Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   "Google Redirect Virus" - Wie wieder entfernen? (https://www.trojaner-board.de/103615-google-redirect-virus-entfernen.html)

Raccoon 22.09.2011 21:33
"Google Redirect Virus" - Wie wieder entfernen?
 
Hallo Leute,

ich bin neu hier und bin mir gerade nicht so ganz sicher, ob die Eröffnung dieses Threads hier so richtig ist... (Die ganzen vielen bunten Regeln und Tipps haben mich nun völlig irritiert... Deswegen dachte ich mir nach 20min durchlesen, ich reskiere es einfach mal!^^).

Also zu meinem Problem, welches ja auch öfters hier angesprochen wurde. Seit etwa einer Woche ist etwas mit meinem Google passiert. Hier die Symptome:

- Alle Seiten (z.B. auch Lesezeichen) funktionieren einwandfrei
- Google öffnet sich auch noch, ABER:
- Die aufgerufenen Seiten von Google aus brauchen jetzt länger (ca. 20 sek - früher sofort!)
- Manchmal gehen die Seiten auch gar nicht auf (es lädt auch nicht mehr)
- Oft werde ich nach dem Eingeben des Suchbegriffes und dem darauffolgenden Klicken auf diese Seite, auf eine ganz andere weitergeleitet (sehr viele verschiedene!)
- Bilder werde bei Google nun generell nicht mehr angezeigt
- Selten aber kann ich die Bilder doch sehen (wirklich ganz selten)
- Und manchmal habe ich auch das Gefühl, dass eventuell sogar doch andere Seiten etwas länger laden (z.B. Youtube-Videos). Kann aber auch nur Einbildung sein...
- Wenn ich AntiVir durchlaufen lasse, findet er keine Viren
- All diese Symptome zeigen sich auch bei IE (ich habe übrigens Firefox)

Ich habe auch schon mit der Telekom telefoniert und die haben meine Verbindung gecheckt - alles in Ordnung. es liegt also nicht an der Internetverbidung oder dem Browser...

Könnt ihr mir bitte helfen? Was soll ich machen? Etwa auch so ein "OTL"-Scan durchführen??

Bitte um eure erfahrene Hilfe :)

Gruß
Raccoon (Dennis)

cosinus 22.09.2011 21:35
Bitte nun routinemäßig einen Vollscan mit malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Raccoon 25.09.2011 13:35
So, hier dann mal den Vollscann von Malwarebytes:


Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Datenbank Version: 7782

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19120

23.09.2011 23:02:58
mbam-log-2011-09-23 (23-02-58).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 510972
Laufzeit: 1 Stunde(n), 45 Minute(n), 13 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 5
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CLASSES_ROOT\CLSID\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{3C2D2A1E-031F-4397-9614-87C932A848E0} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{04A38F6B-006F-4247-BA4C-02A139D5531C} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MiniBugTransporter.MiniBugTransporterX.1 (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MiniBugTransporter.MiniBugTransporterX (Adware.Minibug) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\REAL\WEATHERBUG\MINIBUGTRANSPORTER.DLL (Adware.Minibug) -> Value: MINIBUGTRANSPORTER.DLL -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\program files\common files\Real\weatherbug\minibugtransporter.dll (Adware.Minibug) -> Quarantined and deleted successfully.


Und hier der von Eset:


ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=e753b80c8134234293d95fe224027244
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-09-24 09:30:06
# local_time=2011-09-24 11:30:06 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1797 16775165 100 94 98813 53436594 101285 0
# compatibility_mode=5892 16776573 100 100 4469 154432466 0 0
# compatibility_mode=8192 67108863 100 0 109 109 0 0
# scanned=119
# found=0
# cleaned=0
# scan_time=68
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=e753b80c8134234293d95fe224027244
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-09-25 12:09:51
# local_time=2011-09-25 02:09:51 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1797 16775165 100 94 143705 53481486 146177 0
# compatibility_mode=5892 16776573 100 100 1062 154477358 0 0
# compatibility_mode=8192 67108863 100 0 45001 45001 0 0
# scanned=347759
# found=3
# cleaned=0
# scan_time=7961
C:\Program Files\GridinSoft Trojan Killer\trojankiller.exe a variant of Win32/1AntiVirus application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Dennis Minaev\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\2de1bacb-335aac92 Java/Agent.DO trojan (unable to clean) 00000000000000000000000000000000 I
C:\Windows\System32\mmcico32.dll a variant of Win32/Spy.Agent.NTN trojan (unable to clean) 00000000000000000000000000000000 I


Gruß
Dennis

cosinus 26.09.2011 10:58
CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

Raccoon 26.09.2011 17:58
Hier dann mal der OTL:
OTL Logfile:
Code:
OTL logfile created on: 26.09.2011 18:39:42 - Run 2
OTL by OldTimer - Version 3.2.29.1    Folder = C:\Users\Dennis Minaev\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19120)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 2,10 Gb Available Physical Memory | 64,78% Memory free
6,71 Gb Paging File | 5,42 Gb Available in Paging File | 80,76% Paging File free
Paging file location(s): ?:\pagefile.sys
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,75 Gb Total Space | 350,33 Gb Free Space | 75,22% Space Free | Partition Type: NTFS
Drive D: | 465,75 Gb Total Space | 22,48 Gb Free Space | 4,83% Space Free | Partition Type: NTFS
 
Computer Name: VISTA | User Name: Dennis Minaev | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - C:\Users\Dennis Minaev\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Steam\steam.exe (Valve Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Iminent\IMBooster\IMBooster.exe (Iminent)
PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe (DivX, LLC)
PRC - C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Program Files\Winamp\winampa.exe ()
PRC - C:\Program Files\QIP\qip.exe (The Author of QIP)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Windows\SDDetect.exe ()
PRC - C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
PRC - C:\Program Files\Microsoft Office\Office\FINDFAST.EXE (Microsoft Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files\Steam\bin\libcef.dll ()
MOD - C:\Program Files\Steam\bin\avcodec-52.dll ()
MOD - C:\Program Files\Steam\bin\chromehtml.dll ()
MOD - C:\Program Files\Steam\bin\avformat-52.dll ()
MOD - C:\Program Files\Steam\bin\avutil-50.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\5534465ace7f8b214a31a34f56280602\System.Web.Services.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5aa9131000876de66160ff713b543d99\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c50d9d540acecdef29c31201e203a331\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\d8d83838f9840bde901df516ba3de588\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\4c3cda96b8f12220da20f2f8d1b9439c\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29c6ef7f07d89496c72a1bbf718aed5d\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b9ea0d414c4861120bfb7365d8ec0939\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\f6deb187f24bb3185841092b89fbfdbb\mscorlib.ni.dll ()
MOD - C:\Program Files\Iminent\IMBooster\de\Iminent.Booster.UI.resources.dll ()
MOD - C:\Program Files\Iminent\IMBooster\Iminent.Windows.dll ()
MOD - C:\Program Files\Iminent\IMBooster\Iminent.Workflow.dll ()
MOD - C:\Program Files\Iminent\IMBooster\Iminent.Services.dll ()
MOD - C:\Program Files\Iminent\IMBooster\Iminent.Business.TinyUrl.dll ()
MOD - C:\Program Files\Iminent\IMBooster\Iminent.Booster.UI.dll ()
MOD - C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Program Files\Veoh Networks\VeohWebPlayer\imageformats\qjpeg4.dll ()
MOD - C:\Program Files\Veoh Networks\VeohWebPlayer\QtGui4.dll ()
MOD - C:\Program Files\Veoh Networks\VeohWebPlayer\QtCore4.dll ()
MOD - C:\Program Files\Veoh Networks\VeohWebPlayer\QtNetwork4.dll ()
MOD - C:\Program Files\Winamp\winampa.exe ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Program Files\WinRAR\rarext.dll ()
MOD - C:\Windows\Microp.dll ()
MOD - C:\Windows\SDDetect.exe ()
MOD - C:\Program Files\QIP\Plugins\docking.dll ()
MOD - C:\Windows\VFDAPI.dll ()
MOD - C:\Program Files\Hercules\WebCam Station\PhotoImpression\share\pihook.dll ()
MOD - C:\Program Files\Microsoft Office\Office\MSO97.DLL ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (UPnPService) --  File not found
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (WMZuneComm) -- C:\Program Files\Zune\WMZuneComm.exe (Microsoft Corporation)
SRV - (ZuneWlanCfgSvc) -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe (Microsoft Corporation)
SRV - (ZuneNetworkSvc) -- C:\Program Files\Zune\ZuneNss.exe (Microsoft Corporation)
SRV - (ICQ Service) -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe ()
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (CCALib8) -- C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (taphss) -- C:\Windows\System32\drivers\taphss.sys (AnchorFree Inc)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (winusb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (KMWDFILTER) -- C:\Windows\System32\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (ahcix86s) -- C:\Windows\system32\drivers\ahcix86s.sys (AMD Technologies Inc.)
DRV - (RxFilter) -- C:\Windows\System32\drivers\RxFilter.sys (Sonic Solutions)
DRV - (nvrd32) -- C:\Windows\system32\drivers\nvrd32.sys (NVIDIA Corporation)
DRV - (nvstor32) -- C:\Windows\system32\drivers\nvstor32.sys (NVIDIA Corporation)
DRV - (JRAID) -- C:\Windows\system32\drivers\jraid.sys (JMicron Technology Corp.)
DRV - (ovt530) -- C:\Windows\System32\drivers\ov530vid.sys (OmniVision Technologies, Inc.)
DRV - (ElbyDelay) -- C:\Windows\System32\drivers\ElbyDelay.sys (Elaborate Bytes)
DRV - (Sentinel) -- C:\Windows\System32\Drivers\SENTINEL.SYS ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\URLSearchHook: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSof1.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKLM\..\URLSearchHook: {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHot1.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://qip.ru
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.qip.ru
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.bearshare.com/sidebar.html?src=ssb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.qip.ru
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.iminent.com/?appId=6138b270-6754-4d97-8530-48d2aee93634&ref=homepage
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE,en-US;q=0.7,ru-RU;q=0.3
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CA 07 A9 EB 5B CB C9 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.qip.ru/ie
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\URLSearchHook: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSof1.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKCU\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - No CLSID value found
IE - HKCU\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Dennis Minaev\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKCU\..\URLSearchHook: {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHot1.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "SearchTheWeb"
FF - prefs.js..browser.search.defaultthis.engineName: "Hotspot Shield Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1561552&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "google.de"
FF - prefs.js..extensions.enabledItems: foxmarks@kei.com:3.9.5
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.12.1
FF - prefs.js..extensions.enabledItems: {32a1fd71-835e-4b11-8e54-886fda0b4c89}:1.1
FF - prefs.js..extensions.enabledItems: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}:3.3.2.1
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.2.1
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.2
FF - prefs.js..extensions.enabledItems: web@veoh.com:1.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.2.1
FF - prefs.js..keyword.URL: "hxxp://search.babylon.com/?babsrc=toolbar2&q="
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2303: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2361: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1465: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veoh.com/VeohTVPlugin: C:\Program Files\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll (Veoh Networks )
FF - HKLM\Software\MozillaPlugins\@veoh.com/VeohWebPlayer: C:\Program Files\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll (Veoh)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player:  File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2010.12.20 16:24:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2010.12.20 16:24:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.09.08 20:03:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.08.23 18:16:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\web@veoh.com: C:\Program Files\Veoh Networks\VeohWebPlayer\FFVideoFinder [2009.10.14 21:43:38 | 000,000,000 | ---D | M]
 
[2008.11.27 12:10:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Extensions
[2011.08.19 17:27:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions
[2011.03.03 19:24:53 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2011.03.03 19:24:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.08.08 16:52:24 | 000,000,000 | ---D | M] (QipAuthorizer) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
[2011.08.01 13:33:33 | 000,000,000 | ---D | M] (Softonic-Eng7 Community Toolbar) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}
[2011.08.01 13:33:35 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011.08.19 17:27:35 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.08.15 17:26:47 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.08.13 12:39:16 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.08.15 17:26:49 | 000,000,000 | ---D | M] (Hotspot Shield Community Toolbar) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}
[2011.06.07 20:12:27 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
[2009.05.16 18:25:14 | 000,000,000 | ---D | M] ("Ask Toolbar for Firefox") -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2011.05.26 21:51:38 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\engine@conduit.com
[2011.08.18 15:55:26 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\ffxtlbr@babylon.com
[2009.11.04 21:54:25 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\moveplayer@movenetworks.com
[2010.01.27 14:09:59 | 000,002,171 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\bing.xml
[2011.03.21 16:46:44 | 000,000,931 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\conduit.xml
[2011.09.22 16:15:12 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-1.xml
[2009.08.04 20:19:46 | 000,000,961 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-10.xml
[2009.09.15 20:28:57 | 000,000,961 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-11.xml
[2009.11.01 15:56:31 | 000,000,961 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-12.xml
[2009.12.19 15:14:24 | 000,000,961 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-13.xml
[2010.01.10 17:15:12 | 000,000,961 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-14.xml
[2010.01.31 21:54:09 | 000,000,961 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-15.xml
[2010.03.21 12:15:03 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-16.xml
[2010.03.24 17:38:42 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-17.xml
[2010.03.29 22:46:13 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-18.xml
[2010.06.27 13:07:42 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-19.xml
[2008.12.19 18:42:00 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-2.xml
[2010.07.03 21:18:26 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-20.xml
[2010.07.22 21:29:43 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-21.xml
[2010.07.25 15:15:53 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-22.xml
[2010.08.08 16:58:57 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-23.xml
[2010.10.06 19:47:08 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-24.xml
[2011.01.06 18:36:51 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-25.xml
[2011.02.07 15:05:30 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-26.xml
[2011.03.02 15:22:05 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-27.xml
[2011.03.03 19:25:41 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-28.xml
[2011.03.07 14:35:07 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-29.xml
[2009.02.04 21:19:55 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-3.xml
[2011.03.22 20:51:11 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-30.xml
[2011.05.05 21:16:44 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-31.xml
[2011.05.05 22:18:13 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-32.xml
[2011.07.04 19:48:19 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-33.xml
[2011.08.15 18:06:46 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-34.xml
[2011.09.04 19:39:39 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-35.xml
[2011.09.08 20:03:23 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-36.xml
[2009.03.06 17:29:43 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-4.xml
[2009.03.29 15:00:03 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-5.xml
[2009.04.25 12:56:57 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-6.xml
[2009.04.28 16:07:05 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-7.xml
[2009.06.14 18:17:50 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-8.xml
[2009.07.22 12:24:54 | 000,000,961 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-9.xml
[2011.08.18 21:40:40 | 000,000,168 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin.gif
[2011.08.18 21:40:40 | 000,000,618 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin.src
[2010.05.12 18:40:06 | 000,001,042 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin.xml
[2010.08.08 21:19:54 | 000,002,062 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\qip-search.xml
[2011.09.19 17:19:43 | 000,002,230 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\SearchTheWeb.xml
[2009.05.18 16:26:49 | 000,001,196 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\winamp-search.xml
[2011.08.15 18:06:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2010.11.07 16:27:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.02.03 22:48:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.04.06 18:22:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.06.22 19:17:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011.06.07 20:12:15 | 000,000,000 | ---D | M] (Iminent WebBooster) -- C:\Program Files\mozilla firefox\extensions\webbooster@iminent.com
() (No name found) -- C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\EXTENSIONS\PERSONAS@CHRISTOPHER.BEARD.XPI
[2011.09.08 20:03:09 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.05.04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.09.04 19:39:27 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.05.05 21:53:04 | 000,002,226 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011.09.04 19:39:27 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.09.04 19:39:27 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.09.04 19:39:27 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.07.10 02:21:02 | 000,002,157 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchTheWeb.xml
[2011.09.04 19:39:27 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.09.04 19:39:27 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google ()
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\8.0.552.224\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files\Google\Chrome\Application\8.0.552.224\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\8.0.552.224\gcswf32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: DivX OVS Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: VeohTV Plugin (Enabled) = C:\Program Files\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll
CHR - plugin: Veoh Web Player Beta (Enabled) = C:\Program Files\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.51204.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: DivX HiQ = C:\Users\Dennis Minaev\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.0.900_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Dennis Minaev\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.0.900_0\
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1            localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.5\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Softonic-Eng7 Toolbar) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSof1.dll (Conduit Ltd.)
O2 - BHO: (TBSB01620 Class) - {58124A0B-DC32-4180-9BFF-E0E21AE34026} - C:\Program Files\IMinent Toolbar\tbcore3.dll ()
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (no name) - {95289393-33EA-4F8D-B952-483415B9C955} - No CLSID value found.
O2 - BHO: (IMinent WebBooster (BHO)) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files\Iminent\IMBooster4Web\Iminent.WebBooster.dll (Iminent)
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Dennis Minaev\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (Hotspot Shield Toolbar) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHot1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll (Veoh Networks Inc)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Softonic-Eng7 Toolbar) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSof1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Veoh Video Compass) - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Program Files\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll (Veoh Networks)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files\IMinent Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.5\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (Hotspot Shield Toolbar) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHot1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Softonic-Eng7 Toolbar) - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - C:\Program Files\Softonic-Eng7\tbSof1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files\IMinent Toolbar\tbcore3.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Hotspot Shield Toolbar) - {C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - C:\Program Files\Hotspot_Shield\tbHot1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BabylonToolbar] C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.5\BabylonToolbarsrv.exe (Babylon Ltd.)
O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IMBooster] C:\Program Files\Iminent\IMBooster\imbooster.exe (Iminent)
O4 - HKLM..\Run: [Iminent.Notifier] C:\Program Files\Iminent\SearchTheWeb\Iminent.Notifier.exe (Iminent)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Windows\System32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [VFD_DISPLAY] C:\Windows\SDDetect.exe ()
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKCU..\Run: [EPSON Stylus DX5000 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIBVE.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [QIP2005] C:\Program Files\QIP\qip.exe (The Author of QIP)
O4 - HKCU..\Run: [Steam] c:\program files\steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [VeohPlugin] C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks)
O4 - HKCU..\RunOnce: [.IMinentUpdate] C:\Users\DENNIS~1\AppData\Local\Temp\NotifierSetup.exe File not found
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Dennis Minaev\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Dennis Minaev\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html File not found
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9C8D4F44-9D7E-4DA8-B2D6-415707E73AFD}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Dennis Minaev\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Dennis Minaev\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Windows Media Player 5.2
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 11.0.3
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 11.0.3
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: SENTINEL - C:\Windows\System32\SNTI386.DLL ()
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.IV41 - C:\Windows\System32\ir41_32.dll (Intel Corporation)
Drivers32: VIDC.MKVC - C:\Windows\System32\KMVIDC32.DLL ()
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.09.26 17:13:02 | 000,000,000 | ---D | C] -- C:\Users\Dennis Minaev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
[2011.09.24 23:27:09 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011.09.24 23:26:35 | 002,322,184 | ---- | C] (ESET) -- C:\Users\Dennis Minaev\Desktop\esetsmartinstaller_enu.exe
[2011.09.24 22:36:38 | 000,000,000 | ---D | C] -- C:\Users\Dennis Minaev\Desktop\Subway to Sally
[2011.09.24 22:36:19 | 000,000,000 | ---D | C] -- C:\Users\Dennis Minaev\Desktop\Rock
[2011.09.23 23:15:20 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.09.23 21:01:02 | 000,000,000 | ---D | C] -- C:\Users\Dennis Minaev\AppData\Roaming\Malwarebytes
[2011.09.23 21:00:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.09.23 21:00:53 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.09.23 21:00:52 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.09.23 21:00:15 | 009,852,544 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Dennis Minaev\Desktop\mbam-setup-1.51.2.1300.exe
[2011.09.23 20:28:52 | 000,000,000 | ---D | C] -- C:\Users\Dennis Minaev\Documents\MAGIX_MusicEditor
[2011.09.23 20:27:26 | 000,000,000 | ---D | C] -- C:\Program Files\MAGIX
[2011.09.23 20:27:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MAGIX Services
[2011.09.20 22:16:35 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Users\Dennis Minaev\Desktop\OTL.exe
[2011.09.20 18:49:25 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.09.26 17:54:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.09.26 17:44:08 | 000,643,810 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.09.26 17:44:08 | 000,608,708 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.09.26 17:44:08 | 000,133,548 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.09.26 17:44:08 | 000,109,842 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.09.26 17:13:08 | 000,035,655 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011.09.26 17:13:08 | 000,035,655 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011.09.26 17:13:00 | 000,005,008 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.09.26 17:13:00 | 000,005,008 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.09.26 17:13:00 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.09.26 17:12:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.09.25 20:37:05 | 000,195,072 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.09.24 23:26:37 | 002,322,184 | ---- | M] (ESET) -- C:\Users\Dennis Minaev\Desktop\esetsmartinstaller_enu.exe
[2011.09.23 21:00:57 | 000,000,912 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.09.23 21:00:23 | 009,852,544 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Dennis Minaev\Desktop\mbam-setup-1.51.2.1300.exe
[2011.09.21 17:15:28 | 000,519,288 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.09.20 22:16:37 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Dennis Minaev\Desktop\OTL.exe
[2011.09.20 18:49:26 | 000,000,810 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.09.17 23:55:42 | 000,001,356 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Local\d3d9caps.dat
[2011.09.10 19:51:41 | 000,001,197 | ---- | M] () -- C:\Users\Dennis Minaev\Desktop\YouTube Converter.lnk
[2011.08.31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.09.23 21:00:57 | 000,000,912 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.09.21 17:15:01 | 000,519,288 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.09.20 18:49:26 | 000,000,810 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.09.10 19:51:41 | 000,001,197 | ---- | C] () -- C:\Users\Dennis Minaev\Desktop\YouTube Converter.lnk
[2011.03.20 14:51:49 | 000,028,672 | ---- | C] () -- C:\Windows\System32\mmcico32.dll
[2011.02.10 19:40:44 | 000,606,208 | ---- | C] () -- C:\Windows\System32\pngd3l32.dll
[2010.11.22 21:58:25 | 000,036,352 | ---- | C] () -- C:\Windows\System32\sxgunins.dll
[2010.11.22 21:58:22 | 000,028,672 | ---- | C] () -- C:\Windows\Oiduts.dll
[2010.11.22 21:58:22 | 000,000,227 | ---- | C] () -- C:\Windows\sxg07.ini
[2010.05.10 19:14:34 | 000,044,953 | ---- | C] () -- C:\Windows\War3Unin.dat
[2010.04.18 19:49:50 | 000,000,116 | ---- | C] () -- C:\Windows\System32\applet.ini
[2010.03.13 12:34:47 | 000,047,104 | ---- | C] () -- C:\Windows\System32\KMVIDC32.DLL
[2010.01.06 22:12:07 | 000,000,101 | ---- | C] () -- C:\Users\Dennis Minaev\AppData\Local\fusioncache.dat
[2009.12.12 01:24:51 | 000,035,655 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.12.11 21:43:14 | 000,035,655 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009.08.12 12:08:31 | 000,000,022 | ---- | C] () -- C:\Windows\exchng.ini
[2009.08.08 01:24:38 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.08.08 01:24:38 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.06.03 18:58:01 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2009.06.03 18:58:00 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2009.06.03 18:58:00 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2009.06.03 18:43:06 | 000,036,105 | ---- | C] () -- C:\Windows\DIIUnin.dat
[2009.05.12 19:01:21 | 000,000,179 | ---- | C] () -- C:\Windows\dievölkergold.ini
[2009.04.18 13:50:18 | 000,001,013 | ---- | C] () -- C:\Windows\eReg.dat
[2008.11.28 14:53:34 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2008.11.27 11:54:59 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008.11.27 00:58:31 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.11.26 23:36:16 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2008.11.26 23:36:16 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2008.11.26 23:36:16 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2008.11.26 23:36:16 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2008.11.26 23:36:16 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2008.11.26 23:36:16 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2008.11.26 23:36:16 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2008.11.26 23:36:16 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2008.11.26 23:36:16 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2008.11.26 23:36:16 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2008.11.26 23:36:16 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2008.11.26 23:36:16 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2008.11.26 23:36:16 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2008.11.26 23:36:16 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2008.11.26 23:36:16 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2008.11.26 23:36:16 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2008.11.26 23:36:16 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2008.11.26 23:36:16 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2008.11.26 23:36:16 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2008.11.26 23:34:02 | 000,000,025 | ---- | C] () -- C:\Windows\CDE DX5000EFDG.ini
[2008.11.24 20:06:33 | 000,000,000 | ---- | C] () -- C:\Windows\PROTOCOL.INI
[2008.11.24 18:27:30 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2008.11.24 18:27:30 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2008.11.24 18:27:30 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2008.11.24 18:27:30 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2008.11.24 18:27:30 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2008.11.24 18:27:30 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2008.11.20 23:11:03 | 000,064,512 | ---- | C] () -- C:\Windows\System32\drivers\SENTINEL.SYS
[2008.11.20 23:11:03 | 000,038,400 | ---- | C] () -- C:\Windows\System32\SNTI386.DLL
[2008.11.20 23:11:03 | 000,016,896 | ---- | C] () -- C:\Windows\System32\RNBOVDD.DLL
[2008.11.20 23:11:02 | 000,000,000 | ---- | C] () -- C:\Windows\MTSTACK.INI
[2008.11.20 22:00:19 | 000,024,227 | ---- | C] () -- C:\Users\Dennis Minaev\AppData\Roaming\UserTile.png
[2008.11.20 21:39:26 | 000,000,634 | ---- | C] () -- C:\Windows\ODBC.INI
[2008.11.20 21:39:25 | 000,001,111 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2008.11.20 03:07:10 | 000,000,025 | ---- | C] () -- C:\Windows\cdplayer.ini
[2008.11.20 00:26:31 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2008.11.20 00:26:30 | 000,006,768 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2008.11.19 23:47:26 | 000,000,060 | ---- | C] () -- C:\Windows\REGKEYCR.INI
[2008.11.19 22:35:05 | 000,001,444 | ---- | C] () -- C:\Windows\photoimpression.ini
[2008.11.19 22:34:37 | 000,000,021 | ---- | C] () -- C:\Windows\PI_setup.ini
[2008.11.19 09:07:25 | 000,643,810 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.11.19 09:07:25 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.11.19 09:07:25 | 000,133,548 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.11.19 09:07:25 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008.11.19 00:51:51 | 000,770,048 | ---- | C] () -- C:\Windows\Microp.dll
[2008.11.19 00:51:51 | 000,225,280 | ---- | C] () -- C:\Windows\SDDetect.exe
[2008.11.19 00:51:51 | 000,131,072 | ---- | C] () -- C:\Windows\VFDAPI.dll
[2008.11.19 00:51:51 | 000,045,056 | ---- | C] () -- C:\Windows\RcKey.dll
[2008.11.19 00:41:54 | 000,004,984 | R--- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2008.11.19 00:28:15 | 000,195,072 | ---- | C] () -- C:\Users\Dennis Minaev\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.11.19 00:19:23 | 000,001,356 | ---- | C] () -- C:\Users\Dennis Minaev\AppData\Local\d3d9caps.dat
[2007.08.16 16:17:50 | 000,143,360 | ---- | C] () -- C:\Windows\System32\nsldap32v50.dll
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,608,708 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,109,842 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005.12.21 17:57:04 | 000,024,576 | ---- | C] () -- C:\Windows\System32\nsldappr32v50.dll
[2005.12.21 17:54:34 | 000,040,960 | ---- | C] () -- C:\Windows\System32\nsldapssl32v50.dll
[2005.07.15 20:35:56 | 000,831,488 | ---- | C] () -- C:\Windows\System32\libeay32.dll
[2005.07.15 20:35:56 | 000,159,744 | ---- | C] () -- C:\Windows\System32\ssleay32.dll
[1997.11.17 18:13:16 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
[1997.09.04 01:00:00 | 000,022,016 | ---- | C] () -- C:\Windows\System32\DOCOBJ.DLL
[1997.09.04 01:00:00 | 000,012,288 | ---- | C] () -- C:\Windows\System32\VADE232.DLL
[1997.09.04 01:00:00 | 000,012,288 | ---- | C] () -- C:\Windows\System32\HLINKPRX.DLL
[1997.09.04 00:00:00 | 000,049,152 | ---- | C] () -- C:\Windows\System32\WRKGADM.EXE
[1997.09.04 00:00:00 | 000,031,232 | ---- | C] () -- C:\Windows\System32\XLREC.DLL
[1997.09.04 00:00:00 | 000,025,600 | ---- | C] () -- C:\Windows\System32\RECNCL.DLL
[1997.09.04 00:00:00 | 000,022,016 | ---- | C] () -- C:\Windows\System32\ODBCSTF.DLL
 
========== LOP Check ==========
 
[2010.05.14 19:03:17 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\AltrixSoft
[2010.05.14 19:10:38 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\CheeseSoft
[2008.11.20 12:47:21 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\CoreCodec
[2008.11.19 02:00:24 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\DisplayTune
[2011.09.10 19:52:07 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\DVDVideoSoft
[2011.08.10 11:47:43 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\DVDVideoSoftIEHelpers
[2009.04.24 15:44:16 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\EPSON
[2011.05.22 17:27:14 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\GetRightToGo
[2011.09.02 17:54:31 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\ICQ
[2008.11.20 02:09:17 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\InterTrust
[2008.11.24 18:31:19 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\InterVideo
[2009.08.16 17:11:45 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Leadertech
[2010.12.20 16:24:05 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Local
[2011.09.23 20:28:58 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\MAGIX
[2008.11.20 00:36:22 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\MAGIX Fotobuch
[2008.11.20 22:00:19 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\PeerNetworking
[2008.12.11 23:10:20 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\QIP
[2008.11.20 01:51:38 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Serif
[2010.05.10 17:33:26 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Tific
[2010.01.19 23:09:31 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Windows Live Writer
[2009.12.18 12:54:18 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Zylom
[2011.09.25 22:58:34 | 000,032,510 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2010.01.24 13:37:36 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Adobe
[2008.12.13 16:47:37 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Ahead
[2010.05.14 19:03:17 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\AltrixSoft
[2008.11.20 02:13:38 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\ArcSoft
[2010.10.18 17:35:15 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Avira
[2010.05.14 19:10:38 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\CheeseSoft
[2008.11.20 12:47:21 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\CoreCodec
[2009.08.12 11:05:39 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\CorelHomeOffice
[2008.11.22 20:14:20 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\CyberLink
[2008.11.19 02:00:24 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\DisplayTune
[2010.11.14 18:11:15 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\DivX
[2010.07.24 00:35:23 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\dvdcss
[2011.09.10 19:52:07 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\DVDVideoSoft
[2011.08.10 11:47:43 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\DVDVideoSoftIEHelpers
[2009.04.24 15:44:16 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\EPSON
[2011.05.22 17:27:14 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\GetRightToGo
[2008.11.20 03:10:58 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Google
[2011.08.09 16:13:56 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Hamachi
[2011.09.02 17:54:31 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\ICQ
[2009.12.18 12:54:18 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Identities
[2008.11.26 23:36:15 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\InstallShield
[2008.11.20 02:09:17 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\InterTrust
[2008.11.24 18:31:19 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\InterVideo
[2009.08.16 17:11:45 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Leadertech
[2010.12.20 16:24:05 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Local
[2008.11.20 03:10:48 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Macromedia
[2011.09.23 20:28:58 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\MAGIX
[2008.11.20 00:36:22 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\MAGIX Fotobuch
[2011.09.23 21:01:02 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Malwarebytes
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Media Center Programs
[2011.06.07 20:12:20 | 000,000,000 | --SD | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Microsoft
[2008.11.27 12:10:04 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla
[2008.11.20 22:00:19 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\PeerNetworking
[2008.12.11 23:10:20 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\QIP
[2008.11.20 03:07:10 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Real
[2009.08.08 03:56:58 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Roxio
[2009.01.10 13:08:31 | 000,000,000 | RH-D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\SecuROM
[2008.11.20 01:51:38 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Serif
[2010.05.10 17:33:26 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Tific
[2011.09.03 16:24:13 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\vlc
[2011.09.25 19:10:46 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Winamp
[2010.01.19 23:09:31 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Windows Live Writer
[2009.10.24 15:53:42 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\WinRAR
[2009.12.18 12:54:18 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Zylom
 
< %APPDATA%\*.exe /s >
[2007.01.01 18:01:25 | 000,009,728 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\MAGIX Fotobuch\xtras\localVista.exe
[2007.01.08 10:34:46 | 000,006,656 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\MAGIX Fotobuch\xtras\localXP.exe
[2006.12.21 13:16:20 | 000,021,504 | ---- | M] (Optimum X) -- C:\Users\Dennis Minaev\AppData\Roaming\MAGIX Fotobuch\xtras\shellExecute.exe
[2006.12.21 13:16:15 | 000,009,216 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\MAGIX Fotobuch\xtras\sleep.exe
[2010.03.05 17:49:50 | 000,197,632 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\chrome\content\id_imbooster4web_v6\TbHelper2.exe
[2010.03.12 18:45:00 | 000,042,496 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\chrome\content\id_imbooster4web_v6\uninstall.exe
[2010.03.12 18:45:00 | 000,056,832 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\chrome\content\id_imbooster4web_v6\update.exe
[2010.03.19 13:04:44 | 000,152,664 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\components\setup_widget_serv.exe
 
< %SYSTEMDRIVE%\*.exe >
 
 
< MD5 for: AGP440.SYS  >
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
< MD5 for: AHCIX86S.SYS  >
[2007.12.19 19:45:00 | 000,170,000 | ---- | M] (AMD Technologies Inc.) MD5=0DEE2B628D4C6E23285BB91EFFDABFDE -- C:\Windows\System32\drivers\ahcix86s.sys
[2007.12.19 19:45:00 | 000,170,000 | ---- | M] (AMD Technologies Inc.) MD5=0DEE2B628D4C6E23285BB91EFFDABFDE -- C:\Windows\System32\DriverStore\FileRepository\ahcix86s.inf_71554ba4\ahcix86s.sys
 
< MD5 for: ATAPI.SYS  >
[2008.04.23 12:43:22 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_4c9c5a00\atapi.sys
[2008.04.23 12:43:22 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18034_none_dd1bb97e219e87cb\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.04.23 12:43:22 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=96DC4E1A9F90CCD489950A8935425C59 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22134_none_dda556493abc2795\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: IASTORV.SYS  >
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
< MD5 for: NVSTOR32.SYS  >
[2007.10.31 12:23:00 | 000,115,744 | ---- | M] (NVIDIA Corporation) MD5=9D2BD672C0461185D6EA1AE8BD3AE3F4 -- C:\Windows\System32\drivers\nvstor32.sys
[2007.10.31 12:23:00 | 000,115,744 | ---- | M] (NVIDIA Corporation) MD5=9D2BD672C0461185D6EA1AE8BD3AE3F4 -- C:\Windows\System32\DriverStore\FileRepository\nvrd32.inf_04bc6797\nvstor32.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
< MD5 for: USER32.DLL  >
[2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
<          >

< End of report >
--- --- ---


Gruß
Dennis

cosinus 26.09.2011 19:46
Zitat:
O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll (Veoh Networks Inc)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Softonic-Eng7 Toolbar) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSof1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Veoh Video Compass) - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Program Files\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll (Veoh Networks)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files\IMinent Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.5\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (Hotspot Shield Toolbar) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHot1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Softonic-Eng7 Toolbar) - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - C:\Program Files\Softonic-Eng7\tbSof1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files\IMinent Toolbar\tbcore3.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Hotspot Shield Toolbar) - {C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - C:\Program Files\Hotspot_Shield\tbHot1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
Wieso müllst du dir das System mit nutzlosen Toolbars zu?
Deinstalliere über Systemsteuerung unter Software bzw. Programme und Funktionen alles wo Toolbar zu sehen ist. Bei zukünftigen Programminstallation immer die benutzerdefinierte Methode anklicken, damit man bei der Installation mögliche Toolbars abwählen kann.
Deinstalliere bei der Gelegenheit auch alle anderen unnötigen Programme über die Systemsteuerung.

Mach danach ein neues OTL-Custom-Log.

Raccoon 27.09.2011 18:30
OK.

OTL Logfile:
Code:
OTL logfile created on: 27.09.2011 19:11:42 - Run 3
OTL by OldTimer - Version 3.2.29.1    Folder = C:\Users\Dennis Minaev\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19120)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 2,02 Gb Available Physical Memory | 62,16% Memory free
6,71 Gb Paging File | 5,35 Gb Available in Paging File | 79,62% Paging File free
Paging file location(s): ?:\pagefile.sys
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,75 Gb Total Space | 346,17 Gb Free Space | 74,33% Space Free | Partition Type: NTFS
Drive D: | 465,75 Gb Total Space | 22,48 Gb Free Space | 4,83% Space Free | Partition Type: NTFS
 
Computer Name: VISTA | User Name: Dennis Minaev | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - C:\Users\Dennis Minaev\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Steam\steam.exe (Valve Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe (DivX, LLC)
PRC - C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Winamp\winampa.exe ()
PRC - C:\Program Files\QIP\qip.exe (The Author of QIP)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Windows\SDDetect.exe ()
PRC - C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
PRC - C:\Program Files\Microsoft Office\Office\FINDFAST.EXE (Microsoft Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files\Steam\bin\libcef.dll ()
MOD - C:\Program Files\Steam\bin\avcodec-52.dll ()
MOD - C:\Program Files\Steam\bin\chromehtml.dll ()
MOD - C:\Program Files\Steam\bin\avformat-52.dll ()
MOD - C:\Program Files\Steam\bin\avutil-50.dll ()
MOD - C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Program Files\Winamp\winampa.exe ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()
MOD - C:\Windows\Microp.dll ()
MOD - C:\Windows\SDDetect.exe ()
MOD - C:\Program Files\QIP\Plugins\docking.dll ()
MOD - C:\Windows\VFDAPI.dll ()
MOD - C:\Program Files\Hercules\WebCam Station\PhotoImpression\Share\PIHook.dll ()
MOD - C:\Program Files\Microsoft Office\Office\MSO97.DLL ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (UPnPService) --  File not found
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (WMZuneComm) -- C:\Program Files\Zune\WMZuneComm.exe (Microsoft Corporation)
SRV - (ZuneWlanCfgSvc) -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe (Microsoft Corporation)
SRV - (ZuneNetworkSvc) -- C:\Program Files\Zune\ZuneNss.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (CCALib8) -- C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (taphss) -- C:\Windows\System32\drivers\taphss.sys (AnchorFree Inc)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (winusb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (KMWDFILTER) -- C:\Windows\System32\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (ahcix86s) -- C:\Windows\system32\drivers\ahcix86s.sys (AMD Technologies Inc.)
DRV - (RxFilter) -- C:\Windows\System32\drivers\RxFilter.sys (Sonic Solutions)
DRV - (nvrd32) -- C:\Windows\system32\drivers\nvrd32.sys (NVIDIA Corporation)
DRV - (nvstor32) -- C:\Windows\system32\drivers\nvstor32.sys (NVIDIA Corporation)
DRV - (JRAID) -- C:\Windows\system32\drivers\jraid.sys (JMicron Technology Corp.)
DRV - (ovt530) -- C:\Windows\System32\drivers\ov530vid.sys (OmniVision Technologies, Inc.)
DRV - (ElbyDelay) -- C:\Windows\System32\drivers\ElbyDelay.sys (Elaborate Bytes)
DRV - (Sentinel) -- C:\Windows\System32\Drivers\SENTINEL.SYS ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://qip.ru
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.qip.ru
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.bearshare.com/sidebar.html?src=ssb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.qip.ru
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/home?AF=18827
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE,en-US;q=0.7,ru-RU;q=0.3
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CA 07 A9 EB 5B CB C9 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.qip.ru/ie
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - No CLSID value found
IE - HKCU\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Dennis Minaev\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaultthis.engineName: "Hotspot Shield Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1561552&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "google.de"
FF - prefs.js..extensions.enabledItems: foxmarks@kei.com:3.9.5
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.12.1
FF - prefs.js..extensions.enabledItems: {32a1fd71-835e-4b11-8e54-886fda0b4c89}:1.1
FF - prefs.js..extensions.enabledItems: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}:3.3.2.1
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.2.1
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.2
FF - prefs.js..extensions.enabledItems: web@veoh.com:1.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.2.1
FF - prefs.js..keyword.URL: "hxxp://search.babylon.com/?babsrc=toolbar2&q="
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player:  File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2010.12.20 16:24:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2010.12.20 16:24:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.09.08 20:03:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.08.23 18:16:51 | 000,000,000 | ---D | M]
 
[2008.11.27 12:10:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Extensions
[2011.09.26 22:22:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions
[2011.03.03 19:24:53 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2011.03.03 19:24:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.08.08 16:52:24 | 000,000,000 | ---D | M] (QipAuthorizer) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
[2011.08.01 13:33:33 | 000,000,000 | ---D | M] (Softonic-Eng7 Community Toolbar) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}
[2011.08.01 13:33:35 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011.08.19 17:27:35 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.08.15 17:26:47 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.08.13 12:39:16 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.08.15 17:26:49 | 000,000,000 | ---D | M] (Hotspot Shield Community Toolbar) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}
[2011.06.07 20:12:27 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
[2011.05.26 21:51:38 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\engine@conduit.com
[2011.08.18 15:55:26 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\ffxtlbr@babylon.com
[2009.11.04 21:54:25 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\moveplayer@movenetworks.com
[2010.01.27 14:09:59 | 000,002,171 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\bing.xml
[2011.03.21 16:46:44 | 000,000,931 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\conduit.xml
[2011.09.22 16:15:12 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-1.xml
[2009.08.04 20:19:46 | 000,000,961 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-10.xml
[2009.09.15 20:28:57 | 000,000,961 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-11.xml
[2009.11.01 15:56:31 | 000,000,961 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-12.xml
[2009.12.19 15:14:24 | 000,000,961 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-13.xml
[2010.01.10 17:15:12 | 000,000,961 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-14.xml
[2010.01.31 21:54:09 | 000,000,961 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-15.xml
[2010.03.21 12:15:03 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-16.xml
[2010.03.24 17:38:42 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-17.xml
[2010.03.29 22:46:13 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-18.xml
[2010.06.27 13:07:42 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-19.xml
[2008.12.19 18:42:00 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-2.xml
[2010.07.03 21:18:26 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-20.xml
[2010.07.22 21:29:43 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-21.xml
[2010.07.25 15:15:53 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-22.xml
[2010.08.08 16:58:57 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-23.xml
[2010.10.06 19:47:08 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-24.xml
[2011.01.06 18:36:51 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-25.xml
[2011.02.07 15:05:30 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-26.xml
[2011.03.02 15:22:05 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-27.xml
[2011.03.03 19:25:41 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-28.xml
[2011.03.07 14:35:07 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-29.xml
[2009.02.04 21:19:55 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-3.xml
[2011.03.22 20:51:11 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-30.xml
[2011.05.05 21:16:44 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-31.xml
[2011.05.05 22:18:13 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-32.xml
[2011.07.04 19:48:19 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-33.xml
[2011.08.15 18:06:46 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-34.xml
[2011.09.04 19:39:39 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-35.xml
[2011.09.08 20:03:23 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-36.xml
[2011.09.27 17:35:47 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-37.xml
[2009.03.06 17:29:43 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-4.xml
[2009.03.29 15:00:03 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-5.xml
[2009.04.25 12:56:57 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-6.xml
[2009.04.28 16:07:05 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-7.xml
[2009.06.14 18:17:50 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-8.xml
[2009.07.22 12:24:54 | 000,000,961 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-9.xml
[2010.05.12 18:40:06 | 000,001,042 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin.xml
[2010.08.08 21:19:54 | 000,002,062 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\qip-search.xml
[2009.05.18 16:26:49 | 000,001,196 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\winamp-search.xml
[2011.09.27 17:35:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010.11.07 16:27:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.02.03 22:48:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.04.06 18:22:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.06.22 19:17:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
() (No name found) -- C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\EXTENSIONS\PERSONAS@CHRISTOPHER.BEARD.XPI
[2011.09.08 20:03:09 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.05.04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.09.04 19:39:27 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.05.05 21:53:04 | 000,002,226 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011.09.04 19:39:27 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.09.04 19:39:27 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.09.04 19:39:27 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.09.04 19:39:27 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.09.04 19:39:27 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1            localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (no name) - {95289393-33EA-4F8D-B952-483415B9C955} - No CLSID value found.
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Dennis Minaev\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C3CD744D-2FAE-4640-8297-16B5DA423104} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Windows\System32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [VFD_DISPLAY] C:\Windows\SDDetect.exe ()
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKCU..\Run: [EPSON Stylus DX5000 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIBVE.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [QIP2005] C:\Program Files\QIP\qip.exe (The Author of QIP)
O4 - HKCU..\Run: [Steam] c:\program files\steam\steam.exe (Valve Corporation)
O8 - Extra context menu item: Free YouTube Download - C:\Users\Dennis Minaev\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Dennis Minaev\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html File not found
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9C8D4F44-9D7E-4DA8-B2D6-415707E73AFD}: DhcpNameServer = 192.168.2.1
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Dennis Minaev\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Dennis Minaev\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Windows Media Player 5.2
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 11.0.3
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 11.0.3
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: SENTINEL - C:\Windows\System32\SNTI386.DLL ()
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.IV41 - C:\Windows\System32\ir41_32.dll (Intel Corporation)
Drivers32: VIDC.MKVC - C:\Windows\System32\KMVIDC32.DLL ()
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.09.27 19:04:50 | 000,000,000 | ---D | C] -- C:\Users\Dennis Minaev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
[2011.09.24 23:27:09 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011.09.24 23:26:35 | 002,322,184 | ---- | C] (ESET) -- C:\Users\Dennis Minaev\Desktop\esetsmartinstaller_enu.exe
[2011.09.24 22:36:38 | 000,000,000 | ---D | C] -- C:\Users\Dennis Minaev\Desktop\Subway to Sally
[2011.09.23 21:01:02 | 000,000,000 | ---D | C] -- C:\Users\Dennis Minaev\AppData\Roaming\Malwarebytes
[2011.09.23 21:00:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.09.23 21:00:53 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.09.23 21:00:52 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.09.23 21:00:15 | 009,852,544 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Dennis Minaev\Desktop\mbam-setup-1.51.2.1300.exe
[2011.09.23 20:28:52 | 000,000,000 | ---D | C] -- C:\Users\Dennis Minaev\Documents\MAGIX_MusicEditor
[2011.09.23 20:27:26 | 000,000,000 | ---D | C] -- C:\Program Files\MAGIX
[2011.09.23 20:27:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MAGIX Services
[2011.09.20 22:16:35 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Users\Dennis Minaev\Desktop\OTL.exe
[2011.09.20 18:49:25 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.09.27 19:04:56 | 000,035,655 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011.09.27 19:04:55 | 000,035,655 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011.09.27 19:04:47 | 000,005,008 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.09.27 19:04:46 | 000,005,008 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.09.27 19:04:46 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.09.27 19:04:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.09.27 18:54:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.09.26 22:30:52 | 000,000,097 | ---- | M] () -- C:\Windows\System32\WININIT.INI
[2011.09.26 22:30:51 | 000,000,000 | ---- | M] () -- C:\Windows\7thlevel.ini
[2011.09.26 19:16:31 | 000,195,584 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.09.26 17:44:08 | 000,643,810 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.09.26 17:44:08 | 000,608,708 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.09.26 17:44:08 | 000,133,548 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.09.26 17:44:08 | 000,109,842 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.09.24 23:26:37 | 002,322,184 | ---- | M] (ESET) -- C:\Users\Dennis Minaev\Desktop\esetsmartinstaller_enu.exe
[2011.09.23 21:00:57 | 000,000,912 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.09.23 21:00:23 | 009,852,544 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Dennis Minaev\Desktop\mbam-setup-1.51.2.1300.exe
[2011.09.21 17:15:28 | 000,519,288 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.09.20 22:16:37 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Dennis Minaev\Desktop\OTL.exe
[2011.09.20 18:49:26 | 000,000,810 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.09.17 23:55:42 | 000,001,356 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Local\d3d9caps.dat
[2011.09.10 19:51:41 | 000,001,197 | ---- | M] () -- C:\Users\Dennis Minaev\Desktop\YouTube Converter.lnk
[2011.08.31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.09.26 22:30:52 | 000,000,097 | ---- | C] () -- C:\Windows\System32\WININIT.INI
[2011.09.26 22:30:51 | 000,000,000 | ---- | C] () -- C:\Windows\7thlevel.ini
[2011.09.23 21:00:57 | 000,000,912 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.09.21 17:15:01 | 000,519,288 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.09.20 18:49:26 | 000,000,810 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.09.10 19:51:41 | 000,001,197 | ---- | C] () -- C:\Users\Dennis Minaev\Desktop\YouTube Converter.lnk
[2011.03.20 14:51:49 | 000,028,672 | ---- | C] () -- C:\Windows\System32\mmcico32.dll
[2011.02.10 19:40:44 | 000,606,208 | ---- | C] () -- C:\Windows\System32\pngd3l32.dll
[2010.11.22 21:58:25 | 000,036,352 | ---- | C] () -- C:\Windows\System32\sxgunins.dll
[2010.11.22 21:58:22 | 000,028,672 | ---- | C] () -- C:\Windows\Oiduts.dll
[2010.11.22 21:58:22 | 000,000,227 | ---- | C] () -- C:\Windows\sxg07.ini
[2010.05.10 19:14:34 | 000,044,953 | ---- | C] () -- C:\Windows\War3Unin.dat
[2010.03.13 12:34:47 | 000,047,104 | ---- | C] () -- C:\Windows\System32\KMVIDC32.DLL
[2010.01.06 22:12:07 | 000,000,101 | ---- | C] () -- C:\Users\Dennis Minaev\AppData\Local\fusioncache.dat
[2009.12.12 01:24:51 | 000,035,655 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.12.11 21:43:14 | 000,035,655 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009.08.12 12:08:31 | 000,000,022 | ---- | C] () -- C:\Windows\exchng.ini
[2009.08.08 01:24:38 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.08.08 01:24:38 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.06.03 18:58:01 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2009.06.03 18:58:00 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2009.06.03 18:58:00 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2009.06.03 18:43:06 | 000,036,105 | ---- | C] () -- C:\Windows\DIIUnin.dat
[2009.05.12 19:01:21 | 000,000,179 | ---- | C] () -- C:\Windows\dievölkergold.ini
[2009.04.18 13:50:18 | 000,001,013 | ---- | C] () -- C:\Windows\eReg.dat
[2008.11.28 14:53:34 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2008.11.27 11:54:59 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008.11.27 00:58:31 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.11.26 23:36:16 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2008.11.26 23:36:16 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2008.11.26 23:36:16 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2008.11.26 23:36:16 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2008.11.26 23:36:16 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2008.11.26 23:36:16 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2008.11.26 23:36:16 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2008.11.26 23:36:16 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2008.11.26 23:36:16 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2008.11.26 23:36:16 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2008.11.26 23:36:16 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2008.11.26 23:36:16 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2008.11.26 23:36:16 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2008.11.26 23:36:16 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2008.11.26 23:36:16 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2008.11.26 23:36:16 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2008.11.26 23:36:16 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2008.11.26 23:36:16 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2008.11.26 23:36:16 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2008.11.26 23:34:02 | 000,000,025 | ---- | C] () -- C:\Windows\CDE DX5000EFDG.ini
[2008.11.24 20:06:33 | 000,000,000 | ---- | C] () -- C:\Windows\PROTOCOL.INI
[2008.11.20 23:11:03 | 000,064,512 | ---- | C] () -- C:\Windows\System32\drivers\SENTINEL.SYS
[2008.11.20 23:11:03 | 000,038,400 | ---- | C] () -- C:\Windows\System32\SNTI386.DLL
[2008.11.20 23:11:03 | 000,016,896 | ---- | C] () -- C:\Windows\System32\RNBOVDD.DLL
[2008.11.20 23:11:02 | 000,000,000 | ---- | C] () -- C:\Windows\MTSTACK.INI
[2008.11.20 22:00:19 | 000,024,227 | ---- | C] () -- C:\Users\Dennis Minaev\AppData\Roaming\UserTile.png
[2008.11.20 21:39:26 | 000,000,634 | ---- | C] () -- C:\Windows\ODBC.INI
[2008.11.20 21:39:25 | 000,001,111 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2008.11.20 03:07:10 | 000,000,025 | ---- | C] () -- C:\Windows\cdplayer.ini
[2008.11.20 00:26:31 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2008.11.20 00:26:30 | 000,006,768 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2008.11.19 23:47:26 | 000,000,060 | ---- | C] () -- C:\Windows\REGKEYCR.INI
[2008.11.19 22:35:05 | 000,001,444 | ---- | C] () -- C:\Windows\photoimpression.ini
[2008.11.19 22:34:37 | 000,000,021 | ---- | C] () -- C:\Windows\PI_setup.ini
[2008.11.19 09:07:25 | 000,643,810 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.11.19 09:07:25 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.11.19 09:07:25 | 000,133,548 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.11.19 09:07:25 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008.11.19 00:51:51 | 000,770,048 | ---- | C] () -- C:\Windows\Microp.dll
[2008.11.19 00:51:51 | 000,225,280 | ---- | C] () -- C:\Windows\SDDetect.exe
[2008.11.19 00:51:51 | 000,131,072 | ---- | C] () -- C:\Windows\VFDAPI.dll
[2008.11.19 00:51:51 | 000,045,056 | ---- | C] () -- C:\Windows\RcKey.dll
[2008.11.19 00:41:54 | 000,004,984 | R--- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2008.11.19 00:28:15 | 000,195,584 | ---- | C] () -- C:\Users\Dennis Minaev\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.11.19 00:19:23 | 000,001,356 | ---- | C] () -- C:\Users\Dennis Minaev\AppData\Local\d3d9caps.dat
[2007.08.16 16:17:50 | 000,143,360 | ---- | C] () -- C:\Windows\System32\nsldap32v50.dll
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,608,708 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,109,842 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005.12.21 17:57:04 | 000,024,576 | ---- | C] () -- C:\Windows\System32\nsldappr32v50.dll
[2005.12.21 17:54:34 | 000,040,960 | ---- | C] () -- C:\Windows\System32\nsldapssl32v50.dll
[2005.07.15 20:35:56 | 000,831,488 | ---- | C] () -- C:\Windows\System32\libeay32.dll
[2005.07.15 20:35:56 | 000,159,744 | ---- | C] () -- C:\Windows\System32\ssleay32.dll
[1997.11.17 18:13:16 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
[1997.09.04 01:00:00 | 000,022,016 | ---- | C] () -- C:\Windows\System32\DOCOBJ.DLL
[1997.09.04 01:00:00 | 000,012,288 | ---- | C] () -- C:\Windows\System32\VADE232.DLL
[1997.09.04 01:00:00 | 000,012,288 | ---- | C] () -- C:\Windows\System32\HLINKPRX.DLL
[1997.09.04 00:00:00 | 000,049,152 | ---- | C] () -- C:\Windows\System32\WRKGADM.EXE
[1997.09.04 00:00:00 | 000,031,232 | ---- | C] () -- C:\Windows\System32\XLREC.DLL
[1997.09.04 00:00:00 | 000,025,600 | ---- | C] () -- C:\Windows\System32\RECNCL.DLL
[1997.09.04 00:00:00 | 000,022,016 | ---- | C] () -- C:\Windows\System32\ODBCSTF.DLL
 
========== LOP Check ==========
 
[2010.05.14 19:03:17 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\AltrixSoft
[2010.05.14 19:10:38 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\CheeseSoft
[2008.11.20 12:47:21 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\CoreCodec
[2008.11.19 02:00:24 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\DisplayTune
[2011.09.10 19:52:07 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\DVDVideoSoft
[2011.08.10 11:47:43 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\DVDVideoSoftIEHelpers
[2009.04.24 15:44:16 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\EPSON
[2011.05.22 17:27:14 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\GetRightToGo
[2011.09.26 22:22:30 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\ICQ
[2008.11.20 02:09:17 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\InterTrust
[2008.11.24 18:31:19 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\InterVideo
[2009.08.16 17:11:45 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Leadertech
[2010.12.20 16:24:05 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Local
[2011.09.23 20:28:58 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\MAGIX
[2008.11.20 00:36:22 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\MAGIX Fotobuch
[2008.11.20 22:00:19 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\PeerNetworking
[2008.12.11 23:10:20 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\QIP
[2008.11.20 01:51:38 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Serif
[2010.05.10 17:33:26 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Tific
[2010.01.19 23:09:31 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Windows Live Writer
[2009.12.18 12:54:18 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Zylom
[2011.09.27 19:04:44 | 000,032,510 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2010.01.24 13:37:36 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Adobe
[2008.12.13 16:47:37 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Ahead
[2010.05.14 19:03:17 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\AltrixSoft
[2008.11.20 02:13:38 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\ArcSoft
[2010.10.18 17:35:15 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Avira
[2010.05.14 19:10:38 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\CheeseSoft
[2008.11.20 12:47:21 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\CoreCodec
[2009.08.12 11:05:39 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\CorelHomeOffice
[2008.11.22 20:14:20 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\CyberLink
[2008.11.19 02:00:24 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\DisplayTune
[2010.11.14 18:11:15 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\DivX
[2010.07.24 00:35:23 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\dvdcss
[2011.09.10 19:52:07 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\DVDVideoSoft
[2011.08.10 11:47:43 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\DVDVideoSoftIEHelpers
[2009.04.24 15:44:16 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\EPSON
[2011.05.22 17:27:14 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\GetRightToGo
[2008.11.20 03:10:58 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Google
[2011.08.09 16:13:56 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Hamachi
[2011.09.26 22:22:30 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\ICQ
[2009.12.18 12:54:18 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Identities
[2008.11.26 23:36:15 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\InstallShield
[2008.11.20 02:09:17 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\InterTrust
[2008.11.24 18:31:19 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\InterVideo
[2009.08.16 17:11:45 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Leadertech
[2010.12.20 16:24:05 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Local
[2008.11.20 03:10:48 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Macromedia
[2011.09.23 20:28:58 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\MAGIX
[2008.11.20 00:36:22 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\MAGIX Fotobuch
[2011.09.23 21:01:02 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Malwarebytes
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Media Center Programs
[2011.09.27 17:35:45 | 000,000,000 | --SD | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Microsoft
[2008.11.27 12:10:04 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla
[2008.11.20 22:00:19 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\PeerNetworking
[2008.12.11 23:10:20 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\QIP
[2011.09.26 22:32:24 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Real
[2009.08.08 03:56:58 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Roxio
[2009.01.10 13:08:31 | 000,000,000 | RH-D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\SecuROM
[2008.11.20 01:51:38 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Serif
[2010.05.10 17:33:26 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Tific
[2011.09.26 22:14:26 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Winamp
[2010.01.19 23:09:31 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Windows Live Writer
[2009.10.24 15:53:42 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\WinRAR
[2009.12.18 12:54:18 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Zylom
 
< %APPDATA%\*.exe /s >
[2007.01.01 18:01:25 | 000,009,728 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\MAGIX Fotobuch\xtras\localVista.exe
[2007.01.08 10:34:46 | 000,006,656 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\MAGIX Fotobuch\xtras\localXP.exe
[2006.12.21 13:16:20 | 000,021,504 | ---- | M] (Optimum X) -- C:\Users\Dennis Minaev\AppData\Roaming\MAGIX Fotobuch\xtras\shellExecute.exe
[2006.12.21 13:16:15 | 000,009,216 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\MAGIX Fotobuch\xtras\sleep.exe
[2010.03.05 17:49:50 | 000,197,632 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\chrome\content\id_imbooster4web_v6\TbHelper2.exe
[2010.03.12 18:45:00 | 000,042,496 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\chrome\content\id_imbooster4web_v6\uninstall.exe
[2010.03.12 18:45:00 | 000,056,832 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\chrome\content\id_imbooster4web_v6\update.exe
[2010.03.19 13:04:44 | 000,152,664 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\components\setup_widget_serv.exe
 
< %SYSTEMDRIVE%\*.exe >
 
 
< MD5 for: AGP440.SYS  >
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
< MD5 for: AHCIX86S.SYS  >
[2007.12.19 19:45:00 | 000,170,000 | ---- | M] (AMD Technologies Inc.) MD5=0DEE2B628D4C6E23285BB91EFFDABFDE -- C:\Windows\System32\drivers\ahcix86s.sys
[2007.12.19 19:45:00 | 000,170,000 | ---- | M] (AMD Technologies Inc.) MD5=0DEE2B628D4C6E23285BB91EFFDABFDE -- C:\Windows\System32\DriverStore\FileRepository\ahcix86s.inf_71554ba4\ahcix86s.sys
 
< MD5 for: ATAPI.SYS  >
[2008.04.23 12:43:22 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_4c9c5a00\atapi.sys
[2008.04.23 12:43:22 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18034_none_dd1bb97e219e87cb\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.04.23 12:43:22 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=96DC4E1A9F90CCD489950A8935425C59 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22134_none_dda556493abc2795\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: IASTORV.SYS  >
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
< MD5 for: NVSTOR32.SYS  >
[2007.10.31 12:23:00 | 000,115,744 | ---- | M] (NVIDIA Corporation) MD5=9D2BD672C0461185D6EA1AE8BD3AE3F4 -- C:\Windows\System32\drivers\nvstor32.sys
[2007.10.31 12:23:00 | 000,115,744 | ---- | M] (NVIDIA Corporation) MD5=9D2BD672C0461185D6EA1AE8BD3AE3F4 -- C:\Windows\System32\DriverStore\FileRepository\nvrd32.inf_04bc6797\nvstor32.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
< MD5 for: USER32.DLL  >
[2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
<          >

< End of report >
--- --- ---

Gruß
Dennis

cosinus 27.09.2011 19:34
Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
:OTL
[2010.08.08 16:52:24 | 000,000,000 | ---D | M] (QipAuthorizer) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
[2011.08.01 13:33:33 | 000,000,000 | ---D | M] (Softonic-Eng7 Community Toolbar) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}
[2011.08.01 13:33:35 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011.08.19 17:27:35 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.08.15 17:26:47 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.08.13 12:39:16 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.08.15 17:26:49 | 000,000,000 | ---D | M] (Hotspot Shield Community Toolbar) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}
[2011.06.07 20:12:27 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
[2011.05.26 21:51:38 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\engine@conduit.com
[2011.08.18 15:55:26 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\ffxtlbr@babylon.com
[2010.01.27 14:09:59 | 000,002,171 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\bing.xml
[2011.03.21 16:46:44 | 000,000,931 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\conduit.xml
[2011.09.22 16:15:12 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-1.xml
[2009.08.04 20:19:46 | 000,000,961 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-10.xml
[2009.09.15 20:28:57 | 000,000,961 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-11.xml
[2009.11.01 15:56:31 | 000,000,961 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-12.xml
[2009.12.19 15:14:24 | 000,000,961 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-13.xml
[2010.01.10 17:15:12 | 000,000,961 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-14.xml
[2010.01.31 21:54:09 | 000,000,961 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-15.xml
[2010.03.21 12:15:03 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-16.xml
[2010.03.24 17:38:42 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-17.xml
[2010.03.29 22:46:13 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-18.xml
[2010.06.27 13:07:42 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-19.xml
[2008.12.19 18:42:00 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-2.xml
[2010.07.03 21:18:26 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-20.xml
[2010.07.22 21:29:43 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-21.xml
[2010.07.25 15:15:53 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-22.xml
[2010.08.08 16:58:57 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-23.xml
[2010.10.06 19:47:08 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-24.xml
[2011.01.06 18:36:51 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-25.xml
[2011.02.07 15:05:30 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-26.xml
[2011.03.02 15:22:05 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-27.xml
[2011.03.03 19:25:41 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-28.xml
[2011.03.07 14:35:07 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-29.xml
[2009.02.04 21:19:55 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-3.xml
[2011.03.22 20:51:11 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-30.xml
[2011.05.05 21:16:44 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-31.xml
[2011.05.05 22:18:13 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-32.xml
[2011.07.04 19:48:19 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-33.xml
[2011.08.15 18:06:46 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-34.xml
[2011.09.04 19:39:39 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-35.xml
[2011.09.08 20:03:23 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-36.xml
[2011.09.27 17:35:47 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-37.xml
[2009.03.06 17:29:43 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-4.xml
[2009.03.29 15:00:03 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-5.xml
[2009.04.25 12:56:57 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-6.xml
[2009.04.28 16:07:05 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-7.xml
[2009.06.14 18:17:50 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-8.xml
[2009.07.22 12:24:54 | 000,000,961 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-9.xml
[2010.05.12 18:40:06 | 000,001,042 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin.xml
[2010.08.08 21:19:54 | 000,002,062 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\qip-search.xml
[2009.05.18 16:26:49 | 000,001,196 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\winamp-search.xml
[2011.05.05 21:53:04 | 000,002,226 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
O2 - BHO: (no name) - {95289393-33EA-4F8D-B952-483415B9C955} - No CLSID value found.
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Dennis Minaev\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C3CD744D-2FAE-4640-8297-16B5DA423104} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No CLSID value found.
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
:Commands
[emptytemp]
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Raccoon 29.09.2011 17:21
Hier nun das Ergebnis:


All processes killed
========== OTL ==========
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\defaults\preferences folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\defaults folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\components folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\skin folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\locale\en-US folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\locale folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\content folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89} folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\searchplugin folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\modules folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\META-INF folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\defaults folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\chrome folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\META-INF folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\defaults\preferences folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\defaults folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\chrome folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\searchplugin folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\META-INF folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\defaults folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\chrome folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\chrome folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}\searchplugin folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}\modules folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}\META-INF folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}\defaults folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}\components folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}\chrome folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d} folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\components folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\chrome\content\id_imbooster4web_v6 folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\chrome\content folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\chrome folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444} folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\engine@conduit.com\searchplugin folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\engine@conduit.com\META-INF folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\engine@conduit.com\lib folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\engine@conduit.com\DualPackage folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\engine@conduit.com\defaults folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\engine@conduit.com\components folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\engine@conduit.com\chrome folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\engine@conduit.com folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\ffxtlbr@babylon.com\defaults\preferences folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\ffxtlbr@babylon.com\defaults folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\ffxtlbr@babylon.com\content\imgs\mnRadio folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\ffxtlbr@babylon.com\content\imgs\flgs folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\ffxtlbr@babylon.com\content\imgs folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\ffxtlbr@babylon.com\content folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\ffxtlbr@babylon.com\components folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\ffxtlbr@babylon.com folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\bing.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\conduit.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-10.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-11.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-12.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-13.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-14.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-15.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-16.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-17.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-18.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-19.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-20.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-21.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-22.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-23.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-24.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-25.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-26.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-27.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-28.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-29.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-30.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-31.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-32.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-33.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-34.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-35.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-36.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-37.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-4.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-5.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-6.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-7.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-8.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-9.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\qip-search.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\winamp-search.xml moved successfully.
C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{977AE9CC-AF83-45E8-9E03-E2798216E2D5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C3CD744D-2FAE-4640-8297-16B5DA423104} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C3CD744D-2FAE-4640-8297-16B5DA423104}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\WinampAgent deleted successfully.
C:\Program Files\Winamp\winampa.exe moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Dennis Minaev
->Temp folder emptied: 114912410 bytes
->Temporary Internet Files folder emptied: 2840323 bytes
->Java cache emptied: 40187140 bytes
->FireFox cache emptied: 63974922 bytes
->Flash cache emptied: 8026 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 825375 bytes
RecycleBin emptied: 20419 bytes

Total Files Cleaned = 212,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.29.1 log created on 09292011_181511

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...


Gruß
Dennis

cosinus 29.09.2011 18:56
Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg


Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
http://www.trojaner-board.de/images/icons/icon4.gif Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen! http://www.trojaner-board.de/images/icons/icon4.gif

Raccoon 29.09.2011 19:26
Moin,
um hier mal nichts falsch zu machen. Soll ich bei den Funden (insgesamt vier) auf "Skip" oder "Delete" drücken?? Um dann weiter auf "Continue".

Gruß
Dennis

cosinus 29.09.2011 19:31
Erstmal müsste man wissen was genau da gefunden wurde.

Raccoon 29.09.2011 19:35
Liste der Anhänge anzeigen (Anzahl: 1)
Siehe Anlage.

Gruß
Dennis

cosinus 29.09.2011 19:42
ElbyCDIO => hast du ConeDVD oder sowas wie AnyDVD drauf?
Die ersten zwei Elby-Dinger kannste denkich mal lassen, den Rest entfernen lassen

Raccoon 29.09.2011 19:57
Liste der Anhänge anzeigen (Anzahl: 1)
Anbei der Report.

EDIT: Hier nach einem weiteren Scan wohl der "richtige" Report:

1:03:00.0884 3956 TDSS rootkit removing tool 2.6.2.0 Sep 26 2011 18:56:43
21:03:01.0080 3956 ============================================================
21:03:01.0080 3956 Current date / time: 2011/09/29 21:03:01.0080
21:03:01.0080 3956 SystemInfo:
21:03:01.0080 3956
21:03:01.0080 3956 OS Version: 6.0.6002 ServicePack: 2.0
21:03:01.0080 3956 Product type: Workstation
21:03:01.0081 3956 ComputerName: VISTA
21:03:01.0081 3956 UserName: Dennis Minaev
21:03:01.0081 3956 Windows directory: C:\Windows
21:03:01.0081 3956 System windows directory: C:\Windows
21:03:01.0081 3956 Processor architecture: Intel x86
21:03:01.0081 3956 Number of processors: 4
21:03:01.0081 3956 Page size: 0x1000
21:03:01.0081 3956 Boot type: Normal boot
21:03:01.0081 3956 ============================================================
21:03:02.0499 3956 Initialize success
21:03:07.0136 2804 ============================================================
21:03:07.0136 2804 Scan started
21:03:07.0136 2804 Mode: Manual; SigCheck; TDLFS;
21:03:07.0136 2804 ============================================================
21:03:07.0971 2804 61883 (585e64bb6dfbc0a2f1f0b554ded012df) C:\Windows\system32\DRIVERS\61883.sys
21:03:08.0090 2804 61883 - ok
21:03:08.0115 2804 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
21:03:08.0133 2804 ACPI - ok
21:03:08.0172 2804 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
21:03:08.0191 2804 adp94xx - ok
21:03:08.0216 2804 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
21:03:08.0231 2804 adpahci - ok
21:03:08.0249 2804 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
21:03:08.0259 2804 adpu160m - ok
21:03:08.0280 2804 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
21:03:08.0291 2804 adpu320 - ok
21:03:08.0351 2804 adxapie - ok
21:03:08.0379 2804 Afc - ok
21:03:08.0438 2804 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
21:03:08.0471 2804 AFD - ok
21:03:08.0490 2804 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
21:03:08.0500 2804 agp440 - ok
21:03:08.0532 2804 ahcix86s (0dee2b628d4c6e23285bb91effdabfde) C:\Windows\system32\drivers\ahcix86s.sys
21:03:08.0575 2804 ahcix86s - ok
21:03:08.0604 2804 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
21:03:08.0616 2804 aic78xx - ok
21:03:08.0635 2804 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
21:03:08.0645 2804 aliide - ok
21:03:08.0663 2804 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
21:03:08.0674 2804 amdagp - ok
21:03:08.0689 2804 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
21:03:08.0699 2804 amdide - ok
21:03:08.0722 2804 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
21:03:08.0766 2804 AmdK7 - ok
21:03:08.0781 2804 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
21:03:08.0806 2804 AmdK8 - ok
21:03:08.0876 2804 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
21:03:08.0887 2804 arc - ok
21:03:08.0909 2804 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
21:03:08.0919 2804 arcsas - ok
21:03:09.0019 2804 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
21:03:09.0044 2804 AsyncMac - ok
21:03:09.0081 2804 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
21:03:09.0092 2804 atapi - ok
21:03:09.0141 2804 Avc (f4b56425a00beb32f5fa6603ff7b0ea2) C:\Windows\system32\DRIVERS\avc.sys
21:03:09.0166 2804 Avc - ok
21:03:09.0193 2804 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\Windows\system32\DRIVERS\avgntflt.sys
21:03:09.0208 2804 avgntflt - ok
21:03:09.0233 2804 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\Windows\system32\DRIVERS\avipbb.sys
21:03:09.0251 2804 avipbb - ok
21:03:09.0264 2804 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
21:03:09.0309 2804 Beep - ok
21:03:09.0357 2804 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
21:03:09.0382 2804 blbdrive - ok
21:03:09.0411 2804 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
21:03:09.0437 2804 bowser - ok
21:03:09.0463 2804 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
21:03:09.0482 2804 BrFiltLo - ok
21:03:09.0500 2804 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
21:03:09.0528 2804 BrFiltUp - ok
21:03:09.0550 2804 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
21:03:09.0607 2804 Brserid - ok
21:03:09.0635 2804 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
21:03:09.0679 2804 BrSerWdm - ok
21:03:09.0698 2804 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
21:03:09.0752 2804 BrUsbMdm - ok
21:03:09.0761 2804 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
21:03:09.0806 2804 BrUsbSer - ok
21:03:09.0826 2804 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
21:03:09.0869 2804 BTHMODEM - ok
21:03:09.0910 2804 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
21:03:09.0935 2804 cdfs - ok
21:03:09.0964 2804 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
21:03:09.0984 2804 cdrom - ok
21:03:10.0004 2804 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
21:03:10.0026 2804 circlass - ok
21:03:10.0053 2804 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
21:03:10.0066 2804 CLFS - ok
21:03:10.0108 2804 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
21:03:10.0117 2804 cmdide - ok
21:03:10.0131 2804 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
21:03:10.0141 2804 Compbatt - ok
21:03:10.0158 2804 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
21:03:10.0167 2804 crcdisk - ok
21:03:10.0188 2804 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
21:03:10.0210 2804 Crusoe - ok
21:03:10.0250 2804 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
21:03:10.0277 2804 DfsC - ok
21:03:10.0343 2804 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
21:03:10.0353 2804 disk - ok
21:03:10.0407 2804 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
21:03:10.0424 2804 drmkaud - ok
21:03:10.0463 2804 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
21:03:10.0490 2804 DXGKrnl - ok
21:03:10.0522 2804 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
21:03:10.0548 2804 E1G60 - ok
21:03:10.0603 2804 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
21:03:10.0615 2804 Ecache - ok
21:03:10.0660 2804 ElbyCDIO (37c3a9fef349d13685ec9c2acaaeafce) C:\Windows\system32\Drivers\ElbyCDIO.sys
21:03:10.0664 2804 ElbyCDIO ( UnsignedFile.Multi.Generic ) - warning
21:03:10.0664 2804 ElbyCDIO - detected UnsignedFile.Multi.Generic (1)
21:03:10.0691 2804 ElbyDelay (8d35affbeed58fd66e9fad223de33718) C:\Windows\system32\Drivers\ElbyDelay.sys
21:03:10.0695 2804 ElbyDelay ( UnsignedFile.Multi.Generic ) - warning
21:03:10.0695 2804 ElbyDelay - detected UnsignedFile.Multi.Generic (1)
21:03:10.0716 2804 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
21:03:10.0735 2804 elxstor - ok
21:03:10.0781 2804 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
21:03:10.0806 2804 ErrDev - ok
21:03:10.0851 2804 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
21:03:10.0884 2804 exfat - ok
21:03:10.0920 2804 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
21:03:10.0940 2804 fastfat - ok
21:03:10.0958 2804 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
21:03:10.0982 2804 fdc - ok
21:03:11.0007 2804 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
21:03:11.0017 2804 FileInfo - ok
21:03:11.0040 2804 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
21:03:11.0065 2804 Filetrace - ok
21:03:11.0086 2804 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
21:03:11.0115 2804 flpydisk - ok
21:03:11.0149 2804 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
21:03:11.0163 2804 FltMgr - ok
21:03:11.0221 2804 fssfltr (b74b0578fd1d3f897e95f2a2b69ea051) C:\Windows\system32\DRIVERS\fssfltr.sys
21:03:11.0231 2804 fssfltr - ok
21:03:11.0245 2804 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
21:03:11.0265 2804 Fs_Rec - ok
21:03:11.0282 2804 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
21:03:11.0292 2804 gagp30kx - ok
21:03:11.0325 2804 hamachi (14d11f508e649f1499bd32e145ba80cb) C:\Windows\system32\DRIVERS\hamachi.sys
21:03:11.0338 2804 hamachi - ok
21:03:11.0379 2804 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
21:03:11.0426 2804 HdAudAddService - ok
21:03:11.0462 2804 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
21:03:11.0493 2804 HDAudBus - ok
21:03:11.0534 2804 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
21:03:11.0577 2804 HidBth - ok
21:03:11.0594 2804 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
21:03:11.0643 2804 HidIr - ok
21:03:11.0679 2804 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
21:03:11.0743 2804 HidUsb - ok
21:03:11.0764 2804 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
21:03:11.0774 2804 HpCISSs - ok
21:03:11.0811 2804 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
21:03:11.0834 2804 HTTP - ok
21:03:11.0872 2804 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
21:03:11.0882 2804 i2omp - ok
21:03:11.0912 2804 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
21:03:11.0931 2804 i8042prt - ok
21:03:11.0950 2804 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
21:03:11.0965 2804 iaStorV - ok
21:03:11.0992 2804 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
21:03:12.0001 2804 iirsp - ok
21:03:12.0077 2804 IntcAzAudAddService (737d0390644def1a20c1ccf92c0e9c0c) C:\Windows\system32\drivers\RTKVHDA.sys
21:03:12.0161 2804 IntcAzAudAddService - ok
21:03:12.0211 2804 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
21:03:12.0226 2804 intelide - ok
21:03:12.0242 2804 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
21:03:12.0267 2804 intelppm - ok
21:03:12.0290 2804 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:03:12.0315 2804 IpFilterDriver - ok
21:03:12.0326 2804 IpInIp - ok
21:03:12.0350 2804 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
21:03:12.0376 2804 IPMIDRV - ok
21:03:12.0399 2804 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
21:03:12.0425 2804 IPNAT - ok
21:03:12.0445 2804 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
21:03:12.0474 2804 IRENUM - ok
21:03:12.0490 2804 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
21:03:12.0500 2804 isapnp - ok
21:03:12.0533 2804 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
21:03:12.0546 2804 iScsiPrt - ok
21:03:12.0564 2804 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
21:03:12.0573 2804 iteatapi - ok
21:03:12.0592 2804 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
21:03:12.0601 2804 iteraid - ok
21:03:12.0624 2804 JRAID (ab95b2ddb49f6b6cf52625e56c1f1f71) C:\Windows\system32\drivers\jraid.sys
21:03:12.0638 2804 JRAID - ok
21:03:12.0652 2804 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
21:03:12.0668 2804 kbdclass - ok
21:03:12.0690 2804 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
21:03:12.0709 2804 kbdhid - ok
21:03:12.0741 2804 KMWDFILTER (566c5fd480fdbce3ba5cf9fbcffaea9a) C:\Windows\system32\DRIVERS\KMWDFILTER.sys
21:03:12.0755 2804 KMWDFILTER - ok
21:03:12.0792 2804 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
21:03:12.0812 2804 KSecDD - ok
21:03:12.0844 2804 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
21:03:12.0869 2804 lltdio - ok
21:03:12.0899 2804 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
21:03:12.0910 2804 LSI_FC - ok
21:03:13.0022 2804 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
21:03:13.0035 2804 LSI_SAS - ok
21:03:13.0062 2804 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
21:03:13.0072 2804 LSI_SCSI - ok
21:03:13.0108 2804 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
21:03:13.0134 2804 luafv - ok
21:03:13.0193 2804 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys
21:03:13.0203 2804 MBAMProtector - ok
21:03:13.0231 2804 MBAMSwissArmy - ok
21:03:13.0258 2804 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
21:03:13.0268 2804 megasas - ok
21:03:13.0311 2804 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
21:03:13.0329 2804 MegaSR - ok
21:03:13.0359 2804 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
21:03:13.0385 2804 Modem - ok
21:03:13.0416 2804 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
21:03:13.0441 2804 monitor - ok
21:03:13.0457 2804 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
21:03:13.0472 2804 mouclass - ok
21:03:13.0492 2804 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
21:03:13.0516 2804 mouhid - ok
21:03:13.0553 2804 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
21:03:13.0564 2804 MountMgr - ok
21:03:13.0605 2804 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
21:03:13.0615 2804 mpio - ok
21:03:13.0636 2804 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
21:03:13.0656 2804 mpsdrv - ok
21:03:13.0676 2804 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
21:03:13.0685 2804 Mraid35x - ok
21:03:13.0717 2804 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
21:03:13.0732 2804 MRxDAV - ok
21:03:13.0777 2804 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:03:13.0791 2804 mrxsmb - ok
21:03:13.0816 2804 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:03:13.0831 2804 mrxsmb10 - ok
21:03:13.0852 2804 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:03:13.0865 2804 mrxsmb20 - ok
21:03:13.0895 2804 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
21:03:13.0904 2804 msahci - ok
21:03:13.0926 2804 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
21:03:13.0937 2804 msdsm - ok
21:03:13.0984 2804 MSDV (343291a4dfd7c923c3f71f550830ec1c) C:\Windows\system32\DRIVERS\msdv.sys
21:03:14.0010 2804 MSDV - ok
21:03:14.0030 2804 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
21:03:14.0055 2804 Msfs - ok
21:03:14.0086 2804 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
21:03:14.0096 2804 msisadrv - ok
21:03:14.0128 2804 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
21:03:14.0158 2804 MSKSSRV - ok
21:03:14.0169 2804 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
21:03:14.0198 2804 MSPCLOCK - ok
21:03:14.0214 2804 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
21:03:14.0242 2804 MSPQM - ok
21:03:14.0269 2804 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
21:03:14.0283 2804 MsRPC - ok
21:03:14.0308 2804 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
21:03:14.0318 2804 mssmbios - ok
21:03:14.0332 2804 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
21:03:14.0361 2804 MSTEE - ok
21:03:14.0377 2804 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
21:03:14.0390 2804 Mup - ok
21:03:14.0424 2804 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
21:03:14.0440 2804 NativeWifiP - ok
21:03:14.0483 2804 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
21:03:14.0505 2804 NDIS - ok
21:03:14.0544 2804 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
21:03:14.0563 2804 NdisTapi - ok
21:03:14.0582 2804 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
21:03:14.0612 2804 Ndisuio - ok
21:03:14.0649 2804 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
21:03:14.0670 2804 NdisWan - ok
21:03:14.0692 2804 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
21:03:14.0711 2804 NDProxy - ok
21:03:14.0723 2804 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
21:03:14.0749 2804 NetBIOS - ok
21:03:14.0776 2804 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
21:03:14.0798 2804 netbt - ok
21:03:14.0826 2804 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
21:03:14.0835 2804 nfrd960 - ok
21:03:14.0871 2804 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
21:03:14.0891 2804 Npfs - ok
21:03:14.0911 2804 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
21:03:14.0940 2804 nsiproxy - ok
21:03:14.0990 2804 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
21:03:15.0025 2804 Ntfs - ok
21:03:15.0045 2804 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
21:03:15.0088 2804 ntrigdigi - ok
21:03:15.0098 2804 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
21:03:15.0124 2804 Null - ok
21:03:15.0166 2804 NVENETFD (adb84b1e6b837c45443aa25abe9e7012) C:\Windows\system32\DRIVERS\nvmfdx32.sys
21:03:15.0204 2804 NVENETFD - ok
21:03:15.0417 2804 nvlddmkm (712d98d35e68d0006b121f4a3b8ee814) C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:03:16.0128 2804 nvlddmkm - ok
21:03:16.0156 2804 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
21:03:16.0167 2804 nvraid - ok
21:03:16.0195 2804 nvrd32 (b8d6145d3eb05e9f81bade9b7afc2c80) C:\Windows\system32\drivers\nvrd32.sys
21:03:16.0204 2804 nvrd32 - ok
21:03:16.0227 2804 nvsmu (736054614ab962d4ec01ef4abce115f1) C:\Windows\system32\DRIVERS\nvsmu.sys
21:03:16.0238 2804 nvsmu - ok
21:03:16.0259 2804 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
21:03:16.0269 2804 nvstor - ok
21:03:16.0299 2804 nvstor32 (9d2bd672c0461185d6ea1ae8bd3ae3f4) C:\Windows\system32\drivers\nvstor32.sys
21:03:16.0307 2804 nvstor32 - ok
21:03:16.0334 2804 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
21:03:16.0345 2804 nv_agp - ok
21:03:16.0355 2804 NwlnkFlt - ok
21:03:16.0367 2804 NwlnkFwd - ok
21:03:16.0407 2804 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
21:03:16.0425 2804 ohci1394 - ok
21:03:16.0450 2804 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
21:03:16.0490 2804 Parport - ok
21:03:16.0526 2804 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
21:03:16.0537 2804 partmgr - ok
21:03:16.0559 2804 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
21:03:16.0601 2804 Parvdm - ok
21:03:16.0633 2804 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
21:03:16.0647 2804 pci - ok
21:03:16.0680 2804 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
21:03:16.0690 2804 pciide - ok
21:03:16.0713 2804 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
21:03:16.0724 2804 pcmcia - ok
21:03:16.0767 2804 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
21:03:16.0830 2804 PEAUTH - ok
21:03:16.0906 2804 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
21:03:16.0931 2804 PptpMiniport - ok
21:03:16.0947 2804 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
21:03:16.0975 2804 Processor - ok
21:03:17.0007 2804 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
21:03:17.0027 2804 PSched - ok
21:03:17.0060 2804 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys
21:03:17.0068 2804 PxHelp20 - ok
21:03:17.0114 2804 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
21:03:17.0167 2804 ql2300 - ok
21:03:17.0190 2804 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
21:03:17.0200 2804 ql40xx - ok
21:03:17.0223 2804 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
21:03:17.0236 2804 QWAVEdrv - ok
21:03:17.0251 2804 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
21:03:17.0276 2804 RasAcd - ok
21:03:17.0313 2804 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:03:17.0339 2804 Rasl2tp - ok
21:03:17.0381 2804 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
21:03:17.0402 2804 RasPppoe - ok
21:03:17.0437 2804 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
21:03:17.0451 2804 RasSstp - ok
21:03:17.0482 2804 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
21:03:17.0505 2804 rdbss - ok
21:03:17.0515 2804 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:03:17.0541 2804 RDPCDD - ok
21:03:17.0563 2804 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
21:03:17.0590 2804 rdpdr - ok
21:03:17.0601 2804 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
21:03:17.0627 2804 RDPENCDD - ok
21:03:17.0675 2804 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
21:03:17.0695 2804 RDPWD - ok
21:03:17.0744 2804 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
21:03:17.0767 2804 rspndr - ok
21:03:17.0804 2804 RxFilter (9235d02fabbd1deee6b7adb0a0a23300) C:\Windows\system32\DRIVERS\RxFilter.sys
21:03:17.0813 2804 RxFilter - ok
21:03:17.0848 2804 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
21:03:17.0857 2804 sbp2port - ok
21:03:17.0915 2804 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
21:03:17.0954 2804 secdrv - ok
21:03:18.0019 2804 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
21:03:18.0057 2804 Serenum - ok
21:03:18.0125 2804 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
21:03:18.0165 2804 Serial - ok
21:03:18.0228 2804 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
21:03:18.0273 2804 sermouse - ok
21:03:18.0304 2804 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
21:03:18.0325 2804 sffdisk - ok
21:03:18.0364 2804 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
21:03:18.0403 2804 sffp_mmc - ok
21:03:18.0445 2804 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
21:03:18.0469 2804 sffp_sd - ok
21:03:18.0514 2804 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
21:03:18.0557 2804 sfloppy - ok
21:03:18.0607 2804 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
21:03:18.0617 2804 sisagp - ok
21:03:18.0669 2804 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
21:03:18.0678 2804 SiSRaid2 - ok
21:03:18.0727 2804 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
21:03:18.0737 2804 SiSRaid4 - ok
21:03:18.0796 2804 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
21:03:18.0815 2804 Smb - ok
21:03:18.0845 2804 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
21:03:18.0855 2804 spldr - ok
21:03:18.0894 2804 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
21:03:18.0910 2804 srv - ok
21:03:18.0946 2804 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
21:03:18.0960 2804 srv2 - ok
21:03:18.0972 2804 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
21:03:18.0987 2804 srvnet - ok
21:03:19.0016 2804 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
21:03:19.0027 2804 ssmdrv - ok
21:03:19.0077 2804 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
21:03:19.0090 2804 swenum - ok
21:03:19.0128 2804 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
21:03:19.0139 2804 Symc8xx - ok
21:03:19.0165 2804 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
21:03:19.0174 2804 Sym_hi - ok
21:03:19.0198 2804 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
21:03:19.0208 2804 Sym_u3 - ok
21:03:19.0250 2804 taphss (0c3b2a9c4bd2dd9a6c2e4084314dd719) C:\Windows\system32\DRIVERS\taphss.sys
21:03:19.0258 2804 taphss - ok
21:03:19.0305 2804 Tcpip (2756186e287139310997090797e0182b) C:\Windows\system32\drivers\tcpip.sys
21:03:19.0336 2804 Tcpip - ok
21:03:19.0389 2804 Tcpip6 (2756186e287139310997090797e0182b) C:\Windows\system32\DRIVERS\tcpip.sys
21:03:19.0420 2804 Tcpip6 - ok
21:03:19.0480 2804 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
21:03:19.0494 2804 tcpipreg - ok
21:03:19.0521 2804 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
21:03:19.0564 2804 TDPIPE - ok
21:03:19.0595 2804 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
21:03:19.0620 2804 TDTCP - ok
21:03:19.0651 2804 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
21:03:19.0671 2804 tdx - ok
21:03:19.0702 2804 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
21:03:19.0714 2804 TermDD - ok
21:03:19.0755 2804 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:03:19.0780 2804 tssecsrv - ok
21:03:19.0798 2804 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
21:03:19.0812 2804 tunmp - ok
21:03:19.0841 2804 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
21:03:19.0854 2804 tunnel - ok
21:03:19.0873 2804 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
21:03:19.0884 2804 uagp35 - ok
21:03:19.0916 2804 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
21:03:19.0936 2804 udfs - ok
21:03:19.0978 2804 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
21:03:19.0987 2804 uliagpkx - ok
21:03:20.0019 2804 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
21:03:20.0032 2804 uliahci - ok
21:03:20.0062 2804 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
21:03:20.0071 2804 UlSata - ok
21:03:20.0103 2804 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
21:03:20.0112 2804 ulsata2 - ok
21:03:20.0124 2804 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
21:03:20.0149 2804 umbus - ok
21:03:20.0217 2804 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
21:03:20.0237 2804 usbaudio - ok
21:03:20.0264 2804 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
21:03:20.0289 2804 usbccgp - ok
21:03:20.0308 2804 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
21:03:20.0352 2804 usbcir - ok
21:03:20.0397 2804 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
21:03:20.0416 2804 usbehci - ok
21:03:20.0454 2804 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
21:03:20.0475 2804 usbhub - ok
21:03:20.0501 2804 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
21:03:20.0520 2804 usbohci - ok
21:03:20.0548 2804 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
21:03:20.0572 2804 usbprint - ok
21:03:20.0610 2804 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
21:03:20.0630 2804 usbscan - ok
21:03:20.0661 2804 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:03:20.0683 2804 USBSTOR - ok
21:03:20.0694 2804 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
21:03:20.0715 2804 usbuhci - ok
21:03:20.0750 2804 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
21:03:20.0775 2804 vga - ok
21:03:20.0800 2804 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
21:03:20.0826 2804 VgaSave - ok
21:03:20.0864 2804 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
21:03:20.0874 2804 viaagp - ok
21:03:20.0890 2804 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
21:03:20.0914 2804 ViaC7 - ok
21:03:20.0934 2804 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
21:03:20.0943 2804 viaide - ok
21:03:20.0978 2804 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
21:03:20.0987 2804 volmgr - ok
21:03:21.0021 2804 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
21:03:21.0035 2804 volmgrx - ok
21:03:21.0066 2804 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
21:03:21.0079 2804 volsnap - ok
21:03:21.0118 2804 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
21:03:21.0128 2804 vsmraid - ok
21:03:21.0169 2804 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
21:03:21.0221 2804 WacomPen - ok
21:03:21.0238 2804 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
21:03:21.0259 2804 Wanarp - ok
21:03:21.0272 2804 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
21:03:21.0292 2804 Wanarpv6 - ok
21:03:21.0320 2804 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
21:03:21.0330 2804 Wd - ok
21:03:21.0364 2804 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
21:03:21.0384 2804 Wdf01000 - ok
21:03:21.0542 2804 winusb (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\winusb.sys
21:03:21.0562 2804 winusb - ok
21:03:21.0580 2804 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
21:03:21.0601 2804 WmiAcpi - ok
21:03:21.0695 2804 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
21:03:21.0721 2804 WpdUsb - ok
21:03:21.0767 2804 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
21:03:21.0803 2804 ws2ifsl - ok
21:03:21.0863 2804 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
21:03:21.0877 2804 WudfPf - ok
21:03:21.0909 2804 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:03:21.0923 2804 WUDFRd - ok
21:03:21.0972 2804 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
21:03:22.0055 2804 \Device\Harddisk0\DR0 - ok
21:03:22.0513 2804 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk1\DR1
21:03:22.0564 2804 \Device\Harddisk1\DR1 - ok
21:03:22.0583 2804 Boot (0x1200) (23e2b1ae14f050890a65fbb4378e7859) \Device\Harddisk0\DR0\Partition0
21:03:22.0584 2804 \Device\Harddisk0\DR0\Partition0 - ok
21:03:22.0588 2804 Boot (0x1200) (706b89b6868885f300ca8fc5902ef18e) \Device\Harddisk1\DR1\Partition0
21:03:22.0588 2804 \Device\Harddisk1\DR1\Partition0 - ok
21:03:22.0591 2804 ============================================================
21:03:22.0591 2804 Scan finished
21:03:22.0591 2804 ============================================================
21:03:22.0604 0824 Detected object count: 2
21:03:22.0604 0824 Actual detected object count: 2
21:03:27.0255 0824 ElbyCDIO ( UnsignedFile.Multi.Generic ) - skipped by user
21:03:27.0255 0824 ElbyCDIO ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:03:27.0257 0824 ElbyDelay ( UnsignedFile.Multi.Generic ) - skipped by user
21:03:27.0257 0824 ElbyDelay ( UnsignedFile.Multi.Generic ) - User select action: Skip


Gruß
Dennis

cosinus 29.09.2011 20:14
Zitat:
21:03:27.0255 0824 ElbyCDIO ( UnsignedFile.Multi.Generic ) - skipped by user
21:03:27.0255 0824 ElbyCDIO ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:03:27.0257 0824 ElbyDelay ( UnsignedFile.Multi.Generic ) - skipped by user
21:03:27.0257 0824 ElbyDelay ( UnsignedFile.Multi.Generic ) - User select action: Skip
Wieso denn jetzt nur nich Elby? Vorhin der der TDSS-Killer noch was mehr angezeigt!

Raccoon 29.09.2011 20:19
Verstehe ich jetzt nicht so ganz...
Also die zwei Elby-Dinger habe ich gelassen und die anderen drei habe ich löschen lassen. Was soll ich jetzt machen?

Gruß
Dennis

cosinus 29.09.2011 20:20
Ja, "die anderen" tauchen aber im letzten Log nicht auf, deswegen hab ich nachgefragt. Vllt hast du das falsche oder das Log unvollstöndig gepostet

Raccoon 29.09.2011 20:29
Hm, also beim erneuten Scan tauchen jetzt nur noch die Elby-Dinger auf...
Hier der neue und vollständig kopierte Scan:

21:27:21.0578 3024 TDSS rootkit removing tool 2.6.2.0 Sep 26 2011 18:56:43
21:27:21.0776 3024 ============================================================
21:27:21.0777 3024 Current date / time: 2011/09/29 21:27:21.0776
21:27:21.0777 3024 SystemInfo:
21:27:21.0777 3024
21:27:21.0777 3024 OS Version: 6.0.6002 ServicePack: 2.0
21:27:21.0777 3024 Product type: Workstation
21:27:21.0777 3024 ComputerName: VISTA
21:27:21.0777 3024 UserName: Dennis Minaev
21:27:21.0777 3024 Windows directory: C:\Windows
21:27:21.0777 3024 System windows directory: C:\Windows
21:27:21.0777 3024 Processor architecture: Intel x86
21:27:21.0777 3024 Number of processors: 4
21:27:21.0777 3024 Page size: 0x1000
21:27:21.0777 3024 Boot type: Normal boot
21:27:21.0777 3024 ============================================================
21:27:23.0202 3024 Initialize success
21:27:37.0129 2164 ============================================================
21:27:37.0129 2164 Scan started
21:27:37.0129 2164 Mode: Manual; SigCheck; TDLFS;
21:27:37.0129 2164 ============================================================
21:27:37.0510 2164 61883 (585e64bb6dfbc0a2f1f0b554ded012df) C:\Windows\system32\DRIVERS\61883.sys
21:27:37.0608 2164 61883 - ok
21:27:37.0671 2164 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
21:27:37.0687 2164 ACPI - ok
21:27:37.0719 2164 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
21:27:37.0736 2164 adp94xx - ok
21:27:37.0762 2164 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
21:27:37.0774 2164 adpahci - ok
21:27:37.0788 2164 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
21:27:37.0798 2164 adpu160m - ok
21:27:37.0819 2164 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
21:27:37.0829 2164 adpu320 - ok
21:27:37.0883 2164 adxapie - ok
21:27:37.0910 2164 Afc - ok
21:27:37.0959 2164 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
21:27:37.0976 2164 AFD - ok
21:27:37.0996 2164 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
21:27:38.0006 2164 agp440 - ok
21:27:38.0037 2164 ahcix86s (0dee2b628d4c6e23285bb91effdabfde) C:\Windows\system32\drivers\ahcix86s.sys
21:27:38.0083 2164 ahcix86s - ok
21:27:38.0143 2164 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
21:27:38.0154 2164 aic78xx - ok
21:27:38.0216 2164 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
21:27:38.0226 2164 aliide - ok
21:27:38.0253 2164 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
21:27:38.0263 2164 amdagp - ok
21:27:38.0295 2164 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
21:27:38.0305 2164 amdide - ok
21:27:38.0353 2164 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
21:27:38.0379 2164 AmdK7 - ok
21:27:38.0395 2164 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
21:27:38.0420 2164 AmdK8 - ok
21:27:38.0490 2164 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
21:27:38.0502 2164 arc - ok
21:27:38.0523 2164 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
21:27:38.0534 2164 arcsas - ok
21:27:38.0567 2164 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
21:27:38.0592 2164 AsyncMac - ok
21:27:38.0679 2164 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
21:27:38.0690 2164 atapi - ok
21:27:38.0722 2164 Avc (f4b56425a00beb32f5fa6603ff7b0ea2) C:\Windows\system32\DRIVERS\avc.sys
21:27:38.0748 2164 Avc - ok
21:27:38.0774 2164 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\Windows\system32\DRIVERS\avgntflt.sys
21:27:38.0783 2164 avgntflt - ok
21:27:38.0823 2164 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\Windows\system32\DRIVERS\avipbb.sys
21:27:38.0832 2164 avipbb - ok
21:27:38.0856 2164 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
21:27:38.0883 2164 Beep - ok
21:27:38.0921 2164 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
21:27:38.0947 2164 blbdrive - ok
21:27:38.0983 2164 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
21:27:38.0997 2164 bowser - ok
21:27:39.0027 2164 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
21:27:39.0046 2164 BrFiltLo - ok
21:27:39.0064 2164 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
21:27:39.0084 2164 BrFiltUp - ok
21:27:39.0198 2164 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
21:27:39.0241 2164 Brserid - ok
21:27:39.0258 2164 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
21:27:39.0302 2164 BrSerWdm - ok
21:27:39.0321 2164 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
21:27:39.0364 2164 BrUsbMdm - ok
21:27:39.0374 2164 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
21:27:39.0419 2164 BrUsbSer - ok
21:27:39.0440 2164 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
21:27:39.0484 2164 BTHMODEM - ok
21:27:39.0524 2164 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
21:27:39.0550 2164 cdfs - ok
21:27:39.0579 2164 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
21:27:39.0599 2164 cdrom - ok
21:27:39.0618 2164 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
21:27:39.0645 2164 circlass - ok
21:27:39.0676 2164 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
21:27:39.0692 2164 CLFS - ok
21:27:39.0731 2164 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
21:27:39.0740 2164 cmdide - ok
21:27:39.0762 2164 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
21:27:39.0772 2164 Compbatt - ok
21:27:39.0797 2164 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
21:27:39.0807 2164 crcdisk - ok
21:27:39.0827 2164 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
21:27:39.0852 2164 Crusoe - ok
21:27:39.0898 2164 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
21:27:39.0911 2164 DfsC - ok
21:27:39.0977 2164 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
21:27:39.0988 2164 disk - ok
21:27:40.0055 2164 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
21:27:40.0074 2164 drmkaud - ok
21:27:40.0111 2164 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
21:27:40.0140 2164 DXGKrnl - ok
21:27:40.0161 2164 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
21:27:40.0187 2164 E1G60 - ok
21:27:40.0242 2164 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
21:27:40.0255 2164 Ecache - ok
21:27:40.0299 2164 ElbyCDIO (37c3a9fef349d13685ec9c2acaaeafce) C:\Windows\system32\Drivers\ElbyCDIO.sys
21:27:40.0303 2164 ElbyCDIO ( UnsignedFile.Multi.Generic ) - warning
21:27:40.0303 2164 ElbyCDIO - detected UnsignedFile.Multi.Generic (1)
21:27:40.0330 2164 ElbyDelay (8d35affbeed58fd66e9fad223de33718) C:\Windows\system32\Drivers\ElbyDelay.sys
21:27:40.0334 2164 ElbyDelay ( UnsignedFile.Multi.Generic ) - warning
21:27:40.0334 2164 ElbyDelay - detected UnsignedFile.Multi.Generic (1)
21:27:40.0355 2164 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
21:27:40.0373 2164 elxstor - ok
21:27:40.0412 2164 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
21:27:40.0436 2164 ErrDev - ok
21:27:40.0482 2164 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
21:27:40.0496 2164 exfat - ok
21:27:40.0526 2164 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
21:27:40.0547 2164 fastfat - ok
21:27:40.0580 2164 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
21:27:40.0605 2164 fdc - ok
21:27:40.0646 2164 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
21:27:40.0656 2164 FileInfo - ok
21:27:40.0671 2164 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
21:27:40.0697 2164 Filetrace - ok
21:27:40.0717 2164 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
21:27:40.0742 2164 flpydisk - ok
21:27:40.0772 2164 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
21:27:40.0785 2164 FltMgr - ok
21:27:40.0844 2164 fssfltr (b74b0578fd1d3f897e95f2a2b69ea051) C:\Windows\system32\DRIVERS\fssfltr.sys
21:27:40.0854 2164 fssfltr - ok
21:27:40.0866 2164 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
21:27:40.0888 2164 Fs_Rec - ok
21:27:40.0905 2164 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
21:27:40.0915 2164 gagp30kx - ok
21:27:40.0948 2164 hamachi (14d11f508e649f1499bd32e145ba80cb) C:\Windows\system32\DRIVERS\hamachi.sys
21:27:40.0956 2164 hamachi - ok
21:27:40.0994 2164 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
21:27:41.0039 2164 HdAudAddService - ok
21:27:41.0098 2164 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
21:27:41.0129 2164 HDAudBus - ok
21:27:41.0198 2164 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
21:27:41.0241 2164 HidBth - ok
21:27:41.0266 2164 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
21:27:41.0310 2164 HidIr - ok
21:27:41.0335 2164 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
21:27:41.0355 2164 HidUsb - ok
21:27:41.0386 2164 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
21:27:41.0397 2164 HpCISSs - ok
21:27:41.0425 2164 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
21:27:41.0444 2164 HTTP - ok
21:27:41.0486 2164 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
21:27:41.0495 2164 i2omp - ok
21:27:41.0518 2164 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
21:27:41.0536 2164 i8042prt - ok
21:27:41.0555 2164 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
21:27:41.0567 2164 iaStorV - ok
21:27:41.0598 2164 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
21:27:41.0606 2164 iirsp - ok
21:27:41.0682 2164 IntcAzAudAddService (737d0390644def1a20c1ccf92c0e9c0c) C:\Windows\system32\drivers\RTKVHDA.sys
21:27:41.0736 2164 IntcAzAudAddService - ok
21:27:41.0775 2164 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
21:27:41.0784 2164 intelide - ok
21:27:41.0806 2164 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
21:27:41.0829 2164 intelppm - ok
21:27:41.0846 2164 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:27:41.0869 2164 IpFilterDriver - ok
21:27:41.0882 2164 IpInIp - ok
21:27:41.0898 2164 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
21:27:41.0921 2164 IPMIDRV - ok
21:27:41.0938 2164 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
21:27:41.0964 2164 IPNAT - ok
21:27:41.0984 2164 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
21:27:42.0006 2164 IRENUM - ok
21:27:42.0038 2164 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
21:27:42.0047 2164 isapnp - ok
21:27:42.0081 2164 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
21:27:42.0092 2164 iScsiPrt - ok
21:27:42.0112 2164 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
21:27:42.0122 2164 iteatapi - ok
21:27:42.0139 2164 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
21:27:42.0148 2164 iteraid - ok
21:27:42.0172 2164 JRAID (ab95b2ddb49f6b6cf52625e56c1f1f71) C:\Windows\system32\drivers\jraid.sys
21:27:42.0184 2164 JRAID - ok
21:27:42.0200 2164 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
21:27:42.0210 2164 kbdclass - ok
21:27:42.0237 2164 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
21:27:42.0257 2164 kbdhid - ok
21:27:42.0288 2164 KMWDFILTER (566c5fd480fdbce3ba5cf9fbcffaea9a) C:\Windows\system32\DRIVERS\KMWDFILTER.sys
21:27:42.0299 2164 KMWDFILTER - ok
21:27:42.0339 2164 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
21:27:42.0360 2164 KSecDD - ok
21:27:42.0391 2164 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
21:27:42.0417 2164 lltdio - ok
21:27:42.0447 2164 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
21:27:42.0458 2164 LSI_FC - ok
21:27:42.0478 2164 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
21:27:42.0489 2164 LSI_SAS - ok
21:27:42.0509 2164 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
21:27:42.0520 2164 LSI_SCSI - ok
21:27:42.0539 2164 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
21:27:42.0565 2164 luafv - ok
21:27:42.0608 2164 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys
21:27:42.0619 2164 MBAMProtector - ok
21:27:42.0645 2164 MBAMSwissArmy - ok
21:27:42.0673 2164 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
21:27:42.0681 2164 megasas - ok
21:27:42.0733 2164 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
21:27:42.0783 2164 MegaSR - ok
21:27:42.0816 2164 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
21:27:42.0838 2164 Modem - ok
21:27:42.0872 2164 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
21:27:42.0896 2164 monitor - ok
21:27:42.0913 2164 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
21:27:42.0923 2164 mouclass - ok
21:27:42.0940 2164 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
21:27:42.0965 2164 mouhid - ok
21:27:42.0987 2164 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
21:27:42.0998 2164 MountMgr - ok
21:27:43.0036 2164 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
21:27:43.0048 2164 mpio - ok
21:27:43.0075 2164 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
21:27:43.0096 2164 mpsdrv - ok
21:27:43.0132 2164 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
21:27:43.0141 2164 Mraid35x - ok
21:27:43.0182 2164 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
21:27:43.0197 2164 MRxDAV - ok
21:27:43.0233 2164 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:27:43.0247 2164 mrxsmb - ok
21:27:43.0288 2164 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:27:43.0303 2164 mrxsmb10 - ok
21:27:43.0333 2164 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:27:43.0346 2164 mrxsmb20 - ok
21:27:43.0384 2164 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
21:27:43.0394 2164 msahci - ok
21:27:43.0424 2164 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
21:27:43.0435 2164 msdsm - ok
21:27:43.0482 2164 MSDV (343291a4dfd7c923c3f71f550830ec1c) C:\Windows\system32\DRIVERS\msdv.sys
21:27:43.0506 2164 MSDV - ok
21:27:43.0528 2164 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
21:27:43.0550 2164 Msfs - ok
21:27:43.0584 2164 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
21:27:43.0593 2164 msisadrv - ok
21:27:43.0625 2164 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
21:27:43.0650 2164 MSKSSRV - ok
21:27:43.0667 2164 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
21:27:43.0689 2164 MSPCLOCK - ok
21:27:43.0700 2164 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
21:27:43.0724 2164 MSPQM - ok
21:27:43.0750 2164 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
21:27:43.0762 2164 MsRPC - ok
21:27:43.0781 2164 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
21:27:43.0790 2164 mssmbios - ok
21:27:43.0805 2164 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
21:27:43.0827 2164 MSTEE - ok
21:27:43.0850 2164 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
21:27:43.0860 2164 Mup - ok
21:27:43.0897 2164 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
21:27:43.0912 2164 NativeWifiP - ok
21:27:43.0957 2164 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
21:27:43.0979 2164 NDIS - ok
21:27:44.0017 2164 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
21:27:44.0037 2164 NdisTapi - ok
21:27:44.0055 2164 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
21:27:44.0081 2164 Ndisuio - ok
21:27:44.0122 2164 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
21:27:44.0143 2164 NdisWan - ok
21:27:44.0164 2164 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
21:27:44.0191 2164 NDProxy - ok
21:27:44.0202 2164 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
21:27:44.0228 2164 NetBIOS - ok
21:27:44.0257 2164 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
21:27:44.0279 2164 netbt - ok
21:27:44.0315 2164 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
21:27:44.0325 2164 nfrd960 - ok
21:27:44.0352 2164 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
21:27:44.0372 2164 Npfs - ok
21:27:44.0392 2164 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
21:27:44.0417 2164 nsiproxy - ok
21:27:44.0463 2164 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
21:27:44.0498 2164 Ntfs - ok
21:27:44.0518 2164 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
21:27:44.0561 2164 ntrigdigi - ok
21:27:44.0571 2164 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
21:27:44.0596 2164 Null - ok
21:27:44.0639 2164 NVENETFD (adb84b1e6b837c45443aa25abe9e7012) C:\Windows\system32\DRIVERS\nvmfdx32.sys
21:27:44.0699 2164 NVENETFD - ok
21:27:44.0959 2164 nvlddmkm (712d98d35e68d0006b121f4a3b8ee814) C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:27:45.0254 2164 nvlddmkm - ok
21:27:45.0268 2164 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
21:27:45.0279 2164 nvraid - ok
21:27:45.0318 2164 nvrd32 (b8d6145d3eb05e9f81bade9b7afc2c80) C:\Windows\system32\drivers\nvrd32.sys
21:27:45.0326 2164 nvrd32 - ok
21:27:45.0345 2164 nvsmu (736054614ab962d4ec01ef4abce115f1) C:\Windows\system32\DRIVERS\nvsmu.sys
21:27:45.0355 2164 nvsmu - ok
21:27:45.0374 2164 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
21:27:45.0384 2164 nvstor - ok
21:27:45.0405 2164 nvstor32 (9d2bd672c0461185d6ea1ae8bd3ae3f4) C:\Windows\system32\drivers\nvstor32.sys
21:27:45.0413 2164 nvstor32 - ok
21:27:45.0432 2164 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
21:27:45.0442 2164 nv_agp - ok
21:27:45.0450 2164 NwlnkFlt - ok
21:27:45.0462 2164 NwlnkFwd - ok
21:27:45.0505 2164 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
21:27:45.0526 2164 ohci1394 - ok
21:27:45.0548 2164 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
21:27:45.0592 2164 Parport - ok
21:27:45.0624 2164 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
21:27:45.0635 2164 partmgr - ok
21:27:45.0657 2164 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
21:27:45.0695 2164 Parvdm - ok
21:27:45.0731 2164 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
21:27:45.0742 2164 pci - ok
21:27:45.0769 2164 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
21:27:45.0780 2164 pciide - ok
21:27:45.0811 2164 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
21:27:45.0822 2164 pcmcia - ok
21:27:45.0865 2164 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
21:27:45.0921 2164 PEAUTH - ok
21:27:45.0979 2164 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
21:27:46.0002 2164 PptpMiniport - ok
21:27:46.0020 2164 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
21:27:46.0043 2164 Processor - ok
21:27:46.0080 2164 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
21:27:46.0122 2164 PSched - ok
21:27:46.0191 2164 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys
21:27:46.0199 2164 PxHelp20 - ok
21:27:46.0245 2164 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
21:27:46.0277 2164 ql2300 - ok
21:27:46.0296 2164 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
21:27:46.0306 2164 ql40xx - ok
21:27:46.0329 2164 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
21:27:46.0342 2164 QWAVEdrv - ok
21:27:46.0358 2164 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
21:27:46.0384 2164 RasAcd - ok
21:27:46.0419 2164 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:27:46.0445 2164 Rasl2tp - ok
21:27:46.0487 2164 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
21:27:46.0507 2164 RasPppoe - ok
21:27:46.0543 2164 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
21:27:46.0558 2164 RasSstp - ok
21:27:46.0588 2164 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
21:27:46.0610 2164 rdbss - ok
21:27:46.0620 2164 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:27:46.0646 2164 RDPCDD - ok
21:27:46.0670 2164 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
21:27:46.0697 2164 rdpdr - ok
21:27:46.0707 2164 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
21:27:46.0733 2164 RDPENCDD - ok
21:27:46.0782 2164 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
21:27:46.0803 2164 RDPWD - ok
21:27:46.0858 2164 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
21:27:46.0885 2164 rspndr - ok
21:27:46.0918 2164 RxFilter (9235d02fabbd1deee6b7adb0a0a23300) C:\Windows\system32\DRIVERS\RxFilter.sys
21:27:46.0927 2164 RxFilter - ok
21:27:46.0954 2164 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
21:27:46.0965 2164 sbp2port - ok
21:27:47.0012 2164 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
21:27:47.0057 2164 secdrv - ok
21:27:47.0092 2164 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
21:27:47.0140 2164 Serenum - ok
21:27:47.0223 2164 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
21:27:47.0267 2164 Serial - ok
21:27:47.0318 2164 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
21:27:47.0342 2164 sermouse - ok
21:27:47.0393 2164 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
21:27:47.0414 2164 sffdisk - ok
21:27:47.0454 2164 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
21:27:47.0479 2164 sffp_mmc - ok
21:27:47.0526 2164 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
21:27:47.0551 2164 sffp_sd - ok
21:27:47.0595 2164 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
21:27:47.0639 2164 sfloppy - ok
21:27:47.0688 2164 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
21:27:47.0698 2164 sisagp - ok
21:27:47.0741 2164 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
21:27:47.0752 2164 SiSRaid2 - ok
21:27:47.0808 2164 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
21:27:47.0818 2164 SiSRaid4 - ok
21:27:47.0860 2164 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
21:27:47.0881 2164 Smb - ok
21:27:47.0910 2164 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
21:27:47.0920 2164 spldr - ok
21:27:47.0959 2164 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
21:27:47.0974 2164 srv - ok
21:27:48.0010 2164 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
21:27:48.0024 2164 srv2 - ok
21:27:48.0036 2164 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
21:27:48.0050 2164 srvnet - ok
21:27:48.0080 2164 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
21:27:48.0088 2164 ssmdrv - ok
21:27:48.0142 2164 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
21:27:48.0152 2164 swenum - ok
21:27:48.0193 2164 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
21:27:48.0203 2164 Symc8xx - ok
21:27:48.0229 2164 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
21:27:48.0239 2164 Sym_hi - ok
21:27:48.0263 2164 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
21:27:48.0273 2164 Sym_u3 - ok
21:27:48.0314 2164 taphss (0c3b2a9c4bd2dd9a6c2e4084314dd719) C:\Windows\system32\DRIVERS\taphss.sys
21:27:48.0322 2164 taphss - ok
21:27:48.0370 2164 Tcpip (2756186e287139310997090797e0182b) C:\Windows\system32\drivers\tcpip.sys
21:27:48.0402 2164 Tcpip - ok
21:27:48.0461 2164 Tcpip6 (2756186e287139310997090797e0182b) C:\Windows\system32\DRIVERS\tcpip.sys
21:27:48.0493 2164 Tcpip6 - ok
21:27:48.0562 2164 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
21:27:48.0575 2164 tcpipreg - ok
21:27:48.0602 2164 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
21:27:48.0627 2164 TDPIPE - ok
21:27:48.0668 2164 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
21:27:48.0693 2164 TDTCP - ok
21:27:48.0724 2164 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
21:27:48.0744 2164 tdx - ok
21:27:48.0775 2164 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
21:27:48.0787 2164 TermDD - ok
21:27:48.0828 2164 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:27:48.0853 2164 tssecsrv - ok
21:27:48.0871 2164 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
21:27:48.0885 2164 tunmp - ok
21:27:48.0914 2164 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
21:27:48.0928 2164 tunnel - ok
21:27:48.0946 2164 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
21:27:48.0957 2164 uagp35 - ok
21:27:48.0997 2164 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
21:27:49.0019 2164 udfs - ok
21:27:49.0051 2164 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
21:27:49.0061 2164 uliagpkx - ok
21:27:49.0092 2164 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
21:27:49.0105 2164 uliahci - ok
21:27:49.0135 2164 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
21:27:49.0145 2164 UlSata - ok
21:27:49.0184 2164 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
21:27:49.0195 2164 ulsata2 - ok
21:27:49.0208 2164 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
21:27:49.0234 2164 umbus - ok
21:27:49.0290 2164 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
21:27:49.0311 2164 usbaudio - ok
21:27:49.0337 2164 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
21:27:49.0357 2164 usbccgp - ok
21:27:49.0389 2164 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
21:27:49.0433 2164 usbcir - ok
21:27:49.0486 2164 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
21:27:49.0506 2164 usbehci - ok
21:27:49.0543 2164 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
21:27:49.0565 2164 usbhub - ok
21:27:49.0582 2164 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
21:27:49.0602 2164 usbohci - ok
21:27:49.0629 2164 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
21:27:49.0655 2164 usbprint - ok
21:27:49.0692 2164 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
21:27:49.0711 2164 usbscan - ok
21:27:49.0731 2164 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:27:49.0752 2164 USBSTOR - ok
21:27:49.0763 2164 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
21:27:49.0784 2164 usbuhci - ok
21:27:49.0823 2164 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
21:27:49.0848 2164 vga - ok
21:27:49.0873 2164 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
21:27:49.0899 2164 VgaSave - ok
21:27:49.0937 2164 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
21:27:49.0947 2164 viaagp - ok
21:27:49.0988 2164 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
21:27:50.0013 2164 ViaC7 - ok
21:27:50.0031 2164 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
21:27:50.0042 2164 viaide - ok
21:27:50.0068 2164 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
21:27:50.0078 2164 volmgr - ok
21:27:50.0120 2164 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
21:27:50.0136 2164 volmgrx - ok
21:27:50.0164 2164 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
21:27:50.0179 2164 volsnap - ok
21:27:50.0216 2164 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
21:27:50.0227 2164 vsmraid - ok
21:27:50.0267 2164 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
21:27:50.0310 2164 WacomPen - ok
21:27:50.0328 2164 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
21:27:50.0348 2164 Wanarp - ok
21:27:50.0361 2164 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
21:27:50.0383 2164 Wanarpv6 - ok
21:27:50.0410 2164 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
21:27:50.0419 2164 Wd - ok
21:27:50.0454 2164 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
21:27:50.0475 2164 Wdf01000 - ok
21:27:50.0640 2164 winusb (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\winusb.sys
21:27:50.0660 2164 winusb - ok
21:27:50.0684 2164 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
21:27:50.0704 2164 WmiAcpi - ok
21:27:50.0776 2164 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
21:27:50.0789 2164 WpdUsb - ok
21:27:50.0815 2164 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
21:27:50.0840 2164 ws2ifsl - ok
21:27:50.0903 2164 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
21:27:50.0916 2164 WudfPf - ok
21:27:50.0948 2164 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:27:50.0965 2164 WUDFRd - ok
21:27:51.0011 2164 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
21:27:51.0094 2164 \Device\Harddisk0\DR0 - ok
21:27:51.0561 2164 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk1\DR1
21:27:51.0612 2164 \Device\Harddisk1\DR1 - ok
21:27:51.0640 2164 Boot (0x1200) (23e2b1ae14f050890a65fbb4378e7859) \Device\Harddisk0\DR0\Partition0
21:27:51.0641 2164 \Device\Harddisk0\DR0\Partition0 - ok
21:27:51.0645 2164 Boot (0x1200) (706b89b6868885f300ca8fc5902ef18e) \Device\Harddisk1\DR1\Partition0
21:27:51.0645 2164 \Device\Harddisk1\DR1\Partition0 - ok
21:27:51.0648 2164 ============================================================
21:27:51.0648 2164 Scan finished
21:27:51.0648 2164 ============================================================
21:27:51.0661 1188 Detected object count: 2
21:27:51.0661 1188 Actual detected object count: 2
21:28:11.0072 1188 ElbyCDIO ( UnsignedFile.Multi.Generic ) - skipped by user
21:28:11.0072 1188 ElbyCDIO ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:28:11.0075 1188 ElbyDelay ( UnsignedFile.Multi.Generic ) - skipped by user
21:28:11.0075 1188 ElbyDelay ( UnsignedFile.Multi.Generic ) - User select action: Skip


Gruß
Dennis

cosinus 29.09.2011 20:30
Alle Logs sollten direkt auf C: liegen - poste bitte das wo die anderen gefixt wurden

Raccoon 29.09.2011 20:35
OK, hier ist er:

20:19:31.0626 15864 TDSS rootkit removing tool 2.6.2.0 Sep 26 2011 18:56:43
20:19:31.0859 15864 ============================================================
20:19:31.0859 15864 Current date / time: 2011/09/29 20:19:31.0859
20:19:31.0859 15864 SystemInfo:
20:19:31.0859 15864
20:19:31.0859 15864 OS Version: 6.0.6002 ServicePack: 2.0
20:19:31.0859 15864 Product type: Workstation
20:19:31.0859 15864 ComputerName: VISTA
20:19:31.0860 15864 UserName: Dennis Minaev
20:19:31.0860 15864 Windows directory: C:\Windows
20:19:31.0860 15864 System windows directory: C:\Windows
20:19:31.0860 15864 Processor architecture: Intel x86
20:19:31.0860 15864 Number of processors: 4
20:19:31.0860 15864 Page size: 0x1000
20:19:31.0860 15864 Boot type: Normal boot
20:19:31.0860 15864 ============================================================
20:19:33.0556 15864 Initialize success
20:20:35.0796 14580 ============================================================
20:20:35.0796 14580 Scan started
20:20:35.0796 14580 Mode: Manual; SigCheck; TDLFS;
20:20:35.0796 14580 ============================================================
20:20:36.0052 14580 61883 (585e64bb6dfbc0a2f1f0b554ded012df) C:\Windows\system32\DRIVERS\61883.sys
20:20:36.0307 14580 61883 - ok
20:20:36.0347 14580 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
20:20:36.0365 14580 ACPI - ok
20:20:36.0420 14580 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
20:20:36.0454 14580 adp94xx - ok
20:20:36.0479 14580 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
20:20:36.0505 14580 adpahci - ok
20:20:36.0522 14580 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
20:20:36.0541 14580 adpu160m - ok
20:20:36.0561 14580 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
20:20:36.0581 14580 adpu320 - ok
20:20:36.0641 14580 adxapie - ok
20:20:36.0669 14580 Afc - ok
20:20:36.0718 14580 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
20:20:36.0802 14580 AFD - ok
20:20:36.0821 14580 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
20:20:36.0838 14580 agp440 - ok
20:20:36.0871 14580 ahcix86s (0dee2b628d4c6e23285bb91effdabfde) C:\Windows\system32\drivers\ahcix86s.sys
20:20:51.0945 14580 ahcix86s - ok
20:20:51.0979 14580 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
20:20:51.0997 14580 aic78xx - ok
20:20:52.0019 14580 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
20:20:52.0033 14580 aliide - ok
20:20:52.0055 14580 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
20:20:52.0071 14580 amdagp - ok
20:20:52.0089 14580 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
20:20:52.0104 14580 amdide - ok
20:20:52.0131 14580 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
20:20:52.0174 14580 AmdK7 - ok
20:20:52.0189 14580 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
20:20:52.0232 14580 AmdK8 - ok
20:20:52.0301 14580 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
20:20:52.0318 14580 arc - ok
20:20:52.0333 14580 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
20:20:52.0351 14580 arcsas - ok
20:20:52.0386 14580 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
20:20:52.0421 14580 AsyncMac - ok
20:20:52.0448 14580 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
20:20:52.0458 14580 atapi - ok
20:20:52.0491 14580 Avc (f4b56425a00beb32f5fa6603ff7b0ea2) C:\Windows\system32\DRIVERS\avc.sys
20:20:52.0533 14580 Avc - ok
20:20:52.0559 14580 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\Windows\system32\DRIVERS\avgntflt.sys
20:20:52.0590 14580 avgntflt - ok
20:20:52.0625 14580 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\Windows\system32\DRIVERS\avipbb.sys
20:20:52.0663 14580 avipbb - ok
20:20:52.0683 14580 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
20:20:52.0752 14580 Beep - ok
20:20:52.0790 14580 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
20:20:52.0822 14580 blbdrive - ok
20:20:52.0852 14580 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
20:20:52.0887 14580 bowser - ok
20:20:52.0912 14580 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
20:20:53.0247 14580 BrFiltLo - ok
20:20:53.0275 14580 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
20:20:53.0304 14580 BrFiltUp - ok
20:20:53.0325 14580 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
20:20:53.0472 14580 Brserid - ok
20:20:53.0493 14580 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
20:20:53.0563 14580 BrSerWdm - ok
20:20:53.0581 14580 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
20:20:53.0642 14580 BrUsbMdm - ok
20:20:53.0652 14580 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
20:20:53.0716 14580 BrUsbSer - ok
20:20:53.0734 14580 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
20:20:53.0803 14580 BTHMODEM - ok
20:20:53.0851 14580 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
20:20:53.0881 14580 cdfs - ok
20:20:53.0914 14580 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
20:20:53.0946 14580 cdrom - ok
20:20:53.0970 14580 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
20:20:54.0008 14580 circlass - ok
20:20:54.0044 14580 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
20:20:54.0062 14580 CLFS - ok
20:20:54.0108 14580 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
20:20:54.0122 14580 cmdide - ok
20:20:54.0139 14580 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
20:20:54.0154 14580 Compbatt - ok
20:20:54.0167 14580 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
20:20:54.0177 14580 crcdisk - ok
20:20:54.0196 14580 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
20:20:54.0233 14580 Crusoe - ok
20:20:54.0275 14580 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
20:20:54.0303 14580 DfsC - ok
20:20:54.0360 14580 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
20:20:54.0370 14580 disk - ok
20:20:54.0431 14580 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
20:20:54.0461 14580 drmkaud - ok
20:20:54.0496 14580 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
20:20:54.0540 14580 DXGKrnl - ok
20:20:54.0572 14580 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
20:20:54.0617 14580 E1G60 - ok
20:20:54.0669 14580 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
20:20:54.0680 14580 Ecache - ok
20:20:54.0726 14580 ElbyCDIO (37c3a9fef349d13685ec9c2acaaeafce) C:\Windows\system32\Drivers\ElbyCDIO.sys
20:20:54.0740 14580 ElbyCDIO ( UnsignedFile.Multi.Generic ) - warning
20:20:54.0740 14580 ElbyCDIO - detected UnsignedFile.Multi.Generic (1)
20:20:54.0765 14580 ElbyDelay (8d35affbeed58fd66e9fad223de33718) C:\Windows\system32\Drivers\ElbyDelay.sys
20:20:54.0784 14580 ElbyDelay ( UnsignedFile.Multi.Generic ) - warning
20:20:54.0784 14580 ElbyDelay - detected UnsignedFile.Multi.Generic (1)
20:20:54.0807 14580 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
20:20:54.0835 14580 elxstor - ok
20:20:54.0880 14580 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
20:20:54.0918 14580 ErrDev - ok
20:20:54.0968 14580 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
20:20:55.0026 14580 exfat - ok
20:20:55.0069 14580 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
20:20:55.0091 14580 fastfat - ok
20:20:55.0107 14580 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
20:20:55.0144 14580 fdc - ok
20:20:55.0181 14580 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
20:20:55.0190 14580 FileInfo - ok
20:20:55.0206 14580 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
20:20:55.0247 14580 Filetrace - ok
20:20:55.0261 14580 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
20:20:55.0292 14580 flpydisk - ok
20:20:55.0332 14580 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
20:20:55.0344 14580 FltMgr - ok
20:20:55.0412 14580 fssfltr (b74b0578fd1d3f897e95f2a2b69ea051) C:\Windows\system32\DRIVERS\fssfltr.sys
20:20:55.0429 14580 fssfltr - ok
20:20:55.0454 14580 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
20:20:55.0480 14580 Fs_Rec - ok
20:20:55.0498 14580 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
20:20:55.0515 14580 gagp30kx - ok
20:20:55.0549 14580 hamachi (14d11f508e649f1499bd32e145ba80cb) C:\Windows\system32\DRIVERS\hamachi.sys
20:20:55.0585 14580 hamachi - ok
20:20:55.0620 14580 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
20:20:55.0688 14580 HdAudAddService - ok
20:20:55.0720 14580 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
20:20:55.0779 14580 HDAudBus - ok
20:20:55.0824 14580 hid1tkis (11b0f2a7822b92fca5f1b74b231783bc) C:\Windows\system32\drivers\hid1tkis.sys
20:20:55.0943 14580 hid1tkis ( UnsignedFile.Multi.Generic ) - warning
20:20:55.0943 14580 hid1tkis - detected UnsignedFile.Multi.Generic (1)
20:20:56.0000 14580 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
20:20:56.0068 14580 HidBth - ok
20:20:56.0093 14580 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
20:20:56.0151 14580 HidIr - ok
20:20:56.0187 14580 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
20:20:56.0267 14580 HidUsb - ok
20:20:56.0288 14580 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
20:20:56.0305 14580 HpCISSs - ok
20:20:56.0336 14580 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
20:20:56.0433 14580 HTTP - ok
20:20:56.0463 14580 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
20:20:56.0483 14580 i2omp - ok
20:20:56.0511 14580 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
20:20:56.0568 14580 i8042prt - ok
20:20:56.0607 14580 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
20:20:56.0634 14580 iaStorV - ok
20:20:56.0691 14580 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
20:20:56.0711 14580 iirsp - ok
20:20:56.0785 14580 IntcAzAudAddService (737d0390644def1a20c1ccf92c0e9c0c) C:\Windows\system32\drivers\RTKVHDA.sys
20:20:57.0226 14580 IntcAzAudAddService - ok
20:20:57.0302 14580 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
20:20:57.0316 14580 intelide - ok
20:20:57.0349 14580 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
20:20:57.0388 14580 intelppm - ok
20:20:57.0414 14580 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:20:57.0444 14580 IpFilterDriver - ok
20:20:57.0456 14580 IpInIp - ok
20:20:57.0474 14580 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
20:20:57.0517 14580 IPMIDRV - ok
20:20:57.0540 14580 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
20:20:57.0573 14580 IPNAT - ok
20:20:57.0594 14580 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
20:20:57.0644 14580 IRENUM - ok
20:20:57.0664 14580 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
20:20:57.0688 14580 isapnp - ok
20:20:57.0724 14580 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
20:20:57.0743 14580 iScsiPrt - ok
20:20:57.0796 14580 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
20:20:57.0835 14580 iteatapi - ok
20:20:57.0874 14580 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
20:20:57.0889 14580 iteraid - ok
20:20:57.0923 14580 JRAID (ab95b2ddb49f6b6cf52625e56c1f1f71) C:\Windows\system32\drivers\jraid.sys
20:20:57.0960 14580 JRAID - ok
20:20:57.0985 14580 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
20:20:58.0001 14580 kbdclass - ok
20:20:58.0022 14580 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
20:20:58.0052 14580 kbdhid - ok
20:20:58.0081 14580 KMWDFILTER (566c5fd480fdbce3ba5cf9fbcffaea9a) C:\Windows\system32\DRIVERS\KMWDFILTER.sys
20:20:58.0112 14580 KMWDFILTER - ok
20:20:58.0198 14580 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
20:20:58.0232 14580 KSecDD - ok
20:20:58.0326 14580 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
20:20:58.0391 14580 lltdio - ok
20:20:58.0431 14580 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
20:20:58.0461 14580 LSI_FC - ok
20:20:58.0480 14580 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
20:20:58.0497 14580 LSI_SAS - ok
20:20:58.0519 14580 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
20:20:58.0548 14580 LSI_SCSI - ok
20:20:58.0565 14580 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
20:20:58.0598 14580 luafv - ok
20:20:58.0634 14580 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys
20:20:58.0674 14580 MBAMProtector - ok
20:20:58.0696 14580 MBAMSwissArmy - ok
20:20:58.0732 14580 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
20:20:58.0747 14580 megasas - ok
20:20:58.0801 14580 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
20:20:58.0850 14580 MegaSR - ok
20:20:58.0875 14580 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
20:20:58.0917 14580 Modem - ok
20:20:58.0949 14580 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
20:20:58.0983 14580 monitor - ok
20:20:59.0022 14580 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
20:20:59.0038 14580 mouclass - ok
20:20:59.0057 14580 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
20:20:59.0086 14580 mouhid - ok
20:20:59.0097 14580 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
20:20:59.0109 14580 MountMgr - ok
20:20:59.0145 14580 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
20:20:59.0165 14580 mpio - ok
20:20:59.0184 14580 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
20:20:59.0211 14580 mpsdrv - ok
20:20:59.0233 14580 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
20:20:59.0249 14580 Mraid35x - ok
20:20:59.0283 14580 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
20:20:59.0328 14580 MRxDAV - ok
20:20:59.0368 14580 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:20:59.0393 14580 mrxsmb - ok
20:20:59.0423 14580 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:20:59.0448 14580 mrxsmb10 - ok
20:20:59.0467 14580 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:20:59.0494 14580 mrxsmb20 - ok
20:20:59.0535 14580 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
20:20:59.0551 14580 msahci - ok
20:20:59.0575 14580 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
20:20:59.0594 14580 msdsm - ok
20:20:59.0641 14580 MSDV (343291a4dfd7c923c3f71f550830ec1c) C:\Windows\system32\DRIVERS\msdv.sys
20:20:59.0684 14580 MSDV - ok
20:20:59.0704 14580 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
20:20:59.0740 14580 Msfs - ok
20:20:59.0768 14580 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
20:20:59.0778 14580 msisadrv - ok
20:20:59.0818 14580 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
20:20:59.0851 14580 MSKSSRV - ok
20:20:59.0868 14580 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
20:20:59.0896 14580 MSPCLOCK - ok
20:20:59.0912 14580 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
20:20:59.0942 14580 MSPQM - ok
20:20:59.0960 14580 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
20:20:59.0975 14580 MsRPC - ok
20:20:59.0999 14580 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
20:21:00.0013 14580 mssmbios - ok
20:21:00.0039 14580 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
20:21:00.0071 14580 MSTEE - ok
20:21:00.0092 14580 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
20:21:00.0105 14580 Mup - ok
20:21:00.0140 14580 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
20:21:00.0163 14580 NativeWifiP - ok
20:21:00.0215 14580 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
20:21:00.0238 14580 NDIS - ok
20:21:00.0285 14580 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
20:21:00.0323 14580 NdisTapi - ok
20:21:00.0364 14580 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
20:21:00.0401 14580 Ndisuio - ok
20:21:00.0439 14580 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
20:21:00.0474 14580 NdisWan - ok
20:21:00.0490 14580 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
20:21:00.0515 14580 NDProxy - ok
20:21:00.0534 14580 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
20:21:00.0568 14580 NetBIOS - ok
20:21:00.0617 14580 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
20:21:00.0658 14580 netbt - ok
20:21:00.0691 14580 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
20:21:00.0713 14580 nfrd960 - ok
20:21:00.0736 14580 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
20:21:00.0783 14580 Npfs - ok
20:21:00.0818 14580 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
20:21:00.0852 14580 nsiproxy - ok
20:21:00.0948 14580 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
20:21:01.0456 14580 Ntfs - ok
20:21:01.0477 14580 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
20:21:01.0525 14580 ntrigdigi - ok
20:21:01.0537 14580 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
20:21:01.0570 14580 Null - ok
20:21:01.0810 14580 NVENETFD (adb84b1e6b837c45443aa25abe9e7012) C:\Windows\system32\DRIVERS\nvmfdx32.sys
20:21:01.0921 14580 NVENETFD - ok
20:21:02.0195 14580 nvlddmkm (712d98d35e68d0006b121f4a3b8ee814) C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:21:02.0959 14580 nvlddmkm - ok
20:21:03.0071 14580 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
20:21:03.0083 14580 nvraid - ok
20:21:03.0110 14580 nvrd32 (b8d6145d3eb05e9f81bade9b7afc2c80) C:\Windows\system32\drivers\nvrd32.sys
20:21:03.0127 14580 nvrd32 - ok
20:21:03.0154 14580 nvsmu (736054614ab962d4ec01ef4abce115f1) C:\Windows\system32\DRIVERS\nvsmu.sys
20:21:03.0187 14580 nvsmu - ok
20:21:03.0207 14580 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
20:21:03.0223 14580 nvstor - ok
20:21:03.0247 14580 nvstor32 (9d2bd672c0461185d6ea1ae8bd3ae3f4) C:\Windows\system32\drivers\nvstor32.sys
20:21:03.0263 14580 nvstor32 - ok
20:21:03.0283 14580 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
20:21:03.0303 14580 nv_agp - ok
20:21:03.0314 14580 NwlnkFlt - ok
20:21:03.0327 14580 NwlnkFwd - ok
20:21:03.0372 14580 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
20:21:03.0407 14580 ohci1394 - ok
20:21:03.0451 14580 ovt530 (71cffb1e06aa8978a7b4a346c191f8ba) C:\Windows\system32\Drivers\ov530vid.sys
20:21:03.0467 14580 ovt530 ( UnsignedFile.Multi.Generic ) - warning
20:21:03.0467 14580 ovt530 - detected UnsignedFile.Multi.Generic (1)
20:21:03.0498 14580 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
20:21:03.0544 14580 Parport - ok
20:21:03.0574 14580 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
20:21:03.0585 14580 partmgr - ok
20:21:03.0599 14580 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
20:21:03.0652 14580 Parvdm - ok
20:21:03.0690 14580 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
20:21:03.0701 14580 pci - ok
20:21:03.0728 14580 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
20:21:03.0738 14580 pciide - ok
20:21:03.0762 14580 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
20:21:03.0781 14580 pcmcia - ok
20:21:03.0824 14580 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
20:21:04.0014 14580 PEAUTH - ok
20:21:04.0087 14580 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
20:21:04.0125 14580 PptpMiniport - ok
20:21:04.0146 14580 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
20:21:04.0193 14580 Processor - ok
20:21:04.0239 14580 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
20:21:04.0264 14580 PSched - ok
20:21:04.0293 14580 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys
20:21:04.0303 14580 PxHelp20 - ok
20:21:04.0345 14580 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
20:21:04.0433 14580 ql2300 - ok
20:21:04.0471 14580 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
20:21:04.0488 14580 ql40xx - ok
20:21:04.0521 14580 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
20:21:04.0567 14580 QWAVEdrv - ok
20:21:04.0583 14580 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
20:21:04.0612 14580 RasAcd - ok
20:21:04.0670 14580 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:21:04.0715 14580 Rasl2tp - ok
20:21:04.0768 14580 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
20:21:04.0793 14580 RasPppoe - ok
20:21:04.0827 14580 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
20:21:04.0855 14580 RasSstp - ok
20:21:04.0887 14580 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
20:21:04.0920 14580 rdbss - ok
20:21:04.0941 14580 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:21:04.0979 14580 RDPCDD - ok
20:21:05.0081 14580 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
20:21:05.0164 14580 rdpdr - ok
20:21:05.0296 14580 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
20:21:05.0334 14580 RDPENCDD - ok
20:21:05.0382 14580 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
20:21:05.0437 14580 RDPWD - ok
20:21:05.0475 14580 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
20:21:05.0516 14580 rspndr - ok
20:21:05.0552 14580 RxFilter (9235d02fabbd1deee6b7adb0a0a23300) C:\Windows\system32\DRIVERS\RxFilter.sys
20:21:05.0567 14580 RxFilter - ok
20:21:05.0596 14580 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
20:21:05.0625 14580 sbp2port - ok
20:21:05.0662 14580 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
20:21:05.0719 14580 secdrv - ok
20:21:05.0795 14580 Sentinel (05f03d7f2999431c53ce254da1301b31) C:\Windows\System32\Drivers\SENTINEL.SYS
20:21:05.0831 14580 Sentinel ( UnsignedFile.Multi.Generic ) - warning
20:21:05.0831 14580 Sentinel - detected UnsignedFile.Multi.Generic (1)
20:21:05.0875 14580 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
20:21:05.0923 14580 Serenum - ok
20:21:05.0965 14580 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
20:21:06.0040 14580 Serial - ok
20:21:06.0084 14580 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
20:21:06.0113 14580 sermouse - ok
20:21:06.0193 14580 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
20:21:06.0223 14580 sffdisk - ok
20:21:06.0237 14580 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
20:21:06.0266 14580 sffp_mmc - ok
20:21:06.0301 14580 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
20:21:06.0340 14580 sffp_sd - ok
20:21:06.0362 14580 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
20:21:06.0426 14580 sfloppy - ok
20:21:06.0471 14580 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
20:21:06.0489 14580 sisagp - ok
20:21:06.0516 14580 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
20:21:06.0532 14580 SiSRaid2 - ok
20:21:06.0558 14580 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
20:21:06.0592 14580 SiSRaid4 - ok
20:21:06.0627 14580 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
20:21:06.0665 14580 Smb - ok
20:21:06.0702 14580 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
20:21:06.0712 14580 spldr - ok
20:21:06.0766 14580 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
20:21:06.0812 14580 srv - ok
20:21:06.0913 14580 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
20:21:07.0021 14580 srv2 - ok
20:21:07.0039 14580 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
20:21:07.0055 14580 srvnet - ok
20:21:07.0088 14580 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
20:21:07.0100 14580 ssmdrv - ok
20:21:07.0167 14580 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
20:21:07.0182 14580 swenum - ok
20:21:07.0218 14580 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
20:21:07.0251 14580 Symc8xx - ok
20:21:07.0271 14580 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
20:21:07.0286 14580 Sym_hi - ok
20:21:07.0313 14580 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
20:21:07.0327 14580 Sym_u3 - ok
20:21:07.0372 14580 taphss (0c3b2a9c4bd2dd9a6c2e4084314dd719) C:\Windows\system32\DRIVERS\taphss.sys
20:21:07.0386 14580 taphss - ok
20:21:07.0436 14580 Tcpip (2756186e287139310997090797e0182b) C:\Windows\system32\drivers\tcpip.sys
20:21:07.0502 14580 Tcpip - ok
20:21:07.0547 14580 Tcpip6 (2756186e287139310997090797e0182b) C:\Windows\system32\DRIVERS\tcpip.sys
20:21:07.0609 14580 Tcpip6 - ok
20:21:07.0678 14580 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
20:21:07.0701 14580 tcpipreg - ok
20:21:07.0727 14580 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
20:21:07.0770 14580 TDPIPE - ok
20:21:07.0801 14580 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
20:21:07.0831 14580 TDTCP - ok
20:21:07.0865 14580 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
20:21:07.0899 14580 tdx - ok
20:21:07.0925 14580 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
20:21:07.0943 14580 TermDD - ok
20:21:07.0986 14580 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:21:08.0018 14580 tssecsrv - ok
20:21:08.0037 14580 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
20:21:08.0071 14580 tunmp - ok
20:21:08.0097 14580 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
20:21:08.0124 14580 tunnel - ok
20:21:08.0146 14580 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
20:21:08.0161 14580 uagp35 - ok
20:21:08.0205 14580 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
20:21:08.0232 14580 udfs - ok
20:21:08.0276 14580 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
20:21:08.0291 14580 uliagpkx - ok
20:21:08.0325 14580 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
20:21:08.0344 14580 uliahci - ok
20:21:08.0368 14580 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
20:21:08.0386 14580 UlSata - ok
20:21:08.0418 14580 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
20:21:08.0438 14580 ulsata2 - ok
20:21:08.0448 14580 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
20:21:08.0488 14580 umbus - ok
20:21:08.0556 14580 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
20:21:08.0587 14580 usbaudio - ok
20:21:08.0611 14580 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
20:21:08.0646 14580 usbccgp - ok
20:21:08.0664 14580 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
20:21:08.0730 14580 usbcir - ok
20:21:08.0769 14580 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
20:21:08.0802 14580 usbehci - ok
20:21:08.0843 14580 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
20:21:08.0891 14580 usbhub - ok
20:21:08.0923 14580 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
20:21:08.0955 14580 usbohci - ok
20:21:08.0987 14580 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
20:21:09.0024 14580 usbprint - ok
20:21:09.0058 14580 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
20:21:09.0087 14580 usbscan - ok
20:21:09.0117 14580 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:21:09.0150 14580 USBSTOR - ok
20:21:09.0172 14580 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
20:21:09.0213 14580 usbuhci - ok
20:21:09.0264 14580 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
20:21:09.0305 14580 vga - ok
20:21:09.0323 14580 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
20:21:09.0361 14580 VgaSave - ok
20:21:09.0395 14580 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
20:21:09.0411 14580 viaagp - ok
20:21:09.0430 14580 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
20:21:09.0461 14580 ViaC7 - ok
20:21:09.0481 14580 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
20:21:09.0496 14580 viaide - ok
20:21:09.0526 14580 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
20:21:09.0536 14580 volmgr - ok
20:21:09.0577 14580 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
20:21:09.0594 14580 volmgrx - ok
20:21:09.0631 14580 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
20:21:09.0645 14580 volsnap - ok
20:21:09.0682 14580 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
20:21:09.0700 14580 vsmraid - ok
20:21:09.0758 14580 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
20:21:09.0813 14580 WacomPen - ok
20:21:09.0836 14580 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
20:21:09.0863 14580 Wanarp - ok
20:21:09.0876 14580 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
20:21:09.0897 14580 Wanarpv6 - ok
20:21:09.0918 14580 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
20:21:09.0928 14580 Wd - ok
20:21:09.0961 14580 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
20:21:10.0012 14580 Wdf01000 - ok
20:21:10.0148 14580 winusb (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\winusb.sys
20:21:10.0168 14580 winusb - ok
20:21:10.0182 14580 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
20:21:10.0219 14580 WmiAcpi - ok
20:21:10.0292 14580 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
20:21:10.0419 14580 WpdUsb - ok
20:21:10.0448 14580 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
20:21:10.0493 14580 ws2ifsl - ok
20:21:10.0552 14580 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
20:21:10.0591 14580 WudfPf - ok
20:21:10.0631 14580 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:21:10.0651 14580 WUDFRd - ok
20:21:10.0694 14580 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
20:21:10.0786 14580 \Device\Harddisk0\DR0 - ok
20:21:10.0809 14580 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk1\DR1
20:21:10.0862 14580 \Device\Harddisk1\DR1 - ok
20:21:10.0866 14580 Boot (0x1200) (23e2b1ae14f050890a65fbb4378e7859) \Device\Harddisk0\DR0\Partition0
20:21:10.0867 14580 \Device\Harddisk0\DR0\Partition0 - ok
20:21:10.0872 14580 Boot (0x1200) (706b89b6868885f300ca8fc5902ef18e) \Device\Harddisk1\DR1\Partition0
20:21:10.0873 14580 \Device\Harddisk1\DR1\Partition0 - ok
20:21:10.0876 14580 ============================================================
20:21:10.0876 14580 Scan finished
20:21:10.0876 14580 ============================================================
20:21:10.0893 15816 Detected object count: 5
20:21:10.0893 15816 Actual detected object count: 5
20:22:41.0901 15816 ElbyCDIO ( UnsignedFile.Multi.Generic ) - skipped by user
20:22:41.0901 15816 ElbyCDIO ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:22:41.0904 15816 ElbyDelay ( UnsignedFile.Multi.Generic ) - skipped by user
20:22:41.0904 15816 ElbyDelay ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:22:41.0906 15816 hid1tkis ( UnsignedFile.Multi.Generic ) - skipped by user
20:22:41.0907 15816 hid1tkis ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:22:41.0909 15816 ovt530 ( UnsignedFile.Multi.Generic ) - skipped by user
20:22:41.0909 15816 ovt530 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:22:41.0911 15816 Sentinel ( UnsignedFile.Multi.Generic ) - skipped by user
20:22:41.0911 15816 Sentinel ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:22:44.0224 14144 Deinitialize success


Gruß
Dennis

cosinus 29.09.2011 20:49
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Raccoon 01.10.2011 13:40
Hier das Ergebnis:


Combofix Logfile:
Code:
ComboFix 11-09-30.05 - Dennis Minaev 01.10.2011  14:18:58.1.4 - x86
Microsoft® Windows Vista™ Home Premium  6.0.6002.2.1252.49.1031.18.3326.2284 [GMT 2:00]
ausgeführt von:: c:\users\Dennis Minaev\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\290
c:\programdata\290\{334FEC59-F483-4574-BC83-D338BCBB9C0A}.swf
c:\users\Dennis Minaev\AppData\Roaming\Local
c:\users\Dennis Minaev\AppData\Roaming\Local\Temp\DDM\Settings\.ddr
c:\users\Dennis Minaev\AppData\Roaming\Local\Temp\DDM\Settings\0.ddi
c:\users\Dennis Minaev\AppData\Roaming\Local\Temp\DDM\Settings\Inception_Trailer_592.divx.ddr
c:\users\Dennis Minaev\AppData\Roaming\Local\Temp\DDM\Settings\settings.ddi
c:\users\Dennis Minaev\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\.ddp
c:\users\Dennis Minaev\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\Inception_Trailer_592.divx
c:\windows\IsUn0407.exe
c:\windows\IsUn0419.exe
c:\windows\security\Database\tmp.edb
c:\windows\system32\comct332.ocx
c:\windows\unin0407.exe
.
.
(((((((((((((((((((((((  Dateien erstellt von 2011-09-01 bis 2011-10-01  ))))))))))))))))))))))))))))))
.
.
2011-10-01 12:29 . 2011-10-01 12:29        56200        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{22B95B09-F743-41EB-B8B2-00EAE0B44DA9}\offreg.dll
2011-10-01 12:27 . 2011-10-01 12:30        --------        d-----w-        c:\users\Dennis Minaev\AppData\Local\temp
2011-10-01 12:27 . 2011-10-01 12:27        --------        d-----w-        c:\users\Default\AppData\Local\temp
2011-09-30 16:23 . 2011-09-12 23:14        7269712        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{22B95B09-F743-41EB-B8B2-00EAE0B44DA9}\mpengine.dll
2011-09-29 15:49 . 2011-09-29 15:49        --------        d-----w-        C:\_OTL
2011-09-24 21:27 . 2011-09-24 21:27        --------        d-----w-        c:\program files\ESET
2011-09-23 19:01 . 2011-09-23 19:01        --------        d-----w-        c:\users\Dennis Minaev\AppData\Roaming\Malwarebytes
2011-09-23 19:00 . 2011-09-23 19:00        --------        d-----w-        c:\programdata\Malwarebytes
2011-09-23 19:00 . 2011-08-31 15:00        22216        ----a-w-        c:\windows\system32\drivers\mbam.sys
2011-09-23 19:00 . 2011-09-23 19:00        --------        d-----w-        c:\program files\Malwarebytes' Anti-Malware
2011-09-23 18:27 . 2011-09-23 18:27        --------        d-----w-        c:\program files\MAGIX
2011-09-23 18:27 . 2011-09-23 18:27        --------        d-----w-        c:\program files\Common Files\MAGIX Services
2011-09-20 16:49 . 2011-09-20 16:49        --------        d-----w-        c:\program files\CCleaner
2011-09-14 18:09 . 2011-08-10 12:14        2409784        ----a-w-        c:\program files\Windows Mail\OESpamFilter.dat
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-23 11:04 . 2011-08-10 09:49        916480        ----a-w-        c:\windows\system32\wininet.dll
2011-07-23 11:00 . 2011-08-10 09:49        43520        ----a-w-        c:\windows\system32\licmgr10.dll
2011-07-23 10:59 . 2011-08-10 09:49        1469440        ----a-w-        c:\windows\system32\inetcpl.cpl
2011-07-23 10:59 . 2011-08-10 09:49        71680        ----a-w-        c:\windows\system32\iesetup.dll
2011-07-23 10:59 . 2011-08-10 09:49        109056        ----a-w-        c:\windows\system32\iesysprep.dll
2011-07-23 10:03 . 2011-08-10 09:49        385024        ----a-w-        c:\windows\system32\html.iec
2011-07-23 09:27 . 2011-08-10 09:49        133632        ----a-w-        c:\windows\system32\ieUnatt.exe
2011-07-23 09:25 . 2011-08-10 09:49        1638912        ----a-w-        c:\windows\system32\mshtml.tlb
2011-07-11 13:25 . 2011-08-24 16:12        2048        ----a-w-        c:\windows\system32\tzres.dll
2011-07-06 15:31 . 2011-08-10 09:50        214016        ----a-w-        c:\windows\system32\drivers\mrxsmb10.sys
2011-09-08 18:03 . 2011-08-15 16:06        134104        ----a-w-        c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"Steam"="c:\program files\steam\steam.exe" [2011-08-01 1242448]
"QIP2005"="c:\program files\QIP\qip.exe" [2008-12-09 3259392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2008-08-27 6281760]
"VFD_DISPLAY"="c:\windows\sddetect.exe" [2007-04-18 225280]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2006-11-23 56928]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-12-05 54832]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-11-19 98304]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"Skytel"="Skytel.exe" [2008-08-27 1833504]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-11-04 281768]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2010-11-11 159472]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-12-09 1226608]
"DivX Download Manager"="c:\program files\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 63360]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-08-31 1047208]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft-Indexerstellung.lnk - c:\program files\Microsoft Office\Office\FINDFAST.EXE [1997-9-4 111376]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 adxapie;adxapie;c:\users\DENNIS~1\AppData\Local\Temp\adxapie.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [x]
R3 UPnPService;UPnPService;c:\program files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [x]
R3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\Zune\WMZuneComm.exe [2010-11-11 268528]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-04-29 136360]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-08-31 22216]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation        REG_MULTI_SZ          FontCache
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://search.babylon.com/home?AF=18827
uDefault_Search_URL = hxxp://search.qip.ru
uSearchAssistant = hxxp://search.qip.ru/ie
IE: Free YouTube Download - c:\users\Dennis Minaev\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\users\Dennis Minaev\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
FF - ProfilePath - c:\users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1561552&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - google.de
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.3&q=
FF - user.js: yahoo.homepage.dontask - true
FF - user.js: browser.sessionstore.resume_from_crash - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
SafeBoot-26526809.sys
SafeBoot-77176790.sys
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-Adobe Acrobat 5.0 - c:\windows\ISUN0407.EXE
AddRemove-Alone in the Dark - The New Nightmare - c:\windows\IsUn0407.exe
AddRemove-ArcSoft PhotoImpression - c:\windows\IsUn0407.exe
AddRemove-Final Fantasy VII - c:\windows\IsUn0407.exe
AddRemove-PC-Bibliothek - c:\windows\unin0407.exe
AddRemove-YAMAHA SoftSynthesizer S-YXG70 - c:\windows\unin0407.exe
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files\DivX\DivXCodecUninstall.exe
.
.
.
**************************************************************************
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien:
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.db\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="Applications\\wmplayer.exe"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.doc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="Applications\\AcroRD32.exe"
.
[HKEY_USERS\S-1-5-21-2883731651-2019705986-642209600-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:ce,67,27,c8,bf,1c,e7,6e,41,9b,ec,53,a6,43,df,90,98,ff,b2,80,0f,c7,d9,
  27,8f,b6,7c,b7,c2,3a,1a,75,46,13,f4,c6,9d,23,b5,fb,75,89,4d,9e,5d,5e,07,1b,\
"??"=hex:62,74,20,a5,e5,6d,f1,3d,40,2f,67,e0,83,23,9c,55
.
[HKEY_USERS\S-1-5-21-2883731651-2019705986-642209600-1000\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
"datasecu"=hex:78,98,72,f8,9b,ea,9f,a7,ee,dc,08,c7,48,8c,b7,24,4b,cf,32,5d,46,
  03,d0,05,15,1b,50,0a,37,73,a8,ed,33,26,4b,9f,8c,d9,0e,2c,89,99,16,c3,93,ed,\
"rkeysecu"=hex:cb,bd,f2,61,5a,4e,c6,95,f2,29,8b,82,ba,6b,3d,44
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\DISPLAY\Default_Monitor\5&37ded5a2&0&12345678&02&00\Properties\{83da6326-97a6-4088-9453-a1923f573b29}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\DISPLAY\Default_Monitor\5&37ded5a2&0&12345678&02&00\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\DISPLAY\PHLC019\5&37ded5a2&0&UID257\Properties\{83da6326-97a6-4088-9453-a1923f573b29}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\DISPLAY\PHLC019\5&37ded5a2&0&UID257\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}]
@DACL=(02 0000)
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(2056)
c:\program files\Hercules\WebCam Station\PhotoImpression\share\pihook.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\program files\Canon\CAL\CALMAIN.exe
c:\windows\system32\WUDFHost.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conime.exe
c:\windows\RtHDVCpl.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\ehome\ehmsas.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-10-01  14:38:03 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2011-10-01 12:37
.
Vor Suchlauf: 20 Verzeichnis(se), 363.957.198.848 Bytes frei
Nach Suchlauf: 25 Verzeichnis(se), 363.839.160.320 Bytes frei
.
- - End Of File - - D9294A95757847678A7ACC0144C753D6
--- --- ---


Gruß
Dennis

cosinus 01.10.2011 21:35
Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).

Raccoon 03.10.2011 13:13
OSAM:


OSAM Logfile:
Code:
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 13:46:58 on 03.10.2011

OS: Windows Vista Home Premium Edition Service Pack 2 (Build 6002), 32-bit
Default Browser: Mozilla Corporation Firefox 7.0.1

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"DivXControlPanelApplet.cpl" - "DivX, Inc." - C:\Windows\system32\DivXControlPanelApplet.cpl
"FINDFAST.CPL" - "Microsoft Corporation" - C:\Windows\system32\FINDFAST.CPL
"MLCFG32.CPL" - "Microsoft Corporation" - C:\Windows\system32\MLCFG32.CPL
"nvcpl.cpl" - "NVIDIA Corporation" - C:\Windows\system32\nvcpl.cpl
"ODBCCP32.CPL" - "Microsoft Corporation" - C:\Windows\system32\ODBCCP32.CPL
"QuickTime.cpl" - "Apple Computer, Inc." - C:\Windows\system32\QuickTime.cpl
"sxgbcpl.cpl" - "YAMAHA CORPORATION" - C:\Windows\system32\sxgbcpl.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"adxapie" (adxapie) - ? - C:\Users\DENNIS~1\AppData\Local\Temp\adxapie.sys  (File not found)
"avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys
"catchme" (catchme) - ? - C:\ComboFix\catchme.sys  (File not found)
"ElbyCDIO Driver" (ElbyCDIO) - "Elaborate Bytes AG" - C:\Windows\System32\Drivers\ElbyCDIO.sys
"ElbyDelay" (ElbyDelay) - "Elaborate Bytes" - C:\Windows\System32\Drivers\ElbyDelay.sys
"FssFltr" (fssfltr) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\fssfltr.sys
"Hamachi Network Interface" (hamachi) - "LogMeIn, Inc." - C:\Windows\System32\DRIVERS\hamachi.sys
"IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys  (File not found)
"IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys  (File not found)
"IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys  (File not found)
"MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys
"MBAMSwissArmy" (MBAMSwissArmy) - ? - C:\Windows\system32\drivers\mbamswissarmy.sys  (File not found)
"PPdus ASPI Shell" (Afc) - ? - C:\Windows\System32\drivers\Afc.sys  (File not found)
"PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\Windows\System32\Drivers\PxHelp20.sys
"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys
"ugddypow" (ugddypow) - ? - C:\Users\DENNIS~1\AppData\Local\Temp\ugddypow.sys  (Hidden registry entry, rootkit activity | File not found)

[Explorer]
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{7D4D6379-F301-4311-BEBA-E26EB0561882} "NeroDigitalColumnHandler Class" - "Nero AG" - C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{A70C977A-BF00-412C-90B7-034C51DA2439} "DesktopContext Class" - "NVIDIA Corporation" - C:\Windows\system32\nvcpl.dll
{BB7DF450-F119-11CD-8465-00AA00425D90} "Microsoft Access Custom Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office\soa800.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{59850401-6664-101B-B21C-00AA004BA90B} "Microsoft Office Sammelmappen-Teiler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office\UNBIND.DLL
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} "NVIDIA CPL Context Menu Extension" - "NVIDIA Corporation" - C:\Windows\system32\nvshext.dll
{FFB699E0-306A-11d3-8BD1-00104B6F7516} "NVIDIA CPL Extension" - "NVIDIA Corporation" - C:\Windows\system32\nvcpl.dll
{0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office\olkfstub.dll
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Program Files\WinRAR\rarext.dll

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
ITBar7Height "ITBar7Height" - ? -  (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -  (File not found | COM-object registry key not found)
-----( HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks )-----
{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} "qipbar" - ? -  (File not found | COM-object registry key not found)
{95289393-33EA-4F8D-B952-483415B9C955} "{95289393-33EA-4F8D-B952-483415B9C955}" - ? -  (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} "Java Plug-in 1.6.0_26" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_26" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_26.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} "{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}" - ? -  (File not found | COM-object registry key not found) / hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
"ICQ7.2" - "ICQ, LLC." - C:\Program Files\ICQ7.2\ICQ.exe
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} "Adobe PDF Reader" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
{593DDEC6-7468-4cdd-90E1-42DADAA222E9} "DivX HiQ" - "DivX, LLC" - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
{326E768D-4182-46FD-9C16-1449A49795F4} "DivX Plus Web Player HTML5 <video>" - "DivX, LLC" - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll
{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} "Search Helper" - "Microsoft Corporation" - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\Dennis Minaev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"Microsoft-Indexerstellung.lnk" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office\FINDFAST.EXE  (Shortcut exists | File exists)
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"QIP2005" - "The Author of QIP" - C:\Program Files\QIP\qip.exe
"Steam" - "Valve Corporation" - "c:\program files\steam\steam.exe" -silent
-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----
"StartupPrograms" - ? - rdpclip  (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"avgnt" - "Avira GmbH" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
"DivX Download Manager" - "DivX, LLC" - "C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe" start
"DivXUpdate" - ? - "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"LanguageShortcut" - ? - "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
"Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"Malwarebytes' Anti-Malware (reboot)" - "Malwarebytes Corporation" - "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
"NeroFilterCheck" - "Ahead Software Gmbh" - C:\Windows\system32\NeroCheck.exe
"QuickTime Task" - "Apple Computer, Inc." - "C:\Program Files\QuickTime\qttask.exe" -atboottime
"RemoteControl" - "Cyberlink Corp." - "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"VFD_DISPLAY" - ? - C:\Windows\sddetect.exe
"Zune Launcher" - "Microsoft Corporation" - "C:\Program Files\Zune\ZuneLauncher.exe"

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
"Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
"Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\sched.exe
"Canon Camera Access Library 8" (CCALib8) - "Canon Inc." - C:\Program Files\Canon\CAL\CALMAIN.exe
"Cyberlink RichVideo Service(CRVS)" (RichVideo) - ? - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
"InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
"MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"NVIDIA Display Driver Service" (nvsvc) - "NVIDIA Corporation" - C:\Windows\system32\nvvsvc.exe
"SeaPort" (SeaPort) - "Microsoft Corporation" - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
"Steam Client Service" (Steam Client Service) - "Valve Corporation" - C:\Program Files\Common Files\Steam\SteamService.exe
"stllssvr" (stllssvr) - "MicroVision Development, Inc." - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
"UPnPService" (UPnPService) - ? - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe  (File not found)
"Windows Live Family Safety-Dienst" (fsssvc) - "Microsoft Corporation" - C:\Program Files\Windows Live\Family Safety\fsssvc.exe
"Zune Network Sharing Service" (ZuneNetworkSvc) - "Microsoft Corporation" - C:\Program Files\Zune\ZuneNss.exe
"Zune Windows Mobile Connectivity Service" (WMZuneComm) - "Microsoft Corporation" - C:\Program Files\Zune\WMZuneComm.exe
"Zune Wireless Configuration Service" (ZuneWlanCfgSvc) - "Microsoft Corporation" - C:\Program Files\Zune\ZuneWlanCfgSvc.exe

===[ Logfile end ]=========================================[ Logfile end ]===
--- --- ---

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru



aswMBR:


aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-10-03 13:49:06
-----------------------------
13:49:06.959 OS Version: Windows 6.0.6002 Service Pack 2
13:49:06.959 Number of processors: 4 586 0x1707
13:49:06.959 ComputerName: VISTA UserName:
13:49:09.003 Initialize success
13:50:54.857 AVAST engine defs: 11100202
13:51:42.047 The log file has been saved successfully to "C:\Users\Dennis Minaev\Desktop\aswMBR.txt"
13:53:24.829 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
13:53:24.829 Disk 0 Vendor: ST3500620AS SD25 Size: 476940MB BusType: 3
13:53:24.829 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-2
13:53:24.844 Disk 1 Vendor: WDC_WD5000AACS-00G8B0 05.04C05 Size: 476940MB BusType: 3
13:53:26.872 Disk 0 MBR read successfully
13:53:26.872 Disk 0 MBR scan
13:53:26.888 Disk 0 Windows VISTA default MBR code
13:53:26.904 Disk 0 scanning sectors +976752000
13:53:26.982 Disk 0 scanning C:\Windows\system32\drivers
13:53:37.870 Service scanning
13:53:39.274 Modules scanning
13:54:12.502 Disk 0 trace - called modules:
13:54:12.518 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
13:54:12.846 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86d16190]
13:54:12.846 3 CLASSPNP.SYS[807b88b3] -> nt!IofCallDriver -> [0x8641a240]
13:54:12.861 5 acpi.sys[806956bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x8641ab98]
13:54:13.626 AVAST engine scan C:\Windows
13:54:18.774 AVAST engine scan C:\Windows\system32
13:56:51.108 AVAST engine scan C:\Windows\system32\drivers
13:57:03.369 AVAST engine scan C:\Users\Dennis Minaev
14:05:59.682 AVAST engine scan C:\ProgramData
14:08:31.813 Scan finished successfully
14:09:02.451 Disk 0 MBR has been saved successfully to "C:\Users\Dennis Minaev\Desktop\MBR.dat"
14:09:02.451 The log file has been saved successfully to "C:\Users\Dennis Minaev\Desktop\aswMBR.txt"


Bei GMER habe ich auch einen Scan gemacht, aber irgendwie bekomme ich da kein log, auch wenn ich auf den Copy-Button gehe...

Gruß
Dennis

cosinus 04.10.2011 15:55
Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SASW und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!


Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Raccoon 07.10.2011 16:52
OK, dann mal hier die drei Logs:


Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Datenbank Version: 7867

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19120

04.10.2011 19:48:10
mbam-log-2011-10-04 (19-48-10).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 507120
Laufzeit: 1 Stunde(n), 38 Minute(n), 45 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)



SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 10/06/2011 at 08:54 PM

Application Version : 5.0.1128

Core Rules Database Version : 7763
Trace Rules Database Version: 5575

Scan type : Complete Scan
Total Scan Time : 03:38:27

Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
UAC On - Limited User (Administrator User)

Memory items scanned : 609
Memory threats detected : 0
Registry items scanned : 38646
Registry threats detected : 0
File items scanned : 293029
File threats detected : 361

Adware.Tracking Cookie
C:\Users\Dennis Minaev\AppData\Roaming\Microsoft\Windows\Cookies\SZPM6BTS.txt [ /adfarm1.adition.com ]
C:\Users\Dennis Minaev\AppData\Roaming\Microsoft\Windows\Cookies\HTJ71MJV.txt [ /doubleclick.net ]
C:\Users\Dennis Minaev\AppData\Roaming\Microsoft\Windows\Cookies\33IN0J7N.txt [ /atdmt.com ]
C:\Users\Dennis Minaev\AppData\Roaming\Microsoft\Windows\Cookies\JIDLSUUY.txt [ /ad2.adfarm1.adition.com ]
C:\Users\Dennis Minaev\AppData\Roaming\Microsoft\Windows\Cookies\5VCELZ1F.txt [ /atdmt.combing.com ]
C:\USERS\DENNIS MINAEV\Cookies\HTJ71MJV.txt [ Cookie:dennis minaev@doubleclick.net/ ]
C:\USERS\DENNIS MINAEV\Cookies\33IN0J7N.txt [ Cookie:dennis minaev@atdmt.com/ ]
C:\USERS\DENNIS MINAEV\Cookies\JIDLSUUY.txt [ Cookie:dennis minaev@ad2.adfarm1.adition.com/ ]
imagesrv.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3T5GA6GD ]
media.mtvnservices.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3T5GA6GD ]
secure-us.imrworldwide.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3T5GA6GD ]
tags.trackinganalytics.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
tags.trackinganalytics.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
ads2.net2day.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
ads4.net2day.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
tracking.gameforge.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
ads4.net2day.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.a.revenuemax.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
tracking.mlsat02.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.sevenoneintermedia.112.2o7.net [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
tracking.sim-technik.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.loyaltypartner.122.2o7.net [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
adx.chip.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adxpose.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.dealtime.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
stat.dealtime.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
tracker.d-sire.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.content.yieldmanager.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
clicks.pangora.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
clicks.pangora.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
clicks.pangora.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
clicks.pangora.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
clicks.pangora.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
adserver.adreactor.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.ads.quartermedia.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.ads.quartermedia.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.ads.quartermedia.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.veohnetwork.122.2o7.net [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.deutschepostag.112.2o7.net [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.traffichaus.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.paypal.112.2o7.net [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.tracking.mindshare.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adviva.net [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.de.partypoker.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
rts.pgmediaserve.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
rts.pgmediaserve.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
rts.pgmediaserve.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.de.partypoker.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.de.partypoker.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.de.partypoker.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.de.partypoker.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.aim4media.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.aim4media.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adinterax.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.h.atdmt.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.h.atdmt.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.h.atdmt.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.h.atdmt.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.azjmp.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.azjmp.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.azjmp.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.trafficmp.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.trafficmp.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.trafficmp.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.yadro.ru [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.yadro.ru [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.exoclick.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.exoclick.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adinterax.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
ad4.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
ads2.net2day.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.findwallpaper.info [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.findwallpaper.info [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.findwallpaper.info [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.media.funpic.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.media.funpic.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.media.funpic.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.content.yieldmanager.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
ad1.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
ads2.net2day.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
ads2.net2day.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
ads4.net2day.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
ads2.net2day.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
ad.adition.net [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
ad.adition.net [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
ads3.net2day.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
www.multimediaxis.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
www.multimediaxis.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.multimediaxis.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.multimediaxis.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.multimediaxis.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.ads.quartermedia.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
adserver2.clipkit.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.mediamarkt.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
studivz.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
studivz.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.unitymedia.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
media-mgmt.armorgames.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
ww251.smartadserver.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\COOKIES.SQLITE ]

Trojan.Agent/Gen-FakeAV
C:\PROGRAM FILES\WINRAR\DEFAULT.SFX



ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=e753b80c8134234293d95fe224027244
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-09-24 09:30:06
# local_time=2011-09-24 11:30:06 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1797 16775165 100 94 98813 53436594 101285 0
# compatibility_mode=5892 16776573 100 100 4469 154432466 0 0
# compatibility_mode=8192 67108863 100 0 109 109 0 0
# scanned=119
# found=0
# cleaned=0
# scan_time=68
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=e753b80c8134234293d95fe224027244
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-09-25 12:09:51
# local_time=2011-09-25 02:09:51 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1797 16775165 100 94 143705 53481486 146177 0
# compatibility_mode=5892 16776573 100 100 1062 154477358 0 0
# compatibility_mode=8192 67108863 100 0 45001 45001 0 0
# scanned=347759
# found=3
# cleaned=0
# scan_time=7961
C:\Program Files\GridinSoft Trojan Killer\trojankiller.exe a variant of Win32/1AntiVirus application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Dennis Minaev\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\2de1bacb-335aac92 Java/Agent.DO trojan (unable to clean) 00000000000000000000000000000000 I
C:\Windows\System32\mmcico32.dll a variant of Win32/Spy.Agent.NTN trojan (unable to clean) 00000000000000000000000000000000 I


Die vom SUPERAntiSpyware gefundenen infizierten Dateien habe ich löschen lassen.

Gruß
Dennis

cosinus 07.10.2011 16:57
Zitat:
C:\Windows\System32\mmcico32.dll
Bitte bei uns hochladen => http://www.trojaner-board.de/54791-a...ner-board.html

Raccoon 07.10.2011 17:29
Hochgeladen.

Gruß
Dennis

cosinus 07.10.2011 21:34
Sry, aber die Datei C:\Windows\System32\mmcico32.dll hast du nicht hochgeladen. Irgendeinen html Mist :balla:

Bitte nachholen

Raccoon 07.10.2011 22:12
OK, jetzt.

cosinus 07.10.2011 22:29
Hm,scheint neue Malware zu sein. Kannst du die Datei löschen?

Raccoon 08.10.2011 11:37
Also wenn ich es löschen will, kommt da stets "Sie benötigen Berechtigungen zur Durchführung des Vorgangs".

Also nein.

Gruß
Dennis

cosinus 08.10.2011 17:06
Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":Files" muss mitkopiert werden!!!)


Code:
:Files
C:\Windows\System32\mmcico32.dll
:Commands
[emptytemp]
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

Raccoon 09.10.2011 11:33
Gelöscht.

All processes killed
========== FILES ==========
C:\Windows\System32\mmcico32.dll moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Dennis Minaev
->Temp folder emptied: 54110588 bytes
->Temporary Internet Files folder emptied: 34988243 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 50259716 bytes
->Flash cache emptied: 5106 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 668958 bytes
RecycleBin emptied: 233012516 bytes

Total Files Cleaned = 356,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.29.1 log created on 10092011_122105

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...


Gruß
Dennis

cosinus 10.10.2011 11:30
Ok, ist weg. Ich hoffe das Teil war nur soweit ein Überrest. Wenn du willst, machst du nochmal Kontrollscans mit MBAM/SASW/ESET

Rechner ansonsten wieder soweit im Lot?

Raccoon 10.10.2011 16:48
Also der Rechner ist schon seit einigen Tagen wieder tiptop! Alle aufgezählten Symptome sind weg! Ich kann nun endlich wieder seit vielen Monaten Bilder bei Google sehen! :)

Vielen Dank!! :applaus:

Hast du echt super hinbekommen! Aber nun hätte ich da noch ein paar Neugier-Fragen bzw. noch welche organisatorische:

- Was war denn dan nun genau für ein Virus?
- Wie konnte er mein AntiVir umgehen?
- Kann er es wieder tun?
- Wie gefährlich war dieser Virus?

- Soll ich jetzt alle Programme, die ich mir in den letzten Wochen runtergeladen habe, wieder löschen oder soll ich ein paar behalten? Wie z. B. den SUPERAntiSpyware, der scheint mir nämlich sehr gut zu sein.

- Und wie groß war für dich jetzt eigentlich der Aufwand vom zeitlichen her?? Ich kapiere nämlich nicht wie man sowas überhaupt verstehen kann, was du da gemacht hast :stirn:

Gruß
Dennis

cosinus 10.10.2011 17:25
Zitat:
- Was war denn dan nun genau für ein Virus?
Du hattest nicht 'den' oder 'einen' Virus drauf, sondern verschiedene Arten von Schädlingen bzw. unerwünschten Dateien.

Zitat:
- Wie konnte er mein AntiVir umgehen?
Die Dinger 'umgehen' den Virenscanner nicht direkt, der Virenscanner ist keine perfekte Software und har ihn einfach nicht erkannt weil Schädlinge prinzipiell immer einen Schritt voraus sind, zumindest bei signaturbasierter Erkennung.
Grundsätzlich ist nicht Gewährleistet, dass ein Virenscanner den Schädling auch erkennt. Die Hersteller preisen ihre Virenscanner zwar als makellose Alleskönner an, verschweigen aber gerne, dass diese niemals alle Schädlinge entdecken können
Du darfst daher auch mit Virenscanner im Hintergrund auf sämtliche Regeln & Vorsichtsmaßnahmen pfeifen nach dem Motto "ich hab ja nen Scanner der schützt mich schon" - das ist gefährlicher Leichtsinn!


Dann wären wir durch! :abklatsch:

Die Programme, die hier zum Einsatz kamen, können alle wieder runter. CF kann über Start, Ausführen mit combofix /uninstall entfernt werden. Melde dich falls es da Fehlermeldungen zu gibt.
Malwarebytes zu behalten ist kein Fehler. Kannst ja 1x im Monat damit scannen, aber immer vorher ans Update denken.

Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden.
Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern.


Microsoftupdate

Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren.

Windows Vista/7: Anleitung Windows-Update


PDF-Reader aktualisieren
Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast)

Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader.

Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers, hier der direkte Downloadlink:

Mozilla und andere Browser => http://filepony.de/?q=Flash+Player
Internet Explorer => http://fpdownload.adobe.com/get/flas..._player_ax.exe

Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind.


Java-Update
Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.

Raccoon 10.10.2011 17:36
Wird gemacht!
Danke nochmals! ;)

Gruß
Dennis


Alle Zeitangaben in WEZ +1. Es ist jetzt 07:18 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131