"Google Redirect Virus" - Wie wieder entfernen?

Raccoon · 22.09.2011, 21:33

Hallo Leute,

ich bin neu hier und bin mir gerade nicht so ganz sicher, ob die Eröffnung dieses Threads hier so richtig ist... (Die ganzen vielen bunten Regeln und Tipps haben mich nun völlig irritiert... Deswegen dachte ich mir nach 20min durchlesen, ich reskiere es einfach mal!^^).

Also zu meinem Problem, welches ja auch öfters hier angesprochen wurde. Seit etwa einer Woche ist etwas mit meinem Google passiert. Hier die Symptome:

- Alle Seiten (z.B. auch Lesezeichen) funktionieren einwandfrei
- Google öffnet sich auch noch, ABER:
- Die aufgerufenen Seiten von Google aus brauchen jetzt länger (ca. 20 sek - früher sofort!)
- Manchmal gehen die Seiten auch gar nicht auf (es lädt auch nicht mehr)
- Oft werde ich nach dem Eingeben des Suchbegriffes und dem darauffolgenden Klicken auf diese Seite, auf eine ganz andere weitergeleitet (sehr viele verschiedene!)
- Bilder werde bei Google nun generell nicht mehr angezeigt
- Selten aber kann ich die Bilder doch sehen (wirklich ganz selten)
- Und manchmal habe ich auch das Gefühl, dass eventuell sogar doch andere Seiten etwas länger laden (z.B. Youtube-Videos). Kann aber auch nur Einbildung sein...
- Wenn ich AntiVir durchlaufen lasse, findet er keine Viren
- All diese Symptome zeigen sich auch bei IE (ich habe übrigens Firefox)

Ich habe auch schon mit der Telekom telefoniert und die haben meine Verbindung gecheckt - alles in Ordnung. es liegt also nicht an der Internetverbidung oder dem Browser...

Könnt ihr mir bitte helfen? Was soll ich machen? Etwa auch so ein "OTL"-Scan durchführen??

Bitte um eure erfahrene Hilfe

Gruß
Raccoon (Dennis)

cosinus · 22.09.2011, 21:35

Bitte nun routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Raccoon · 25.09.2011, 13:35

So, hier dann mal den Vollscann von Malwarebytes:

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Datenbank Version: 7782

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19120

23.09.2011 23:02:58
mbam-log-2011-09-23 (23-02-58).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 510972
Laufzeit: 1 Stunde(n), 45 Minute(n), 13 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 5
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CLASSES_ROOT\CLSID\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{3C2D2A1E-031F-4397-9614-87C932A848E0} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{04A38F6B-006F-4247-BA4C-02A139D5531C} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MiniBugTransporter.MiniBugTransporterX.1 (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MiniBugTransporter.MiniBugTransporterX (Adware.Minibug) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\REAL\WEATHERBUG\MINIBUGTRANSPORTER.DLL (Adware.Minibug) -> Value: MINIBUGTRANSPORTER.DLL -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\program files\common files\Real\weatherbug\minibugtransporter.dll (Adware.Minibug) -> Quarantined and deleted successfully.

Und hier der von Eset:

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=e753b80c8134234293d95fe224027244
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-09-24 09:30:06
# local_time=2011-09-24 11:30:06 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1797 16775165 100 94 98813 53436594 101285 0
# compatibility_mode=5892 16776573 100 100 4469 154432466 0 0
# compatibility_mode=8192 67108863 100 0 109 109 0 0
# scanned=119
# found=0
# cleaned=0
# scan_time=68
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=e753b80c8134234293d95fe224027244
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-09-25 12:09:51
# local_time=2011-09-25 02:09:51 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1797 16775165 100 94 143705 53481486 146177 0
# compatibility_mode=5892 16776573 100 100 1062 154477358 0 0
# compatibility_mode=8192 67108863 100 0 45001 45001 0 0
# scanned=347759
# found=3
# cleaned=0
# scan_time=7961
C:\Program Files\GridinSoft Trojan Killer\trojankiller.exe a variant of Win32/1AntiVirus application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Dennis Minaev\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\2de1bacb-335aac92 Java/Agent.DO trojan (unable to clean) 00000000000000000000000000000000 I
C:\Windows\System32\mmcico32.dll a variant of Win32/Spy.Agent.NTN trojan (unable to clean) 00000000000000000000000000000000 I

Gruß
Dennis

cosinus · 26.09.2011, 10:58

CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet

Code:

ATTFilter

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Klick auf .
Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

Raccoon · 26.09.2011, 17:58

Hier dann mal der OTL:
OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 26.09.2011 18:39:42 - Run 2
OTL by OldTimer - Version 3.2.29.1     Folder = C:\Users\Dennis Minaev\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19120)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 2,10 Gb Available Physical Memory | 64,78% Memory free
6,71 Gb Paging File | 5,42 Gb Available in Paging File | 80,76% Paging File free
Paging file location(s): ?:\pagefile.sys
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,75 Gb Total Space | 350,33 Gb Free Space | 75,22% Space Free | Partition Type: NTFS
Drive D: | 465,75 Gb Total Space | 22,48 Gb Free Space | 4,83% Space Free | Partition Type: NTFS
 
Computer Name: VISTA | User Name: Dennis Minaev | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - C:\Users\Dennis Minaev\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Steam\steam.exe (Valve Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Iminent\IMBooster\IMBooster.exe (Iminent)
PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe (DivX, LLC)
PRC - C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Program Files\Winamp\winampa.exe ()
PRC - C:\Program Files\QIP\qip.exe (The Author of QIP)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Windows\SDDetect.exe ()
PRC - C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
PRC - C:\Program Files\Microsoft Office\Office\FINDFAST.EXE (Microsoft Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files\Steam\bin\libcef.dll ()
MOD - C:\Program Files\Steam\bin\avcodec-52.dll ()
MOD - C:\Program Files\Steam\bin\chromehtml.dll ()
MOD - C:\Program Files\Steam\bin\avformat-52.dll ()
MOD - C:\Program Files\Steam\bin\avutil-50.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\5534465ace7f8b214a31a34f56280602\System.Web.Services.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5aa9131000876de66160ff713b543d99\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c50d9d540acecdef29c31201e203a331\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\d8d83838f9840bde901df516ba3de588\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\4c3cda96b8f12220da20f2f8d1b9439c\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29c6ef7f07d89496c72a1bbf718aed5d\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b9ea0d414c4861120bfb7365d8ec0939\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\f6deb187f24bb3185841092b89fbfdbb\mscorlib.ni.dll ()
MOD - C:\Program Files\Iminent\IMBooster\de\Iminent.Booster.UI.resources.dll ()
MOD - C:\Program Files\Iminent\IMBooster\Iminent.Windows.dll ()
MOD - C:\Program Files\Iminent\IMBooster\Iminent.Workflow.dll ()
MOD - C:\Program Files\Iminent\IMBooster\Iminent.Services.dll ()
MOD - C:\Program Files\Iminent\IMBooster\Iminent.Business.TinyUrl.dll ()
MOD - C:\Program Files\Iminent\IMBooster\Iminent.Booster.UI.dll ()
MOD - C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Program Files\Veoh Networks\VeohWebPlayer\imageformats\qjpeg4.dll ()
MOD - C:\Program Files\Veoh Networks\VeohWebPlayer\QtGui4.dll ()
MOD - C:\Program Files\Veoh Networks\VeohWebPlayer\QtCore4.dll ()
MOD - C:\Program Files\Veoh Networks\VeohWebPlayer\QtNetwork4.dll ()
MOD - C:\Program Files\Winamp\winampa.exe ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Program Files\WinRAR\rarext.dll ()
MOD - C:\Windows\Microp.dll ()
MOD - C:\Windows\SDDetect.exe ()
MOD - C:\Program Files\QIP\Plugins\docking.dll ()
MOD - C:\Windows\VFDAPI.dll ()
MOD - C:\Program Files\Hercules\WebCam Station\PhotoImpression\share\pihook.dll ()
MOD - C:\Program Files\Microsoft Office\Office\MSO97.DLL ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (UPnPService) --  File not found
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (WMZuneComm) -- C:\Program Files\Zune\WMZuneComm.exe (Microsoft Corporation)
SRV - (ZuneWlanCfgSvc) -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe (Microsoft Corporation)
SRV - (ZuneNetworkSvc) -- C:\Program Files\Zune\ZuneNss.exe (Microsoft Corporation)
SRV - (ICQ Service) -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe ()
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (CCALib8) -- C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (taphss) -- C:\Windows\System32\drivers\taphss.sys (AnchorFree Inc)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (winusb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (KMWDFILTER) -- C:\Windows\System32\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (ahcix86s) -- C:\Windows\system32\drivers\ahcix86s.sys (AMD Technologies Inc.)
DRV - (RxFilter) -- C:\Windows\System32\drivers\RxFilter.sys (Sonic Solutions)
DRV - (nvrd32) -- C:\Windows\system32\drivers\nvrd32.sys (NVIDIA Corporation)
DRV - (nvstor32) -- C:\Windows\system32\drivers\nvstor32.sys (NVIDIA Corporation)
DRV - (JRAID) -- C:\Windows\system32\drivers\jraid.sys (JMicron Technology Corp.)
DRV - (ovt530) -- C:\Windows\System32\drivers\ov530vid.sys (OmniVision Technologies, Inc.)
DRV - (ElbyDelay) -- C:\Windows\System32\drivers\ElbyDelay.sys (Elaborate Bytes)
DRV - (Sentinel) -- C:\Windows\System32\Drivers\SENTINEL.SYS ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\URLSearchHook: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSof1.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKLM\..\URLSearchHook: {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHot1.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://qip.ru
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.qip.ru
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.bearshare.com/sidebar.html?src=ssb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.qip.ru
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.iminent.com/?appId=6138b270-6754-4d97-8530-48d2aee93634&ref=homepage
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE,en-US;q=0.7,ru-RU;q=0.3
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CA 07 A9 EB 5B CB C9 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.qip.ru/ie
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\URLSearchHook: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSof1.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKCU\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - No CLSID value found
IE - HKCU\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Dennis Minaev\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKCU\..\URLSearchHook: {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHot1.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "SearchTheWeb"
FF - prefs.js..browser.search.defaultthis.engineName: "Hotspot Shield Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1561552&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "google.de"
FF - prefs.js..extensions.enabledItems: foxmarks@kei.com:3.9.5
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.12.1
FF - prefs.js..extensions.enabledItems: {32a1fd71-835e-4b11-8e54-886fda0b4c89}:1.1
FF - prefs.js..extensions.enabledItems: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}:3.3.2.1
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.2.1
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.2
FF - prefs.js..extensions.enabledItems: web@veoh.com:1.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.2.1
FF - prefs.js..keyword.URL: "hxxp://search.babylon.com/?babsrc=toolbar2&q="
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2303: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2361: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1465: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veoh.com/VeohTVPlugin: C:\Program Files\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll (Veoh Networks )
FF - HKLM\Software\MozillaPlugins\@veoh.com/VeohWebPlayer: C:\Program Files\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll (Veoh)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player:  File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2010.12.20 16:24:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2010.12.20 16:24:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.09.08 20:03:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.08.23 18:16:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\web@veoh.com: C:\Program Files\Veoh Networks\VeohWebPlayer\FFVideoFinder [2009.10.14 21:43:38 | 000,000,000 | ---D | M]
 
[2008.11.27 12:10:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Extensions
[2011.08.19 17:27:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions
[2011.03.03 19:24:53 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2011.03.03 19:24:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.08.08 16:52:24 | 000,000,000 | ---D | M] (QipAuthorizer) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
[2011.08.01 13:33:33 | 000,000,000 | ---D | M] (Softonic-Eng7 Community Toolbar) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}
[2011.08.01 13:33:35 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011.08.19 17:27:35 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.08.15 17:26:47 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.08.13 12:39:16 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.08.15 17:26:49 | 000,000,000 | ---D | M] (Hotspot Shield Community Toolbar) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}
[2011.06.07 20:12:27 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
[2009.05.16 18:25:14 | 000,000,000 | ---D | M] ("Ask Toolbar for Firefox") -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2011.05.26 21:51:38 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\engine@conduit.com
[2011.08.18 15:55:26 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\ffxtlbr@babylon.com
[2009.11.04 21:54:25 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\moveplayer@movenetworks.com
[2010.01.27 14:09:59 | 000,002,171 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\bing.xml
[2011.03.21 16:46:44 | 000,000,931 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\conduit.xml
[2011.09.22 16:15:12 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-1.xml
[2009.08.04 20:19:46 | 000,000,961 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-10.xml
[2009.09.15 20:28:57 | 000,000,961 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-11.xml
[2009.11.01 15:56:31 | 000,000,961 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-12.xml
[2009.12.19 15:14:24 | 000,000,961 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-13.xml
[2010.01.10 17:15:12 | 000,000,961 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-14.xml
[2010.01.31 21:54:09 | 000,000,961 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-15.xml
[2010.03.21 12:15:03 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-16.xml
[2010.03.24 17:38:42 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-17.xml
[2010.03.29 22:46:13 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-18.xml
[2010.06.27 13:07:42 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-19.xml
[2008.12.19 18:42:00 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-2.xml
[2010.07.03 21:18:26 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-20.xml
[2010.07.22 21:29:43 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-21.xml
[2010.07.25 15:15:53 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-22.xml
[2010.08.08 16:58:57 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-23.xml
[2010.10.06 19:47:08 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-24.xml
[2011.01.06 18:36:51 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-25.xml
[2011.02.07 15:05:30 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-26.xml
[2011.03.02 15:22:05 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-27.xml
[2011.03.03 19:25:41 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-28.xml
[2011.03.07 14:35:07 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-29.xml
[2009.02.04 21:19:55 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-3.xml
[2011.03.22 20:51:11 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-30.xml
[2011.05.05 21:16:44 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-31.xml
[2011.05.05 22:18:13 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-32.xml
[2011.07.04 19:48:19 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-33.xml
[2011.08.15 18:06:46 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-34.xml
[2011.09.04 19:39:39 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-35.xml
[2011.09.08 20:03:23 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-36.xml
[2009.03.06 17:29:43 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-4.xml
[2009.03.29 15:00:03 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-5.xml
[2009.04.25 12:56:57 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-6.xml
[2009.04.28 16:07:05 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-7.xml
[2009.06.14 18:17:50 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-8.xml
[2009.07.22 12:24:54 | 000,000,961 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-9.xml
[2011.08.18 21:40:40 | 000,000,168 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin.gif
[2011.08.18 21:40:40 | 000,000,618 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin.src
[2010.05.12 18:40:06 | 000,001,042 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin.xml
[2010.08.08 21:19:54 | 000,002,062 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\qip-search.xml
[2011.09.19 17:19:43 | 000,002,230 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\SearchTheWeb.xml
[2009.05.18 16:26:49 | 000,001,196 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\winamp-search.xml
[2011.08.15 18:06:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2010.11.07 16:27:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.02.03 22:48:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.04.06 18:22:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.06.22 19:17:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011.06.07 20:12:15 | 000,000,000 | ---D | M] (Iminent WebBooster) -- C:\Program Files\mozilla firefox\extensions\webbooster@iminent.com
() (No name found) -- C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\EXTENSIONS\PERSONAS@CHRISTOPHER.BEARD.XPI
[2011.09.08 20:03:09 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.05.04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.09.04 19:39:27 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.05.05 21:53:04 | 000,002,226 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011.09.04 19:39:27 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.09.04 19:39:27 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.09.04 19:39:27 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.07.10 02:21:02 | 000,002,157 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchTheWeb.xml
[2011.09.04 19:39:27 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.09.04 19:39:27 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google ()
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\8.0.552.224\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files\Google\Chrome\Application\8.0.552.224\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\8.0.552.224\gcswf32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: DivX OVS Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: VeohTV Plugin (Enabled) = C:\Program Files\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll
CHR - plugin: Veoh Web Player Beta (Enabled) = C:\Program Files\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.51204.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: DivX HiQ = C:\Users\Dennis Minaev\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.0.900_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Dennis Minaev\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.0.900_0\
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.5\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Softonic-Eng7 Toolbar) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSof1.dll (Conduit Ltd.)
O2 - BHO: (TBSB01620 Class) - {58124A0B-DC32-4180-9BFF-E0E21AE34026} - C:\Program Files\IMinent Toolbar\tbcore3.dll ()
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (no name) - {95289393-33EA-4F8D-B952-483415B9C955} - No CLSID value found.
O2 - BHO: (IMinent WebBooster (BHO)) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files\Iminent\IMBooster4Web\Iminent.WebBooster.dll (Iminent)
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Dennis Minaev\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (Hotspot Shield Toolbar) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHot1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll (Veoh Networks Inc)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Softonic-Eng7 Toolbar) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSof1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Veoh Video Compass) - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Program Files\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll (Veoh Networks)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files\IMinent Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.5\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (Hotspot Shield Toolbar) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHot1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Softonic-Eng7 Toolbar) - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - C:\Program Files\Softonic-Eng7\tbSof1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files\IMinent Toolbar\tbcore3.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Hotspot Shield Toolbar) - {C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - C:\Program Files\Hotspot_Shield\tbHot1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BabylonToolbar] C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.5\BabylonToolbarsrv.exe (Babylon Ltd.)
O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IMBooster] C:\Program Files\Iminent\IMBooster\imbooster.exe (Iminent)
O4 - HKLM..\Run: [Iminent.Notifier] C:\Program Files\Iminent\SearchTheWeb\Iminent.Notifier.exe (Iminent)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Windows\System32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [VFD_DISPLAY] C:\Windows\SDDetect.exe ()
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKCU..\Run: [EPSON Stylus DX5000 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIBVE.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [QIP2005] C:\Program Files\QIP\qip.exe (The Author of QIP)
O4 - HKCU..\Run: [Steam] c:\program files\steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [VeohPlugin] C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks)
O4 - HKCU..\RunOnce: [.IMinentUpdate] C:\Users\DENNIS~1\AppData\Local\Temp\NotifierSetup.exe File not found
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Dennis Minaev\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Dennis Minaev\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html File not found
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9C8D4F44-9D7E-4DA8-B2D6-415707E73AFD}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Dennis Minaev\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Dennis Minaev\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Windows Media Player 5.2
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 11.0.3
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 11.0.3
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: SENTINEL - C:\Windows\System32\SNTI386.DLL ()
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.IV41 - C:\Windows\System32\ir41_32.dll (Intel Corporation)
Drivers32: VIDC.MKVC - C:\Windows\System32\KMVIDC32.DLL ()
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.09.26 17:13:02 | 000,000,000 | ---D | C] -- C:\Users\Dennis Minaev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
[2011.09.24 23:27:09 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011.09.24 23:26:35 | 002,322,184 | ---- | C] (ESET) -- C:\Users\Dennis Minaev\Desktop\esetsmartinstaller_enu.exe
[2011.09.24 22:36:38 | 000,000,000 | ---D | C] -- C:\Users\Dennis Minaev\Desktop\Subway to Sally
[2011.09.24 22:36:19 | 000,000,000 | ---D | C] -- C:\Users\Dennis Minaev\Desktop\Rock
[2011.09.23 23:15:20 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.09.23 21:01:02 | 000,000,000 | ---D | C] -- C:\Users\Dennis Minaev\AppData\Roaming\Malwarebytes
[2011.09.23 21:00:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.09.23 21:00:53 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.09.23 21:00:52 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.09.23 21:00:15 | 009,852,544 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Dennis Minaev\Desktop\mbam-setup-1.51.2.1300.exe
[2011.09.23 20:28:52 | 000,000,000 | ---D | C] -- C:\Users\Dennis Minaev\Documents\MAGIX_MusicEditor
[2011.09.23 20:27:26 | 000,000,000 | ---D | C] -- C:\Program Files\MAGIX
[2011.09.23 20:27:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MAGIX Services
[2011.09.20 22:16:35 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Users\Dennis Minaev\Desktop\OTL.exe
[2011.09.20 18:49:25 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.09.26 17:54:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.09.26 17:44:08 | 000,643,810 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.09.26 17:44:08 | 000,608,708 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.09.26 17:44:08 | 000,133,548 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.09.26 17:44:08 | 000,109,842 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.09.26 17:13:08 | 000,035,655 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011.09.26 17:13:08 | 000,035,655 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011.09.26 17:13:00 | 000,005,008 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.09.26 17:13:00 | 000,005,008 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.09.26 17:13:00 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.09.26 17:12:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.09.25 20:37:05 | 000,195,072 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.09.24 23:26:37 | 002,322,184 | ---- | M] (ESET) -- C:\Users\Dennis Minaev\Desktop\esetsmartinstaller_enu.exe
[2011.09.23 21:00:57 | 000,000,912 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.09.23 21:00:23 | 009,852,544 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Dennis Minaev\Desktop\mbam-setup-1.51.2.1300.exe
[2011.09.21 17:15:28 | 000,519,288 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.09.20 22:16:37 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Dennis Minaev\Desktop\OTL.exe
[2011.09.20 18:49:26 | 000,000,810 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.09.17 23:55:42 | 000,001,356 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Local\d3d9caps.dat
[2011.09.10 19:51:41 | 000,001,197 | ---- | M] () -- C:\Users\Dennis Minaev\Desktop\YouTube Converter.lnk
[2011.08.31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.09.23 21:00:57 | 000,000,912 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.09.21 17:15:01 | 000,519,288 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.09.20 18:49:26 | 000,000,810 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.09.10 19:51:41 | 000,001,197 | ---- | C] () -- C:\Users\Dennis Minaev\Desktop\YouTube Converter.lnk
[2011.03.20 14:51:49 | 000,028,672 | ---- | C] () -- C:\Windows\System32\mmcico32.dll
[2011.02.10 19:40:44 | 000,606,208 | ---- | C] () -- C:\Windows\System32\pngd3l32.dll
[2010.11.22 21:58:25 | 000,036,352 | ---- | C] () -- C:\Windows\System32\sxgunins.dll
[2010.11.22 21:58:22 | 000,028,672 | ---- | C] () -- C:\Windows\Oiduts.dll
[2010.11.22 21:58:22 | 000,000,227 | ---- | C] () -- C:\Windows\sxg07.ini
[2010.05.10 19:14:34 | 000,044,953 | ---- | C] () -- C:\Windows\War3Unin.dat
[2010.04.18 19:49:50 | 000,000,116 | ---- | C] () -- C:\Windows\System32\applet.ini
[2010.03.13 12:34:47 | 000,047,104 | ---- | C] () -- C:\Windows\System32\KMVIDC32.DLL
[2010.01.06 22:12:07 | 000,000,101 | ---- | C] () -- C:\Users\Dennis Minaev\AppData\Local\fusioncache.dat
[2009.12.12 01:24:51 | 000,035,655 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.12.11 21:43:14 | 000,035,655 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009.08.12 12:08:31 | 000,000,022 | ---- | C] () -- C:\Windows\exchng.ini
[2009.08.08 01:24:38 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.08.08 01:24:38 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.06.03 18:58:01 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2009.06.03 18:58:00 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2009.06.03 18:58:00 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2009.06.03 18:43:06 | 000,036,105 | ---- | C] () -- C:\Windows\DIIUnin.dat
[2009.05.12 19:01:21 | 000,000,179 | ---- | C] () -- C:\Windows\dievölkergold.ini
[2009.04.18 13:50:18 | 000,001,013 | ---- | C] () -- C:\Windows\eReg.dat
[2008.11.28 14:53:34 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2008.11.27 11:54:59 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008.11.27 00:58:31 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.11.26 23:36:16 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2008.11.26 23:36:16 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2008.11.26 23:36:16 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2008.11.26 23:36:16 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2008.11.26 23:36:16 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2008.11.26 23:36:16 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2008.11.26 23:36:16 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2008.11.26 23:36:16 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2008.11.26 23:36:16 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2008.11.26 23:36:16 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2008.11.26 23:36:16 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2008.11.26 23:36:16 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2008.11.26 23:36:16 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2008.11.26 23:36:16 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2008.11.26 23:36:16 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2008.11.26 23:36:16 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2008.11.26 23:36:16 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2008.11.26 23:36:16 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2008.11.26 23:36:16 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2008.11.26 23:34:02 | 000,000,025 | ---- | C] () -- C:\Windows\CDE DX5000EFDG.ini
[2008.11.24 20:06:33 | 000,000,000 | ---- | C] () -- C:\Windows\PROTOCOL.INI
[2008.11.24 18:27:30 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2008.11.24 18:27:30 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2008.11.24 18:27:30 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2008.11.24 18:27:30 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2008.11.24 18:27:30 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2008.11.24 18:27:30 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2008.11.20 23:11:03 | 000,064,512 | ---- | C] () -- C:\Windows\System32\drivers\SENTINEL.SYS
[2008.11.20 23:11:03 | 000,038,400 | ---- | C] () -- C:\Windows\System32\SNTI386.DLL
[2008.11.20 23:11:03 | 000,016,896 | ---- | C] () -- C:\Windows\System32\RNBOVDD.DLL
[2008.11.20 23:11:02 | 000,000,000 | ---- | C] () -- C:\Windows\MTSTACK.INI
[2008.11.20 22:00:19 | 000,024,227 | ---- | C] () -- C:\Users\Dennis Minaev\AppData\Roaming\UserTile.png
[2008.11.20 21:39:26 | 000,000,634 | ---- | C] () -- C:\Windows\ODBC.INI
[2008.11.20 21:39:25 | 000,001,111 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2008.11.20 03:07:10 | 000,000,025 | ---- | C] () -- C:\Windows\cdplayer.ini
[2008.11.20 00:26:31 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2008.11.20 00:26:30 | 000,006,768 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2008.11.19 23:47:26 | 000,000,060 | ---- | C] () -- C:\Windows\REGKEYCR.INI
[2008.11.19 22:35:05 | 000,001,444 | ---- | C] () -- C:\Windows\photoimpression.ini
[2008.11.19 22:34:37 | 000,000,021 | ---- | C] () -- C:\Windows\PI_setup.ini
[2008.11.19 09:07:25 | 000,643,810 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.11.19 09:07:25 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.11.19 09:07:25 | 000,133,548 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.11.19 09:07:25 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008.11.19 00:51:51 | 000,770,048 | ---- | C] () -- C:\Windows\Microp.dll
[2008.11.19 00:51:51 | 000,225,280 | ---- | C] () -- C:\Windows\SDDetect.exe
[2008.11.19 00:51:51 | 000,131,072 | ---- | C] () -- C:\Windows\VFDAPI.dll
[2008.11.19 00:51:51 | 000,045,056 | ---- | C] () -- C:\Windows\RcKey.dll
[2008.11.19 00:41:54 | 000,004,984 | R--- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2008.11.19 00:28:15 | 000,195,072 | ---- | C] () -- C:\Users\Dennis Minaev\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.11.19 00:19:23 | 000,001,356 | ---- | C] () -- C:\Users\Dennis Minaev\AppData\Local\d3d9caps.dat
[2007.08.16 16:17:50 | 000,143,360 | ---- | C] () -- C:\Windows\System32\nsldap32v50.dll
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,608,708 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,109,842 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005.12.21 17:57:04 | 000,024,576 | ---- | C] () -- C:\Windows\System32\nsldappr32v50.dll
[2005.12.21 17:54:34 | 000,040,960 | ---- | C] () -- C:\Windows\System32\nsldapssl32v50.dll
[2005.07.15 20:35:56 | 000,831,488 | ---- | C] () -- C:\Windows\System32\libeay32.dll
[2005.07.15 20:35:56 | 000,159,744 | ---- | C] () -- C:\Windows\System32\ssleay32.dll
[1997.11.17 18:13:16 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
[1997.09.04 01:00:00 | 000,022,016 | ---- | C] () -- C:\Windows\System32\DOCOBJ.DLL
[1997.09.04 01:00:00 | 000,012,288 | ---- | C] () -- C:\Windows\System32\VADE232.DLL
[1997.09.04 01:00:00 | 000,012,288 | ---- | C] () -- C:\Windows\System32\HLINKPRX.DLL
[1997.09.04 00:00:00 | 000,049,152 | ---- | C] () -- C:\Windows\System32\WRKGADM.EXE
[1997.09.04 00:00:00 | 000,031,232 | ---- | C] () -- C:\Windows\System32\XLREC.DLL
[1997.09.04 00:00:00 | 000,025,600 | ---- | C] () -- C:\Windows\System32\RECNCL.DLL
[1997.09.04 00:00:00 | 000,022,016 | ---- | C] () -- C:\Windows\System32\ODBCSTF.DLL
 
========== LOP Check ==========
 
[2010.05.14 19:03:17 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\AltrixSoft
[2010.05.14 19:10:38 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\CheeseSoft
[2008.11.20 12:47:21 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\CoreCodec
[2008.11.19 02:00:24 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\DisplayTune
[2011.09.10 19:52:07 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\DVDVideoSoft
[2011.08.10 11:47:43 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\DVDVideoSoftIEHelpers
[2009.04.24 15:44:16 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\EPSON
[2011.05.22 17:27:14 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\GetRightToGo
[2011.09.02 17:54:31 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\ICQ
[2008.11.20 02:09:17 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\InterTrust
[2008.11.24 18:31:19 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\InterVideo
[2009.08.16 17:11:45 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Leadertech
[2010.12.20 16:24:05 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Local
[2011.09.23 20:28:58 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\MAGIX
[2008.11.20 00:36:22 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\MAGIX Fotobuch
[2008.11.20 22:00:19 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\PeerNetworking
[2008.12.11 23:10:20 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\QIP
[2008.11.20 01:51:38 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Serif
[2010.05.10 17:33:26 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Tific
[2010.01.19 23:09:31 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Windows Live Writer
[2009.12.18 12:54:18 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Zylom
[2011.09.25 22:58:34 | 000,032,510 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2010.01.24 13:37:36 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Adobe
[2008.12.13 16:47:37 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Ahead
[2010.05.14 19:03:17 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\AltrixSoft
[2008.11.20 02:13:38 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\ArcSoft
[2010.10.18 17:35:15 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Avira
[2010.05.14 19:10:38 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\CheeseSoft
[2008.11.20 12:47:21 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\CoreCodec
[2009.08.12 11:05:39 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\CorelHomeOffice
[2008.11.22 20:14:20 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\CyberLink
[2008.11.19 02:00:24 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\DisplayTune
[2010.11.14 18:11:15 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\DivX
[2010.07.24 00:35:23 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\dvdcss
[2011.09.10 19:52:07 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\DVDVideoSoft
[2011.08.10 11:47:43 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\DVDVideoSoftIEHelpers
[2009.04.24 15:44:16 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\EPSON
[2011.05.22 17:27:14 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\GetRightToGo
[2008.11.20 03:10:58 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Google
[2011.08.09 16:13:56 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Hamachi
[2011.09.02 17:54:31 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\ICQ
[2009.12.18 12:54:18 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Identities
[2008.11.26 23:36:15 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\InstallShield
[2008.11.20 02:09:17 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\InterTrust
[2008.11.24 18:31:19 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\InterVideo
[2009.08.16 17:11:45 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Leadertech
[2010.12.20 16:24:05 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Local
[2008.11.20 03:10:48 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Macromedia
[2011.09.23 20:28:58 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\MAGIX
[2008.11.20 00:36:22 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\MAGIX Fotobuch
[2011.09.23 21:01:02 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Malwarebytes
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Media Center Programs
[2011.06.07 20:12:20 | 000,000,000 | --SD | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Microsoft
[2008.11.27 12:10:04 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla
[2008.11.20 22:00:19 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\PeerNetworking
[2008.12.11 23:10:20 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\QIP
[2008.11.20 03:07:10 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Real
[2009.08.08 03:56:58 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Roxio
[2009.01.10 13:08:31 | 000,000,000 | RH-D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\SecuROM
[2008.11.20 01:51:38 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Serif
[2010.05.10 17:33:26 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Tific
[2011.09.03 16:24:13 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\vlc
[2011.09.25 19:10:46 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Winamp
[2010.01.19 23:09:31 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Windows Live Writer
[2009.10.24 15:53:42 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\WinRAR
[2009.12.18 12:54:18 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Zylom
 
< %APPDATA%\*.exe /s >
[2007.01.01 18:01:25 | 000,009,728 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\MAGIX Fotobuch\xtras\localVista.exe
[2007.01.08 10:34:46 | 000,006,656 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\MAGIX Fotobuch\xtras\localXP.exe
[2006.12.21 13:16:20 | 000,021,504 | ---- | M] (Optimum X) -- C:\Users\Dennis Minaev\AppData\Roaming\MAGIX Fotobuch\xtras\shellExecute.exe
[2006.12.21 13:16:15 | 000,009,216 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\MAGIX Fotobuch\xtras\sleep.exe
[2010.03.05 17:49:50 | 000,197,632 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\chrome\content\id_imbooster4web_v6\TbHelper2.exe
[2010.03.12 18:45:00 | 000,042,496 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\chrome\content\id_imbooster4web_v6\uninstall.exe
[2010.03.12 18:45:00 | 000,056,832 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\chrome\content\id_imbooster4web_v6\update.exe
[2010.03.19 13:04:44 | 000,152,664 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\components\setup_widget_serv.exe
 
< %SYSTEMDRIVE%\*.exe >
 
 
< MD5 for: AGP440.SYS  >
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
< MD5 for: AHCIX86S.SYS  >
[2007.12.19 19:45:00 | 000,170,000 | ---- | M] (AMD Technologies Inc.) MD5=0DEE2B628D4C6E23285BB91EFFDABFDE -- C:\Windows\System32\drivers\ahcix86s.sys
[2007.12.19 19:45:00 | 000,170,000 | ---- | M] (AMD Technologies Inc.) MD5=0DEE2B628D4C6E23285BB91EFFDABFDE -- C:\Windows\System32\DriverStore\FileRepository\ahcix86s.inf_71554ba4\ahcix86s.sys
 
< MD5 for: ATAPI.SYS  >
[2008.04.23 12:43:22 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_4c9c5a00\atapi.sys
[2008.04.23 12:43:22 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18034_none_dd1bb97e219e87cb\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.04.23 12:43:22 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=96DC4E1A9F90CCD489950A8935425C59 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22134_none_dda556493abc2795\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: IASTORV.SYS  >
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
< MD5 for: NVSTOR32.SYS  >
[2007.10.31 12:23:00 | 000,115,744 | ---- | M] (NVIDIA Corporation) MD5=9D2BD672C0461185D6EA1AE8BD3AE3F4 -- C:\Windows\System32\drivers\nvstor32.sys
[2007.10.31 12:23:00 | 000,115,744 | ---- | M] (NVIDIA Corporation) MD5=9D2BD672C0461185D6EA1AE8BD3AE3F4 -- C:\Windows\System32\DriverStore\FileRepository\nvrd32.inf_04bc6797\nvstor32.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
< MD5 for: USER32.DLL  >
[2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
<           >

< End of report >

--- --- ---

Gruß
Dennis

cosinus · 26.09.2011, 19:46

Zitat:

O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll (Veoh Networks Inc)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Softonic-Eng7 Toolbar) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSof1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Veoh Video Compass) - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Program Files\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll (Veoh Networks)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files\IMinent Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.5\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (Hotspot Shield Toolbar) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHot1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Softonic-Eng7 Toolbar) - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - C:\Program Files\Softonic-Eng7\tbSof1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files\IMinent Toolbar\tbcore3.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Hotspot Shield Toolbar) - {C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - C:\Program Files\Hotspot_Shield\tbHot1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)

Wieso müllst du dir das System mit nutzlosen Toolbars zu?
Deinstalliere über Systemsteuerung unter Software bzw. Programme und Funktionen alles wo Toolbar zu sehen ist. Bei zukünftigen Programminstallation immer die benutzerdefinierte Methode anklicken, damit man bei der Installation mögliche Toolbars abwählen kann.
Deinstalliere bei der Gelegenheit auch alle anderen unnötigen Programme über die Systemsteuerung.

Mach danach ein neues OTL-Custom-Log.

Raccoon · 27.09.2011, 18:30

OK.

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 27.09.2011 19:11:42 - Run 3
OTL by OldTimer - Version 3.2.29.1     Folder = C:\Users\Dennis Minaev\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19120)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 2,02 Gb Available Physical Memory | 62,16% Memory free
6,71 Gb Paging File | 5,35 Gb Available in Paging File | 79,62% Paging File free
Paging file location(s): ?:\pagefile.sys
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,75 Gb Total Space | 346,17 Gb Free Space | 74,33% Space Free | Partition Type: NTFS
Drive D: | 465,75 Gb Total Space | 22,48 Gb Free Space | 4,83% Space Free | Partition Type: NTFS
 
Computer Name: VISTA | User Name: Dennis Minaev | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - C:\Users\Dennis Minaev\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Steam\steam.exe (Valve Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe (DivX, LLC)
PRC - C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Winamp\winampa.exe ()
PRC - C:\Program Files\QIP\qip.exe (The Author of QIP)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Windows\SDDetect.exe ()
PRC - C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
PRC - C:\Program Files\Microsoft Office\Office\FINDFAST.EXE (Microsoft Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files\Steam\bin\libcef.dll ()
MOD - C:\Program Files\Steam\bin\avcodec-52.dll ()
MOD - C:\Program Files\Steam\bin\chromehtml.dll ()
MOD - C:\Program Files\Steam\bin\avformat-52.dll ()
MOD - C:\Program Files\Steam\bin\avutil-50.dll ()
MOD - C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Program Files\Winamp\winampa.exe ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()
MOD - C:\Windows\Microp.dll ()
MOD - C:\Windows\SDDetect.exe ()
MOD - C:\Program Files\QIP\Plugins\docking.dll ()
MOD - C:\Windows\VFDAPI.dll ()
MOD - C:\Program Files\Hercules\WebCam Station\PhotoImpression\Share\PIHook.dll ()
MOD - C:\Program Files\Microsoft Office\Office\MSO97.DLL ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (UPnPService) --  File not found
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (WMZuneComm) -- C:\Program Files\Zune\WMZuneComm.exe (Microsoft Corporation)
SRV - (ZuneWlanCfgSvc) -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe (Microsoft Corporation)
SRV - (ZuneNetworkSvc) -- C:\Program Files\Zune\ZuneNss.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (CCALib8) -- C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (taphss) -- C:\Windows\System32\drivers\taphss.sys (AnchorFree Inc)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (winusb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (KMWDFILTER) -- C:\Windows\System32\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (ahcix86s) -- C:\Windows\system32\drivers\ahcix86s.sys (AMD Technologies Inc.)
DRV - (RxFilter) -- C:\Windows\System32\drivers\RxFilter.sys (Sonic Solutions)
DRV - (nvrd32) -- C:\Windows\system32\drivers\nvrd32.sys (NVIDIA Corporation)
DRV - (nvstor32) -- C:\Windows\system32\drivers\nvstor32.sys (NVIDIA Corporation)
DRV - (JRAID) -- C:\Windows\system32\drivers\jraid.sys (JMicron Technology Corp.)
DRV - (ovt530) -- C:\Windows\System32\drivers\ov530vid.sys (OmniVision Technologies, Inc.)
DRV - (ElbyDelay) -- C:\Windows\System32\drivers\ElbyDelay.sys (Elaborate Bytes)
DRV - (Sentinel) -- C:\Windows\System32\Drivers\SENTINEL.SYS ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = 
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://qip.ru
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.qip.ru
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.bearshare.com/sidebar.html?src=ssb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.qip.ru
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/home?AF=18827
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE,en-US;q=0.7,ru-RU;q=0.3
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CA 07 A9 EB 5B CB C9 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.qip.ru/ie
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - No CLSID value found
IE - HKCU\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Dennis Minaev\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaultthis.engineName: "Hotspot Shield Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1561552&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "google.de"
FF - prefs.js..extensions.enabledItems: foxmarks@kei.com:3.9.5
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.12.1
FF - prefs.js..extensions.enabledItems: {32a1fd71-835e-4b11-8e54-886fda0b4c89}:1.1
FF - prefs.js..extensions.enabledItems: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}:3.3.2.1
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.2.1
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.2
FF - prefs.js..extensions.enabledItems: web@veoh.com:1.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.2.1
FF - prefs.js..keyword.URL: "hxxp://search.babylon.com/?babsrc=toolbar2&q="
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player:  File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2010.12.20 16:24:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2010.12.20 16:24:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.09.08 20:03:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.08.23 18:16:51 | 000,000,000 | ---D | M]
 
[2008.11.27 12:10:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Extensions
[2011.09.26 22:22:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions
[2011.03.03 19:24:53 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2011.03.03 19:24:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.08.08 16:52:24 | 000,000,000 | ---D | M] (QipAuthorizer) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
[2011.08.01 13:33:33 | 000,000,000 | ---D | M] (Softonic-Eng7 Community Toolbar) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}
[2011.08.01 13:33:35 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011.08.19 17:27:35 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.08.15 17:26:47 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.08.13 12:39:16 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.08.15 17:26:49 | 000,000,000 | ---D | M] (Hotspot Shield Community Toolbar) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}
[2011.06.07 20:12:27 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
[2011.05.26 21:51:38 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\engine@conduit.com
[2011.08.18 15:55:26 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\ffxtlbr@babylon.com
[2009.11.04 21:54:25 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\moveplayer@movenetworks.com
[2010.01.27 14:09:59 | 000,002,171 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\bing.xml
[2011.03.21 16:46:44 | 000,000,931 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\conduit.xml
[2011.09.22 16:15:12 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-1.xml
[2009.08.04 20:19:46 | 000,000,961 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-10.xml
[2009.09.15 20:28:57 | 000,000,961 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-11.xml
[2009.11.01 15:56:31 | 000,000,961 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-12.xml
[2009.12.19 15:14:24 | 000,000,961 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-13.xml
[2010.01.10 17:15:12 | 000,000,961 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-14.xml
[2010.01.31 21:54:09 | 000,000,961 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-15.xml
[2010.03.21 12:15:03 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-16.xml
[2010.03.24 17:38:42 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-17.xml
[2010.03.29 22:46:13 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-18.xml
[2010.06.27 13:07:42 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-19.xml
[2008.12.19 18:42:00 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-2.xml
[2010.07.03 21:18:26 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-20.xml
[2010.07.22 21:29:43 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-21.xml
[2010.07.25 15:15:53 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-22.xml
[2010.08.08 16:58:57 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-23.xml
[2010.10.06 19:47:08 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-24.xml
[2011.01.06 18:36:51 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-25.xml
[2011.02.07 15:05:30 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-26.xml
[2011.03.02 15:22:05 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-27.xml
[2011.03.03 19:25:41 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-28.xml
[2011.03.07 14:35:07 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-29.xml
[2009.02.04 21:19:55 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-3.xml
[2011.03.22 20:51:11 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-30.xml
[2011.05.05 21:16:44 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-31.xml
[2011.05.05 22:18:13 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-32.xml
[2011.07.04 19:48:19 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-33.xml
[2011.08.15 18:06:46 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-34.xml
[2011.09.04 19:39:39 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-35.xml
[2011.09.08 20:03:23 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-36.xml
[2011.09.27 17:35:47 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-37.xml
[2009.03.06 17:29:43 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-4.xml
[2009.03.29 15:00:03 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-5.xml
[2009.04.25 12:56:57 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-6.xml
[2009.04.28 16:07:05 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-7.xml
[2009.06.14 18:17:50 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-8.xml
[2009.07.22 12:24:54 | 000,000,961 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-9.xml
[2010.05.12 18:40:06 | 000,001,042 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin.xml
[2010.08.08 21:19:54 | 000,002,062 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\qip-search.xml
[2009.05.18 16:26:49 | 000,001,196 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\winamp-search.xml
[2011.09.27 17:35:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010.11.07 16:27:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.02.03 22:48:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.04.06 18:22:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.06.22 19:17:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
() (No name found) -- C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\DENNIS MINAEV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5TPJS8DC.DEFAULT\EXTENSIONS\PERSONAS@CHRISTOPHER.BEARD.XPI
[2011.09.08 20:03:09 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.05.04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.09.04 19:39:27 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.05.05 21:53:04 | 000,002,226 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011.09.04 19:39:27 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.09.04 19:39:27 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.09.04 19:39:27 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.09.04 19:39:27 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.09.04 19:39:27 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (no name) - {95289393-33EA-4F8D-B952-483415B9C955} - No CLSID value found.
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Dennis Minaev\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C3CD744D-2FAE-4640-8297-16B5DA423104} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Windows\System32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [VFD_DISPLAY] C:\Windows\SDDetect.exe ()
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKCU..\Run: [EPSON Stylus DX5000 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIBVE.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [QIP2005] C:\Program Files\QIP\qip.exe (The Author of QIP)
O4 - HKCU..\Run: [Steam] c:\program files\steam\steam.exe (Valve Corporation)
O8 - Extra context menu item: Free YouTube Download - C:\Users\Dennis Minaev\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Dennis Minaev\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html File not found
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9C8D4F44-9D7E-4DA8-B2D6-415707E73AFD}: DhcpNameServer = 192.168.2.1
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Dennis Minaev\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Dennis Minaev\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Windows Media Player 5.2
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 11.0.3
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 11.0.3
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: SENTINEL - C:\Windows\System32\SNTI386.DLL ()
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.IV41 - C:\Windows\System32\ir41_32.dll (Intel Corporation)
Drivers32: VIDC.MKVC - C:\Windows\System32\KMVIDC32.DLL ()
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.09.27 19:04:50 | 000,000,000 | ---D | C] -- C:\Users\Dennis Minaev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
[2011.09.24 23:27:09 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011.09.24 23:26:35 | 002,322,184 | ---- | C] (ESET) -- C:\Users\Dennis Minaev\Desktop\esetsmartinstaller_enu.exe
[2011.09.24 22:36:38 | 000,000,000 | ---D | C] -- C:\Users\Dennis Minaev\Desktop\Subway to Sally
[2011.09.23 21:01:02 | 000,000,000 | ---D | C] -- C:\Users\Dennis Minaev\AppData\Roaming\Malwarebytes
[2011.09.23 21:00:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.09.23 21:00:53 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.09.23 21:00:52 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.09.23 21:00:15 | 009,852,544 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Dennis Minaev\Desktop\mbam-setup-1.51.2.1300.exe
[2011.09.23 20:28:52 | 000,000,000 | ---D | C] -- C:\Users\Dennis Minaev\Documents\MAGIX_MusicEditor
[2011.09.23 20:27:26 | 000,000,000 | ---D | C] -- C:\Program Files\MAGIX
[2011.09.23 20:27:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MAGIX Services
[2011.09.20 22:16:35 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Users\Dennis Minaev\Desktop\OTL.exe
[2011.09.20 18:49:25 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.09.27 19:04:56 | 000,035,655 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011.09.27 19:04:55 | 000,035,655 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011.09.27 19:04:47 | 000,005,008 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.09.27 19:04:46 | 000,005,008 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.09.27 19:04:46 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.09.27 19:04:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.09.27 18:54:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.09.26 22:30:52 | 000,000,097 | ---- | M] () -- C:\Windows\System32\WININIT.INI
[2011.09.26 22:30:51 | 000,000,000 | ---- | M] () -- C:\Windows\7thlevel.ini
[2011.09.26 19:16:31 | 000,195,584 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.09.26 17:44:08 | 000,643,810 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.09.26 17:44:08 | 000,608,708 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.09.26 17:44:08 | 000,133,548 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.09.26 17:44:08 | 000,109,842 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.09.24 23:26:37 | 002,322,184 | ---- | M] (ESET) -- C:\Users\Dennis Minaev\Desktop\esetsmartinstaller_enu.exe
[2011.09.23 21:00:57 | 000,000,912 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.09.23 21:00:23 | 009,852,544 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Dennis Minaev\Desktop\mbam-setup-1.51.2.1300.exe
[2011.09.21 17:15:28 | 000,519,288 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.09.20 22:16:37 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Dennis Minaev\Desktop\OTL.exe
[2011.09.20 18:49:26 | 000,000,810 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.09.17 23:55:42 | 000,001,356 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Local\d3d9caps.dat
[2011.09.10 19:51:41 | 000,001,197 | ---- | M] () -- C:\Users\Dennis Minaev\Desktop\YouTube Converter.lnk
[2011.08.31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.09.26 22:30:52 | 000,000,097 | ---- | C] () -- C:\Windows\System32\WININIT.INI
[2011.09.26 22:30:51 | 000,000,000 | ---- | C] () -- C:\Windows\7thlevel.ini
[2011.09.23 21:00:57 | 000,000,912 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.09.21 17:15:01 | 000,519,288 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.09.20 18:49:26 | 000,000,810 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.09.10 19:51:41 | 000,001,197 | ---- | C] () -- C:\Users\Dennis Minaev\Desktop\YouTube Converter.lnk
[2011.03.20 14:51:49 | 000,028,672 | ---- | C] () -- C:\Windows\System32\mmcico32.dll
[2011.02.10 19:40:44 | 000,606,208 | ---- | C] () -- C:\Windows\System32\pngd3l32.dll
[2010.11.22 21:58:25 | 000,036,352 | ---- | C] () -- C:\Windows\System32\sxgunins.dll
[2010.11.22 21:58:22 | 000,028,672 | ---- | C] () -- C:\Windows\Oiduts.dll
[2010.11.22 21:58:22 | 000,000,227 | ---- | C] () -- C:\Windows\sxg07.ini
[2010.05.10 19:14:34 | 000,044,953 | ---- | C] () -- C:\Windows\War3Unin.dat
[2010.03.13 12:34:47 | 000,047,104 | ---- | C] () -- C:\Windows\System32\KMVIDC32.DLL
[2010.01.06 22:12:07 | 000,000,101 | ---- | C] () -- C:\Users\Dennis Minaev\AppData\Local\fusioncache.dat
[2009.12.12 01:24:51 | 000,035,655 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.12.11 21:43:14 | 000,035,655 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009.08.12 12:08:31 | 000,000,022 | ---- | C] () -- C:\Windows\exchng.ini
[2009.08.08 01:24:38 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.08.08 01:24:38 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.06.03 18:58:01 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2009.06.03 18:58:00 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2009.06.03 18:58:00 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2009.06.03 18:43:06 | 000,036,105 | ---- | C] () -- C:\Windows\DIIUnin.dat
[2009.05.12 19:01:21 | 000,000,179 | ---- | C] () -- C:\Windows\dievölkergold.ini
[2009.04.18 13:50:18 | 000,001,013 | ---- | C] () -- C:\Windows\eReg.dat
[2008.11.28 14:53:34 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2008.11.27 11:54:59 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008.11.27 00:58:31 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.11.26 23:36:16 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2008.11.26 23:36:16 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2008.11.26 23:36:16 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2008.11.26 23:36:16 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2008.11.26 23:36:16 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2008.11.26 23:36:16 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2008.11.26 23:36:16 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2008.11.26 23:36:16 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2008.11.26 23:36:16 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2008.11.26 23:36:16 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2008.11.26 23:36:16 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2008.11.26 23:36:16 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2008.11.26 23:36:16 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2008.11.26 23:36:16 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2008.11.26 23:36:16 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2008.11.26 23:36:16 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2008.11.26 23:36:16 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2008.11.26 23:36:16 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2008.11.26 23:36:16 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2008.11.26 23:34:02 | 000,000,025 | ---- | C] () -- C:\Windows\CDE DX5000EFDG.ini
[2008.11.24 20:06:33 | 000,000,000 | ---- | C] () -- C:\Windows\PROTOCOL.INI
[2008.11.20 23:11:03 | 000,064,512 | ---- | C] () -- C:\Windows\System32\drivers\SENTINEL.SYS
[2008.11.20 23:11:03 | 000,038,400 | ---- | C] () -- C:\Windows\System32\SNTI386.DLL
[2008.11.20 23:11:03 | 000,016,896 | ---- | C] () -- C:\Windows\System32\RNBOVDD.DLL
[2008.11.20 23:11:02 | 000,000,000 | ---- | C] () -- C:\Windows\MTSTACK.INI
[2008.11.20 22:00:19 | 000,024,227 | ---- | C] () -- C:\Users\Dennis Minaev\AppData\Roaming\UserTile.png
[2008.11.20 21:39:26 | 000,000,634 | ---- | C] () -- C:\Windows\ODBC.INI
[2008.11.20 21:39:25 | 000,001,111 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2008.11.20 03:07:10 | 000,000,025 | ---- | C] () -- C:\Windows\cdplayer.ini
[2008.11.20 00:26:31 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2008.11.20 00:26:30 | 000,006,768 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2008.11.19 23:47:26 | 000,000,060 | ---- | C] () -- C:\Windows\REGKEYCR.INI
[2008.11.19 22:35:05 | 000,001,444 | ---- | C] () -- C:\Windows\photoimpression.ini
[2008.11.19 22:34:37 | 000,000,021 | ---- | C] () -- C:\Windows\PI_setup.ini
[2008.11.19 09:07:25 | 000,643,810 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.11.19 09:07:25 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.11.19 09:07:25 | 000,133,548 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.11.19 09:07:25 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008.11.19 00:51:51 | 000,770,048 | ---- | C] () -- C:\Windows\Microp.dll
[2008.11.19 00:51:51 | 000,225,280 | ---- | C] () -- C:\Windows\SDDetect.exe
[2008.11.19 00:51:51 | 000,131,072 | ---- | C] () -- C:\Windows\VFDAPI.dll
[2008.11.19 00:51:51 | 000,045,056 | ---- | C] () -- C:\Windows\RcKey.dll
[2008.11.19 00:41:54 | 000,004,984 | R--- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2008.11.19 00:28:15 | 000,195,584 | ---- | C] () -- C:\Users\Dennis Minaev\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.11.19 00:19:23 | 000,001,356 | ---- | C] () -- C:\Users\Dennis Minaev\AppData\Local\d3d9caps.dat
[2007.08.16 16:17:50 | 000,143,360 | ---- | C] () -- C:\Windows\System32\nsldap32v50.dll
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,608,708 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,109,842 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005.12.21 17:57:04 | 000,024,576 | ---- | C] () -- C:\Windows\System32\nsldappr32v50.dll
[2005.12.21 17:54:34 | 000,040,960 | ---- | C] () -- C:\Windows\System32\nsldapssl32v50.dll
[2005.07.15 20:35:56 | 000,831,488 | ---- | C] () -- C:\Windows\System32\libeay32.dll
[2005.07.15 20:35:56 | 000,159,744 | ---- | C] () -- C:\Windows\System32\ssleay32.dll
[1997.11.17 18:13:16 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
[1997.09.04 01:00:00 | 000,022,016 | ---- | C] () -- C:\Windows\System32\DOCOBJ.DLL
[1997.09.04 01:00:00 | 000,012,288 | ---- | C] () -- C:\Windows\System32\VADE232.DLL
[1997.09.04 01:00:00 | 000,012,288 | ---- | C] () -- C:\Windows\System32\HLINKPRX.DLL
[1997.09.04 00:00:00 | 000,049,152 | ---- | C] () -- C:\Windows\System32\WRKGADM.EXE
[1997.09.04 00:00:00 | 000,031,232 | ---- | C] () -- C:\Windows\System32\XLREC.DLL
[1997.09.04 00:00:00 | 000,025,600 | ---- | C] () -- C:\Windows\System32\RECNCL.DLL
[1997.09.04 00:00:00 | 000,022,016 | ---- | C] () -- C:\Windows\System32\ODBCSTF.DLL
 
========== LOP Check ==========
 
[2010.05.14 19:03:17 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\AltrixSoft
[2010.05.14 19:10:38 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\CheeseSoft
[2008.11.20 12:47:21 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\CoreCodec
[2008.11.19 02:00:24 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\DisplayTune
[2011.09.10 19:52:07 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\DVDVideoSoft
[2011.08.10 11:47:43 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\DVDVideoSoftIEHelpers
[2009.04.24 15:44:16 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\EPSON
[2011.05.22 17:27:14 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\GetRightToGo
[2011.09.26 22:22:30 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\ICQ
[2008.11.20 02:09:17 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\InterTrust
[2008.11.24 18:31:19 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\InterVideo
[2009.08.16 17:11:45 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Leadertech
[2010.12.20 16:24:05 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Local
[2011.09.23 20:28:58 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\MAGIX
[2008.11.20 00:36:22 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\MAGIX Fotobuch
[2008.11.20 22:00:19 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\PeerNetworking
[2008.12.11 23:10:20 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\QIP
[2008.11.20 01:51:38 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Serif
[2010.05.10 17:33:26 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Tific
[2010.01.19 23:09:31 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Windows Live Writer
[2009.12.18 12:54:18 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Zylom
[2011.09.27 19:04:44 | 000,032,510 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2010.01.24 13:37:36 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Adobe
[2008.12.13 16:47:37 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Ahead
[2010.05.14 19:03:17 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\AltrixSoft
[2008.11.20 02:13:38 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\ArcSoft
[2010.10.18 17:35:15 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Avira
[2010.05.14 19:10:38 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\CheeseSoft
[2008.11.20 12:47:21 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\CoreCodec
[2009.08.12 11:05:39 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\CorelHomeOffice
[2008.11.22 20:14:20 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\CyberLink
[2008.11.19 02:00:24 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\DisplayTune
[2010.11.14 18:11:15 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\DivX
[2010.07.24 00:35:23 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\dvdcss
[2011.09.10 19:52:07 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\DVDVideoSoft
[2011.08.10 11:47:43 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\DVDVideoSoftIEHelpers
[2009.04.24 15:44:16 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\EPSON
[2011.05.22 17:27:14 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\GetRightToGo
[2008.11.20 03:10:58 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Google
[2011.08.09 16:13:56 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Hamachi
[2011.09.26 22:22:30 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\ICQ
[2009.12.18 12:54:18 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Identities
[2008.11.26 23:36:15 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\InstallShield
[2008.11.20 02:09:17 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\InterTrust
[2008.11.24 18:31:19 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\InterVideo
[2009.08.16 17:11:45 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Leadertech
[2010.12.20 16:24:05 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Local
[2008.11.20 03:10:48 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Macromedia
[2011.09.23 20:28:58 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\MAGIX
[2008.11.20 00:36:22 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\MAGIX Fotobuch
[2011.09.23 21:01:02 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Malwarebytes
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Media Center Programs
[2011.09.27 17:35:45 | 000,000,000 | --SD | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Microsoft
[2008.11.27 12:10:04 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla
[2008.11.20 22:00:19 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\PeerNetworking
[2008.12.11 23:10:20 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\QIP
[2011.09.26 22:32:24 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Real
[2009.08.08 03:56:58 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Roxio
[2009.01.10 13:08:31 | 000,000,000 | RH-D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\SecuROM
[2008.11.20 01:51:38 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Serif
[2010.05.10 17:33:26 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Tific
[2011.09.26 22:14:26 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Winamp
[2010.01.19 23:09:31 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Windows Live Writer
[2009.10.24 15:53:42 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\WinRAR
[2009.12.18 12:54:18 | 000,000,000 | ---D | M] -- C:\Users\Dennis Minaev\AppData\Roaming\Zylom
 
< %APPDATA%\*.exe /s >
[2007.01.01 18:01:25 | 000,009,728 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\MAGIX Fotobuch\xtras\localVista.exe
[2007.01.08 10:34:46 | 000,006,656 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\MAGIX Fotobuch\xtras\localXP.exe
[2006.12.21 13:16:20 | 000,021,504 | ---- | M] (Optimum X) -- C:\Users\Dennis Minaev\AppData\Roaming\MAGIX Fotobuch\xtras\shellExecute.exe
[2006.12.21 13:16:15 | 000,009,216 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\MAGIX Fotobuch\xtras\sleep.exe
[2010.03.05 17:49:50 | 000,197,632 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\chrome\content\id_imbooster4web_v6\TbHelper2.exe
[2010.03.12 18:45:00 | 000,042,496 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\chrome\content\id_imbooster4web_v6\uninstall.exe
[2010.03.12 18:45:00 | 000,056,832 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\chrome\content\id_imbooster4web_v6\update.exe
[2010.03.19 13:04:44 | 000,152,664 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\components\setup_widget_serv.exe
 
< %SYSTEMDRIVE%\*.exe >
 
 
< MD5 for: AGP440.SYS  >
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
< MD5 for: AHCIX86S.SYS  >
[2007.12.19 19:45:00 | 000,170,000 | ---- | M] (AMD Technologies Inc.) MD5=0DEE2B628D4C6E23285BB91EFFDABFDE -- C:\Windows\System32\drivers\ahcix86s.sys
[2007.12.19 19:45:00 | 000,170,000 | ---- | M] (AMD Technologies Inc.) MD5=0DEE2B628D4C6E23285BB91EFFDABFDE -- C:\Windows\System32\DriverStore\FileRepository\ahcix86s.inf_71554ba4\ahcix86s.sys
 
< MD5 for: ATAPI.SYS  >
[2008.04.23 12:43:22 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_4c9c5a00\atapi.sys
[2008.04.23 12:43:22 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18034_none_dd1bb97e219e87cb\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.04.23 12:43:22 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=96DC4E1A9F90CCD489950A8935425C59 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22134_none_dda556493abc2795\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: IASTORV.SYS  >
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
< MD5 for: NVSTOR32.SYS  >
[2007.10.31 12:23:00 | 000,115,744 | ---- | M] (NVIDIA Corporation) MD5=9D2BD672C0461185D6EA1AE8BD3AE3F4 -- C:\Windows\System32\drivers\nvstor32.sys
[2007.10.31 12:23:00 | 000,115,744 | ---- | M] (NVIDIA Corporation) MD5=9D2BD672C0461185D6EA1AE8BD3AE3F4 -- C:\Windows\System32\DriverStore\FileRepository\nvrd32.inf_04bc6797\nvstor32.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
< MD5 for: USER32.DLL  >
[2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
<           >

< End of report >

--- --- ---

Gruß
Dennis

cosinus · 27.09.2011, 19:34

Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:

ATTFilter

:OTL
[2010.08.08 16:52:24 | 000,000,000 | ---D | M] (QipAuthorizer) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
[2011.08.01 13:33:33 | 000,000,000 | ---D | M] (Softonic-Eng7 Community Toolbar) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}
[2011.08.01 13:33:35 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011.08.19 17:27:35 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.08.15 17:26:47 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.08.13 12:39:16 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.08.15 17:26:49 | 000,000,000 | ---D | M] (Hotspot Shield Community Toolbar) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}
[2011.06.07 20:12:27 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
[2011.05.26 21:51:38 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\engine@conduit.com
[2011.08.18 15:55:26 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\ffxtlbr@babylon.com
[2010.01.27 14:09:59 | 000,002,171 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\bing.xml
[2011.03.21 16:46:44 | 000,000,931 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\conduit.xml
[2011.09.22 16:15:12 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-1.xml
[2009.08.04 20:19:46 | 000,000,961 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-10.xml
[2009.09.15 20:28:57 | 000,000,961 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-11.xml
[2009.11.01 15:56:31 | 000,000,961 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-12.xml
[2009.12.19 15:14:24 | 000,000,961 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-13.xml
[2010.01.10 17:15:12 | 000,000,961 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-14.xml
[2010.01.31 21:54:09 | 000,000,961 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-15.xml
[2010.03.21 12:15:03 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-16.xml
[2010.03.24 17:38:42 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-17.xml
[2010.03.29 22:46:13 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-18.xml
[2010.06.27 13:07:42 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-19.xml
[2008.12.19 18:42:00 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-2.xml
[2010.07.03 21:18:26 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-20.xml
[2010.07.22 21:29:43 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-21.xml
[2010.07.25 15:15:53 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-22.xml
[2010.08.08 16:58:57 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-23.xml
[2010.10.06 19:47:08 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-24.xml
[2011.01.06 18:36:51 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-25.xml
[2011.02.07 15:05:30 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-26.xml
[2011.03.02 15:22:05 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-27.xml
[2011.03.03 19:25:41 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-28.xml
[2011.03.07 14:35:07 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-29.xml
[2009.02.04 21:19:55 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-3.xml
[2011.03.22 20:51:11 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-30.xml
[2011.05.05 21:16:44 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-31.xml
[2011.05.05 22:18:13 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-32.xml
[2011.07.04 19:48:19 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-33.xml
[2011.08.15 18:06:46 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-34.xml
[2011.09.04 19:39:39 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-35.xml
[2011.09.08 20:03:23 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-36.xml
[2011.09.27 17:35:47 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-37.xml
[2009.03.06 17:29:43 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-4.xml
[2009.03.29 15:00:03 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-5.xml
[2009.04.25 12:56:57 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-6.xml
[2009.04.28 16:07:05 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-7.xml
[2009.06.14 18:17:50 | 000,000,950 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-8.xml
[2009.07.22 12:24:54 | 000,000,961 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-9.xml
[2010.05.12 18:40:06 | 000,001,042 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin.xml
[2010.08.08 21:19:54 | 000,002,062 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\qip-search.xml
[2009.05.18 16:26:49 | 000,001,196 | ---- | M] () -- C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\winamp-search.xml
[2011.05.05 21:53:04 | 000,002,226 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
O2 - BHO: (no name) - {95289393-33EA-4F8D-B952-483415B9C955} - No CLSID value found.
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Dennis Minaev\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C3CD744D-2FAE-4640-8297-16B5DA423104} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No CLSID value found.
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
:Commands
[emptytemp]
[resethosts]

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Raccoon · 29.09.2011, 17:21

Hier nun das Ergebnis:

All processes killed
========== OTL ==========
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\defaults\preferences folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\defaults folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\components folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\skin folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\locale\en-US folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\locale folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\content folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89} folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\searchplugin folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\modules folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\META-INF folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\defaults folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\chrome folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\META-INF folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\defaults\preferences folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\defaults folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\chrome folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\searchplugin folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\META-INF folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\defaults folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\chrome folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\chrome folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}\searchplugin folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}\modules folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}\META-INF folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}\defaults folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}\components folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}\chrome folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d} folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\components folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\chrome\content\id_imbooster4web_v6 folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\chrome\content folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}\chrome folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444} folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\engine@conduit.com\searchplugin folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\engine@conduit.com\META-INF folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\engine@conduit.com\lib folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\engine@conduit.com\DualPackage folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\engine@conduit.com\defaults folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\engine@conduit.com\components folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\engine@conduit.com\chrome folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\engine@conduit.com folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\ffxtlbr@babylon.com\defaults\preferences folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\ffxtlbr@babylon.com\defaults folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\ffxtlbr@babylon.com\content\imgs\mnRadio folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\ffxtlbr@babylon.com\content\imgs\flgs folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\ffxtlbr@babylon.com\content\imgs folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\ffxtlbr@babylon.com\content folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\ffxtlbr@babylon.com\components folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\mozilla\Firefox\Profiles\5tpjs8dc.default\extensions\ffxtlbr@babylon.com folder moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\bing.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\conduit.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-10.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-11.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-12.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-13.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-14.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-15.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-16.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-17.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-18.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-19.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-20.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-21.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-22.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-23.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-24.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-25.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-26.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-27.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-28.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-29.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-30.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-31.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-32.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-33.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-34.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-35.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-36.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-37.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-4.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-5.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-6.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-7.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-8.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin-9.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\icqplugin.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\qip-search.xml moved successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Mozilla\Firefox\Profiles\5tpjs8dc.default\searchplugins\winamp-search.xml moved successfully.
C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
C:\Users\Dennis Minaev\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{977AE9CC-AF83-45E8-9E03-E2798216E2D5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C3CD744D-2FAE-4640-8297-16B5DA423104} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C3CD744D-2FAE-4640-8297-16B5DA423104}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\WinampAgent deleted successfully.
C:\Program Files\Winamp\winampa.exe moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Dennis Minaev
->Temp folder emptied: 114912410 bytes
->Temporary Internet Files folder emptied: 2840323 bytes
->Java cache emptied: 40187140 bytes
->FireFox cache emptied: 63974922 bytes
->Flash cache emptied: 8026 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 825375 bytes
RecycleBin emptied: 20419 bytes

Total Files Cleaned = 212,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.29.1 log created on 09292011_181511

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Gruß
Dennis

cosinus · 29.09.2011, 18:56

Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )

Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!

Raccoon · 29.09.2011, 19:26

Moin,
um hier mal nichts falsch zu machen. Soll ich bei den Funden (insgesamt vier) auf "Skip" oder "Delete" drücken?? Um dann weiter auf "Continue".

Gruß
Dennis

cosinus · 29.09.2011, 19:31

Erstmal müsste man wissen was genau da gefunden wurde.

Raccoon · 29.09.2011, 19:35

Siehe Anlage.

Gruß
Dennis

cosinus · 29.09.2011, 19:42

ElbyCDIO => hast du ConeDVD oder sowas wie AnyDVD drauf?
Die ersten zwei Elby-Dinger kannste denkich mal lassen, den Rest entfernen lassen

Raccoon · 29.09.2011, 19:57

Anbei der Report.

EDIT: Hier nach einem weiteren Scan wohl der "richtige" Report:

1:03:00.0884 3956 TDSS rootkit removing tool 2.6.2.0 Sep 26 2011 18:56:43
21:03:01.0080 3956 ============================================================
21:03:01.0080 3956 Current date / time: 2011/09/29 21:03:01.0080
21:03:01.0080 3956 SystemInfo:
21:03:01.0080 3956
21:03:01.0080 3956 OS Version: 6.0.6002 ServicePack: 2.0
21:03:01.0080 3956 Product type: Workstation
21:03:01.0081 3956 ComputerName: VISTA
21:03:01.0081 3956 UserName: Dennis Minaev
21:03:01.0081 3956 Windows directory: C:\Windows
21:03:01.0081 3956 System windows directory: C:\Windows
21:03:01.0081 3956 Processor architecture: Intel x86
21:03:01.0081 3956 Number of processors: 4
21:03:01.0081 3956 Page size: 0x1000
21:03:01.0081 3956 Boot type: Normal boot
21:03:01.0081 3956 ============================================================
21:03:02.0499 3956 Initialize success
21:03:07.0136 2804 ============================================================
21:03:07.0136 2804 Scan started
21:03:07.0136 2804 Mode: Manual; SigCheck; TDLFS;
21:03:07.0136 2804 ============================================================
21:03:07.0971 2804 61883 (585e64bb6dfbc0a2f1f0b554ded012df) C:\Windows\system32\DRIVERS\61883.sys
21:03:08.0090 2804 61883 - ok
21:03:08.0115 2804 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
21:03:08.0133 2804 ACPI - ok
21:03:08.0172 2804 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
21:03:08.0191 2804 adp94xx - ok
21:03:08.0216 2804 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
21:03:08.0231 2804 adpahci - ok
21:03:08.0249 2804 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
21:03:08.0259 2804 adpu160m - ok
21:03:08.0280 2804 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
21:03:08.0291 2804 adpu320 - ok
21:03:08.0351 2804 adxapie - ok
21:03:08.0379 2804 Afc - ok
21:03:08.0438 2804 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
21:03:08.0471 2804 AFD - ok
21:03:08.0490 2804 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
21:03:08.0500 2804 agp440 - ok
21:03:08.0532 2804 ahcix86s (0dee2b628d4c6e23285bb91effdabfde) C:\Windows\system32\drivers\ahcix86s.sys
21:03:08.0575 2804 ahcix86s - ok
21:03:08.0604 2804 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
21:03:08.0616 2804 aic78xx - ok
21:03:08.0635 2804 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
21:03:08.0645 2804 aliide - ok
21:03:08.0663 2804 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
21:03:08.0674 2804 amdagp - ok
21:03:08.0689 2804 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
21:03:08.0699 2804 amdide - ok
21:03:08.0722 2804 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
21:03:08.0766 2804 AmdK7 - ok
21:03:08.0781 2804 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
21:03:08.0806 2804 AmdK8 - ok
21:03:08.0876 2804 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
21:03:08.0887 2804 arc - ok
21:03:08.0909 2804 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
21:03:08.0919 2804 arcsas - ok
21:03:09.0019 2804 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
21:03:09.0044 2804 AsyncMac - ok
21:03:09.0081 2804 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
21:03:09.0092 2804 atapi - ok
21:03:09.0141 2804 Avc (f4b56425a00beb32f5fa6603ff7b0ea2) C:\Windows\system32\DRIVERS\avc.sys
21:03:09.0166 2804 Avc - ok
21:03:09.0193 2804 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\Windows\system32\DRIVERS\avgntflt.sys
21:03:09.0208 2804 avgntflt - ok
21:03:09.0233 2804 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\Windows\system32\DRIVERS\avipbb.sys
21:03:09.0251 2804 avipbb - ok
21:03:09.0264 2804 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
21:03:09.0309 2804 Beep - ok
21:03:09.0357 2804 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
21:03:09.0382 2804 blbdrive - ok
21:03:09.0411 2804 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
21:03:09.0437 2804 bowser - ok
21:03:09.0463 2804 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
21:03:09.0482 2804 BrFiltLo - ok
21:03:09.0500 2804 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
21:03:09.0528 2804 BrFiltUp - ok
21:03:09.0550 2804 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
21:03:09.0607 2804 Brserid - ok
21:03:09.0635 2804 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
21:03:09.0679 2804 BrSerWdm - ok
21:03:09.0698 2804 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
21:03:09.0752 2804 BrUsbMdm - ok
21:03:09.0761 2804 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
21:03:09.0806 2804 BrUsbSer - ok
21:03:09.0826 2804 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
21:03:09.0869 2804 BTHMODEM - ok
21:03:09.0910 2804 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
21:03:09.0935 2804 cdfs - ok
21:03:09.0964 2804 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
21:03:09.0984 2804 cdrom - ok
21:03:10.0004 2804 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
21:03:10.0026 2804 circlass - ok
21:03:10.0053 2804 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
21:03:10.0066 2804 CLFS - ok
21:03:10.0108 2804 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
21:03:10.0117 2804 cmdide - ok
21:03:10.0131 2804 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
21:03:10.0141 2804 Compbatt - ok
21:03:10.0158 2804 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
21:03:10.0167 2804 crcdisk - ok
21:03:10.0188 2804 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
21:03:10.0210 2804 Crusoe - ok
21:03:10.0250 2804 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
21:03:10.0277 2804 DfsC - ok
21:03:10.0343 2804 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
21:03:10.0353 2804 disk - ok
21:03:10.0407 2804 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
21:03:10.0424 2804 drmkaud - ok
21:03:10.0463 2804 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
21:03:10.0490 2804 DXGKrnl - ok
21:03:10.0522 2804 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
21:03:10.0548 2804 E1G60 - ok
21:03:10.0603 2804 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
21:03:10.0615 2804 Ecache - ok
21:03:10.0660 2804 ElbyCDIO (37c3a9fef349d13685ec9c2acaaeafce) C:\Windows\system32\Drivers\ElbyCDIO.sys
21:03:10.0664 2804 ElbyCDIO ( UnsignedFile.Multi.Generic ) - warning
21:03:10.0664 2804 ElbyCDIO - detected UnsignedFile.Multi.Generic (1)
21:03:10.0691 2804 ElbyDelay (8d35affbeed58fd66e9fad223de33718) C:\Windows\system32\Drivers\ElbyDelay.sys
21:03:10.0695 2804 ElbyDelay ( UnsignedFile.Multi.Generic ) - warning
21:03:10.0695 2804 ElbyDelay - detected UnsignedFile.Multi.Generic (1)
21:03:10.0716 2804 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
21:03:10.0735 2804 elxstor - ok
21:03:10.0781 2804 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
21:03:10.0806 2804 ErrDev - ok
21:03:10.0851 2804 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
21:03:10.0884 2804 exfat - ok
21:03:10.0920 2804 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
21:03:10.0940 2804 fastfat - ok
21:03:10.0958 2804 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
21:03:10.0982 2804 fdc - ok
21:03:11.0007 2804 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
21:03:11.0017 2804 FileInfo - ok
21:03:11.0040 2804 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
21:03:11.0065 2804 Filetrace - ok
21:03:11.0086 2804 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
21:03:11.0115 2804 flpydisk - ok
21:03:11.0149 2804 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
21:03:11.0163 2804 FltMgr - ok
21:03:11.0221 2804 fssfltr (b74b0578fd1d3f897e95f2a2b69ea051) C:\Windows\system32\DRIVERS\fssfltr.sys
21:03:11.0231 2804 fssfltr - ok
21:03:11.0245 2804 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
21:03:11.0265 2804 Fs_Rec - ok
21:03:11.0282 2804 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
21:03:11.0292 2804 gagp30kx - ok
21:03:11.0325 2804 hamachi (14d11f508e649f1499bd32e145ba80cb) C:\Windows\system32\DRIVERS\hamachi.sys
21:03:11.0338 2804 hamachi - ok
21:03:11.0379 2804 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
21:03:11.0426 2804 HdAudAddService - ok
21:03:11.0462 2804 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
21:03:11.0493 2804 HDAudBus - ok
21:03:11.0534 2804 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
21:03:11.0577 2804 HidBth - ok
21:03:11.0594 2804 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
21:03:11.0643 2804 HidIr - ok
21:03:11.0679 2804 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
21:03:11.0743 2804 HidUsb - ok
21:03:11.0764 2804 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
21:03:11.0774 2804 HpCISSs - ok
21:03:11.0811 2804 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
21:03:11.0834 2804 HTTP - ok
21:03:11.0872 2804 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
21:03:11.0882 2804 i2omp - ok
21:03:11.0912 2804 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
21:03:11.0931 2804 i8042prt - ok
21:03:11.0950 2804 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
21:03:11.0965 2804 iaStorV - ok
21:03:11.0992 2804 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
21:03:12.0001 2804 iirsp - ok
21:03:12.0077 2804 IntcAzAudAddService (737d0390644def1a20c1ccf92c0e9c0c) C:\Windows\system32\drivers\RTKVHDA.sys
21:03:12.0161 2804 IntcAzAudAddService - ok
21:03:12.0211 2804 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
21:03:12.0226 2804 intelide - ok
21:03:12.0242 2804 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
21:03:12.0267 2804 intelppm - ok
21:03:12.0290 2804 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:03:12.0315 2804 IpFilterDriver - ok
21:03:12.0326 2804 IpInIp - ok
21:03:12.0350 2804 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
21:03:12.0376 2804 IPMIDRV - ok
21:03:12.0399 2804 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
21:03:12.0425 2804 IPNAT - ok
21:03:12.0445 2804 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
21:03:12.0474 2804 IRENUM - ok
21:03:12.0490 2804 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
21:03:12.0500 2804 isapnp - ok
21:03:12.0533 2804 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
21:03:12.0546 2804 iScsiPrt - ok
21:03:12.0564 2804 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
21:03:12.0573 2804 iteatapi - ok
21:03:12.0592 2804 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
21:03:12.0601 2804 iteraid - ok
21:03:12.0624 2804 JRAID (ab95b2ddb49f6b6cf52625e56c1f1f71) C:\Windows\system32\drivers\jraid.sys
21:03:12.0638 2804 JRAID - ok
21:03:12.0652 2804 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
21:03:12.0668 2804 kbdclass - ok
21:03:12.0690 2804 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
21:03:12.0709 2804 kbdhid - ok
21:03:12.0741 2804 KMWDFILTER (566c5fd480fdbce3ba5cf9fbcffaea9a) C:\Windows\system32\DRIVERS\KMWDFILTER.sys
21:03:12.0755 2804 KMWDFILTER - ok
21:03:12.0792 2804 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
21:03:12.0812 2804 KSecDD - ok
21:03:12.0844 2804 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
21:03:12.0869 2804 lltdio - ok
21:03:12.0899 2804 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
21:03:12.0910 2804 LSI_FC - ok
21:03:13.0022 2804 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
21:03:13.0035 2804 LSI_SAS - ok
21:03:13.0062 2804 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
21:03:13.0072 2804 LSI_SCSI - ok
21:03:13.0108 2804 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
21:03:13.0134 2804 luafv - ok
21:03:13.0193 2804 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys
21:03:13.0203 2804 MBAMProtector - ok
21:03:13.0231 2804 MBAMSwissArmy - ok
21:03:13.0258 2804 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
21:03:13.0268 2804 megasas - ok
21:03:13.0311 2804 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
21:03:13.0329 2804 MegaSR - ok
21:03:13.0359 2804 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
21:03:13.0385 2804 Modem - ok
21:03:13.0416 2804 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
21:03:13.0441 2804 monitor - ok
21:03:13.0457 2804 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
21:03:13.0472 2804 mouclass - ok
21:03:13.0492 2804 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
21:03:13.0516 2804 mouhid - ok
21:03:13.0553 2804 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
21:03:13.0564 2804 MountMgr - ok
21:03:13.0605 2804 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
21:03:13.0615 2804 mpio - ok
21:03:13.0636 2804 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
21:03:13.0656 2804 mpsdrv - ok
21:03:13.0676 2804 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
21:03:13.0685 2804 Mraid35x - ok
21:03:13.0717 2804 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
21:03:13.0732 2804 MRxDAV - ok
21:03:13.0777 2804 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:03:13.0791 2804 mrxsmb - ok
21:03:13.0816 2804 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:03:13.0831 2804 mrxsmb10 - ok
21:03:13.0852 2804 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:03:13.0865 2804 mrxsmb20 - ok
21:03:13.0895 2804 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
21:03:13.0904 2804 msahci - ok
21:03:13.0926 2804 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
21:03:13.0937 2804 msdsm - ok
21:03:13.0984 2804 MSDV (343291a4dfd7c923c3f71f550830ec1c) C:\Windows\system32\DRIVERS\msdv.sys
21:03:14.0010 2804 MSDV - ok
21:03:14.0030 2804 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
21:03:14.0055 2804 Msfs - ok
21:03:14.0086 2804 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
21:03:14.0096 2804 msisadrv - ok
21:03:14.0128 2804 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
21:03:14.0158 2804 MSKSSRV - ok
21:03:14.0169 2804 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
21:03:14.0198 2804 MSPCLOCK - ok
21:03:14.0214 2804 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
21:03:14.0242 2804 MSPQM - ok
21:03:14.0269 2804 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
21:03:14.0283 2804 MsRPC - ok
21:03:14.0308 2804 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
21:03:14.0318 2804 mssmbios - ok
21:03:14.0332 2804 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
21:03:14.0361 2804 MSTEE - ok
21:03:14.0377 2804 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
21:03:14.0390 2804 Mup - ok
21:03:14.0424 2804 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
21:03:14.0440 2804 NativeWifiP - ok
21:03:14.0483 2804 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
21:03:14.0505 2804 NDIS - ok
21:03:14.0544 2804 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
21:03:14.0563 2804 NdisTapi - ok
21:03:14.0582 2804 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
21:03:14.0612 2804 Ndisuio - ok
21:03:14.0649 2804 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
21:03:14.0670 2804 NdisWan - ok
21:03:14.0692 2804 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
21:03:14.0711 2804 NDProxy - ok
21:03:14.0723 2804 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
21:03:14.0749 2804 NetBIOS - ok
21:03:14.0776 2804 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
21:03:14.0798 2804 netbt - ok
21:03:14.0826 2804 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
21:03:14.0835 2804 nfrd960 - ok
21:03:14.0871 2804 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
21:03:14.0891 2804 Npfs - ok
21:03:14.0911 2804 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
21:03:14.0940 2804 nsiproxy - ok
21:03:14.0990 2804 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
21:03:15.0025 2804 Ntfs - ok
21:03:15.0045 2804 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
21:03:15.0088 2804 ntrigdigi - ok
21:03:15.0098 2804 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
21:03:15.0124 2804 Null - ok
21:03:15.0166 2804 NVENETFD (adb84b1e6b837c45443aa25abe9e7012) C:\Windows\system32\DRIVERS\nvmfdx32.sys
21:03:15.0204 2804 NVENETFD - ok
21:03:15.0417 2804 nvlddmkm (712d98d35e68d0006b121f4a3b8ee814) C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:03:16.0128 2804 nvlddmkm - ok
21:03:16.0156 2804 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
21:03:16.0167 2804 nvraid - ok
21:03:16.0195 2804 nvrd32 (b8d6145d3eb05e9f81bade9b7afc2c80) C:\Windows\system32\drivers\nvrd32.sys
21:03:16.0204 2804 nvrd32 - ok
21:03:16.0227 2804 nvsmu (736054614ab962d4ec01ef4abce115f1) C:\Windows\system32\DRIVERS\nvsmu.sys
21:03:16.0238 2804 nvsmu - ok
21:03:16.0259 2804 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
21:03:16.0269 2804 nvstor - ok
21:03:16.0299 2804 nvstor32 (9d2bd672c0461185d6ea1ae8bd3ae3f4) C:\Windows\system32\drivers\nvstor32.sys
21:03:16.0307 2804 nvstor32 - ok
21:03:16.0334 2804 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
21:03:16.0345 2804 nv_agp - ok
21:03:16.0355 2804 NwlnkFlt - ok
21:03:16.0367 2804 NwlnkFwd - ok
21:03:16.0407 2804 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
21:03:16.0425 2804 ohci1394 - ok
21:03:16.0450 2804 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
21:03:16.0490 2804 Parport - ok
21:03:16.0526 2804 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
21:03:16.0537 2804 partmgr - ok
21:03:16.0559 2804 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
21:03:16.0601 2804 Parvdm - ok
21:03:16.0633 2804 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
21:03:16.0647 2804 pci - ok
21:03:16.0680 2804 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
21:03:16.0690 2804 pciide - ok
21:03:16.0713 2804 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
21:03:16.0724 2804 pcmcia - ok
21:03:16.0767 2804 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
21:03:16.0830 2804 PEAUTH - ok
21:03:16.0906 2804 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
21:03:16.0931 2804 PptpMiniport - ok
21:03:16.0947 2804 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
21:03:16.0975 2804 Processor - ok
21:03:17.0007 2804 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
21:03:17.0027 2804 PSched - ok
21:03:17.0060 2804 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys
21:03:17.0068 2804 PxHelp20 - ok
21:03:17.0114 2804 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
21:03:17.0167 2804 ql2300 - ok
21:03:17.0190 2804 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
21:03:17.0200 2804 ql40xx - ok
21:03:17.0223 2804 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
21:03:17.0236 2804 QWAVEdrv - ok
21:03:17.0251 2804 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
21:03:17.0276 2804 RasAcd - ok
21:03:17.0313 2804 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:03:17.0339 2804 Rasl2tp - ok
21:03:17.0381 2804 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
21:03:17.0402 2804 RasPppoe - ok
21:03:17.0437 2804 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
21:03:17.0451 2804 RasSstp - ok
21:03:17.0482 2804 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
21:03:17.0505 2804 rdbss - ok
21:03:17.0515 2804 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:03:17.0541 2804 RDPCDD - ok
21:03:17.0563 2804 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
21:03:17.0590 2804 rdpdr - ok
21:03:17.0601 2804 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
21:03:17.0627 2804 RDPENCDD - ok
21:03:17.0675 2804 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
21:03:17.0695 2804 RDPWD - ok
21:03:17.0744 2804 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
21:03:17.0767 2804 rspndr - ok
21:03:17.0804 2804 RxFilter (9235d02fabbd1deee6b7adb0a0a23300) C:\Windows\system32\DRIVERS\RxFilter.sys
21:03:17.0813 2804 RxFilter - ok
21:03:17.0848 2804 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
21:03:17.0857 2804 sbp2port - ok
21:03:17.0915 2804 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
21:03:17.0954 2804 secdrv - ok
21:03:18.0019 2804 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
21:03:18.0057 2804 Serenum - ok
21:03:18.0125 2804 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
21:03:18.0165 2804 Serial - ok
21:03:18.0228 2804 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
21:03:18.0273 2804 sermouse - ok
21:03:18.0304 2804 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
21:03:18.0325 2804 sffdisk - ok
21:03:18.0364 2804 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
21:03:18.0403 2804 sffp_mmc - ok
21:03:18.0445 2804 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
21:03:18.0469 2804 sffp_sd - ok
21:03:18.0514 2804 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
21:03:18.0557 2804 sfloppy - ok
21:03:18.0607 2804 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
21:03:18.0617 2804 sisagp - ok
21:03:18.0669 2804 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
21:03:18.0678 2804 SiSRaid2 - ok
21:03:18.0727 2804 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
21:03:18.0737 2804 SiSRaid4 - ok
21:03:18.0796 2804 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
21:03:18.0815 2804 Smb - ok
21:03:18.0845 2804 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
21:03:18.0855 2804 spldr - ok
21:03:18.0894 2804 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
21:03:18.0910 2804 srv - ok
21:03:18.0946 2804 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
21:03:18.0960 2804 srv2 - ok
21:03:18.0972 2804 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
21:03:18.0987 2804 srvnet - ok
21:03:19.0016 2804 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
21:03:19.0027 2804 ssmdrv - ok
21:03:19.0077 2804 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
21:03:19.0090 2804 swenum - ok
21:03:19.0128 2804 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
21:03:19.0139 2804 Symc8xx - ok
21:03:19.0165 2804 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
21:03:19.0174 2804 Sym_hi - ok
21:03:19.0198 2804 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
21:03:19.0208 2804 Sym_u3 - ok
21:03:19.0250 2804 taphss (0c3b2a9c4bd2dd9a6c2e4084314dd719) C:\Windows\system32\DRIVERS\taphss.sys
21:03:19.0258 2804 taphss - ok
21:03:19.0305 2804 Tcpip (2756186e287139310997090797e0182b) C:\Windows\system32\drivers\tcpip.sys
21:03:19.0336 2804 Tcpip - ok
21:03:19.0389 2804 Tcpip6 (2756186e287139310997090797e0182b) C:\Windows\system32\DRIVERS\tcpip.sys
21:03:19.0420 2804 Tcpip6 - ok
21:03:19.0480 2804 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
21:03:19.0494 2804 tcpipreg - ok
21:03:19.0521 2804 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
21:03:19.0564 2804 TDPIPE - ok
21:03:19.0595 2804 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
21:03:19.0620 2804 TDTCP - ok
21:03:19.0651 2804 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
21:03:19.0671 2804 tdx - ok
21:03:19.0702 2804 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
21:03:19.0714 2804 TermDD - ok
21:03:19.0755 2804 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:03:19.0780 2804 tssecsrv - ok
21:03:19.0798 2804 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
21:03:19.0812 2804 tunmp - ok
21:03:19.0841 2804 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
21:03:19.0854 2804 tunnel - ok
21:03:19.0873 2804 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
21:03:19.0884 2804 uagp35 - ok
21:03:19.0916 2804 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
21:03:19.0936 2804 udfs - ok
21:03:19.0978 2804 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
21:03:19.0987 2804 uliagpkx - ok
21:03:20.0019 2804 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
21:03:20.0032 2804 uliahci - ok
21:03:20.0062 2804 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
21:03:20.0071 2804 UlSata - ok
21:03:20.0103 2804 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
21:03:20.0112 2804 ulsata2 - ok
21:03:20.0124 2804 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
21:03:20.0149 2804 umbus - ok
21:03:20.0217 2804 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
21:03:20.0237 2804 usbaudio - ok
21:03:20.0264 2804 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
21:03:20.0289 2804 usbccgp - ok
21:03:20.0308 2804 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
21:03:20.0352 2804 usbcir - ok
21:03:20.0397 2804 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
21:03:20.0416 2804 usbehci - ok
21:03:20.0454 2804 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
21:03:20.0475 2804 usbhub - ok
21:03:20.0501 2804 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
21:03:20.0520 2804 usbohci - ok
21:03:20.0548 2804 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
21:03:20.0572 2804 usbprint - ok
21:03:20.0610 2804 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
21:03:20.0630 2804 usbscan - ok
21:03:20.0661 2804 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:03:20.0683 2804 USBSTOR - ok
21:03:20.0694 2804 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
21:03:20.0715 2804 usbuhci - ok
21:03:20.0750 2804 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
21:03:20.0775 2804 vga - ok
21:03:20.0800 2804 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
21:03:20.0826 2804 VgaSave - ok
21:03:20.0864 2804 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
21:03:20.0874 2804 viaagp - ok
21:03:20.0890 2804 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
21:03:20.0914 2804 ViaC7 - ok
21:03:20.0934 2804 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
21:03:20.0943 2804 viaide - ok
21:03:20.0978 2804 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
21:03:20.0987 2804 volmgr - ok
21:03:21.0021 2804 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
21:03:21.0035 2804 volmgrx - ok
21:03:21.0066 2804 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
21:03:21.0079 2804 volsnap - ok
21:03:21.0118 2804 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
21:03:21.0128 2804 vsmraid - ok
21:03:21.0169 2804 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
21:03:21.0221 2804 WacomPen - ok
21:03:21.0238 2804 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
21:03:21.0259 2804 Wanarp - ok
21:03:21.0272 2804 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
21:03:21.0292 2804 Wanarpv6 - ok
21:03:21.0320 2804 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
21:03:21.0330 2804 Wd - ok
21:03:21.0364 2804 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
21:03:21.0384 2804 Wdf01000 - ok
21:03:21.0542 2804 winusb (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\winusb.sys
21:03:21.0562 2804 winusb - ok
21:03:21.0580 2804 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
21:03:21.0601 2804 WmiAcpi - ok
21:03:21.0695 2804 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
21:03:21.0721 2804 WpdUsb - ok
21:03:21.0767 2804 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
21:03:21.0803 2804 ws2ifsl - ok
21:03:21.0863 2804 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
21:03:21.0877 2804 WudfPf - ok
21:03:21.0909 2804 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:03:21.0923 2804 WUDFRd - ok
21:03:21.0972 2804 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
21:03:22.0055 2804 \Device\Harddisk0\DR0 - ok
21:03:22.0513 2804 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk1\DR1
21:03:22.0564 2804 \Device\Harddisk1\DR1 - ok
21:03:22.0583 2804 Boot (0x1200) (23e2b1ae14f050890a65fbb4378e7859) \Device\Harddisk0\DR0\Partition0
21:03:22.0584 2804 \Device\Harddisk0\DR0\Partition0 - ok
21:03:22.0588 2804 Boot (0x1200) (706b89b6868885f300ca8fc5902ef18e) \Device\Harddisk1\DR1\Partition0
21:03:22.0588 2804 \Device\Harddisk1\DR1\Partition0 - ok
21:03:22.0591 2804 ============================================================
21:03:22.0591 2804 Scan finished
21:03:22.0591 2804 ============================================================
21:03:22.0604 0824 Detected object count: 2
21:03:22.0604 0824 Actual detected object count: 2
21:03:27.0255 0824 ElbyCDIO ( UnsignedFile.Multi.Generic ) - skipped by user
21:03:27.0255 0824 ElbyCDIO ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:03:27.0257 0824 ElbyDelay ( UnsignedFile.Multi.Generic ) - skipped by user
21:03:27.0257 0824 ElbyDelay ( UnsignedFile.Multi.Generic ) - User select action: Skip

Gruß
Dennis

29.09.2011, 19:31	#12
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	"Google Redirect Virus" - Wie wieder entfernen? Erstmal müsste man wissen was genau da gefunden wurde. __________________ Logfiles bitte immer in CODE-Tags posten

29.09.2011, 19:42	#14
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	"Google Redirect Virus" - Wie wieder entfernen? ElbyCDIO => hast du ConeDVD oder sowas wie AnyDVD drauf? Die ersten zwei Elby-Dinger kannste denkich mal lassen, den Rest entfernen lassen __________________ Logfiles bitte immer in CODE-Tags posten

"Google Redirect Virus" - Wie wieder entfernen?

Plagegeister aller Art und deren Bekämpfung: "Google Redirect Virus" - Wie wieder entfernen?