Jump to content

greatest

Members
  • Content Count

    60
  • Joined

  • Last visited

About greatest

  • Rank
    Candidate
  1. если я правильно понял вопрос: карантин записал файл под категорию ... UDS: DangerousObject.Multi.Generic
  2. Добрый день. Вчера касп нашёл файл G:\World_of_Tanks\res\gui\flash\fonts_jp-zk.swf и потребовал удалить, поскольку не подлежит лечению. Однако это оригинально к игре принадлежащий файл. Я еще не уверен, но ПОХОЖЕ это привело к задержкам работы самой игры. При этом я похоже не единственный случай ... (мог бы скинуть ссылку на форум от WoT, где другой пользователь жалуется на эту проблему). Мог бы кто разъяснить? Может касп немного агрессивно настроен?
  3. das ist doch schon ein Mal eine Aussage!!! Vielen Dank! Für jeden zusätzlichen / mehr erklärenderen ( ) Beitrag würde ich mich dennoch sehr freuen!!!
  4. Hallo zusammen. Ich habe zwei Videos entdeckt, die aktuell sind, und zu zeigen versuchen, daß neueste AV-Schutz-Software NICHT in der Lage ist gegen einen genannten Virus vorzugehen. Nun: mir fehlt die entsprechende Kenntnis in diesem Gebiet. Daher wollte ich als LANGJÄHRIGER (nun seit weit über 10 Jahren) Kaspersky-Nutzer HIER fragen: ist die Gefahr, die in den folgenden beiden Videos beschrieben wird echt? 1. 2. Dasselbe mit Kaspersky
  5. а может кто-нибудь помочь мне разобраться с LOG-файлом?
  6. hosts - приходилось самому настраивать SP - не установлен, поскольку необходимости пока не было
  7. ну так он же в архиве еще раз с подходящим именем ...
  8. Добрый день! я надеюсь мне смогут помочь. хотел сегодня посмотреть на одной из русских страниц новые обои для рабочего стола, и отркывая страницу (мне кажется) подхватил Troianer почему так думаю: работаю я с ФФ 24.0 с установленным NoScript при загрузке страницы, открылось дополнительно окно, с угрозой, что если не заплачу 100$, на меня в суд подадут. Ничего не думая, я просто выключил окно. После очередного запуска ФФ заметил, что полностью сбит NoScript. т.е. в дополнениях его даже нет. после перезагрузки компьютера ... вновь добавил NoScript - ФФ полностью работает проверил компьютер с помощью Касперским - ничего не нашел проверил компьютер с помощью Spybot - Search & Destroy (бесплатная версия) ничего не нашел проверил компьютер с помощью HiJackThis - ничего не нашел в ручную проверил автозагрузку ... все чисто ... а вот со следующей программкой не разбираюсь, и хотел попросить помощи у вас. Есть ли в протоколе что нибудь опасное? просто в опасные мы времена живем, и хотелось бы насколько возможно быть уверенным, что ничего не подхватил. код ниже, я думаю, содержит все необходимое о системе. Но может коротко дополнительно: Win7 x64 Ultimate KIS 13.0.1.4190 (i) а закладке, как полагается LOG от OTL logfile created on: 08.11.2013 18:41:12 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Papa\Desktop 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: *** | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 1,51 Gb Available Physical Memory | 37,65% Memory free 8,00 Gb Paging File | 4,97 Gb Available in Paging File | 62,14% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 75,00 Gb Total Space | 37,14 Gb Free Space | 49,53% Space Free | Partition Type: NTFS Drive D: | 50,00 Gb Total Space | 24,32 Gb Free Space | 48,65% Space Free | Partition Type: NTFS Drive F: | 450,00 Gb Total Space | 307,62 Gb Free Space | 68,36% Space Free | Partition Type: NTFS Drive G: | 406,51 Gb Total Space | 209,98 Gb Free Space | 51,66% Space Free | Partition Type: NTFS Drive H: | 50,00 Gb Total Space | 47,63 Gb Free Space | 95,26% Space Free | Partition Type: NTFS Drive I: | 730,00 Gb Total Space | 150,89 Gb Free Space | 20,67% Space Free | Partition Type: NTFS Drive J: | 101,51 Gb Total Space | 95,39 Gb Free Space | 93,97% Space Free | Partition Type: NTFS Drive M: | 297,99 Gb Total Space | 37,71 Gb Free Space | 12,65% Space Free | Partition Type: NTFS Drive N: | 298,09 Gb Total Space | 89,04 Gb Free Space | 29,87% Space Free | Partition Type: NTFS Drive O: | 687,65 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: *** | User Name: *** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 7 Days ========== Processes (SafeList) ========== PRC - [2013.11.08 15:13:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Papa\Desktop\OTL.exe PRC - [2013.10.31 11:35:46 | 000,070,880 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe PRC - [2013.10.21 18:05:19 | 000,274,840 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2013.10.15 06:37:09 | 001,862,536 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe PRC - [2013.10.10 12:31:15 | 000,356,128 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe PRC - [2013.10.07 13:43:40 | 028,698,984 | ---- | M] (ICQ) -- C:\Users\Papa\AppData\Roaming\ICQM\icq.exe PRC - [2013.05.29 11:34:28 | 000,449,248 | ---- | M] (Sony) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe PRC - [2013.05.16 09:59:00 | 003,830,224 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe PRC - [2013.05.16 09:56:34 | 001,033,688 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe PRC - [2013.05.16 09:56:30 | 001,817,560 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe PRC - [2013.05.15 12:21:32 | 000,171,928 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe PRC - [2013.01.07 23:35:59 | 000,389,168 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe PRC - [2012.08.17 21:38:34 | 000,128,440 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\klwtblfs.exe PRC - [2012.03.19 12:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe PRC - [2012.03.01 01:02:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2012.02.29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2012.01.12 14:52:57 | 000,296,232 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe PRC - [2012.01.12 14:52:55 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe PRC - [2012.01.12 14:52:55 | 000,075,048 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe PRC - [2012.01.12 13:58:47 | 000,371,256 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe PRC - [2012.01.02 03:21:22 | 000,501,544 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe PRC - [2011.12.09 18:23:30 | 001,596,032 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winamp.exe PRC - [2011.08.18 19:43:50 | 003,292,808 | ---- | M] (FinalWire Ltd.) -- C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.exe PRC - [2011.05.29 14:55:04 | 000,200,704 | ---- | M] () -- C:\Windows\SysWOW64\HsMgr.exe PRC - [2011.01.30 16:45:14 | 000,821,144 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe PRC - [2011.01.20 10:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe PRC - [2009.06.19 16:31:38 | 000,651,264 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) -- C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe PRC - [2009.04.08 18:49:30 | 000,344,064 | ---- | M] (AVerMedia) -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe PRC - [2008.12.10 01:01:50 | 000,405,504 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe PRC - [2008.06.11 01:34:02 | 000,159,744 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe PRC - [2007.09.02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe PRC - [2006.09.15 12:21:54 | 000,675,840 | ---- | M] (Sonix) -- C:\Windows\vsnp2std.exe ========== Modules (No Company Name) ========== MOD - [2013.11.08 16:48:01 | 000,162,304 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\winamp.lng MOD - [2013.11.08 16:48:01 | 000,153,600 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\vis_milk2.lng MOD - [2013.11.08 16:48:01 | 000,092,672 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\vis_avs.lng MOD - [2013.11.08 16:48:01 | 000,054,272 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\ml_local.lng MOD - [2013.11.08 16:48:01 | 000,048,640 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\ml_disc.lng MOD - [2013.11.08 16:48:01 | 000,047,104 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\ml_pmp.lng MOD - [2013.11.08 16:48:01 | 000,043,520 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\ombrowser.lng MOD - [2013.11.08 16:48:01 | 000,042,496 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\pmp_wifi.lng MOD - [2013.11.08 16:48:01 | 000,037,376 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\pmp_ipod.lng MOD - [2013.11.08 16:48:01 | 000,022,528 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\in_mp3.lng MOD - [2013.11.08 16:48:01 | 000,020,992 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\in_midi.lng MOD - [2013.11.08 16:48:01 | 000,020,480 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\in_mod.lng MOD - [2013.11.08 16:48:01 | 000,019,968 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\pmp_android.lng MOD - [2013.11.08 16:48:01 | 000,019,968 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\gen_win7shell.lng MOD - [2013.11.08 16:48:01 | 000,017,408 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\out_ds.lng MOD - [2013.11.08 16:48:01 | 000,014,848 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\in_wm.lng MOD - [2013.11.08 16:48:01 | 000,014,336 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\pmp_usb.lng MOD - [2013.11.08 16:48:01 | 000,014,336 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\ml_wire.lng MOD - [2013.11.08 16:48:01 | 000,013,824 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\ml_online.lng MOD - [2013.11.08 16:48:01 | 000,013,824 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\in_cdda.lng MOD - [2013.11.08 16:48:01 | 000,012,800 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\ml_plg.lng MOD - [2013.11.08 16:48:01 | 000,012,800 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\ml_playlists.lng MOD - [2013.11.08 16:48:01 | 000,011,776 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\in_nsv.lng MOD - [2013.11.08 16:48:01 | 000,011,264 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\in_vorbis.lng MOD - [2013.11.08 16:48:01 | 000,011,264 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\gen_skinmanager.lng MOD - [2013.11.08 16:48:01 | 000,010,752 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\gen_undo.lng MOD - [2013.11.08 16:48:01 | 000,010,752 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\gen_timerestore.lng MOD - [2013.11.08 16:48:01 | 000,009,216 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\ml_history.lng MOD - [2013.11.08 16:48:01 | 000,009,216 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\ml_downloads.lng MOD - [2013.11.08 16:48:01 | 000,009,216 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\gen_nopro.lng MOD - [2013.11.08 16:48:01 | 000,008,704 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\gen_tray.lng MOD - [2013.11.08 16:48:01 | 000,008,192 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\ml_transcode.lng MOD - [2013.11.08 16:48:01 | 000,008,192 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\ml_devices.lng MOD - [2013.11.08 16:48:01 | 000,007,680 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\vis_nsfs.lng MOD - [2013.11.08 16:48:01 | 000,007,680 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\out_wave.lng MOD - [2013.11.08 16:48:01 | 000,007,168 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\ml_autotag.lng MOD - [2013.11.08 16:48:01 | 000,007,168 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\in_dshow.lng MOD - [2013.11.08 16:48:01 | 000,007,168 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\gen_orgler.lng MOD - [2013.11.08 16:48:01 | 000,006,144 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\tagz.lng MOD - [2013.11.08 16:48:01 | 000,006,144 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\out_disk.lng MOD - [2013.11.08 16:48:01 | 000,006,144 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\in_wav.lng MOD - [2013.11.08 16:48:01 | 000,006,144 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\in_flac.lng MOD - [2013.11.08 16:48:01 | 000,005,632 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\in_wave.lng MOD - [2013.11.08 16:48:01 | 000,005,120 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\ml_rg.lng MOD - [2013.11.08 16:48:01 | 000,005,120 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\ml_impex.lng MOD - [2013.11.08 16:48:01 | 000,005,120 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\ml_bookmarks.lng MOD - [2013.11.08 16:48:01 | 000,005,120 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\in_avi.lng MOD - [2013.11.08 16:48:01 | 000,004,608 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\pmp_activesync.lng MOD - [2013.11.08 16:48:01 | 000,004,608 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\ml_enqplay.lng MOD - [2013.11.08 16:48:01 | 000,004,608 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\in_wv.lng MOD - [2013.11.08 16:48:01 | 000,004,608 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\in_mp4.lng MOD - [2013.11.08 16:48:01 | 000,004,608 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\in_mkv.lng MOD - [2013.11.08 16:48:01 | 000,004,096 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\winampa.lng MOD - [2013.11.08 16:48:01 | 000,004,096 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\pmp_p4s.lng MOD - [2013.11.08 16:48:01 | 000,003,584 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\pmp_njb.lng MOD - [2013.11.08 16:48:01 | 000,003,584 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\playlist.lng MOD - [2013.11.08 16:48:01 | 000,003,584 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\ml_orb.lng MOD - [2013.11.08 16:48:01 | 000,003,584 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\ml_nowplaying.lng MOD - [2013.11.08 16:48:01 | 000,003,584 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\ml_addons.lng MOD - [2013.11.08 16:48:01 | 000,003,584 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\in_swf.lng MOD - [2013.11.08 16:48:01 | 000,003,584 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\in_linein.lng MOD - [2013.11.08 16:48:01 | 000,003,584 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\in_flv.lng MOD - [2013.11.08 16:48:00 | 000,066,560 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\burnlib.lng MOD - [2013.11.08 16:48:00 | 000,040,960 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\gen_jumpex.lng MOD - [2013.11.08 16:48:00 | 000,022,528 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\gen_ff.lng MOD - [2013.11.08 16:48:00 | 000,020,480 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\gen_ml.lng MOD - [2013.11.08 16:48:00 | 000,013,824 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\dsp_sps.lng MOD - [2013.11.08 16:48:00 | 000,011,264 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\gen_hotkeys.lng MOD - [2013.11.08 16:48:00 | 000,011,264 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\auth.lng MOD - [2013.11.08 16:48:00 | 000,010,240 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\gen_classicart.lng MOD - [2013.11.08 16:48:00 | 000,007,680 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\gen_crasher.lng MOD - [2013.11.08 16:48:00 | 000,006,656 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\enc_wma.lng MOD - [2013.11.08 16:48:00 | 000,006,656 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\enc_fhgaac.lng MOD - [2013.11.08 16:48:00 | 000,006,144 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\enc_lame.lng MOD - [2013.11.08 16:48:00 | 000,004,096 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\gen_find_on_disk.lng MOD - [2013.11.08 16:48:00 | 000,004,096 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\enc_wav.lng MOD - [2013.11.08 16:48:00 | 000,004,096 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\enc_vorbis.lng MOD - [2013.11.08 16:48:00 | 000,004,096 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\enc_flake.lng MOD - [2013.11.08 16:48:00 | 000,004,096 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\enc_flac.lng MOD - [2013.10.31 11:35:46 | 000,070,880 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe MOD - [2013.10.21 18:05:18 | 003,279,768 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2013.10.15 06:37:09 | 016,233,864 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll MOD - [2013.10.07 13:43:40 | 000,851,456 | ---- | M] () -- C:\Users\Papa\AppData\Roaming\ICQM\ICQ\dll\YLUSBTEL.dll MOD - [2013.09.13 10:02:30 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll MOD - [2013.05.16 09:55:28 | 000,161,112 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl MOD - [2013.05.16 09:55:26 | 000,113,496 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl MOD - [2013.05.16 09:55:24 | 000,416,600 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl MOD - [2013.01.07 23:35:42 | 000,022,576 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\nsldappr32v60.dll MOD - [2013.01.07 23:35:41 | 000,158,256 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\nsldap32v60.dll MOD - [2013.01.07 23:35:37 | 002,242,096 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll MOD - [2012.08.17 21:40:16 | 000,068,024 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\QtWebKit\qmlwebkitplugin4.dll MOD - [2012.08.17 21:38:56 | 000,479,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll MOD - [2012.06.05 00:31:40 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\xml.w5s MOD - [2012.06.05 00:31:40 | 000,083,968 | ---- | M] () -- C:\Program Files (x86)\Winamp\tataki.dll MOD - [2012.06.05 00:31:40 | 000,047,616 | ---- | M] () -- C:\Program Files (x86)\Winamp\zlib.dll MOD - [2012.06.05 00:31:39 | 000,623,616 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\jnetlib.w5s MOD - [2012.06.05 00:31:39 | 000,174,080 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\auth.w5s MOD - [2012.06.05 00:31:39 | 000,170,496 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_ipod.dll MOD - [2012.06.05 00:31:39 | 000,154,624 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\jpeg.w5s MOD - [2012.06.05 00:31:39 | 000,118,272 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_p4s.dll MOD - [2012.06.05 00:31:39 | 000,113,664 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_wifi.dll MOD - [2012.06.05 00:31:39 | 000,103,936 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\png.w5s MOD - [2012.06.05 00:31:39 | 000,084,480 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\playlist.w5s MOD - [2012.06.05 00:31:39 | 000,053,760 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_usb.dll MOD - [2012.06.05 00:31:39 | 000,044,544 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\devices.w5s MOD - [2012.06.05 00:31:39 | 000,035,328 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\timer.w5s MOD - [2012.06.05 00:31:39 | 000,023,040 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\albumart.w5s MOD - [2012.06.05 00:31:39 | 000,021,504 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\tagz.w5s MOD - [2012.06.05 00:31:39 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_njb.dll MOD - [2012.06.05 00:31:39 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\gif.w5s MOD - [2012.06.05 00:31:39 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\bmp.w5s MOD - [2012.06.05 00:31:39 | 000,016,896 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\dlmgr.w5s MOD - [2012.06.05 00:31:39 | 000,016,384 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\gracenote.w5s MOD - [2012.06.05 00:31:39 | 000,014,336 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\filereader.w5s MOD - [2012.06.05 00:31:39 | 000,013,824 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\primo.w5s MOD - [2012.06.05 00:31:38 | 000,313,344 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_wm.dll MOD - [2012.06.05 00:31:38 | 000,294,400 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_local.dll MOD - [2012.06.05 00:31:38 | 000,290,304 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mp3.dll MOD - [2012.06.05 00:31:38 | 000,253,440 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_vorbis.dll MOD - [2012.06.05 00:31:38 | 000,249,856 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_devices.dll MOD - [2012.06.05 00:31:38 | 000,241,152 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_pmp.dll MOD - [2012.06.05 00:31:38 | 000,200,192 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_disc.dll MOD - [2012.06.05 00:31:38 | 000,124,928 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_online.dll MOD - [2012.06.05 00:31:38 | 000,083,456 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_plg.dll MOD - [2012.06.05 00:31:38 | 000,082,944 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_playlists.dll MOD - [2012.06.05 00:31:38 | 000,075,264 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_nsv.dll MOD - [2012.06.05 00:31:38 | 000,060,928 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_android.dll MOD - [2012.06.05 00:31:38 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_impex.dll MOD - [2012.06.05 00:31:38 | 000,052,736 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mp4.dll MOD - [2012.06.05 00:31:38 | 000,052,224 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\out_ds.dll MOD - [2012.06.05 00:31:38 | 000,052,224 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_history.dll MOD - [2012.06.05 00:31:38 | 000,033,792 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_rg.dll MOD - [2012.06.05 00:31:38 | 000,032,256 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_transcode.dll MOD - [2012.06.05 00:31:38 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_autotag.dll MOD - [2012.06.05 00:31:38 | 000,028,160 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_bookmarks.dll MOD - [2012.06.05 00:31:38 | 000,023,552 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_swf.dll MOD - [2012.06.05 00:31:38 | 000,022,528 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\out_disk.dll MOD - [2012.06.05 00:31:38 | 000,018,432 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\out_wave.dll MOD - [2012.06.05 00:31:38 | 000,016,896 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_wave.dll MOD - [2012.06.05 00:31:37 | 001,737,728 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_ff.dll MOD - [2012.06.05 00:31:37 | 000,417,280 | ---- | M] () -- C:\Program Files (x86)\Winamp\nsutil.dll MOD - [2012.06.05 00:31:37 | 000,340,992 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\freeform\wacs\freetype\freetype.wac MOD - [2012.06.05 00:31:37 | 000,318,464 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_ml.dll MOD - [2012.06.05 00:31:37 | 000,185,344 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_jumpex.dll MOD - [2012.06.05 00:31:37 | 000,165,376 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mod.dll MOD - [2012.06.05 00:31:37 | 000,109,568 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_midi.dll MOD - [2012.06.05 00:31:37 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_cdda.dll MOD - [2012.06.05 00:31:37 | 000,078,848 | ---- | M] () -- C:\Program Files (x86)\Winamp\nde.dll MOD - [2012.06.05 00:31:37 | 000,072,192 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_dshow.dll MOD - [2012.06.05 00:31:37 | 000,068,608 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_avi.dll MOD - [2012.06.05 00:31:37 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_flac.dll MOD - [2012.06.05 00:31:37 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_orgler.dll MOD - [2012.06.05 00:31:37 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mkv.dll MOD - [2012.06.05 00:31:37 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_flv.dll MOD - [2012.06.05 00:31:37 | 000,027,648 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_hotkeys.dll MOD - [2012.06.05 00:31:37 | 000,025,600 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_tray.dll MOD - [2012.06.05 00:31:37 | 000,007,168 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_linein.dll MOD - [2012.06.05 00:31:36 | 000,253,440 | ---- | M] () -- C:\Program Files (x86)\Winamp\libsndfile.dll MOD - [2012.04.30 10:57:42 | 000,039,936 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll MOD - [2012.02.29 13:26:28 | 000,360,768 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll MOD - [2012.01.12 13:55:29 | 000,075,048 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PowerDVD12\subsys\DLNA\DMS\_PyDMSCtrl.pyd MOD - [2012.01.02 03:21:17 | 000,374,056 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\CLNetMediaDMA.dll MOD - [2011.08.24 03:39:11 | 000,655,360 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PowerDVD12\Common\Koan\_ssl.pyd MOD - [2011.08.24 03:39:11 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PowerDVD12\Common\Koan\_ctypes.pyd MOD - [2011.08.24 03:39:11 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PowerDVD12\Common\Koan\_socket.pyd MOD - [2011.08.18 19:43:50 | 000,274,552 | ---- | M] () -- C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\aida_icons7.dll MOD - [2011.05.29 14:55:04 | 000,200,704 | ---- | M] () -- C:\Windows\SysWOW64\HsMgr.exe MOD - [2011.01.30 16:47:24 | 000,019,968 | ---- | M] () -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\AcroTray.DEU MOD - [2008.06.11 01:34:02 | 000,159,744 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe MOD - [2007.09.02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe MOD - [2007.09.02 12:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll ========== Services (SafeList) ========== SRV:64bit: - [2011.09.27 20:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2013.10.21 18:05:18 | 000,118,680 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.10.10 12:31:15 | 000,356,128 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe -- (AVP) SRV - [2013.02.04 17:43:22 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion) SRV - [2012.12.01 17:39:43 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2012.03.19 12:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7) SRV - [2012.03.01 01:02:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012.02.29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2012.01.12 14:52:57 | 000,296,232 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe -- (CyberLink PowerDVD 12 Media Server Service) SRV - [2012.01.12 14:52:55 | 000,087,336 | ---- | M] (CyberLink Corp.) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe -- (CLHNServiceForPowerDVD12) SRV - [2012.01.12 14:52:55 | 000,075,048 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe -- (CyberLink PowerDVD 12 Media Server Monitor Service) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.07.14 02:16:20 | 000,010,752 | ---- | M] (Корпорация Майкрософт) [On_Demand | Stopped] -- C:\Windows\SysWOW64\wpcsvc.dll -- (WPCSvc) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.04.08 18:49:30 | 000,344,064 | ---- | M] (AVerMedia) [Auto | Running] -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe -- (AVerRemote) SRV - [2008.12.10 01:01:50 | 000,405,504 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe -- (AVerScheduleService) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013.11.02 12:36:53 | 000,031,136 | ---- | M] (REALiX) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\HWiNFO64A.SYS -- (HWiNFO32) DRV:64bit: - [2013.10.10 12:32:13 | 000,626,272 | ---- | M] (Kaspersky Lab ZAO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF) DRV:64bit: - [2013.10.10 12:32:13 | 000,029,280 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt) DRV:64bit: - [2013.10.10 12:32:13 | 000,029,280 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klkbdflt.sys -- (klkbdflt) DRV:64bit: - [2013.10.10 12:32:11 | 007,717,984 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1) DRV:64bit: - [2013.08.08 22:43:54 | 000,054,368 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kltdi.sys -- (kltdi) DRV:64bit: - [2013.05.30 21:41:31 | 000,178,448 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kneps.sys -- (kneps) DRV:64bit: - [2013.01.17 20:15:12 | 000,066,800 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys -- (LGSHidFilt) DRV:64bit: - [2012.08.02 15:09:34 | 000,028,504 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6) DRV:64bit: - [2012.01.17 13:45:56 | 000,188,224 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2011.12.16 16:53:01 | 000,035,112 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\teamviewervpn.sys -- (teamviewervpn) DRV:64bit: - [2011.09.02 07:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt) DRV:64bit: - [2011.09.02 07:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt) DRV:64bit: - [2011.05.31 21:22:38 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum) DRV:64bit: - [2011.05.31 21:22:38 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid) DRV:64bit: - [2011.05.29 20:45:00 | 000,513,080 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:64bit: - [2011.05.29 14:55:04 | 001,029,120 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cmudax3.sys -- (cmuda3) DRV:64bit: - [2009.08.24 16:49:18 | 001,422,464 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVerA706_x64.sys -- (AVerA706_x64) DRV:64bit: - [2009.07.14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2009.07.14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009.07.14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 01:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:64bit: - [2009.06.10 21:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2008.01.09 10:28:20 | 000,034,032 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\seehcri.sys -- (seehcri) DRV:64bit: - [2007.04.23 15:54:40 | 000,126,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115mgmt.sys -- (s115mgmt) DRV:64bit: - [2007.04.23 15:54:40 | 000,123,656 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115obex.sys -- (s115obex) DRV:64bit: - [2007.04.23 15:54:38 | 000,144,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115mdm.sys -- (s115mdm) DRV:64bit: - [2007.04.23 15:54:36 | 000,019,720 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115mdfl.sys -- (s115mdfl) DRV:64bit: - [2007.04.23 15:54:32 | 000,108,296 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115bus.sys -- (s115bus) DRV:64bit: - [2007.04.02 06:44:38 | 000,026,624 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVerEth64.sys -- (AVerEth) DRV:64bit: - [2006.11.16 09:51:12 | 012,297,344 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\snp2sxp.sys -- (SNP2STD) DRV - [2012.01.11 21:57:42 | 000,146,928 | ---- | M] (CyberLink Corp.) [2012/06/05 00:36:40] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter00.fcl -- ({329F96B6-DF1E-4328-BFDA-39EA953C1312}) DRV - [2011.10.27 07:18:45 | 000,082,928 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys -- (ntk_PowerDVD12) DRV - [2011.08.18 19:43:50 | 000,027,808 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 -- (AIDA64Driver) DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1021228379-1736376582-3003093817-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-1021228379-1736376582-3003093817-1000\..\SearchScopes,DefaultScope = {0AA5A4A0-BACD-4920-BCA3-02AA85F716C9} IE - HKU\S-1-5-21-1021228379-1736376582-3003093817-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}...amp;FORM=IE8SRC IE - HKU\S-1-5-21-1021228379-1736376582-3003093817-1000\..\SearchScopes\{0AA5A4A0-BACD-4920-BCA3-02AA85F716C9}: "URL" = http://de.search.yahoo.com/search?fr=chr-g...p={searchTerms} IE - HKU\S-1-5-21-1021228379-1736376582-3003093817-1000\..\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}: "URL" = http://go.mail.ru/search?utf8in=1&fr=i...q={SearchTerms} IE - HKU\S-1-5-21-1021228379-1736376582-3003093817-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1021228379-1736376582-3003093817-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\S-1-5-21-1021228379-1736376582-3003093817-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = localhost:21320 ========== FireFox ========== FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=888596" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "about:blank" FF - prefs.js..extensions.enabledAddons: %7Bfe2f73c1-36c3-4537-8c86-a8f660163e7c%7D:0.1.12 FF - prefs.js..extensions.enabledAddons: fmconverter%40gmail.com:1.0.0 FF - prefs.js..extensions.enabledAddons: %7Bef4e370e-d9f0-4e00-b93e-a4f274cfdd5a%7D:1.4.9 FF - prefs.js..extensions.enabledAddons: %7BDDC359D1-844A-42a7-9AA1-88A850A938A8%7D:2.0.16 FF - prefs.js..extensions.enabledAddons: suncult%40sf.net:1.3.20120620 FF - prefs.js..extensions.enabledAddons: %7B0538E3E3-7E9B-4d49-8831-A227C80A7AD3%7D:2.2.2 FF - prefs.js..extensions.enabledAddons: %7B3e0e7d2a-070f-4a47-b019-91fe5385ba79%7D:3.5.9 FF - prefs.js..extensions.enabledAddons: SkipScreen%40SkipScreen:0.7.2 FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.5.2 FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.21 FF - prefs.js..extensions.enabledAddons: anti_banner%40kaspersky.com:13.0.1.4359 FF - prefs.js..extensions.enabledAddons: online_banking%40kaspersky.com:13.0.1.4359 FF - prefs.js..extensions.enabledAddons: url_advisor%40kaspersky.com:13.0.1.4359 FF - prefs.js..extensions.enabledAddons: content_blocker%40kaspersky.com:13.0.1.4359 FF - prefs.js..extensions.enabledAddons: virtual_keyboard%40kaspersky.com:13.0.1.4359 FF - prefs.js..extensions.enabledAddons: %7Bbee6eb20-01e0-ebd1-da83-080329fb9a3a%7D:1.42 FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.8.5 FF - prefs.js..extensions.enabledAddons: %7Be001c731-5e37-4538-a5cb-8168736a2360%7D:0.9.9.119 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0 FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:11.0.2.556 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.5 FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.12.2.44026 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.4 FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.2 FF - prefs.js..extensions.enabledItems: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:2.0.2 FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.1 FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.2 FF - prefs.js..extensions.enabledItems: {64161300-e22b-11db-8314-0800200c9a66}:0.9.5.8 FF - prefs.js..extensions.enabledItems: de-DE-alt-2@dictionaries.addons.mozilla.org:0.2 FF - prefs.js..extensions.enabledItems: ru@dictionaries.addons.mozilla.org:0.4.4 FF - prefs.js..extensions.enabledItems: KavAntiBanner@Kaspersky.ru:11.0.2.556 FF - prefs.js..keyword.URL: "http://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=888596&p=" FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012.06.04 23:07:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013.10.10 12:32:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013.10.10 12:32:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013.10.10 12:32:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013.10.10 12:32:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013.10.10 12:32:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmconverter@gmail.com: C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2012.12.01 17:48:57 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.10.21 18:05:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.05.30 21:27:52 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2012.06.05 00:01:48 | 000,000,000 | ---D | M] [2011.05.29 20:22:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Papa\AppData\Roaming\mozilla\Extensions [2011.05.29 20:22:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Papa\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2013.11.08 16:57:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Papa\AppData\Roaming\mozilla\Firefox\Profiles\25ipns6n.default\extensions [2011.05.31 19:13:48 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Users\Papa\AppData\Roaming\mozilla\Firefox\Profiles\25ipns6n.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2013.05.30 21:29:03 | 000,000,000 | ---D | M] (AddThis) -- C:\Users\Papa\AppData\Roaming\mozilla\Firefox\Profiles\25ipns6n.default\extensions\{3e0e7d2a-070f-4a47-b019-91fe5385ba79} [2013.08.28 09:50:44 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Papa\AppData\Roaming\mozilla\Firefox\Profiles\25ipns6n.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013.10.28 13:31:02 | 000,000,000 | ---D | M] (Flash and Video Download) -- C:\Users\Papa\AppData\Roaming\mozilla\Firefox\Profiles\25ipns6n.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2013.11.08 16:57:49 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Users\Papa\AppData\Roaming\mozilla\Firefox\Profiles\25ipns6n.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2012.12.01 17:14:35 | 000,000,000 | ---D | M] (German Dictionary (de-DE), classical spelling standards) -- C:\Users\Papa\AppData\Roaming\mozilla\Firefox\Profiles\25ipns6n.default\extensions\alterechtschreibung@googlemail.com [2013.10.22 18:57:09 | 000,000,000 | ---D | M] (British English Dictionary (Updated)) -- C:\Users\Papa\AppData\Roaming\mozilla\Firefox\Profiles\25ipns6n.default\extensions\en-gb@flyingtophat.co.uk [2013.08.08 22:17:08 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Papa\AppData\Roaming\mozilla\Firefox\Profiles\25ipns6n.default\extensions\ich@maltegoetz.de [2013.08.08 22:17:08 | 000,000,000 | ---D | M] (Russian spellchecking dictionary) -- C:\Users\Papa\AppData\Roaming\mozilla\Firefox\Profiles\25ipns6n.default\extensions\ru@dictionaries.addons.mozilla.org [2012.06.04 22:29:48 | 000,000,000 | ---D | M] ("Sun Cult") -- C:\Users\Papa\AppData\Roaming\mozilla\Firefox\Profiles\25ipns6n.default\extensions\suncult@sf.net [2013.05.01 10:50:03 | 000,301,821 | ---- | M] () (No name found) -- C:\Users\Papa\AppData\Roaming\mozilla\firefox\profiles\25ipns6n.default\extensions\compatibility@addons.mozilla.org.xpi [2013.10.22 18:57:21 | 002,209,433 | ---- | M] () (No name found) -- C:\Users\Papa\AppData\Roaming\mozilla\firefox\profiles\25ipns6n.default\extensions\firebug@software.joehewitt.com.xpi [2013.08.08 22:17:08 | 000,071,038 | ---- | M] () (No name found) -- C:\Users\Papa\AppData\Roaming\mozilla\firefox\profiles\25ipns6n.default\extensions\SkipScreen@SkipScreen.xpi [2013.11.08 15:55:57 | 000,534,744 | ---- | M] () (No name found) -- C:\Users\Papa\AppData\Roaming\mozilla\firefox\profiles\25ipns6n.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013.04.05 09:55:50 | 000,714,654 | ---- | M] () (No name found) -- C:\Users\Papa\AppData\Roaming\mozilla\firefox\profiles\25ipns6n.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013.02.20 10:22:21 | 000,685,671 | ---- | M] () (No name found) -- C:\Users\Papa\AppData\Roaming\mozilla\firefox\profiles\25ipns6n.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}.xpi [2012.02.03 11:52:15 | 000,014,854 | ---- | M] () (No name found) -- C:\Users\Papa\AppData\Roaming\mozilla\firefox\profiles\25ipns6n.default\extensions\{fe2f73c1-36c3-4537-8c86-a8f660163e7c}.xpi [2012.06.05 10:55:36 | 000,002,385 | ---- | M] () -- C:\Users\Papa\AppData\Roaming\mozilla\firefox\profiles\25ipns6n.default\searchplugins\enzyklo-de.xml [2012.06.11 13:31:14 | 000,000,912 | ---- | M] () -- C:\Users\Papa\AppData\Roaming\mozilla\firefox\profiles\25ipns6n.default\searchplugins\gramotaru.xml [2012.06.05 00:17:32 | 000,002,830 | ---- | M] () -- C:\Users\Papa\AppData\Roaming\mozilla\firefox\profiles\25ipns6n.default\searchplugins\torrent-freedom-rus.xml [2012.06.05 00:17:32 | 000,002,684 | ---- | M] () -- C:\Users\Papa\AppData\Roaming\mozilla\firefox\profiles\25ipns6n.default\searchplugins\yekvn2fr.xml [2013.10.21 18:05:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2013.10.21 18:05:15 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak [2013.10.21 18:05:15 | 000,000,000 | ---D | M] (Modul zur Link-Untersuchung) -- C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak [2013.10.21 18:05:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions [2013.10.21 18:05:19 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2012.12.01 17:48:57 | 000,000,000 | ---D | M] (Freemake Video Converter Plugin) -- C:\PROGRAM FILES (X86)\FREEMAKE\FREEMAKE VIDEO CONVERTER\BROWSERPLUGIN\FIREFOX [2013.10.10 12:32:15 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2013\FFEXT\ANTI_BANNER@KASPERSKY.COM [2013.10.10 12:32:15 | 000,000,000 | ---D | M] (Content Blocker) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2013\FFEXT\CONTENT_BLOCKER@KASPERSKY.COM [2013.10.10 12:32:15 | 000,000,000 | ---D | M] (Safe Money) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2013\FFEXT\ONLINE_BANKING@KASPERSKY.COM [2013.10.10 12:32:15 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2013\FFEXT\URL_ADVISOR@KASPERSKY.COM [2013.10.10 12:32:15 | 000,000,000 | ---D | M] (Virtual Keyboard) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2013\FFEXT\VIRTUAL_KEYBOARD@KASPERSKY.COM [2011.12.09 18:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll O1 HOSTS File: ([2012.06.04 23:03:57 | 000,002,387 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 practivate.adobe.com O1 - Hosts: 127.0.0.1 adobeereg.com O1 - Hosts: 127.0.0.1 www.adobeereg.com O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 activate-sea.adobe.com O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com O1 - Hosts: 127.0.0.1 192.150.18.108 O1 - Hosts: 127.0.0.1 activate.adobe.com:443 O1 - Hosts: 127.0.0.1 3dns.adobe.com O1 - Hosts: 127.0.0.1 3dns-1.adobe.com O1 - Hosts: 127.0.0.1 3dns-2.adobe.com O1 - Hosts: 127.0.0.1 3dns-3.adobe.com O1 - Hosts: 127.0.0.1 3dns-4.adobe.com O1 - Hosts: 127.0.0.1 adobeereg.com O1 - Hosts: 127.0.0.1 www.adobeereg.com O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 activate-sea.adobe.com O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com O1 - Hosts: 127.0.0.1 192.150.18.108 O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-1.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com O1 - Hosts: 26 more lines... O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKU\S-1-5-21-1021228379-1736376582-3003093817-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [Cmaudio8768GX] C:\Windows\syswow64\HsMgr.exe () O4:64bit: - HKLM..\Run: [Cmaudio8768GX64] C:\Windows\system\HsMgr64.exe () O4:64bit: - HKLM..\Run: [CmPCIaudio] C:\Windows\Syswow64\CMICNFG3.dll (C-Media Corporation) O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.) O4:64bit: - HKLM..\Run: [snp2std] C:\Windows\vsnp2std.exe (Sonix) O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO) O4 - HKLM..\Run: [PowerDVD12Agent] C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe (CyberLink Corp.) O4 - HKLM..\Run: [PowerDVD12DMREngine] C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe (CyberLink) O4 - HKLM..\Run: [sDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.) O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1021228379-1736376582-3003093817-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-1021228379-1736376582-3003093817-1000..\Run: [icq] C:\Users\Papa\AppData\Roaming\ICQM\icq.exe (ICQ) O4 - HKU\S-1-5-21-1021228379-1736376582-3003093817-1000..\Run: [sony PC Companion] C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (Sony) O4 - HKU\S-1-5-21-1021228379-1736376582-3003093817-1003..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-21-1021228379-1736376582-3003093817-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\Papa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O8:64bit: - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Добавить в Анти-Баннер - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm () O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Добавить в Анти-Баннер - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm () O9:64bit: - Extra Button: Виртуальная клавиатура - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O9:64bit: - Extra Button: Проверка ссылок - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: Виртуальная клавиатура - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O9 - Extra Button: Проверка ссылок - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O10 - NameSpace_Catalog5\Catalog_Entries00000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.12.1 193.174.75.142 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3E7A3901-1CF8-4690-B221-F39A784DE8E9}: DhcpNameServer = 192.168.12.1 193.174.75.142 O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaippx00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found O18 - Protocol\Handler\msdaippx00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18:64bit: - Protocol\Filter\text/xml - No CLSID value found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [1999.08.31 04:52:00 | 000,598,016 | R--- | M] (MAX DESIGN) - O:\Autorun.exe -- [ CDFS ] O32 - AutoRun File - [1999.08.31 04:52:00 | 000,000,766 | R--- | M] () - O:\Autorun.ico -- [ CDFS ] O32 - AutoRun File - [2001.09.06 00:04:00 | 000,000,283 | R--- | M] () - O:\Autorun.inf -- [ CDFS ] O33 - MountPoints2\{a706db36-89f3-11e0-a16f-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{a706db36-89f3-11e0-a16f-806e6f6e6963}\Shell\Acrobat\command - "" = O:\.\ar500deu.exe -- [2001.09.06 00:04:00 | 009,124,984 | R--- | M] () O33 - MountPoints2\{a706db36-89f3-11e0-a16f-806e6f6e6963}\Shell\AutoRun\command - "" = O:\Autorun.exe -- [1999.08.31 04:52:00 | 000,598,016 | R--- | M] (MAX DESIGN) O33 - MountPoints2\{a706db36-89f3-11e0-a16f-806e6f6e6963}\Shell\DirectX\command - "" = O:\.\DirectX\dxsetup.exe -- [2001.10.16 11:24:46 | 000,140,288 | R--- | M] () O33 - MountPoints2\{a706db36-89f3-11e0-a16f-806e6f6e6963}\Shell\Setup\command - "" = O:\.\Setup.exe -- [2002.12.02 14:33:00 | 000,107,512 | R--- | M] () O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 7 Days ========== [2013.11.08 16:57:55 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Roaming\QuickScan [2013.11.08 15:13:07 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Papa\Desktop\OTL.exe [2013.11.02 12:36:53 | 000,031,136 | ---- | C] (REALiX) -- C:\Windows\SysNative\drivers\HWiNFO64A.SYS [2013.11.02 12:35:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64 [2013.11.02 12:35:12 | 000,000,000 | ---D | C] -- C:\Program Files\HWiNFO64 ========== Files - Modified Within 7 Days ========== [2013.11.08 15:56:27 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.11.08 15:56:27 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.11.08 15:55:05 | 002,341,106 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.11.08 15:55:05 | 000,686,050 | ---- | M] () -- C:\Windows\SysNative\perfh019.dat [2013.11.08 15:55:05 | 000,660,696 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.11.08 15:55:05 | 000,622,578 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.11.08 15:55:05 | 000,134,902 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.11.08 15:55:05 | 000,132,776 | ---- | M] () -- C:\Windows\SysNative\perfc019.dat [2013.11.08 15:55:05 | 000,111,292 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.11.08 15:48:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.11.08 15:48:20 | 3220,578,304 | -HS- | M] () -- C:\hiberfil.sys [2013.11.08 15:13:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Papa\Desktop\OTL.exe [2013.11.02 12:36:53 | 000,031,136 | ---- | M] (REALiX) -- C:\Windows\SysNative\drivers\HWiNFO64A.SYS ========== Files Created - No Company Name ========== [2013.09.01 22:46:51 | 000,000,064 | ---- | C] () -- C:\Windows\AVerText.ini [2013.03.16 04:49:24 | 000,038,736 | ---- | C] () -- C:\Windows\SysWow64\dischandler.exe [2013.03.13 20:39:34 | 003,915,776 | ---- | C] () -- C:\Windows\SysWow64\ffmpeg.dll [2013.03.13 20:38:34 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2013.03.13 20:35:56 | 000,271,360 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll [2013.03.13 20:35:38 | 000,157,184 | ---- | C] () -- C:\Windows\SysWow64\ff_unrar.dll [2013.03.13 20:35:36 | 000,147,456 | ---- | C] () -- C:\Windows\SysWow64\ff_libmad.dll [2013.03.13 20:35:36 | 000,099,840 | ---- | C] () -- C:\Windows\SysWow64\ff_wmv9.dll [2013.03.13 20:35:34 | 001,525,760 | ---- | C] () -- C:\Windows\SysWow64\ff_samplerate.dll [2013.03.13 20:35:34 | 000,211,968 | ---- | C] () -- C:\Windows\SysWow64\ff_libdts.dll [2013.03.13 20:35:34 | 000,114,688 | ---- | C] () -- C:\Windows\SysWow64\ff_liba52.dll [2013.02.10 15:15:04 | 000,384,472 | ---- | C] () -- C:\Windows\SysWow64\swscale-lav-2.dll [2013.02.10 15:15:04 | 000,188,072 | ---- | C] () -- C:\Windows\SysWow64\libbluray.dll [2013.02.10 15:15:02 | 007,833,552 | ---- | C] () -- C:\Windows\SysWow64\avcodec-lav-54.dll [2013.02.10 15:15:02 | 001,256,952 | ---- | C] () -- C:\Windows\SysWow64\avformat-lav-54.dll [2013.02.10 15:15:02 | 000,247,920 | ---- | C] () -- C:\Windows\SysWow64\avutil-lav-52.dll [2013.02.10 15:15:02 | 000,169,888 | ---- | C] () -- C:\Windows\SysWow64\avfilter-lav-3.dll [2013.02.10 15:15:02 | 000,165,160 | ---- | C] () -- C:\Windows\SysWow64\avresample-lav-1.dll [2012.09.29 23:47:28 | 000,000,178 | ---- | C] () -- C:\Windows\SysWow64\Formats.ini [2012.08.16 20:13:47 | 000,015,497 | ---- | C] () -- C:\Windows\snp2std.ini [2012.06.05 10:31:27 | 008,676,883 | ---- | C] () -- C:\Windows\SysWow64\mp3Media2.dll [2012.06.05 00:02:39 | 000,000,754 | ---- | C] () -- C:\Windows\ODBC.INI [2012.06.04 23:41:07 | 000,000,034 | ---- | C] () -- C:\Windows\cdplayer.ini [2012.02.29 13:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [2011.12.07 20:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\Lagarith.dll [2011.05.30 20:13:23 | 000,000,030 | ---- | C] () -- C:\Users\Papa\AppData\Roaming\daylen.ini ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2009.07.14 02:41:54 | 014,161,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2009.07.14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report >
  9. Добрый день! я надеюсь мне смогут помочь. хотел сегодня посмотреть на одной из русских страниц новые обои для рабочего стола, и отркывая страницу (мне кажется) подхватил Troianer почему так думаю: работаю я с ФФ 24.0 с установленным NoScript при загрузке страницы, открылось дополнительно окно, с угрозой, что если не заплачу 100$, на меня в суд подадут. Ничего не думая, я просто выключил окно. После очередного запуска ФФ заметил, что полностью сбит NoScript. т.е. в дополнениях его даже нет. после перезагрузки компьютера ... вновь добавил NoScript - ФФ полностью работает проверил компьютер с помощью Касперским - ничего не нашел проверил компьютер с помощью Spybot - Search & Destroy ничего не нашел проверил компьютер с помощью HiJackThis - ничего не нашел в ручную проверил автозагрузку ... все чисто ... а вот со следующей программкой не разбираюсь, и хотел попросить помощи у вас. Есть ли в протоколе что нибудь опасное? просто в опасные мы времена живем, и хотелось бы насколько возможно быть уверенным, что ничего не подхватил. OTL logfile created on: 08.11.2013 18:41:12 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Papa\Desktop 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: *** | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 1,51 Gb Available Physical Memory | 37,65% Memory free 8,00 Gb Paging File | 4,97 Gb Available in Paging File | 62,14% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 75,00 Gb Total Space | 37,14 Gb Free Space | 49,53% Space Free | Partition Type: NTFS Drive D: | 50,00 Gb Total Space | 24,32 Gb Free Space | 48,65% Space Free | Partition Type: NTFS Drive F: | 450,00 Gb Total Space | 307,62 Gb Free Space | 68,36% Space Free | Partition Type: NTFS Drive G: | 406,51 Gb Total Space | 209,98 Gb Free Space | 51,66% Space Free | Partition Type: NTFS Drive H: | 50,00 Gb Total Space | 47,63 Gb Free Space | 95,26% Space Free | Partition Type: NTFS Drive I: | 730,00 Gb Total Space | 150,89 Gb Free Space | 20,67% Space Free | Partition Type: NTFS Drive J: | 101,51 Gb Total Space | 95,39 Gb Free Space | 93,97% Space Free | Partition Type: NTFS Drive M: | 297,99 Gb Total Space | 37,71 Gb Free Space | 12,65% Space Free | Partition Type: NTFS Drive N: | 298,09 Gb Total Space | 89,04 Gb Free Space | 29,87% Space Free | Partition Type: NTFS Drive O: | 687,65 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: *** | User Name: *** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 7 Days ========== Processes (SafeList) ========== PRC - [2013.11.08 15:13:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Papa\Desktop\OTL.exe PRC - [2013.10.31 11:35:46 | 000,070,880 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe PRC - [2013.10.21 18:05:19 | 000,274,840 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2013.10.15 06:37:09 | 001,862,536 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe PRC - [2013.10.10 12:31:15 | 000,356,128 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe PRC - [2013.10.07 13:43:40 | 028,698,984 | ---- | M] (ICQ) -- C:\Users\Papa\AppData\Roaming\ICQM\icq.exe PRC - [2013.05.29 11:34:28 | 000,449,248 | ---- | M] (Sony) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe PRC - [2013.05.16 09:59:00 | 003,830,224 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe PRC - [2013.05.16 09:56:34 | 001,033,688 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe PRC - [2013.05.16 09:56:30 | 001,817,560 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe PRC - [2013.05.15 12:21:32 | 000,171,928 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe PRC - [2013.01.07 23:35:59 | 000,389,168 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe PRC - [2012.08.17 21:38:34 | 000,128,440 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\klwtblfs.exe PRC - [2012.03.19 12:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe PRC - [2012.03.01 01:02:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2012.02.29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2012.01.12 14:52:57 | 000,296,232 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe PRC - [2012.01.12 14:52:55 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe PRC - [2012.01.12 14:52:55 | 000,075,048 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe PRC - [2012.01.12 13:58:47 | 000,371,256 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe PRC - [2012.01.02 03:21:22 | 000,501,544 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe PRC - [2011.12.09 18:23:30 | 001,596,032 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winamp.exe PRC - [2011.08.18 19:43:50 | 003,292,808 | ---- | M] (FinalWire Ltd.) -- C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.exe PRC - [2011.05.29 14:55:04 | 000,200,704 | ---- | M] () -- C:\Windows\SysWOW64\HsMgr.exe PRC - [2011.01.30 16:45:14 | 000,821,144 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe PRC - [2011.01.20 10:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe PRC - [2009.06.19 16:31:38 | 000,651,264 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) -- C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe PRC - [2009.04.08 18:49:30 | 000,344,064 | ---- | M] (AVerMedia) -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe PRC - [2008.12.10 01:01:50 | 000,405,504 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe PRC - [2008.06.11 01:34:02 | 000,159,744 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe PRC - [2007.09.02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe PRC - [2006.09.15 12:21:54 | 000,675,840 | ---- | M] (Sonix) -- C:\Windows\vsnp2std.exe ========== Modules (No Company Name) ========== MOD - [2013.11.08 16:48:01 | 000,162,304 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\winamp.lng MOD - [2013.11.08 16:48:01 | 000,153,600 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\vis_milk2.lng MOD - [2013.11.08 16:48:01 | 000,092,672 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\vis_avs.lng MOD - [2013.11.08 16:48:01 | 000,054,272 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\ml_local.lng MOD - [2013.11.08 16:48:01 | 000,048,640 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\ml_disc.lng MOD - [2013.11.08 16:48:01 | 000,047,104 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\ml_pmp.lng MOD - [2013.11.08 16:48:01 | 000,043,520 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\ombrowser.lng MOD - [2013.11.08 16:48:01 | 000,042,496 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\pmp_wifi.lng MOD - [2013.11.08 16:48:01 | 000,037,376 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\pmp_ipod.lng MOD - [2013.11.08 16:48:01 | 000,022,528 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\in_mp3.lng MOD - [2013.11.08 16:48:01 | 000,020,992 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\in_midi.lng MOD - [2013.11.08 16:48:01 | 000,020,480 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\in_mod.lng MOD - [2013.11.08 16:48:01 | 000,019,968 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\pmp_android.lng MOD - [2013.11.08 16:48:01 | 000,019,968 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\gen_win7shell.lng MOD - [2013.11.08 16:48:01 | 000,017,408 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\out_ds.lng MOD - [2013.11.08 16:48:01 | 000,014,848 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\in_wm.lng MOD - [2013.11.08 16:48:01 | 000,014,336 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\pmp_usb.lng MOD - [2013.11.08 16:48:01 | 000,014,336 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\ml_wire.lng MOD - [2013.11.08 16:48:01 | 000,013,824 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\ml_online.lng MOD - [2013.11.08 16:48:01 | 000,013,824 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\in_cdda.lng MOD - [2013.11.08 16:48:01 | 000,012,800 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\ml_plg.lng MOD - [2013.11.08 16:48:01 | 000,012,800 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\ml_playlists.lng MOD - [2013.11.08 16:48:01 | 000,011,776 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\in_nsv.lng MOD - [2013.11.08 16:48:01 | 000,011,264 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\in_vorbis.lng MOD - [2013.11.08 16:48:01 | 000,011,264 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\gen_skinmanager.lng MOD - [2013.11.08 16:48:01 | 000,010,752 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\gen_undo.lng MOD - [2013.11.08 16:48:01 | 000,010,752 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\gen_timerestore.lng MOD - [2013.11.08 16:48:01 | 000,009,216 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\ml_history.lng MOD - [2013.11.08 16:48:01 | 000,009,216 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\ml_downloads.lng MOD - [2013.11.08 16:48:01 | 000,009,216 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\gen_nopro.lng MOD - [2013.11.08 16:48:01 | 000,008,704 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\gen_tray.lng MOD - [2013.11.08 16:48:01 | 000,008,192 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\ml_transcode.lng MOD - [2013.11.08 16:48:01 | 000,008,192 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\ml_devices.lng MOD - [2013.11.08 16:48:01 | 000,007,680 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\vis_nsfs.lng MOD - [2013.11.08 16:48:01 | 000,007,680 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\out_wave.lng MOD - [2013.11.08 16:48:01 | 000,007,168 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\ml_autotag.lng MOD - [2013.11.08 16:48:01 | 000,007,168 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\in_dshow.lng MOD - [2013.11.08 16:48:01 | 000,007,168 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\gen_orgler.lng MOD - [2013.11.08 16:48:01 | 000,006,144 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\tagz.lng MOD - [2013.11.08 16:48:01 | 000,006,144 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\out_disk.lng MOD - [2013.11.08 16:48:01 | 000,006,144 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\in_wav.lng MOD - [2013.11.08 16:48:01 | 000,006,144 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\in_flac.lng MOD - [2013.11.08 16:48:01 | 000,005,632 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\in_wave.lng MOD - [2013.11.08 16:48:01 | 000,005,120 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\ml_rg.lng MOD - [2013.11.08 16:48:01 | 000,005,120 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\ml_impex.lng MOD - [2013.11.08 16:48:01 | 000,005,120 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\ml_bookmarks.lng MOD - [2013.11.08 16:48:01 | 000,005,120 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\in_avi.lng MOD - [2013.11.08 16:48:01 | 000,004,608 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\pmp_activesync.lng MOD - [2013.11.08 16:48:01 | 000,004,608 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\ml_enqplay.lng MOD - [2013.11.08 16:48:01 | 000,004,608 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\in_wv.lng MOD - [2013.11.08 16:48:01 | 000,004,608 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\in_mp4.lng MOD - [2013.11.08 16:48:01 | 000,004,608 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\in_mkv.lng MOD - [2013.11.08 16:48:01 | 000,004,096 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\winampa.lng MOD - [2013.11.08 16:48:01 | 000,004,096 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\pmp_p4s.lng MOD - [2013.11.08 16:48:01 | 000,003,584 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\pmp_njb.lng MOD - [2013.11.08 16:48:01 | 000,003,584 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\playlist.lng MOD - [2013.11.08 16:48:01 | 000,003,584 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\ml_orb.lng MOD - [2013.11.08 16:48:01 | 000,003,584 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\ml_nowplaying.lng MOD - [2013.11.08 16:48:01 | 000,003,584 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\ml_addons.lng MOD - [2013.11.08 16:48:01 | 000,003,584 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\in_swf.lng MOD - [2013.11.08 16:48:01 | 000,003,584 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\in_linein.lng MOD - [2013.11.08 16:48:01 | 000,003,584 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\in_flv.lng MOD - [2013.11.08 16:48:00 | 000,066,560 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\burnlib.lng MOD - [2013.11.08 16:48:00 | 000,040,960 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\gen_jumpex.lng MOD - [2013.11.08 16:48:00 | 000,022,528 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\gen_ff.lng MOD - [2013.11.08 16:48:00 | 000,020,480 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\gen_ml.lng MOD - [2013.11.08 16:48:00 | 000,013,824 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\dsp_sps.lng MOD - [2013.11.08 16:48:00 | 000,011,264 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\gen_hotkeys.lng MOD - [2013.11.08 16:48:00 | 000,011,264 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\auth.lng MOD - [2013.11.08 16:48:00 | 000,010,240 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\gen_classicart.lng MOD - [2013.11.08 16:48:00 | 000,007,680 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\gen_crasher.lng MOD - [2013.11.08 16:48:00 | 000,006,656 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\enc_wma.lng MOD - [2013.11.08 16:48:00 | 000,006,656 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\enc_fhgaac.lng MOD - [2013.11.08 16:48:00 | 000,006,144 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\enc_lame.lng MOD - [2013.11.08 16:48:00 | 000,004,096 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\gen_find_on_disk.lng MOD - [2013.11.08 16:48:00 | 000,004,096 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\enc_wav.lng MOD - [2013.11.08 16:48:00 | 000,004,096 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\enc_vorbis.lng MOD - [2013.11.08 16:48:00 | 000,004,096 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\enc_flake.lng MOD - [2013.11.08 16:48:00 | 000,004,096 | ---- | M] () -- C:\Users\Papa\AppData\Local\Temp\WLZE141.tmp\enc_flac.lng MOD - [2013.10.31 11:35:46 | 000,070,880 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe MOD - [2013.10.21 18:05:18 | 003,279,768 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2013.10.15 06:37:09 | 016,233,864 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll MOD - [2013.10.07 13:43:40 | 000,851,456 | ---- | M] () -- C:\Users\Papa\AppData\Roaming\ICQM\ICQ\dll\YLUSBTEL.dll MOD - [2013.09.13 10:02:30 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll MOD - [2013.05.16 09:55:28 | 000,161,112 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl MOD - [2013.05.16 09:55:26 | 000,113,496 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl MOD - [2013.05.16 09:55:24 | 000,416,600 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl MOD - [2013.01.07 23:35:42 | 000,022,576 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\nsldappr32v60.dll MOD - [2013.01.07 23:35:41 | 000,158,256 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\nsldap32v60.dll MOD - [2013.01.07 23:35:37 | 002,242,096 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll MOD - [2012.08.17 21:40:16 | 000,068,024 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\QtWebKit\qmlwebkitplugin4.dll MOD - [2012.08.17 21:38:56 | 000,479,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll MOD - [2012.06.05 00:31:40 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\xml.w5s MOD - [2012.06.05 00:31:40 | 000,083,968 | ---- | M] () -- C:\Program Files (x86)\Winamp\tataki.dll MOD - [2012.06.05 00:31:40 | 000,047,616 | ---- | M] () -- C:\Program Files (x86)\Winamp\zlib.dll MOD - [2012.06.05 00:31:39 | 000,623,616 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\jnetlib.w5s MOD - [2012.06.05 00:31:39 | 000,174,080 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\auth.w5s MOD - [2012.06.05 00:31:39 | 000,170,496 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_ipod.dll MOD - [2012.06.05 00:31:39 | 000,154,624 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\jpeg.w5s MOD - [2012.06.05 00:31:39 | 000,118,272 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_p4s.dll MOD - [2012.06.05 00:31:39 | 000,113,664 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_wifi.dll MOD - [2012.06.05 00:31:39 | 000,103,936 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\png.w5s MOD - [2012.06.05 00:31:39 | 000,084,480 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\playlist.w5s MOD - [2012.06.05 00:31:39 | 000,053,760 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_usb.dll MOD - [2012.06.05 00:31:39 | 000,044,544 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\devices.w5s MOD - [2012.06.05 00:31:39 | 000,035,328 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\timer.w5s MOD - [2012.06.05 00:31:39 | 000,023,040 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\albumart.w5s MOD - [2012.06.05 00:31:39 | 000,021,504 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\tagz.w5s MOD - [2012.06.05 00:31:39 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_njb.dll MOD - [2012.06.05 00:31:39 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\gif.w5s MOD - [2012.06.05 00:31:39 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\bmp.w5s MOD - [2012.06.05 00:31:39 | 000,016,896 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\dlmgr.w5s MOD - [2012.06.05 00:31:39 | 000,016,384 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\gracenote.w5s MOD - [2012.06.05 00:31:39 | 000,014,336 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\filereader.w5s MOD - [2012.06.05 00:31:39 | 000,013,824 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\primo.w5s MOD - [2012.06.05 00:31:38 | 000,313,344 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_wm.dll MOD - [2012.06.05 00:31:38 | 000,294,400 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_local.dll MOD - [2012.06.05 00:31:38 | 000,290,304 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mp3.dll MOD - [2012.06.05 00:31:38 | 000,253,440 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_vorbis.dll MOD - [2012.06.05 00:31:38 | 000,249,856 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_devices.dll MOD - [2012.06.05 00:31:38 | 000,241,152 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_pmp.dll MOD - [2012.06.05 00:31:38 | 000,200,192 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_disc.dll MOD - [2012.06.05 00:31:38 | 000,124,928 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_online.dll MOD - [2012.06.05 00:31:38 | 000,083,456 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_plg.dll MOD - [2012.06.05 00:31:38 | 000,082,944 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_playlists.dll MOD - [2012.06.05 00:31:38 | 000,075,264 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_nsv.dll MOD - [2012.06.05 00:31:38 | 000,060,928 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\pmp_android.dll MOD - [2012.06.05 00:31:38 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_impex.dll MOD - [2012.06.05 00:31:38 | 000,052,736 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mp4.dll MOD - [2012.06.05 00:31:38 | 000,052,224 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\out_ds.dll MOD - [2012.06.05 00:31:38 | 000,052,224 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_history.dll MOD - [2012.06.05 00:31:38 | 000,033,792 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_rg.dll MOD - [2012.06.05 00:31:38 | 000,032,256 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_transcode.dll MOD - [2012.06.05 00:31:38 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_autotag.dll MOD - [2012.06.05 00:31:38 | 000,028,160 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_bookmarks.dll MOD - [2012.06.05 00:31:38 | 000,023,552 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_swf.dll MOD - [2012.06.05 00:31:38 | 000,022,528 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\out_disk.dll MOD - [2012.06.05 00:31:38 | 000,018,432 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\out_wave.dll MOD - [2012.06.05 00:31:38 | 000,016,896 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_wave.dll MOD - [2012.06.05 00:31:37 | 001,737,728 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_ff.dll MOD - [2012.06.05 00:31:37 | 000,417,280 | ---- | M] () -- C:\Program Files (x86)\Winamp\nsutil.dll MOD - [2012.06.05 00:31:37 | 000,340,992 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\freeform\wacs\freetype\freetype.wac MOD - [2012.06.05 00:31:37 | 000,318,464 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_ml.dll MOD - [2012.06.05 00:31:37 | 000,185,344 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_jumpex.dll MOD - [2012.06.05 00:31:37 | 000,165,376 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mod.dll MOD - [2012.06.05 00:31:37 | 000,109,568 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_midi.dll MOD - [2012.06.05 00:31:37 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_cdda.dll MOD - [2012.06.05 00:31:37 | 000,078,848 | ---- | M] () -- C:\Program Files (x86)\Winamp\nde.dll MOD - [2012.06.05 00:31:37 | 000,072,192 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_dshow.dll MOD - [2012.06.05 00:31:37 | 000,068,608 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_avi.dll MOD - [2012.06.05 00:31:37 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_flac.dll MOD - [2012.06.05 00:31:37 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_orgler.dll MOD - [2012.06.05 00:31:37 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mkv.dll MOD - [2012.06.05 00:31:37 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_flv.dll MOD - [2012.06.05 00:31:37 | 000,027,648 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_hotkeys.dll MOD - [2012.06.05 00:31:37 | 000,025,600 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_tray.dll MOD - [2012.06.05 00:31:37 | 000,007,168 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_linein.dll MOD - [2012.06.05 00:31:36 | 000,253,440 | ---- | M] () -- C:\Program Files (x86)\Winamp\libsndfile.dll MOD - [2012.04.30 10:57:42 | 000,039,936 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll MOD - [2012.02.29 13:26:28 | 000,360,768 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll MOD - [2012.01.12 13:55:29 | 000,075,048 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PowerDVD12\subsys\DLNA\DMS\_PyDMSCtrl.pyd MOD - [2012.01.02 03:21:17 | 000,374,056 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\CLNetMediaDMA.dll MOD - [2011.08.24 03:39:11 | 000,655,360 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PowerDVD12\Common\Koan\_ssl.pyd MOD - [2011.08.24 03:39:11 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PowerDVD12\Common\Koan\_ctypes.pyd MOD - [2011.08.24 03:39:11 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PowerDVD12\Common\Koan\_socket.pyd MOD - [2011.08.18 19:43:50 | 000,274,552 | ---- | M] () -- C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\aida_icons7.dll MOD - [2011.05.29 14:55:04 | 000,200,704 | ---- | M] () -- C:\Windows\SysWOW64\HsMgr.exe MOD - [2011.01.30 16:47:24 | 000,019,968 | ---- | M] () -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\AcroTray.DEU MOD - [2008.06.11 01:34:02 | 000,159,744 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe MOD - [2007.09.02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe MOD - [2007.09.02 12:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll ========== Services (SafeList) ========== SRV:64bit: - [2011.09.27 20:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2013.10.21 18:05:18 | 000,118,680 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.10.10 12:31:15 | 000,356,128 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe -- (AVP) SRV - [2013.02.04 17:43:22 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion) SRV - [2012.12.01 17:39:43 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2012.03.19 12:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7) SRV - [2012.03.01 01:02:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012.02.29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2012.01.12 14:52:57 | 000,296,232 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe -- (CyberLink PowerDVD 12 Media Server Service) SRV - [2012.01.12 14:52:55 | 000,087,336 | ---- | M] (CyberLink Corp.) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe -- (CLHNServiceForPowerDVD12) SRV - [2012.01.12 14:52:55 | 000,075,048 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe -- (CyberLink PowerDVD 12 Media Server Monitor Service) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.07.14 02:16:20 | 000,010,752 | ---- | M] (Корпорация Майкрософт) [On_Demand | Stopped] -- C:\Windows\SysWOW64\wpcsvc.dll -- (WPCSvc) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.04.08 18:49:30 | 000,344,064 | ---- | M] (AVerMedia) [Auto | Running] -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe -- (AVerRemote) SRV - [2008.12.10 01:01:50 | 000,405,504 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe -- (AVerScheduleService) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013.11.02 12:36:53 | 000,031,136 | ---- | M] (REALiX) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\HWiNFO64A.SYS -- (HWiNFO32) DRV:64bit: - [2013.10.10 12:32:13 | 000,626,272 | ---- | M] (Kaspersky Lab ZAO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF) DRV:64bit: - [2013.10.10 12:32:13 | 000,029,280 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt) DRV:64bit: - [2013.10.10 12:32:13 | 000,029,280 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klkbdflt.sys -- (klkbdflt) DRV:64bit: - [2013.10.10 12:32:11 | 007,717,984 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1) DRV:64bit: - [2013.08.08 22:43:54 | 000,054,368 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kltdi.sys -- (kltdi) DRV:64bit: - [2013.05.30 21:41:31 | 000,178,448 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kneps.sys -- (kneps) DRV:64bit: - [2013.01.17 20:15:12 | 000,066,800 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys -- (LGSHidFilt) DRV:64bit: - [2012.08.02 15:09:34 | 000,028,504 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6) DRV:64bit: - [2012.01.17 13:45:56 | 000,188,224 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2011.12.16 16:53:01 | 000,035,112 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\teamviewervpn.sys -- (teamviewervpn) DRV:64bit: - [2011.09.02 07:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt) DRV:64bit: - [2011.09.02 07:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt) DRV:64bit: - [2011.05.31 21:22:38 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum) DRV:64bit: - [2011.05.31 21:22:38 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid) DRV:64bit: - [2011.05.29 20:45:00 | 000,513,080 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:64bit: - [2011.05.29 14:55:04 | 001,029,120 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cmudax3.sys -- (cmuda3) DRV:64bit: - [2009.08.24 16:49:18 | 001,422,464 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVerA706_x64.sys -- (AVerA706_x64) DRV:64bit: - [2009.07.14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2009.07.14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009.07.14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 01:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:64bit: - [2009.06.10 21:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2008.01.09 10:28:20 | 000,034,032 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\seehcri.sys -- (seehcri) DRV:64bit: - [2007.04.23 15:54:40 | 000,126,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115mgmt.sys -- (s115mgmt) DRV:64bit: - [2007.04.23 15:54:40 | 000,123,656 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115obex.sys -- (s115obex) DRV:64bit: - [2007.04.23 15:54:38 | 000,144,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115mdm.sys -- (s115mdm) DRV:64bit: - [2007.04.23 15:54:36 | 000,019,720 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115mdfl.sys -- (s115mdfl) DRV:64bit: - [2007.04.23 15:54:32 | 000,108,296 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115bus.sys -- (s115bus) DRV:64bit: - [2007.04.02 06:44:38 | 000,026,624 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVerEth64.sys -- (AVerEth) DRV:64bit: - [2006.11.16 09:51:12 | 012,297,344 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\snp2sxp.sys -- (SNP2STD) DRV - [2012.01.11 21:57:42 | 000,146,928 | ---- | M] (CyberLink Corp.) [2012/06/05 00:36:40] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter00.fcl -- ({329F96B6-DF1E-4328-BFDA-39EA953C1312}) DRV - [2011.10.27 07:18:45 | 000,082,928 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys -- (ntk_PowerDVD12) DRV - [2011.08.18 19:43:50 | 000,027,808 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 -- (AIDA64Driver) DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1021228379-1736376582-3003093817-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-1021228379-1736376582-3003093817-1000\..\SearchScopes,DefaultScope = {0AA5A4A0-BACD-4920-BCA3-02AA85F716C9} IE - HKU\S-1-5-21-1021228379-1736376582-3003093817-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}...amp;FORM=IE8SRC IE - HKU\S-1-5-21-1021228379-1736376582-3003093817-1000\..\SearchScopes\{0AA5A4A0-BACD-4920-BCA3-02AA85F716C9}: "URL" = http://de.search.yahoo.com/search?fr=chr-g...p={searchTerms} IE - HKU\S-1-5-21-1021228379-1736376582-3003093817-1000\..\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}: "URL" = http://go.mail.ru/search?utf8in=1&fr=i...q={SearchTerms} IE - HKU\S-1-5-21-1021228379-1736376582-3003093817-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1021228379-1736376582-3003093817-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\S-1-5-21-1021228379-1736376582-3003093817-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = localhost:21320 ========== FireFox ========== FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=888596" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "about:blank" FF - prefs.js..extensions.enabledAddons: %7Bfe2f73c1-36c3-4537-8c86-a8f660163e7c%7D:0.1.12 FF - prefs.js..extensions.enabledAddons: fmconverter%40gmail.com:1.0.0 FF - prefs.js..extensions.enabledAddons: %7Bef4e370e-d9f0-4e00-b93e-a4f274cfdd5a%7D:1.4.9 FF - prefs.js..extensions.enabledAddons: %7BDDC359D1-844A-42a7-9AA1-88A850A938A8%7D:2.0.16 FF - prefs.js..extensions.enabledAddons: suncult%40sf.net:1.3.20120620 FF - prefs.js..extensions.enabledAddons: %7B0538E3E3-7E9B-4d49-8831-A227C80A7AD3%7D:2.2.2 FF - prefs.js..extensions.enabledAddons: %7B3e0e7d2a-070f-4a47-b019-91fe5385ba79%7D:3.5.9 FF - prefs.js..extensions.enabledAddons: SkipScreen%40SkipScreen:0.7.2 FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.5.2 FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.21 FF - prefs.js..extensions.enabledAddons: anti_banner%40kaspersky.com:13.0.1.4359 FF - prefs.js..extensions.enabledAddons: online_banking%40kaspersky.com:13.0.1.4359 FF - prefs.js..extensions.enabledAddons: url_advisor%40kaspersky.com:13.0.1.4359 FF - prefs.js..extensions.enabledAddons: content_blocker%40kaspersky.com:13.0.1.4359 FF - prefs.js..extensions.enabledAddons: virtual_keyboard%40kaspersky.com:13.0.1.4359 FF - prefs.js..extensions.enabledAddons: %7Bbee6eb20-01e0-ebd1-da83-080329fb9a3a%7D:1.42 FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.8.5 FF - prefs.js..extensions.enabledAddons: %7Be001c731-5e37-4538-a5cb-8168736a2360%7D:0.9.9.119 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0 FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:11.0.2.556 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.5 FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.12.2.44026 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.4 FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.2 FF - prefs.js..extensions.enabledItems: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:2.0.2 FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.1 FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.2 FF - prefs.js..extensions.enabledItems: {64161300-e22b-11db-8314-0800200c9a66}:0.9.5.8 FF - prefs.js..extensions.enabledItems: de-DE-alt-2@dictionaries.addons.mozilla.org:0.2 FF - prefs.js..extensions.enabledItems: ru@dictionaries.addons.mozilla.org:0.4.4 FF - prefs.js..extensions.enabledItems: KavAntiBanner@Kaspersky.ru:11.0.2.556 FF - prefs.js..keyword.URL: "http://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=888596&p=" FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012.06.04 23:07:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013.10.10 12:32:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013.10.10 12:32:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013.10.10 12:32:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013.10.10 12:32:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013.10.10 12:32:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmconverter@gmail.com: C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2012.12.01 17:48:57 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.10.21 18:05:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.05.30 21:27:52 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2012.06.05 00:01:48 | 000,000,000 | ---D | M] [2011.05.29 20:22:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Papa\AppData\Roaming\mozilla\Extensions [2011.05.29 20:22:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Papa\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2013.11.08 16:57:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Papa\AppData\Roaming\mozilla\Firefox\Profiles\25ipns6n.default\extensions [2011.05.31 19:13:48 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Users\Papa\AppData\Roaming\mozilla\Firefox\Profiles\25ipns6n.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2013.05.30 21:29:03 | 000,000,000 | ---D | M] (AddThis) -- C:\Users\Papa\AppData\Roaming\mozilla\Firefox\Profiles\25ipns6n.default\extensions\{3e0e7d2a-070f-4a47-b019-91fe5385ba79} [2013.08.28 09:50:44 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Papa\AppData\Roaming\mozilla\Firefox\Profiles\25ipns6n.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013.10.28 13:31:02 | 000,000,000 | ---D | M] (Flash and Video Download) -- C:\Users\Papa\AppData\Roaming\mozilla\Firefox\Profiles\25ipns6n.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2013.11.08 16:57:49 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Users\Papa\AppData\Roaming\mozilla\Firefox\Profiles\25ipns6n.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2012.12.01 17:14:35 | 000,000,000 | ---D | M] (German Dictionary (de-DE), classical spelling standards) -- C:\Users\Papa\AppData\Roaming\mozilla\Firefox\Profiles\25ipns6n.default\extensions\alterechtschreibung@googlemail.com [2013.10.22 18:57:09 | 000,000,000 | ---D | M] (British English Dictionary (Updated)) -- C:\Users\Papa\AppData\Roaming\mozilla\Firefox\Profiles\25ipns6n.default\extensions\en-gb@flyingtophat.co.uk [2013.08.08 22:17:08 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Papa\AppData\Roaming\mozilla\Firefox\Profiles\25ipns6n.default\extensions\ich@maltegoetz.de [2013.08.08 22:17:08 | 000,000,000 | ---D | M] (Russian spellchecking dictionary) -- C:\Users\Papa\AppData\Roaming\mozilla\Firefox\Profiles\25ipns6n.default\extensions\ru@dictionaries.addons.mozilla.org [2012.06.04 22:29:48 | 000,000,000 | ---D | M] ("Sun Cult") -- C:\Users\Papa\AppData\Roaming\mozilla\Firefox\Profiles\25ipns6n.default\extensions\suncult@sf.net [2013.05.01 10:50:03 | 000,301,821 | ---- | M] () (No name found) -- C:\Users\Papa\AppData\Roaming\mozilla\firefox\profiles\25ipns6n.default\extensions\compatibility@addons.mozilla.org.xpi [2013.10.22 18:57:21 | 002,209,433 | ---- | M] () (No name found) -- C:\Users\Papa\AppData\Roaming\mozilla\firefox\profiles\25ipns6n.default\extensions\firebug@software.joehewitt.com.xpi [2013.08.08 22:17:08 | 000,071,038 | ---- | M] () (No name found) -- C:\Users\Papa\AppData\Roaming\mozilla\firefox\profiles\25ipns6n.default\extensions\SkipScreen@SkipScreen.xpi [2013.11.08 15:55:57 | 000,534,744 | ---- | M] () (No name found) -- C:\Users\Papa\AppData\Roaming\mozilla\firefox\profiles\25ipns6n.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013.04.05 09:55:50 | 000,714,654 | ---- | M] () (No name found) -- C:\Users\Papa\AppData\Roaming\mozilla\firefox\profiles\25ipns6n.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013.02.20 10:22:21 | 000,685,671 | ---- | M] () (No name found) -- C:\Users\Papa\AppData\Roaming\mozilla\firefox\profiles\25ipns6n.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}.xpi [2012.02.03 11:52:15 | 000,014,854 | ---- | M] () (No name found) -- C:\Users\Papa\AppData\Roaming\mozilla\firefox\profiles\25ipns6n.default\extensions\{fe2f73c1-36c3-4537-8c86-a8f660163e7c}.xpi [2012.06.05 10:55:36 | 000,002,385 | ---- | M] () -- C:\Users\Papa\AppData\Roaming\mozilla\firefox\profiles\25ipns6n.default\searchplugins\enzyklo-de.xml [2012.06.11 13:31:14 | 000,000,912 | ---- | M] () -- C:\Users\Papa\AppData\Roaming\mozilla\firefox\profiles\25ipns6n.default\searchplugins\gramotaru.xml [2012.06.05 00:17:32 | 000,002,830 | ---- | M] () -- C:\Users\Papa\AppData\Roaming\mozilla\firefox\profiles\25ipns6n.default\searchplugins\torrent-freedom-rus.xml [2012.06.05 00:17:32 | 000,002,684 | ---- | M] () -- C:\Users\Papa\AppData\Roaming\mozilla\firefox\profiles\25ipns6n.default\searchplugins\yekvn2fr.xml [2013.10.21 18:05:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2013.10.21 18:05:15 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak [2013.10.21 18:05:15 | 000,000,000 | ---D | M] (Modul zur Link-Untersuchung) -- C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak [2013.10.21 18:05:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions [2013.10.21 18:05:19 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2012.12.01 17:48:57 | 000,000,000 | ---D | M] (Freemake Video Converter Plugin) -- C:\PROGRAM FILES (X86)\FREEMAKE\FREEMAKE VIDEO CONVERTER\BROWSERPLUGIN\FIREFOX [2013.10.10 12:32:15 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2013\FFEXT\ANTI_BANNER@KASPERSKY.COM [2013.10.10 12:32:15 | 000,000,000 | ---D | M] (Content Blocker) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2013\FFEXT\CONTENT_BLOCKER@KASPERSKY.COM [2013.10.10 12:32:15 | 000,000,000 | ---D | M] (Safe Money) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2013\FFEXT\ONLINE_BANKING@KASPERSKY.COM [2013.10.10 12:32:15 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2013\FFEXT\URL_ADVISOR@KASPERSKY.COM [2013.10.10 12:32:15 | 000,000,000 | ---D | M] (Virtual Keyboard) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2013\FFEXT\VIRTUAL_KEYBOARD@KASPERSKY.COM [2011.12.09 18:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll O1 HOSTS File: ([2012.06.04 23:03:57 | 000,002,387 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 practivate.adobe.com O1 - Hosts: 127.0.0.1 adobeereg.com O1 - Hosts: 127.0.0.1 www.adobeereg.com O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 activate-sea.adobe.com O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com O1 - Hosts: 127.0.0.1 192.150.18.108 O1 - Hosts: 127.0.0.1 activate.adobe.com:443 O1 - Hosts: 127.0.0.1 3dns.adobe.com O1 - Hosts: 127.0.0.1 3dns-1.adobe.com O1 - Hosts: 127.0.0.1 3dns-2.adobe.com O1 - Hosts: 127.0.0.1 3dns-3.adobe.com O1 - Hosts: 127.0.0.1 3dns-4.adobe.com O1 - Hosts: 127.0.0.1 adobeereg.com O1 - Hosts: 127.0.0.1 www.adobeereg.com O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 activate-sea.adobe.com O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com O1 - Hosts: 127.0.0.1 192.150.18.108 O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-1.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com O1 - Hosts: 26 more lines... O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKU\S-1-5-21-1021228379-1736376582-3003093817-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [Cmaudio8768GX] C:\Windows\syswow64\HsMgr.exe () O4:64bit: - HKLM..\Run: [Cmaudio8768GX64] C:\Windows\system\HsMgr64.exe () O4:64bit: - HKLM..\Run: [CmPCIaudio] C:\Windows\Syswow64\CMICNFG3.dll (C-Media Corporation) O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.) O4:64bit: - HKLM..\Run: [snp2std] C:\Windows\vsnp2std.exe (Sonix) O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO) O4 - HKLM..\Run: [PowerDVD12Agent] C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe (CyberLink Corp.) O4 - HKLM..\Run: [PowerDVD12DMREngine] C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe (CyberLink) O4 - HKLM..\Run: [sDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.) O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1021228379-1736376582-3003093817-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-1021228379-1736376582-3003093817-1000..\Run: [icq] C:\Users\Papa\AppData\Roaming\ICQM\icq.exe (ICQ) O4 - HKU\S-1-5-21-1021228379-1736376582-3003093817-1000..\Run: [sony PC Companion] C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (Sony) O4 - HKU\S-1-5-21-1021228379-1736376582-3003093817-1003..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-21-1021228379-1736376582-3003093817-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\Papa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O8:64bit: - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Добавить в Анти-Баннер - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm () O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Добавить в Анти-Баннер - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm () O9:64bit: - Extra Button: Виртуальная клавиатура - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O9:64bit: - Extra Button: Проверка ссылок - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: Виртуальная клавиатура - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O9 - Extra Button: Проверка ссылок - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O10 - NameSpace_Catalog5\Catalog_Entries00000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.12.1 193.174.75.142 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3E7A3901-1CF8-4690-B221-F39A784DE8E9}: DhcpNameServer = 192.168.12.1 193.174.75.142 O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaippx00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found O18 - Protocol\Handler\msdaippx00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18:64bit: - Protocol\Filter\text/xml - No CLSID value found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [1999.08.31 04:52:00 | 000,598,016 | R--- | M] (MAX DESIGN) - O:\Autorun.exe -- [ CDFS ] O32 - AutoRun File - [1999.08.31 04:52:00 | 000,000,766 | R--- | M] () - O:\Autorun.ico -- [ CDFS ] O32 - AutoRun File - [2001.09.06 00:04:00 | 000,000,283 | R--- | M] () - O:\Autorun.inf -- [ CDFS ] O33 - MountPoints2\{a706db36-89f3-11e0-a16f-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{a706db36-89f3-11e0-a16f-806e6f6e6963}\Shell\Acrobat\command - "" = O:\.\ar500deu.exe -- [2001.09.06 00:04:00 | 009,124,984 | R--- | M] () O33 - MountPoints2\{a706db36-89f3-11e0-a16f-806e6f6e6963}\Shell\AutoRun\command - "" = O:\Autorun.exe -- [1999.08.31 04:52:00 | 000,598,016 | R--- | M] (MAX DESIGN) O33 - MountPoints2\{a706db36-89f3-11e0-a16f-806e6f6e6963}\Shell\DirectX\command - "" = O:\.\DirectX\dxsetup.exe -- [2001.10.16 11:24:46 | 000,140,288 | R--- | M] () O33 - MountPoints2\{a706db36-89f3-11e0-a16f-806e6f6e6963}\Shell\Setup\command - "" = O:\.\Setup.exe -- [2002.12.02 14:33:00 | 000,107,512 | R--- | M] () O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 7 Days ========== [2013.11.08 16:57:55 | 000,000,000 | ---D | C] -- C:\Users\Papa\AppData\Roaming\QuickScan [2013.11.08 15:13:07 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Papa\Desktop\OTL.exe [2013.11.02 12:36:53 | 000,031,136 | ---- | C] (REALiX) -- C:\Windows\SysNative\drivers\HWiNFO64A.SYS [2013.11.02 12:35:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64 [2013.11.02 12:35:12 | 000,000,000 | ---D | C] -- C:\Program Files\HWiNFO64 ========== Files - Modified Within 7 Days ========== [2013.11.08 15:56:27 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.11.08 15:56:27 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.11.08 15:55:05 | 002,341,106 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.11.08 15:55:05 | 000,686,050 | ---- | M] () -- C:\Windows\SysNative\perfh019.dat [2013.11.08 15:55:05 | 000,660,696 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.11.08 15:55:05 | 000,622,578 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.11.08 15:55:05 | 000,134,902 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.11.08 15:55:05 | 000,132,776 | ---- | M] () -- C:\Windows\SysNative\perfc019.dat [2013.11.08 15:55:05 | 000,111,292 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.11.08 15:48:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.11.08 15:48:20 | 3220,578,304 | -HS- | M] () -- C:\hiberfil.sys [2013.11.08 15:13:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Papa\Desktop\OTL.exe [2013.11.02 12:36:53 | 000,031,136 | ---- | M] (REALiX) -- C:\Windows\SysNative\drivers\HWiNFO64A.SYS ========== Files Created - No Company Name ========== [2013.09.01 22:46:51 | 000,000,064 | ---- | C] () -- C:\Windows\AVerText.ini [2013.03.16 04:49:24 | 000,038,736 | ---- | C] () -- C:\Windows\SysWow64\dischandler.exe [2013.03.13 20:39:34 | 003,915,776 | ---- | C] () -- C:\Windows\SysWow64\ffmpeg.dll [2013.03.13 20:38:34 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2013.03.13 20:35:56 | 000,271,360 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll [2013.03.13 20:35:38 | 000,157,184 | ---- | C] () -- C:\Windows\SysWow64\ff_unrar.dll [2013.03.13 20:35:36 | 000,147,456 | ---- | C] () -- C:\Windows\SysWow64\ff_libmad.dll [2013.03.13 20:35:36 | 000,099,840 | ---- | C] () -- C:\Windows\SysWow64\ff_wmv9.dll [2013.03.13 20:35:34 | 001,525,760 | ---- | C] () -- C:\Windows\SysWow64\ff_samplerate.dll [2013.03.13 20:35:34 | 000,211,968 | ---- | C] () -- C:\Windows\SysWow64\ff_libdts.dll [2013.03.13 20:35:34 | 000,114,688 | ---- | C] () -- C:\Windows\SysWow64\ff_liba52.dll [2013.02.10 15:15:04 | 000,384,472 | ---- | C] () -- C:\Windows\SysWow64\swscale-lav-2.dll [2013.02.10 15:15:04 | 000,188,072 | ---- | C] () -- C:\Windows\SysWow64\libbluray.dll [2013.02.10 15:15:02 | 007,833,552 | ---- | C] () -- C:\Windows\SysWow64\avcodec-lav-54.dll [2013.02.10 15:15:02 | 001,256,952 | ---- | C] () -- C:\Windows\SysWow64\avformat-lav-54.dll [2013.02.10 15:15:02 | 000,247,920 | ---- | C] () -- C:\Windows\SysWow64\avutil-lav-52.dll [2013.02.10 15:15:02 | 000,169,888 | ---- | C] () -- C:\Windows\SysWow64\avfilter-lav-3.dll [2013.02.10 15:15:02 | 000,165,160 | ---- | C] () -- C:\Windows\SysWow64\avresample-lav-1.dll [2012.09.29 23:47:28 | 000,000,178 | ---- | C] () -- C:\Windows\SysWow64\Formats.ini [2012.08.16 20:13:47 | 000,015,497 | ---- | C] () -- C:\Windows\snp2std.ini [2012.06.05 10:31:27 | 008,676,883 | ---- | C] () -- C:\Windows\SysWow64\mp3Media2.dll [2012.06.05 00:02:39 | 000,000,754 | ---- | C] () -- C:\Windows\ODBC.INI [2012.06.04 23:41:07 | 000,000,034 | ---- | C] () -- C:\Windows\cdplayer.ini [2012.02.29 13:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [2011.12.07 20:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\Lagarith.dll [2011.05.30 20:13:23 | 000,000,030 | ---- | C] () -- C:\Users\Papa\AppData\Roaming\daylen.ini ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2009.07.14 02:41:54 | 014,161,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2009.07.14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report >
  10. не правильно! Я заплатил деньги за продукт! И в конечном итоге приходится бегать ... кто помог бы в результате я ни там ни здесь помощи не получаю! А сюда я "вернулся" поскольку от ТП ответа нет! Вот в чем фокус! и вместо помощи ... приходится спорить о том, к кому за помощью обращаться :bt: А если вы не против, я хотел бы вернуться к главному вопросу! :bt:
  11. да на худой конец я и через настройки КИСа захожу. Это не большая беда! и на худой конец я даже и с этим жить смог бы (не так уж я и часто этим пользуюсь). Однако ведь деньги настоящие заплатил ... и хотелось бы, чтоб за настоящие деньги как бы софт работал Дело все в том, что я уж точно в системе ничего не менял, а с одного дня на другой ФФ выкидывает такую ошибку ... Я вот один эксперимент сделал: У меня на одном компе два Виндофа ... и на втором (тоже 7й x64 максимальный) я попробовал зайти через закладки на страницу Банка - все работает! полностью профиль с "рабочего" ФФ снял и на "плохой" поставил ... не помогает! Может установка КИСа "сломалась"? PS: @ Maratka а я никого разговаривать на немецком не заставлял! И вас не заставлял ... Немцам написл, поскольку в Германии продукт купил! А разбираюсь здесь на русском, поскольку вся система на русском установлена и просто легче пользоваться всеми названиями на том языке, на котором я их легко найти смогу
  12. но ведь у меня все на русском установлено ... ?!
  13. Как ответ получил: Писал на немецком ... описывал практически то, что и здесь где-то в конце декабря началсь петрушка ... перепробовал версии FF c 16ой до 18.0.2 ... (полностью удалял и устанавливал заново) В конечном итоге страница моего банка открывается только по 2 путям: 1. если КИС выключаю или 2. если нажимаю кнопку в меню КИСа "безопасные платежи" запуск из меню закладок не получается
  14. я хотел переспросить, есть ли в этом вопросе что-то новое! Я в службу поддержки писал, и от них даже подтверждение получил, что они мою почту получили. Однако прошло уже несколько недель, и все еще ничего ... Я уже и Firefox полностью удалял и заново устанавливал ... толку нет
×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.