Roaming\Mozilla\Firefox\Profiles\bohjm6te.default\.autoreg
Datei Gelöscht : C:\Users\Oksana\AppData\Roaming\Mozilla\Firefox\Profiles\bohjm6te.default\searchplugins\11-suche.xml
Datei Gelöscht : C:\Users\Oksana\AppData\Roaming\Mozilla\Firefox\Profiles\bohjm6te.default\searchplugins\bingp.xml
Datei Gelöscht : C:\Users\Oksana\AppData\Roaming\Mozilla\Firefox\Profiles\bohjm6te.default\searchplugins\Web Search.xml
Datei Gelöscht : C:\Users\Oksana_2\AppData\Roaming\Mozilla\Firefox\Profiles\rub1om2b.default\searchplugins\Web Search.xml
Datei Gelöscht : C:\WINDOWS\System32\Tasks\Dealply
Datei Gelöscht : C:\WINDOWS\System32\Tasks\Funmoods
Datei Gelöscht : C:\WINDOWS\System32\Tasks\NCH Software
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\hgojaaaiddhmiiakpejiklijbalpckih
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\*\shell\filescout
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\d
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\driverscanner
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6C1B9042-3D32-49A1-916B-0AA3A9CDDFD6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B3595550-5007-4AEB-BB04-D00E62E836A8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F0786343-938E-456B-8798-DE7EEC08F820}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\dsiteproducts
Schlüssel Gelöscht : HKCU\Software\NCH Software
Schlüssel Gelöscht : HKCU\Software\performersoft llc
Schlüssel Gelöscht : HKCU\Software\simplytech
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\simplytech
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\NCH Software
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DSite
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16518
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Search Bar]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Search Page]
-\\ Mozilla Firefox v27.0.1 (de)
[ Datei : C:\Users\Oksana\AppData\Roaming\Mozilla\Firefox\Profiles\bohjm6te.default\prefs.js ]
Zeile gelöscht : user_pref("browser.newtab.url", "hxxp://search.certified-toolbar.com?si=66920&st=newtab&tid=6787&ver=4.4&ts=1377365392364.000009&tguid=66920-6787-1377365392364-5991C650B0E456AB313E74317E92F2B7");
Zeile gelöscht : user_pref("browser.search.defaultengine", "Web Search");
Zeile gelöscht : user_pref("browser.search.order.1", "Web Search");
Zeile gelöscht : user_pref("extensions.Kl3q7c.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.match(/ressbar[...]
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._2vMembers_.homepage", "hxxp://home.tb.ask.com/index.jhtml?ptb=B2A4CBE5-EA26-441C-BBB5-07DB1164AF61&n=77fd5468&p2=^XM^xdm130^YYA^de&si=CKjGjLL7vrkCFY1d3godfFoAJ[...]
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._2vMembers_.initialized", true);
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._2vMembers_.installation.contextKey", "");
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._2vMembers_.installation.installDate", "2013090920");
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._2vMembers_.installation.partnerId", "^XM^xdm130^YYA^de");
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._2vMembers_.installation.partnerSubId", "CKjGjLL7vrkCFY1d3godfFoAJw");
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._2vMembers_.installation.success", true);
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._2vMembers_.installation.toolbarId", "B2A4CBE5-EA26-441C-BBB5-07DB1164AF61");
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._2vMembers_.lastActivePing", "1378752035763");
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._2vMembers_.options.defaultSearch", false);
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._2vMembers_.options.homePageEnabled", false);
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._2vMembers_.options.keywordEnabled", false);
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._2vMembers_.options.tabEnabled", false);
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._2vMembers_.weather.location", "10001");
Zeile gelöscht : user_pref("extensions.toolbar.mindspark.lastInstalled", "dailybibleguide@mindspark.com");
Zeile gelöscht : user_pref("extensions.unitedinternet.search.termsJSON", "[{\"searchterm\":\"die dinos\",\"visited\":\"2013-05-31T15:26:00.244Z\"},{\"searchterm\":\"guter gott dankeschön hermann bergmann HArtmut wort[...]
Zeile gelöscht : user_pref("extensions.wajam.trace_log", "1371558017181 - readUniqueId - 64 bits - Error Message: Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsIWindowsRegKey.readStringValue]\n1371[...]
Zeile gelöscht : user_pref("wtb6787.homepage", "hxxp://search.certified-toolbar.com?si=66920&st=home&tid=6787&ver=4.4&ts=1377365392364.000009&tguid=66920-6787-1377365392364-5991C650B0E456AB313E74317E92F2B7");
Zeile gelöscht : user_pref("wtb6787.newtab", "hxxp://search.certified-toolbar.com?si=66920&st=home&tid=6787&ver=4.4&ts=1377365392364.000009&tguid=66920-6787-1377365392364-5991C650B0E456AB313E74317E92F2B7");
[ Datei : C:\Users\Oksana_2\AppData\Roaming\Mozilla\Firefox\Profiles\rub1om2b.default\prefs.js ]
Zeile gelöscht : user_pref("browser.search.defaultenginename", "Web Search");
Zeile gelöscht : user_pref("browser.search.defaultengine", "Web Search");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "Web Search");
Zeile gelöscht : user_pref("browser.search.order.1", "Web Search");
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://search.certified-toolbar.com?si=66920&st=home&tid=6787&ver=4.4&ts=1377365392364.000009&tguid=66920-6787-1377365392364-5991C650B0E456AB313E74317E92F2B7");
Zeile gelöscht : user_pref("wtb6787.homepage", "hxxp://search.certified-toolbar.com?si=66920&st=home&tid=6787&ver=4.4&ts=1377365392364.000009&tguid=66920-6787-1377365392364-5991C650B0E456AB313E74317E92F2B7");
Zeile gelöscht : user_pref("browser.newtab.url", "hxxp://search.certified-toolbar.com?si=66920&st=newtab&tid=6787&ver=4.4&ts=1377365392364.000009&tguid=66920-6787-1377365392364-5991C650B0E456AB313E74317E92F2B7");
Zeile gelöscht : user_pref("wtb6787.newtab", "hxxp://search.certified-toolbar.com?si=66920&st=home&tid=6787&ver=4.4&ts=1377365392364.000009&tguid=66920-6787-1377365392364-5991C650B0E456AB313E74317E92F2B7");
Zeile gelöscht : user_pref("keyword.URL", "hxxp://search.certified-toolbar.com?si=66920&st=chrome&tid=6787&ver=4.4&ts=1377365392364.000009&tguid=66920-6787-1377365392364-5991C650B0E456AB313E74317E92F2B7&q=");
-\\ Google Chrome v
[ Datei : C:\Users\Oksana\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [20912 octets] - [19/02/2014 15:20:56]
AdwCleaner[S0].txt - [19208 octets] - [19/02/2014 15:27:41]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [19269 octets] ########## Nr.2: Code:
# AdwCleaner v3.019 - Bericht erstellt am 19/02/2014 um 15:20:15
# Aktualisiert 17/02/2014 von Xplode
# Betriebssystem : Windows 8.1 (64 bits)
# Benutzername : Oksana - LAPTOP
# Gestartet von : C:\Users\Oksana\Desktop\adwcleaner.exe
# Option : Suchen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Datei Gefunden : C:\Users\Oksana\AppData\Roaming\Mozilla\Firefox\Profiles\bohjm6te.default\.autoreg
Datei Gefunden : C:\Users\Oksana\AppData\Roaming\Mozilla\Firefox\Profiles\bohjm6te.default\searchplugins\11-suche.xml
Datei Gefunden : C:\Users\Oksana\AppData\Roaming\Mozilla\Firefox\Profiles\bohjm6te.default\searchplugins\bingp.xml
Datei Gefunden : C:\Users\Oksana\AppData\Roaming\Mozilla\Firefox\Profiles\bohjm6te.default\searchplugins\Web Search.xml
Datei Gefunden : C:\Users\Oksana_2\AppData\Roaming\Mozilla\Firefox\Profiles\rub1om2b.default\searchplugins\Web Search.xml
Datei Gefunden : C:\WINDOWS\System32\roboot64.exe
Datei Gefunden : C:\WINDOWS\System32\Tasks\Dealply
Datei Gefunden : C:\WINDOWS\System32\Tasks\Funmoods
Datei Gefunden : C:\WINDOWS\System32\Tasks\NCH Software
Ordner Gefunden : C:\Users\Oksana_2\AppData\Roaming\Mozilla\Firefox\Profiles\rub1om2b.default\Extensions\{ad7ef860-f366-4be1-8d12-4363b9356947}
Ordner Gefunden C:\Program Files (x86)\Mail.Ru
Ordner Gefunden C:\Program Files (x86)\NCH Software
Ordner Gefunden C:\Program Files (x86)\VideoPerformer
Ordner Gefunden C:\ProgramData\NCH Software
Ordner Gefunden C:\SoftwareUpdater
Ordner Gefunden C:\Users\Oksana\AppData\Local\iac
Ordner Gefunden C:\Users\Oksana\AppData\Local\Mail.Ru
Ordner Gefunden C:\Users\Oksana\AppData\LocalLow\boost_interprocess
Ordner Gefunden C:\Users\Oksana\AppData\LocalLow\SimplyTech
Ordner Gefunden C:\Users\Oksana\AppData\Roaming\Mail.Ru
Ordner Gefunden C:\Users\Oksana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mail.Ru
Ordner Gefunden C:\Users\Oksana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VideoPerformer
Ordner Gefunden C:\Users\Oksana\AppData\Roaming\NCH Software
Ordner Gefunden C:\Users\Oksana\AppData\Roaming\pdfforge
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\simplytech
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKCU\Software\dsiteproducts
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DSite
Schlüssel Gefunden : HKCU\Software\NCH Software
Schlüssel Gefunden : HKCU\Software\performersoft llc
Schlüssel Gefunden : HKCU\Software\simplytech
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : [x64] HKCU\Software\Conduit
Schlüssel Gefunden : [x64] HKCU\Software\dsiteproducts
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}
Schlüssel Gefunden : [x64] HKCU\Software\NCH Software
Schlüssel Gefunden : [x64] HKCU\Software\performersoft llc
Schlüssel Gefunden : [x64] HKCU\Software\simplytech
Schlüssel Gefunden : [x64] HKCU\Software\Softonic
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\*\shell\filescout
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\d
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\driverscanner
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gefunden : HKLM\Software\Conduit
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\hgojaaaiddhmiiakpejiklijbalpckih
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6C1B9042-3D32-49A1-916B-0AA3A9CDDFD6}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gefunden : HKLM\Software\NCH Software
Schlüssel Gefunden : HKLM\Software\Uniblue
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{B3595550-5007-4AEB-BB04-D00E62E836A8}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{F0786343-938E-456B-8798-DE7EEC08F820}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16518
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Start Default_Page_URL] - hxxp://search.certified-toolbar.com?si=66920&st=home&tid=6787&ver=4.4&ts=1377365392364.000009&tguid=66920-6787-1377365392364-5991C650B0E456AB313E74317E92F2B7
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Search [Start Page] - hxxp://search.certified-toolbar.com?si=66920&st=home&tid=6787&ver=4.4&ts=1377365392364.000009&tguid=66920-6787-1377365392364-5991C650B0E456AB313E74317E92F2B7
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Search [Start Default_Page_URL] - hxxp://search.certified-toolbar.com?si=66920&st=home&tid=6787&ver=4.4&ts=1377365392364.000009&tguid=66920-6787-1377365392364-5991C650B0E456AB313E74317E92F2B7
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Search [Search Bar] - hxxp://search.certified-toolbar.com?si=66920&st=chrome&tid=6787&ver=4.4&ts=1377365392364.000009&tguid=66920-6787-1377365392364-5991C650B0E456AB313E74317E92F2B7&q=
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Search [Search Page] - hxxp://search.certified-toolbar.com?si=66920&st=chrome&tid=6787&ver=4.4&ts=1377365392364.000009&tguid=66920-6787-1377365392364-5991C650B0E456AB313E74317E92F2B7&q=
-\\ Mozilla Firefox v27.0.1 (de)
[ Datei : C:\Users\Oksana\AppData\Roaming\Mozilla\Firefox\Profiles\bohjm6te.default\prefs.js ]
Zeile gefunden : user_pref("browser.newtab.url", "hxxp://search.certified-toolbar.com?si=66920&st=newtab&tid=6787&ver=4.4&ts=1377365392364.000009&tguid=66920-6787-1377365392364-5991C650B0E456AB313E74317E92F2B7");
Zeile gefunden : user_pref("browser.search.defaultengine", "Web Search");
Zeile gefunden : user_pref("browser.search.order.1", "Web Search");
Zeile gefunden : user_pref("extensions.Kl3q7c.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.match(/ressbar[...]
Zeile gefunden : user_pref("extensions.toolbar.mindspark._2vMembers_.homepage", "hxxp://home.tb.ask.com/index.jhtml?ptb=B2A4CBE5-EA26-441C-BBB5-07DB1164AF61&n=77fd5468&p2=^XM^xdm130^YYA^de&si=CKjGjLL7vrkCFY1d3godfFoAJ[...]
Zeile gefunden : user_pref("extensions.toolbar.mindspark._2vMembers_.initialized", true);
Zeile gefunden : user_pref("extensions.toolbar.mindspark._2vMembers_.installation.contextKey", "");
Zeile gefunden : user_pref("extensions.toolbar.mindspark._2vMembers_.installation.installDate", "2013090920");
Zeile gefunden : user_pref("extensions.toolbar.mindspark._2vMembers_.installation.partnerId", "^XM^xdm130^YYA^de");
Zeile gefunden : user_pref("extensions.toolbar.mindspark._2vMembers_.installation.partnerSubId", "CKjGjLL7vrkCFY1d3godfFoAJw");
Zeile gefunden : user_pref("extensions.toolbar.mindspark._2vMembers_.installation.success", true);
Zeile gefunden : user_pref("extensions.toolbar.mindspark._2vMembers_.installation.toolbarId", "B2A4CBE5-EA26-441C-BBB5-07DB1164AF61");
Zeile gefunden : user_pref("extensions.toolbar.mindspark._2vMembers_.lastActivePing", "1378752035763");
Zeile gefunden : user_pref("extensions.toolbar.mindspark._2vMembers_.options.defaultSearch", false);
Zeile gefunden : user_pref("extensions.toolbar.mindspark._2vMembers_.options.homePageEnabled", false);
Zeile gefunden : user_pref("extensions.toolbar.mindspark._2vMembers_.options.keywordEnabled", false);
Zeile gefunden : user_pref("extensions.toolbar.mindspark._2vMembers_.options.tabEnabled", false);
Zeile gefunden : user_pref("extensions.toolbar.mindspark._2vMembers_.weather.location", "10001");
Zeile gefunden : user_pref("extensions.toolbar.mindspark.lastInstalled", "dailybibleguide@mindspark.com");
Zeile gefunden : user_pref("extensions.unitedinternet.search.termsJSON", "[{\"searchterm\":\"die dinos\",\"visited\":\"2013-05-31T15:26:00.244Z\"},{\"searchterm\":\"guter gott dankeschön hermann bergmann HArtmut wort[...]
Zeile gefunden : user_pref("extensions.wajam.trace_log", "1371558017181 - readUniqueId - 64 bits - Error Message: Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsIWindowsRegKey.readStringValue]\n1371[...]
Zeile gefunden : user_pref("wtb6787.homepage", "hxxp://search.certified-toolbar.com?si=66920&st=home&tid=6787&ver=4.4&ts=1377365392364.000009&tguid=66920-6787-1377365392364-5991C650B0E456AB313E74317E92F2B7");
Zeile gefunden : user_pref("wtb6787.newtab", "hxxp://search.certified-toolbar.com?si=66920&st=home&tid=6787&ver=4.4&ts=1377365392364.000009&tguid=66920-6787-1377365392364-5991C650B0E456AB313E74317E92F2B7");
[ Datei : C:\Users\Oksana_2\AppData\Roaming\Mozilla\Firefox\Profiles\rub1om2b.default\prefs.js ]
Zeile gefunden : user_pref("browser.search.defaultenginename", "Web Search");
Zeile gefunden : user_pref("browser.search.defaultengine", "Web Search");
Zeile gefunden : user_pref("browser.search.selectedEngine", "Web Search");
Zeile gefunden : user_pref("browser.search.order.1", "Web Search");
Zeile gefunden : user_pref("browser.startup.homepage", "hxxp://search.certified-toolbar.com?si=66920&st=home&tid=6787&ver=4.4&ts=1377365392364.000009&tguid=66920-6787-1377365392364-5991C650B0E456AB313E74317E92F2B7");
Zeile gefunden : user_pref("wtb6787.homepage", "hxxp://search.certified-toolbar.com?si=66920&st=home&tid=6787&ver=4.4&ts=1377365392364.000009&tguid=66920-6787-1377365392364-5991C650B0E456AB313E74317E92F2B7");
Zeile gefunden : user_pref("browser.newtab.url", "hxxp://search.certified-toolbar.com?si=66920&st=newtab&tid=6787&ver=4.4&ts=1377365392364.000009&tguid=66920-6787-1377365392364-5991C650B0E456AB313E74317E92F2B7");
Zeile gefunden : user_pref("wtb6787.newtab", "hxxp://search.certified-toolbar.com?si=66920&st=home&tid=6787&ver=4.4&ts=1377365392364.000009&tguid=66920-6787-1377365392364-5991C650B0E456AB313E74317E92F2B7");
Zeile gefunden : user_pref("keyword.URL", "hxxp://search.certified-toolbar.com?si=66920&st=chrome&tid=6787&ver=4.4&ts=1377365392364.000009&tguid=66920-6787-1377365392364-5991C650B0E456AB313E74317E92F2B7&q=");
-\\ Google Chrome v
[ Datei : C:\Users\Oksana\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [20538 octets] - [19/02/2014 15:20:15]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [20599 octets] ########## Nr.3: Code:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Datenbank Version: v2014.02.19.05
Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16518
Oksana :: LAPTOP [Administrator]
19.02.2014 13:54:40
mbam-log-2014-02-19 (13-54-40).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 498379
Laufzeit: 1 Stunde(n), 18 Minute(n), 33 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)
(Ende) Nr.4: Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Windows 8.1 x64
Ran by Oksana on 19.02.2014 at 15:46:01,06
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-174320049-3726716400-672341874-1002\Software\sweetim
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\covus freemium gmbh
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{34e26447-bf30-4c78-a5b9-61dfa8a55e67}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{34e26447-bf30-4c78-a5b9-61dfa8a55e67}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\microsoft\Internet Explorer\SearchScopes\{34e26447-bf30-4c78-a5b9-61dfa8a55e67}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{34e26447-bf30-4c78-a5b9-61dfa8a55e67}
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\Oksana\AppData\Roaming\mozilla\firefox\profiles\bohjm6te.default\minidumps [1 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19.02.2014 at 15:52:20,96
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Nr.5:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2014
Ran by Oksana (administrator) on LAPTOP on 19-02-2014 15:58:11
Running from F:\
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\WINDOWS\system32\WLANExt.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel Deutschland\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel Deutschland\apps\CCF_Reputation\fsorsp.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Common\FSMA32.EXE
(Microsoft Corporation) C:\WINDOWS\System32\alg.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Anti-Virus\fssm32.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
(1&1 Mail & Media GmbH) C:\Users\Oksana\AppData\Local\WEB.DE Application {sync-000021}\webde_onlinespeicher.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel Deutschland\fshoster32.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Common\FSLAUNCH.EXE
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-30] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1215632 2012-08-17] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [11582848 2012-09-30] (Motorola Solutions, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2917176 2012-09-05] (Synaptics Incorporated)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] - C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-20] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Service] - C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [258576 2012-07-30] (CyberLink Corp.)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [163000 2012-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [BrMfcWnd] - C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] ()
HKLM-x32\...\Run: [ControlCenter3] - C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [bdinstaller] - "C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\setupdownloader.exe" /args:"/after_restart"
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-04-15] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM-x32\...\Run: [F-Secure Hoster (44553)] - C:\Program Files (x86)\Kabel Deutschland\fshoster32.exe [188400 2013-01-18] (F-Secure Corporation)
HKLM-x32\...\Run: [F-Secure Manager] - C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Common\FSM32.EXE [311432 2013-01-03] (F-Secure Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-174320049-3726716400-672341874-1001\...\Run: [AppLauncher] - C:\Program Files (x86)\Medion MediaPack 3\Ashampoo AppLauncher (Medion)\AppLauncher.exe [969656 2012-08-10] (Ashampoo)
HKU\S-1-5-21-174320049-3726716400-672341874-1001\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
HKU\S-1-5-21-174320049-3726716400-672341874-1002\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
HKU\S-1-5-21-174320049-3726716400-672341874-1002\...\Run: [WEB.DE Application {sync-000021}] - C:\Users\Oksana\AppData\Local\WEB.DE Application {sync-000021}\webde_onlinespeicher.exe [875008 2013-09-13] (1&1 Mail & Media GmbH)
HKU\S-1-5-21-174320049-3726716400-672341874-1002\...\Run: [1und1DispatcherCorp] - C:\Users\Oksana\AppData\Local\1und1UpdaterCorpE\SchedDispatcher.exe [220808 2013-05-29] (1&1 Mail & Media GmbH)
HKU\S-1-5-21-174320049-3726716400-672341874-1002\...\Run: [Power2GoExpress8] - NA
AppInit_DLLs: C:\Windows\system32\nvinitx.dll,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [168616 2013-10-27] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-10-27] (NVIDIA Corporation)
Startup: C:\Users\Oksana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - URL hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1377365392364.000009&tguid=66920-6787-1377365392364-5991C650B0E456AB313E74317E92F2B7&q={searchTerms}
SearchScopes: HKLM-x32 - SuggestionsURL_JSON hxxp://api.widdit.com/suggestions/?format=ffplugin&ua=ie&src=addon&si=66920&gid=66920-6787-1377365392364-5991C650B0E456AB313E74317E92F2B7&dbCode=1&command={searchTerms}
SearchScopes: HKLM-x32 - TopResultURLFallback hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1377365392364.000009&tguid=66920-6787-1377365392364-5991C650B0E456AB313E74317E92F2B7&q={searchTerms}
SearchScopes: HKLM-x32 - {34e26447-bf30-4c78-a5b9-61dfa8a55e67} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^XM^xdm130^YYA^de&si=CKjGjLL7vrkCFY1d3godfFoAJw&ptb=B2A4CBE5-EA26-441C-BBB5-07DB1164AF61&psa=&ind=2013101802&st=sb&n=77fd7eea&searchfor={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: No Name - {8984B388-A5BB-4DF7-B274-77B879E179DB} - No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Oksana\AppData\Roaming\Mozilla\Firefox\Profiles\bohjm6te.default
FF SearchEngineOrder.3: Bing
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Oksana\AppData\Roaming\Mozilla\Firefox\Profiles\bohjm6te.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Oksana\AppData\Roaming\Mozilla\Firefox\Profiles\bohjm6te.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Oksana\AppData\Roaming\Mozilla\Firefox\Profiles\bohjm6te.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Oksana\AppData\Roaming\Mozilla\Firefox\Profiles\bohjm6te.default\searchplugins\mailru.xml
FF SearchPlugin: C:\Users\Oksana\AppData\Roaming\Mozilla\Firefox\Profiles\bohjm6te.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Flash Video Downloader - C:\Users\Oksana\AppData\Roaming\Mozilla\Firefox\Profiles\bohjm6te.default\Extensions\artur.dubovoy@gmail.com [2014-01-23]
FF Extension: Спутник @Mail.Ru - C:\Users\Oksana\AppData\Roaming\Mozilla\Firefox\Profiles\bohjm6te.default\Extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D} [2013-12-19]
FF Extension: DownloadHelper - C:\Users\Oksana\AppData\Roaming\Mozilla\Firefox\Profiles\bohjm6te.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-08-27]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Oksana\AppData\Roaming\Mozilla\Firefox\Profiles\bohjm6te.default\Extensions\adblockpopups@jessehakanen.net.xpi [2013-08-17]
FF Extension: CHoose4ssaavE - C:\Users\Oksana\AppData\Roaming\Mozilla\Firefox\Profiles\bohjm6te.default\Extensions\aueouycvk@fbsrho.net.xpi [2013-12-26]
FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\Oksana\AppData\Roaming\Mozilla\Firefox\Profiles\bohjm6te.default\Extensions\elemhidehelper@adblockplus.org.xpi [2013-06-12]
FF Extension: YouTube to MP3 - C:\Users\Oksana\AppData\Roaming\Mozilla\Firefox\Profiles\bohjm6te.default\Extensions\info@sharkcube.com.xpi [2014-01-24]
FF Extension: WEB.DE MailCheck - C:\Users\Oksana\AppData\Roaming\Mozilla\Firefox\Profiles\bohjm6te.default\Extensions\toolbar@web.de.xpi [2014-01-16]
FF Extension: No Name - C:\Users\Oksana\AppData\Roaming\Mozilla\Firefox\Profiles\bohjm6te.default\Extensions\uploader@adblockfilters.mozdev.org.xpi [2013-06-12]
FF Extension: ImTranslator - C:\Users\Oksana\AppData\Roaming\Mozilla\Firefox\Profiles\bohjm6te.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2014-02-18]
FF Extension: Adblock Plus - C:\Users\Oksana\AppData\Roaming\Mozilla\Firefox\Profiles\bohjm6te.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-16]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-10-25]
FF HKCU\...\Firefox\Extensions: [YTKaraoke@DacSoft.org] - C:\Program Files (x86)\YTKaraoke\FF\
FF Extension: Tube Karaoke - C:\Program Files (x86)\YTKaraoke\FF\ []
Chrome:
=======
CHR HomePage:
CHR Extension: (Tube Karaoke) - C:\Users\Oksana\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgnhgbflngpggpmpfdkhmhmfdophhepe [2013-05-29]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Oksana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-05-28]
CHR HKLM-x32\...\Chrome\Extension: [lgnhgbflngpggpmpfdkhmhmfdophhepe] - C:\Program Files (x86)\YTKaraoke\Chrome.crx [2013-06-02]
==================== Services (Whitelisted) =================
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-13] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-13] (CyberLink)
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe [544768 2009-08-24] (mst software GmbH, Germany)
R2 fshoster; C:\Program Files (x86)\Kabel Deutschland\fshoster32.exe [188400 2013-01-18] (F-Secure Corporation)
R3 FSMA; C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Common\FSMA32.EXE [209032 2013-01-03] (F-Secure Corporation)
R2 FSORSPClient; C:\Program Files (x86)\Kabel Deutschland\apps\CCF_Reputation\fsorsp.exe [60352 2013-06-25] (F-Secure Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-09-24] ()
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2012-10-19] ()
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1227800 2013-04-18] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [659992 2013-04-18] (Secunia)
S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe [234096 2013-08-24] (soft Xpansion)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [1153840 2012-09-24] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1337216 2012-10-01] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 F-Secure Gatekeeper; C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [203304 2013-12-13] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\HIPS\drivers\fshs.sys [69296 2013-10-17] (F-Secure Corporation)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2013-06-17] ()
R0 fsbts; C:\Windows\SysWOW64\Drivers\fsbts.sys [42248 2013-06-17] ()
R3 fsni; C:\Program Files (x86)\Kabel Deutschland\apps\CCF_Scanning\fsni64.sys [80832 2013-04-25] (F-Secure Corporation)
R1 fsvista; C:\Program Files (x86)\Kabel Deutschland\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [14472 2013-01-03] ()
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [165504 2012-11-14] (ITE )
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-09-04] (Intel Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-04-18] (Secunia)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-19 15:52 - 2014-02-19 15:52 - 00001624 _____ () C:\Users\Oksana\Desktop\JRT.txt
2014-02-19 15:45 - 2014-02-19 15:42 - 01037530 _____ (Thisisu) C:\Users\Oksana\Desktop\JRT.exe
2014-02-19 15:20 - 2014-02-19 15:36 - 00000000 ____D () C:\AdwCleaner
2014-02-19 15:16 - 2014-02-19 15:16 - 01241834 _____ () C:\Users\Oksana\Desktop\adwcleaner.exe
2014-02-19 11:56 - 2014-02-19 11:56 - 00240722 _____ () C:\Users\Oksana\Saved Games\Documents\Umfrage_1.odt
2014-02-19 11:31 - 2014-02-19 15:58 - 00000000 ____D () C:\FRST
2014-02-17 21:51 - 2013-09-09 19:40 - 00712264 _____ (MindSpark) C:\Program Files (x86)\2vUninstall DailyBibleGuide.dll
2014-02-17 21:51 - 2013-09-09 19:40 - 00194952 _____ () C:\Program Files (x86)\2vres.dll
2014-02-17 21:48 - 2014-02-17 21:48 - 00003276 _____ () C:\WINDOWS\System32\Tasks\{80545FAC-E919-4107-9840-DB79C54DBD1E}
2014-02-17 21:38 - 2014-02-17 21:38 - 00001564 _____ () C:\Users\Public\Desktop\Free Video to MP3 Converter.lnk
2014-02-17 21:38 - 2014-02-17 21:38 - 00001271 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-02-17 21:37 - 2014-02-17 21:38 - 00000000 ____D () C:\Users\Oksana\AppData\Roaming\DVDVideoSoft
2014-02-17 21:37 - 2014-02-17 21:38 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-02-17 21:35 - 2014-02-17 21:36 - 33000776 _____ (DVDVideoSoft Ltd. ) C:\Users\Oksana\Downloads\FreeVideoToMP3Converter5.0.32.1230.exe
2014-02-17 19:20 - 2014-02-17 19:21 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-02-17 11:49 - 2014-02-17 11:49 - 00744315 _____ () C:\Users\Oksana\Desktop\Umfrage_Exirius.odt
2014-02-16 11:07 - 2014-02-16 11:07 - 00001114 _____ () C:\Users\Public\Desktop\TeamViewer 8.lnk
2014-02-16 09:00 - 2014-02-16 09:00 - 00001880 _____ () C:\Users\Oksana\Desktop\My Pictures And Sounds.exe - Verknüpfung.lnk
2014-02-16 08:52 - 2014-02-16 08:52 - 00000000 ____D () C:\Program Files (x86)\SAGEM
2014-02-16 08:50 - 2014-02-16 08:50 - 00551679 _____ (Sagem Communication) C:\Users\Oksana\Downloads\MPAS_7_15.exe
2014-02-16 08:49 - 2013-11-27 16:34 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2014-02-16 08:49 - 2013-11-27 14:47 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2014-02-16 08:49 - 2013-11-27 09:58 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-02-16 08:49 - 2013-11-26 14:22 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-02-16 08:49 - 2013-11-26 14:20 - 02131120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-02-16 08:49 - 2013-11-26 14:20 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-02-16 08:49 - 2013-11-26 12:50 - 01371312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-02-16 08:49 - 2013-11-26 12:44 - 02142936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-02-16 08:49 - 2013-11-26 10:21 - 18577920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-02-16 08:49 - 2013-11-26 09:28 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-02-16 08:49 - 2013-11-23 12:49 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-02-16 08:49 - 2013-11-23 09:19 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-02-16 08:49 - 2013-11-23 04:57 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-02-16 08:49 - 2013-11-23 04:48 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-02-16 08:49 - 2013-11-23 04:25 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-02-16 08:49 - 2013-11-23 04:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-02-16 08:49 - 2013-11-23 04:19 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-02-16 08:49 - 2013-11-05 21:12 - 02551128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-02-16 08:48 - 2013-12-09 01:34 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-02-16 08:48 - 2013-12-09 01:04 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-02-16 08:48 - 2013-11-27 16:27 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-02-16 08:48 - 2013-11-27 15:00 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-02-16 08:48 - 2013-11-27 13:02 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2014-02-16 08:48 - 2013-11-27 11:54 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-02-16 08:48 - 2013-11-27 11:24 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-02-16 08:48 - 2013-11-27 11:08 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-02-16 08:48 - 2013-11-27 10:46 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-02-16 08:48 - 2013-11-27 10:41 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-02-16 08:48 - 2013-11-27 10:17 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-02-16 08:48 - 2013-11-27 10:10 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2014-02-16 08:48 - 2013-11-27 09:56 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2014-02-16 08:48 - 2013-11-27 05:01 - 00385614 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-02-16 08:48 - 2013-11-26 14:20 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-02-16 08:48 - 2013-11-26 12:44 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-02-16 08:48 - 2013-11-26 11:13 - 04191232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-02-16 08:48 - 2013-11-25 02:45 - 00142680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-02-16 08:48 - 2013-11-25 02:32 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-02-16 08:48 - 2013-11-25 00:30 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-02-16 08:48 - 2013-11-25 00:28 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-02-16 08:48 - 2013-11-23 13:47 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-02-16 08:48 - 2013-11-23 08:13 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2014-02-16 08:48 - 2013-11-23 08:13 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-02-16 08:48 - 2013-11-23 08:08 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-02-16 08:48 - 2013-11-23 05:50 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-02-16 08:48 - 2013-11-23 04:15 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-02-16 08:48 - 2013-11-21 07:58 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2014-02-16 08:48 - 2013-11-21 07:26 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-02-16 08:48 - 2013-11-16 06:11 - 00764856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-02-16 08:48 - 2013-11-15 19:19 - 00669344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-02-16 08:48 - 2013-11-15 15:59 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2014-02-16 08:48 - 2013-11-15 15:25 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2014-02-16 08:48 - 2013-11-15 15:08 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-02-16 08:48 - 2013-11-15 14:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-02-16 08:48 - 2013-10-31 01:29 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-02-16 08:48 - 2013-10-31 00:41 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-02-16 07:57 - 2014-02-16 07:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-12 07:13 - 2013-11-21 07:42 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-02-12 07:13 - 2013-11-21 06:44 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-02-12 07:12 - 2014-01-07 06:00 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-02-12 07:12 - 2014-01-07 05:30 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-02-12 07:12 - 2013-12-09 01:27 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-02-12 07:12 - 2013-12-09 01:19 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-02-12 07:12 - 2013-12-09 00:55 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-02-12 07:12 - 2013-12-09 00:54 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-02-12 07:11 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-12 07:11 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-12 07:11 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-12 07:11 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-12 07:11 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-12 07:11 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-12 07:11 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-12 07:11 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-12 07:11 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-12 07:11 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-12 07:11 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-12 07:11 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-12 07:11 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-12 07:11 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-12 07:11 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-12 07:11 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-12 07:11 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-12 07:11 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-12 07:11 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-12 07:11 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-12 07:11 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-12 07:11 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-12 07:11 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-12 07:11 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-12 07:11 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-12 07:11 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-12 07:11 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-12 07:11 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-12 07:11 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-12 07:11 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-12 07:11 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-12 07:11 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-12 07:11 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-12 07:11 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-12 07:11 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-12 07:11 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-12 07:11 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-12 07:11 - 2014-01-07 08:03 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2014-02-12 07:11 - 2014-01-07 06:59 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2014-02-12 07:11 - 2013-12-20 11:10 - 01113040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-02-12 07:11 - 2013-12-20 07:13 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-02-12 07:11 - 2013-12-09 03:57 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-02-12 07:11 - 2013-12-09 02:51 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-02-12 07:10 - 2014-01-04 21:50 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-02-12 07:10 - 2014-01-04 20:22 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-02-12 07:10 - 2014-01-04 15:30 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-02-12 07:10 - 2014-01-04 15:23 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-02-12 07:10 - 2014-01-04 14:42 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-02-12 07:10 - 2014-01-04 14:40 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-02-12 07:10 - 2014-01-04 14:36 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-02-12 07:10 - 2014-01-04 14:28 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-02-12 07:10 - 2013-12-21 03:10 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-02-12 07:10 - 2013-12-21 03:10 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-02-12 07:09 - 2014-01-09 09:25 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-02-12 07:09 - 2014-01-09 08:59 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-02-12 07:09 - 2014-01-09 08:59 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-02-12 07:09 - 2014-01-09 08:49 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-02-12 07:09 - 2014-01-09 08:44 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-02-12 07:09 - 2014-01-09 08:43 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-02-12 07:09 - 2014-01-09 08:29 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-02-12 07:09 - 2014-01-09 08:28 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-02-12 07:09 - 2014-01-09 08:28 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-02-12 07:09 - 2014-01-09 08:18 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-02-11 09:17 - 2014-02-11 09:17 - 00000917 _____ () C:\Users\Oksana\Saved Games\Documents\Downloads - Verknüpfung.lnk
2014-02-09 09:46 - 2014-02-09 09:46 - 00024915 _____ () C:\Users\Oksana\Downloads\Buchhammer_Lebenslauf_20140207_Entwurf_JSodt.odt
2014-02-06 10:51 - 2014-02-06 22:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-02-05 08:38 - 2014-01-30 21:47 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-02-05 08:38 - 2014-01-30 21:47 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-02 12:27 - 2014-02-19 15:24 - 00003926 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1F1371BC-B0B2-41A3-AA6A-6A17A3E3F557}
2014-02-01 21:25 - 2014-02-01 21:25 - 00000890 _____ () C:\Users\Oksana\AppData\Local\recently-used.xbel
2014-02-01 21:07 - 2014-02-01 21:07 - 00001169 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-01 20:33 - 2014-02-01 20:41 - 00000000 ____D () C:\Users\Oksana\AppData\Local\Thunderbird
2014-02-01 20:33 - 2014-02-01 20:33 - 00002114 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2014-02-01 20:33 - 2014-02-01 20:33 - 00000000 ____D () C:\Users\Oksana\AppData\Roaming\Thunderbird
2014-02-01 20:31 - 2014-02-01 20:31 - 21978136 _____ (Mozilla) C:\Users\Oksana\Downloads\Thunderbird_Setup_24.1.1.exe
2014-01-27 20:49 - 2014-01-27 20:49 - 23867560 _____ (Mozilla) C:\Users\Oksana\Desktop\Firefox_Setup_26.0.exe
2014-01-22 08:52 - 2014-01-22 08:52 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2014-01-22 08:52 - 2014-01-22 08:52 - 00108800 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys
2014-01-21 21:35 - 2014-01-21 21:35 - 00001116 _____ () C:\Users\Oksana\Desktop\FreeCommander XE.lnk
2014-01-21 21:35 - 2014-01-21 21:35 - 00000000 ____D () C:\Users\Oksana\AppData\Local\FreeCommanderXE
2014-01-21 21:35 - 2014-01-21 21:35 - 00000000 ____D () C:\Program Files (x86)\FreeCommander XE
2014-01-21 21:33 - 2014-01-21 21:34 - 11854729 _____ () C:\Users\Oksana\Downloads\FreeCommanderXE_HelpDe_setup.zip
2014-01-21 21:02 - 2014-01-21 21:42 - 00000000 ____D () C:\Users\Oksana\Chormappe
2014-01-21 21:01 - 2014-01-21 21:01 - 00367082 _____ () C:\Users\Oksana\Downloads\Chormappe.zip
2014-01-20 23:07 - 2014-01-20 23:09 - 250636796 _____ () C:\Users\Oksana\Downloads\[VipFile.co]N.A_Bozhiya_zashita.rar
==================== One Month Modified Files and Folders =======
2014-02-19 15:58 - 2014-02-19 11:31 - 00000000 ____D () C:\FRST
2014-02-19 15:52 - 2014-02-19 15:52 - 00001624 _____ () C:\Users\Oksana\Desktop\JRT.txt
2014-02-19 15:52 - 2013-01-17 11:20 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-174320049-3726716400-672341874-1002
2014-02-19 15:44 - 2013-02-13 15:05 - 00001124 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-19 15:42 - 2014-02-19 15:45 - 01037530 _____ (Thisisu) C:\Users\Oksana\Desktop\JRT.exe
2014-02-19 15:42 - 2013-01-17 18:15 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-02-19 15:39 - 2013-02-13 15:05 - 00001120 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-19 15:38 - 2013-06-07 08:40 - 00000390 _____ () C:\WINDOWS\Tasks\Tube Karaoke Update.job
2014-02-19 15:37 - 2013-04-01 17:09 - 00000436 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.ics
2014-02-19 15:36 - 2014-02-19 15:20 - 00000000 ____D () C:\AdwCleaner
2014-02-19 15:36 - 2013-10-30 00:03 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-19 15:36 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-02-19 15:36 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-02-19 15:35 - 2013-09-30 05:14 - 01780340 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-02-19 15:35 - 2013-09-30 04:56 - 00766620 _____ () C:\WINDOWS\system32\perfh007.dat
2014-02-19 15:35 - 2013-09-30 04:56 - 00159902 _____ () C:\WINDOWS\system32\perfc007.dat
2014-02-19 15:24 - 2014-02-02 12:27 - 00003926 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1F1371BC-B0B2-41A3-AA6A-6A17A3E3F557}
2014-02-19 15:19 - 2013-10-30 00:20 - 01937498 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-19 15:16 - 2014-02-19 15:16 - 01241834 _____ () C:\Users\Oksana\Desktop\adwcleaner.exe
2014-02-19 15:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-02-19 12:13 - 2013-06-10 16:49 - 00466944 ___SH () C:\Users\Oksana\Desktop\Thumbs.db
2014-02-19 11:56 - 2014-02-19 11:56 - 00240722 _____ () C:\Users\Oksana\Saved Games\Documents\Umfrage_1.odt
2014-02-19 08:00 - 2013-09-29 20:04 - 00008318 _____ () C:\WINDOWS\PFRO.log
2014-02-18 09:39 - 2013-02-13 15:05 - 00004096 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-18 09:39 - 2013-02-13 15:05 - 00003860 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-18 09:23 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-02-17 21:50 - 2013-12-22 20:09 - 00000000 ____D () C:\Program Files (x86)\THQ
2014-02-17 21:48 - 2014-02-17 21:48 - 00003276 _____ () C:\WINDOWS\System32\Tasks\{80545FAC-E919-4107-9840-DB79C54DBD1E}
2014-02-17 21:47 - 2013-05-16 10:58 - 00000000 ____D () C:\Program Files (x86)\Free mp3 Wma Converter
2014-02-17 21:40 - 2013-01-27 21:05 - 00000000 ____D () C:\Users\Oksana\AppData\Roaming\vlc
2014-02-17 21:38 - 2014-02-17 21:38 - 00001564 _____ () C:\Users\Public\Desktop\Free Video to MP3 Converter.lnk
2014-02-17 21:38 - 2014-02-17 21:38 - 00001271 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-02-17 21:38 - 2014-02-17 21:37 - 00000000 ____D () C:\Users\Oksana\AppData\Roaming\DVDVideoSoft
2014-02-17 21:38 - 2014-02-17 21:37 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-02-17 21:36 - 2014-02-17 21:35 - 33000776 _____ (DVDVideoSoft Ltd. ) C:\Users\Oksana\Downloads\FreeVideoToMP3Converter5.0.32.1230.exe
2014-02-17 20:53 - 2013-04-21 11:03 - 00001086 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-02-17 19:27 - 2013-08-22 15:46 - 00421879 _____ () C:\WINDOWS\setupact.log
2014-02-17 19:21 - 2014-02-17 19:20 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-02-17 19:18 - 2013-09-10 07:32 - 00000000 ____D () C:\Users\Oksana\Desktop\Bücher
2014-02-17 11:49 - 2014-02-17 11:49 - 00744315 _____ () C:\Users\Oksana\Desktop\Umfrage_Exirius.odt
2014-02-17 09:45 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-02-16 15:25 - 2013-01-17 11:14 - 00000000 ___RD () C:\Users\Oksana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-16 15:25 - 2013-01-17 11:14 - 00000000 ___RD () C:\Users\Oksana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-16 15:24 - 2013-08-22 15:44 - 00419712 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-02-16 15:23 - 2013-01-17 11:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-16 15:22 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-02-16 15:22 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-02-16 15:22 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-02-16 11:39 - 2013-07-28 08:49 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-02-16 11:36 - 2012-11-14 07:51 - 88567024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-02-16 11:07 - 2014-02-16 11:07 - 00001114 _____ () C:\Users\Public\Desktop\TeamViewer 8.lnk
2014-02-16 09:00 - 2014-02-16 09:00 - 00001880 _____ () C:\Users\Oksana\Desktop\My Pictures And Sounds.exe - Verknüpfung.lnk
2014-02-16 08:52 - 2014-02-16 08:52 - 00000000 ____D () C:\Program Files (x86)\SAGEM
2014-02-16 08:50 - 2014-02-16 08:50 - 00551679 _____ (Sagem Communication) C:\Users\Oksana\Downloads\MPAS_7_15.exe
2014-02-16 07:58 - 2014-02-16 07:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-12 22:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-02-12 22:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-02-12 22:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-02-11 09:17 - 2014-02-11 09:17 - 00000917 _____ () C:\Users\Oksana\Saved Games\Documents\Downloads - Verknüpfung.lnk
2014-02-09 22:35 - 2013-03-20 10:32 - 00000000 ____D () C:\Users\Oksana\Saved Games\Documents\Laura
2014-02-09 09:53 - 2013-07-03 21:14 - 00046592 ___SH () C:\Users\Oksana\Downloads\Thumbs.db
2014-02-09 09:46 - 2014-02-09 09:46 - 00024915 _____ () C:\Users\Oksana\Downloads\Buchhammer_Lebenslauf_20140207_Entwurf_JSodt.odt
2014-02-07 17:04 - 2013-04-09 09:17 - 00000000 ____D () C:\Users\Oksana\Saved Games\Documents\Auto
2014-02-06 22:32 - 2014-02-06 10:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-02-06 13:16 - 2014-02-12 07:11 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-12 07:11 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-12 07:11 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-12 07:11 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-12 07:11 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-12 07:11 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-12 07:11 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-12 07:11 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-06 11:49 - 2014-02-12 07:11 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-12 07:11 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-12 07:11 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-12 07:11 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-12 07:11 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-12 07:11 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-12 07:11 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-06 11:11 - 2014-02-12 07:11 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-12 07:11 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-12 07:11 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-12 07:11 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-12 07:11 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-12 07:11 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-12 07:11 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-12 07:11 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-06 10:47 - 2014-02-12 07:11 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-12 07:11 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-12 07:11 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-12 07:11 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-12 07:11 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-06 10:22 - 2014-02-12 07:11 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-12 07:11 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-12 07:11 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-12 07:11 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-12 07:11 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-12 07:11 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-12 07:11 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-12 07:11 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-12 07:11 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-04 20:42 - 2013-01-17 18:15 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-02-02 16:35 - 2013-12-29 19:04 - 00000000 ____D () C:\Users\Oksana\Desktop\Silvester2013_14
2014-02-01 21:26 - 2013-10-25 09:58 - 00000000 ____D () C:\Users\Oksana\.gimp-2.8
2014-02-01 21:25 - 2014-02-01 21:25 - 00000890 _____ () C:\Users\Oksana\AppData\Local\recently-used.xbel
2014-02-01 21:25 - 2013-10-25 10:11 - 00000000 ____D () C:\Users\Oksana\AppData\Local\gtk-2.0
2014-02-01 21:07 - 2014-02-01 21:07 - 00001169 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-01 20:41 - 2014-02-01 20:33 - 00000000 ____D () C:\Users\Oksana\AppData\Local\Thunderbird
2014-02-01 20:33 - 2014-02-01 20:33 - 00002114 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2014-02-01 20:33 - 2014-02-01 20:33 - 00000000 ____D () C:\Users\Oksana\AppData\Roaming\Thunderbird
2014-02-01 20:31 - 2014-02-01 20:31 - 21978136 _____ (Mozilla) C:\Users\Oksana\Downloads\Thunderbird_Setup_24.1.1.exe
2014-01-30 21:47 - 2014-02-05 08:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-01-30 21:47 - 2014-02-05 08:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-29 19:57 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-01-27 22:51 - 2013-10-30 00:09 - 00000000 ____D () C:\Users\Oksana
2014-01-27 20:49 - 2014-01-27 20:49 - 23867560 _____ (Mozilla) C:\Users\Oksana\Desktop\Firefox_Setup_26.0.exe
2014-01-24 14:03 - 2013-10-25 12:56 - 00091960 _____ () C:\Users\Oksana\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-23 16:39 - 2013-01-21 15:08 - 00000000 ____D () C:\Users\Oksana\AppData\Local\Adobe
2014-01-22 08:52 - 2014-01-22 08:52 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2014-01-22 08:52 - 2014-01-22 08:52 - 00108800 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys
2014-01-21 21:42 - 2014-01-21 21:02 - 00000000 ____D () C:\Users\Oksana\Chormappe
2014-01-21 21:35 - 2014-01-21 21:35 - 00001116 _____ () C:\Users\Oksana\Desktop\FreeCommander XE.lnk
2014-01-21 21:35 - 2014-01-21 21:35 - 00000000 ____D () C:\Users\Oksana\AppData\Local\FreeCommanderXE
2014-01-21 21:35 - 2014-01-21 21:35 - 00000000 ____D () C:\Program Files (x86)\FreeCommander XE
2014-01-21 21:34 - 2014-01-21 21:33 - 11854729 _____ () C:\Users\Oksana\Downloads\FreeCommanderXE_HelpDe_setup.zip
2014-01-21 21:01 - 2014-01-21 21:01 - 00367082 _____ () C:\Users\Oksana\Downloads\Chormappe.zip
2014-01-20 23:09 - 2014-01-20 23:07 - 250636796 _____ () C:\Users\Oksana\Downloads\[VipFile.co]N.A_Bozhiya_zashita.rar
Some content of TEMP:
====================
C:\Users\Oksana\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Oksana\AppData\Local\Temp\Quarantine.exe
C:\Users\Oksana\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Oksana\AppData\Local\Temp\vlc-2.1.2-win32.exe
C:\Users\Oksana\AppData\Local\Temp\vlc-2.1.3-win32.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-19 08:11
==================== End Of Log ============================ --- --- --- |