Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

explorer.exe restarts parmanently

Started by gray36 , Dec 25 2010 02:49 PM

  • Please log in to reply

#1
gray36
Posted 25 December 2010 - 02:49 PM

gray36

    New Member

  • Member
  • Pip
  • 3 posts
Hi
i´m using windows 7 on a dell m1530 laptop. Couple of hours ago i´ve got a message about some memory problems according to an 0x02791000 adress, since than windows explorer keeps on restarting over and over again (appr. every 3-4 seconds). System restart changes nothing. I can only run the system in the safe mode, have done some virus and malware tests but without any results.
Any suggestions? Any help would be great

OTL logfile created on: 25.12.2010 21:45:16 - Run 3
OTL by OldTimer - Version 3.2.18.0 Folder = C:\Users\gray\Desktop\7fix
An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 79,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 91,00% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 182,55 Gb Total Space | 13,05 Gb Free Space | 7,15% Space Free | Partition Type: NTFS
Drive D: | 92,34 Gb Total Space | 12,87 Gb Free Space | 13,94% Space Free | Partition Type: NTFS
Drive E: | 23,07 Gb Total Space | 13,50 Gb Free Space | 58,53% Space Free | Partition Type: NTFS

Computer Name: GRAY-PC | User Name: gray | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\gray\Desktop\7fix\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)


========== Modules (SafeList) ==========

MOD - C:\Users\gray\Desktop\7fix\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)
MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation)
MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (nosGetPlusHelper) getPlus® -- C:\Programme\NOS\bin\getPlus_Helper_3004.dll (NOS Microsystems Ltd.)
SRV - (TuneUp.Defrag) -- C:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software)
SRV - (vsmon) -- C:\Windows\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)
SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)
SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)
SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)
SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)
SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)
SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
SRV - (AxInstSV) ActiveX-Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)
SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)
SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirWebService) -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira GmbH)
SRV - (AntiVirFirewallService) -- C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe (Avira GmbH)
SRV - (AntiVirMailService) -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe (Avira GmbH)
SRV - (STacSV) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_24288096a5cd99f6\stacsv.exe (IDT, Inc.)
SRV - (AESTFilters) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_24288096a5cd99f6\AEstSrv.exe (Andrea Electronics Corporation)


========== Driver Services (SafeList) ==========

DRV - (DFUBTUSB) -- C:\Windows\System32\Drivers\frmupgr.sys File not found
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (SLEE_17_DRIVER) -- C:\Windows\System32\drivers\SleeN17.sys (Softwareentwicklung Remus - ArchiCrypt - )
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (85774342) -- C:\Windows\system32\DRIVERS\85774342.sys (Kaspersky Lab)
DRV - (Vsdatant) -- C:\Windows\System32\drivers\vsdatant.sys (Check Point Software Technologies LTD)
DRV - (setup_9.0.0.722_25.12.2010_20-31drv) -- C:\Windows\System32\drivers\8577434.sys (Kaspersky Lab)
DRV - (yukonw7) -- C:\Windows\System32\drivers\yk62x86.sys ()
DRV - (85774341) -- C:\Windows\System32\drivers\85774341.sys (Kaspersky Lab)
DRV - (vpcvmm) -- C:\Windows\System32\drivers\vpcvmm.sys (Microsoft Corporation)
DRV - (vpcnfltr) -- C:\Windows\System32\drivers\vpcnfltr.sys (Microsoft Corporation)
DRV - (vpcusb) -- C:\Windows\System32\drivers\vpcusb.sys (Microsoft Corporation)
DRV - (vpcbus) -- C:\Windows\System32\drivers\vpchbus.sys (Microsoft Corporation)
DRV - (RivaTuner32) -- C:\Programme\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner32.sys ()
DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)
DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)
DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)
DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)
DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)
DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)
DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)
DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)
DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)
DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)
DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)
DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)
DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)
DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)
DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)
DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)
DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)
DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)
DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)
DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation)
DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation)
DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)
DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)
DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)
DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)
DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)
DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)
DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)
DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)
DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)
DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)
DRV - (rdpbus) -- C:\Windows\System32\drivers\rdpbus.sys (Microsoft Corporation)
DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)
DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)
DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)
DRV - (1394ohci) -- C:\Windows\System32\drivers\1394ohci.sys (Microsoft Corporation)
DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)
DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)
DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation)
DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)
DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)
DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation)
DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)
DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)
DRV - (netw5v32) Intel® -- C:\Windows\System32\drivers\netw5v32.sys (Intel Corporation)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)
DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avfwot) -- C:\Windows\System32\drivers\avfwot.sys (Avira GmbH)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (cpuz132) -- C:\Windows\System32\drivers\cpuz132_x32.sys (Windows ® Codename Longhorn DDK provider)
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (DgiVecp) -- C:\Windows\System32\drivers\DGIVECP.SYS (Samsung Electronics Co., Ltd.)
DRV - (SSPORT) -- C:\Windows\System32\drivers\SSPORT.SYS (Samsung Electronics)
DRV - (avfwim) -- C:\Windows\System32\drivers\avfwim.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (IDT, Inc.)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (hotcore3) -- C:\Windows\system32\drivers\hotcore3.sys (Paragon Software Group)
DRV - (SCDEmu) -- C:\Windows\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV - (OEM02Dev) -- C:\Windows\System32\drivers\OEM02Dev.sys (Creative Technology Ltd.)
DRV - (ElbyCDIO) -- C:\Windows\System32\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (OEM02Vfx) -- C:\Windows\System32\drivers\OEM02Vfx.sys (EyePower Games Pte. Ltd.)
DRV - (ElbyDelay) -- C:\Windows\System32\drivers\ElbyDelay.sys (Elaborate Bytes AG)
DRV - (btwaudio) -- C:\Windows\System32\drivers\btwaudio.sys (Broadcom Corporation.)
DRV - (btwrchid) -- C:\Windows\System32\drivers\btwrchid.sys (Broadcom Corporation.)
DRV - (btwavdt) -- C:\Windows\System32\drivers\btwavdt.sys (Broadcom Corporation.)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Wikipedia (de)"
FF - prefs.js..browser.startup.homepage: "http://www.google.de/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {987311C6-B504-4aa2-90BF-60CC49808D42}:2.2
FF - prefs.js..extensions.enabledItems: {1280606b-2510-4fe0-97ef-9b5a22eafe41}:1.0.9
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.2.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.95.20100933
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.10
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.90
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.12.14 17:23:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.12.14 17:23:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.12.13 19:44:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

[2010.12.13 19:45:31 | 000,000,000 | ---D | M] -- C:\Users\gray\AppData\Roaming\mozilla\Extensions
[2010.12.13 19:45:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gray\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.01.25 20:45:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gray\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010.12.25 21:17:41 | 000,000,000 | ---D | M] -- C:\Users\gray\AppData\Roaming\mozilla\Firefox\Profiles\ovfcuw9y.default\extensions
[2010.01.25 20:56:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gray\AppData\Roaming\mozilla\Firefox\Profiles\ovfcuw9y.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe41}
[2010.12.24 13:37:23 | 000,000,000 | ---D | M] (FlashGot) -- C:\Users\gray\AppData\Roaming\mozilla\Firefox\Profiles\ovfcuw9y.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2010.04.27 22:35:08 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\gray\AppData\Roaming\mozilla\Firefox\Profiles\ovfcuw9y.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.01.25 20:56:22 | 000,000,000 | ---D | M] (IE Tab) -- C:\Users\gray\AppData\Roaming\mozilla\Firefox\Profiles\ovfcuw9y.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2010.01.25 20:56:22 | 000,000,000 | ---D | M] (BugMeNot) -- C:\Users\gray\AppData\Roaming\mozilla\Firefox\Profiles\ovfcuw9y.default\extensions\{987311C6-B504-4aa2-90BF-60CC49808D42}
[2010.12.24 13:37:24 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\gray\AppData\Roaming\mozilla\Firefox\Profiles\ovfcuw9y.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.05.30 21:42:16 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\gray\AppData\Roaming\mozilla\Firefox\Profiles\ovfcuw9y.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2010.09.09 11:39:37 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Users\gray\AppData\Roaming\mozilla\Firefox\Profiles\ovfcuw9y.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010.04.09 12:17:51 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\gray\AppData\Roaming\mozilla\Firefox\Profiles\ovfcuw9y.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010.11.30 09:40:45 | 000,000,000 | ---D | M] -- C:\Users\gray\AppData\Roaming\mozilla\Firefox\Profiles\ovfcuw9y.default\extensions\[email protected]
[2008.08.25 22:05:20 | 000,000,523 | ---- | M] () -- C:\Users\gray\AppData\Roaming\Mozilla\FireFox\Profiles\ovfcuw9y.default\searchplugins\daemon-search.xml
[2010.05.13 20:52:16 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.12.14 17:23:10 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010.05.13 20:52:17 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.03.25 16:12:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2010.12.14 17:23:07 | 000,025,048 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\browserdirprovider.dll
[2010.12.14 17:23:07 | 000,140,248 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\brwsrcmp.dll
[2008.02.07 21:46:38 | 000,013,624 | ---- | M] (Citrix Systems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\cgpcfg.dll
[2008.02.07 21:46:12 | 000,087,360 | ---- | M] (Citrix Systems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\CgpCore.dll
[2008.02.07 21:46:20 | 000,091,448 | ---- | M] () -- C:\Programme\Mozilla Firefox\plugins\confmgr.dll
[2006.06.15 20:33:58 | 000,233,472 | ---- | M] (C3D) -- C:\Programme\Mozilla Firefox\plugins\CrazyTalk4Native.dll
[2006.05.25 18:43:32 | 000,204,895 | ---- | M] (Reallusion Inc.) -- C:\Programme\Mozilla Firefox\plugins\ctdomemhelper.dll
[2005.09.29 14:41:38 | 000,077,824 | ---- | M] (Reallusion Inc.) -- C:\Programme\Mozilla Firefox\plugins\ctframeplayerobject.dll
[2006.06.19 13:10:42 | 000,426,081 | ---- | M] (Reallusion Inc.) -- C:\Programme\Mozilla Firefox\plugins\ctplayerobject.dll
[2008.02.07 21:46:16 | 000,021,824 | ---- | M] () -- C:\Programme\Mozilla Firefox\plugins\ctxlogging.dll
[2008.02.07 21:46:56 | 000,206,136 | ---- | M] (Citrix Systems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\ctxmui.dll
[2008.02.07 21:46:18 | 000,031,544 | ---- | M] (Citrix Systems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\icafile.dll
[2008.02.07 21:46:36 | 000,040,248 | ---- | M] (Citrix Systems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\icalogon.dll
[2005.02.02 12:19:12 | 000,458,752 | ---- | M] (BEXTech) -- C:\Programme\Mozilla Firefox\plugins\imagickrt.dll
[2007.03.16 17:27:00 | 000,479,232 | ---- | M] (Microsoft Corporation) -- C:\Programme\Mozilla Firefox\plugins\msvcm80.dll
[2007.03.16 17:27:00 | 000,548,864 | ---- | M] (Microsoft Corporation) -- C:\Programme\Mozilla Firefox\plugins\msvcp80.dll
[2007.03.16 17:27:00 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Programme\Mozilla Firefox\plugins\msvcr80.dll
[2010.03.25 16:12:01 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeploytk.dll
[2009.11.14 01:47:38 | 000,098,304 | ---- | M] (DivX, Inc) -- C:\Programme\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
[2008.02.07 21:48:26 | 000,419,136 | ---- | M] () -- C:\Programme\Mozilla Firefox\plugins\npicaN.dll
[2009.02.06 12:44:28 | 001,447,296 | ---- | M] (Microsoft Corporation) -- C:\Programme\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
[2010.12.14 17:23:09 | 000,066,520 | ---- | M] (mozilla.org) -- C:\Programme\Mozilla Firefox\plugins\npnul32.dll
[2006.10.26 20:12:16 | 000,016,192 | ---- | M] (Microsoft Corporation) -- C:\Programme\Mozilla Firefox\plugins\NPOFF12.DLL
[2010.11.06 11:37:34 | 000,103,864 | ---- | M] (Adobe Systems Inc.) -- C:\Programme\Mozilla Firefox\plugins\nppdf32.dll
[2010.01.05 19:00:00 | 000,140,864 | ---- | M] (RealNetworks, Inc.) -- C:\Programme\Mozilla Firefox\plugins\nppl3260.dll
[2006.01.03 16:00:40 | 000,069,632 | ---- | M] ( ) -- C:\Programme\Mozilla Firefox\plugins\npRLCT4Player.dll
[2010.01.05 19:00:00 | 000,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Programme\Mozilla Firefox\plugins\nprpjplug.dll
[2010.07.12 17:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npwachk.dll
[2006.04.10 18:35:38 | 000,139,264 | ---- | M] (Reallusion Inc.) -- C:\Programme\Mozilla Firefox\plugins\rlcontentclass.dll
[2005.11.09 11:10:06 | 000,204,800 | ---- | M] () -- C:\Programme\Mozilla Firefox\plugins\RLMusicPacker.dll
[2005.11.09 11:42:52 | 000,106,496 | ---- | M] () -- C:\Programme\Mozilla Firefox\plugins\RLMusicUnpacker.dll
[2006.01.04 11:22:00 | 000,212,992 | ---- | M] () -- C:\Programme\Mozilla Firefox\plugins\RLVoicePacker.dll
[2006.01.04 11:21:44 | 000,167,936 | ---- | M] () -- C:\Programme\Mozilla Firefox\plugins\RLVoiceUnpacker.dll
[2007.07.20 12:47:44 | 000,981,170 | ---- | M] (Citrix Systems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\sslsdk_b.dll
[2008.02.07 21:46:12 | 000,024,384 | ---- | M] (Citrix Systems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\TcpPServ.dll
[2010.07.28 07:34:30 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.07.28 07:34:30 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.07.28 07:34:30 | 000,002,371 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\google.xml
[2010.07.28 07:34:30 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.07.28 07:34:30 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.07.28 07:34:30 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Apoint] C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [NVHotkey] C:\Windows\System32\nvHotkey.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [SAFE2009 File Redirection Starter] C:\Program Files\Steganos Safe 11\fredirstarter.exe (Steganos GmbH)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Programme\SigmaTel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Programme\PPLive\PPLive.exe ( )
O9 - Extra 'Tools' menuitem : PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Programme\PPLive\PPLive.exe ( )
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\System32\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{bbe389b2-09fc-11df-9f7a-001fe2d9960b}\Shell - "" = AutoRun
O33 - MountPoints2\{bbe389b2-09fc-11df-9f7a-001fe2d9960b}\Shell\AutoRun\command - "" = I:\setup.exe -- File not found
O33 - MountPoints2\H\Shell - "" = AutoRun
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.12.25 21:07:35 | 000,000,000 | ---D | C] -- C:\Programme\Trend Micro
[2010.12.25 21:07:25 | 000,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Users\gray\Desktop\HJTInstall.exe
[2010.12.25 21:01:30 | 000,000,000 | ---D | C] -- C:\Users\gray\AppData\Roaming\Malwarebytes
[2010.12.25 21:01:27 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.12.25 21:01:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.12.25 21:01:24 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.12.25 21:01:24 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.12.25 20:54:57 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2010.12.25 20:54:33 | 002,107,888 | ---- | C] (Piriform Ltd) -- C:\Users\gray\Desktop\ccsetup302_slim.exe
[2010.12.25 20:04:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2010.12.25 20:04:05 | 000,311,312 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\8577434.sys
[2010.12.25 20:04:05 | 000,128,016 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\85774341.sys
[2010.12.25 20:04:05 | 000,037,392 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\85774342.sys
[2010.12.25 20:03:51 | 000,000,000 | ---D | C] -- C:\Users\gray\Desktop\7fix
[2010.12.17 13:49:32 | 000,000,000 | ---D | C] -- C:\Users\gray\Desktop\New Politics - New Politics - (2010)
[2010.12.15 21:49:05 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.12.15 21:48:44 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2010.12.15 21:48:44 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2010.12.15 21:48:44 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2010.12.15 21:48:44 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
[2010.12.15 21:48:41 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010.12.15 21:48:40 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010.12.15 21:48:38 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll
[2010.12.15 21:48:37 | 000,101,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2010.12.15 21:48:35 | 002,327,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.12.14 22:29:27 | 000,000,000 | ---D | C] -- C:\Users\gray\Desktop\Twin Shadow - 2010 - Forget [320]
[2010.12.14 21:52:53 | 000,000,000 | ---D | C] -- C:\Users\gray\AppData\Roaming\think-cell
[2010.12.14 17:28:44 | 000,000,000 | ---D | C] -- C:\Programme\think-cell
[2010.12.13 19:44:51 | 000,000,000 | ---D | C] -- C:\Users\gray\AppData\Roaming\Thunderbird
[2010.12.13 19:44:51 | 000,000,000 | ---D | C] -- C:\Users\gray\AppData\Local\Thunderbird
[2010.12.13 19:44:36 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Thunderbird
[2010.12.07 14:42:16 | 000,000,000 | ---D | C] -- C:\Users\gray\Desktop\Fistful Of Mercy - As I Call You Down (2010)
[2010.12.07 10:35:04 | 000,000,000 | ---D | C] -- C:\Users\gray\Documents\KONAMI
[2010.11.26 12:24:12 | 000,000,000 | ---D | C] -- C:\Users\gray\AppData\Local\SKIDROW
[2010.11.26 10:34:13 | 000,000,000 | ---D | C] -- C:\Users\gray\AppData\Local\My Games
[2010.11.26 10:26:53 | 000,000,000 | ---D | C] -- C:\Users\gray\Documents\My Games
[2010.03.21 17:33:01 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\gray\AppData\Roaming\pcouffin.sys
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.12.25 21:07:35 | 000,002,043 | ---- | M] () -- C:\Users\gray\Desktop\HijackThis.lnk
[2010.12.25 21:07:26 | 000,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Users\gray\Desktop\HJTInstall.exe
[2010.12.25 21:04:26 | 000,001,046 | ---- | M] () -- C:\Users\gray\Desktop\WindowsScan.zip
[2010.12.25 20:54:36 | 002,107,888 | ---- | M] (Piriform Ltd) -- C:\Users\gray\Desktop\ccsetup302_slim.exe
[2010.12.25 20:50:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.12.25 20:50:11 | 2817,048,576 | -HS- | M] () -- C:\hiberfil.sys
[2010.12.25 20:47:24 | 000,001,088 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.12.25 20:44:09 | 000,653,928 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.12.25 20:44:09 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.12.25 20:44:09 | 000,129,800 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.12.25 20:44:09 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.12.25 19:51:01 | 000,014,768 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.12.25 19:51:01 | 000,014,768 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.12.25 19:45:00 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2109447471-1612217452-1533662024-1000UA.job
[2010.12.25 19:13:29 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.12.24 23:45:00 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2109447471-1612217452-1533662024-1000Core.job
[2010.12.17 16:50:25 | 000,000,085 | -HS- | M] () -- C:\ProgramData\.zreglib
[2010.12.16 11:24:27 | 000,351,664 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.12.15 16:08:58 | 000,000,494 | ---- | M] () -- C:\Users\gray\Desktop\E.lnk
[2010.12.13 20:07:28 | 000,060,465 | ---- | M] () -- C:\Users\gray\Documents\Ausgabe_concerns.spv
[2010.12.13 16:36:11 | 000,067,117 | ---- | M] () -- C:\Users\gray\Documents\Ausgabe Calls-Bewertung.spv
[2010.12.10 16:45:40 | 000,090,337 | ---- | M] () -- C:\Users\gray\Documents\Ausgabe1.spv
[2010.12.02 11:51:54 | 000,010,752 | ---- | M] () -- C:\Users\gray\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.11.29 20:09:19 | 000,017,408 | ---- | M] () -- C:\Users\gray\AppData\Local\WebpageIcons.db
[2010.11.29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.11.29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.11.26 10:36:23 | 000,010,898 | ---- | M] () -- C:\Users\gray\Documents\R.docx
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.12.25 21:07:35 | 000,002,043 | ---- | C] () -- C:\Users\gray\Desktop\HijackThis.lnk
[2010.12.25 21:04:25 | 000,001,046 | ---- | C] () -- C:\Users\gray\Desktop\WindowsScan.zip
[2010.12.15 16:08:58 | 000,000,494 | ---- | C] () -- C:\Users\gray\Desktop\E.lnk
[2010.12.13 16:36:10 | 000,067,117 | ---- | C] () -- C:\Users\gray\Documents\Ausgabe Calls-Bewertung.spv
[2010.12.10 19:28:06 | 000,060,465 | ---- | C] () -- C:\Users\gray\Documents\Ausgabe_concerns.spv
[2010.12.10 16:45:40 | 000,090,337 | ---- | C] () -- C:\Users\gray\Documents\Ausgabe1.spv
[2010.11.18 15:34:47 | 000,001,024 | ---- | C] () -- C:\Windows\System32\grcauth2.dll
[2010.11.18 15:34:47 | 000,001,024 | ---- | C] () -- C:\Windows\System32\grcauth1.dll
[2010.11.18 15:34:47 | 000,000,100 | ---- | C] () -- C:\Windows\System32\prsgrc.dll
[2010.11.18 15:32:24 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll
[2010.11.18 15:32:24 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll
[2010.10.23 13:51:19 | 000,129,024 | ---- | C] () -- C:\Windows\System32\AVERM.dll
[2010.10.23 13:51:19 | 000,028,672 | ---- | C] () -- C:\Windows\System32\AVEQT.dll
[2010.08.26 08:35:52 | 000,007,597 | ---- | C] () -- C:\Users\gray\AppData\Local\Resmon.ResmonCfg
[2010.05.21 22:40:56 | 000,000,028 | ---- | C] () -- C:\Windows\v2d.INI
[2010.05.13 20:54:38 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.03.30 17:35:06 | 000,000,071 | ---- | C] () -- C:\Windows\System32\ap_i2p.ini
[2010.03.21 18:16:10 | 000,034,308 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll
[2010.03.21 17:41:11 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010.03.21 17:33:21 | 000,000,014 | ---- | C] () -- C:\Windows\System32\systeminfo3.dll
[2010.03.21 17:33:16 | 000,000,033 | ---- | C] () -- C:\Users\gray\AppData\Roaming\pcouffin.log
[2010.03.21 17:33:01 | 000,087,608 | ---- | C] () -- C:\Users\gray\AppData\Roaming\inst.exe
[2010.03.21 17:33:01 | 000,007,887 | ---- | C] () -- C:\Users\gray\AppData\Roaming\pcouffin.cat
[2010.03.21 17:33:01 | 000,001,144 | ---- | C] () -- C:\Users\gray\AppData\Roaming\pcouffin.inf
[2010.03.10 12:21:36 | 000,010,752 | ---- | C] () -- C:\Users\gray\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.02.24 23:35:09 | 000,017,408 | ---- | C] () -- C:\Users\gray\AppData\Local\WebpageIcons.db
[2010.02.05 13:18:45 | 000,000,432 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010.01.30 20:39:56 | 004,244,744 | ---- | C] () -- C:\Windows\System32\qtp-mt334.dll
[2010.01.30 20:39:56 | 000,247,560 | ---- | C] () -- C:\Windows\System32\prgiso.dll
[2010.01.30 20:39:56 | 000,013,576 | ---- | C] () -- C:\Windows\System32\wnaspi32.dll
[2010.01.30 20:35:16 | 000,000,000 | ---- | C] () -- C:\Users\gray\AppData\Roaming\downloads.m3u
[2010.01.30 20:17:53 | 000,000,190 | ---- | C] () -- C:\Users\gray\AppData\Roaming\default.rss
[2010.01.30 14:44:22 | 000,000,248 | ---- | C] () -- C:\ProgramData\nvUnsupRes.dat
[2010.01.27 21:22:44 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010.01.27 21:22:43 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010.01.27 21:22:43 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010.01.27 21:22:42 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2010.01.27 21:22:40 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010.01.25 22:34:32 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010.01.25 21:18:21 | 000,074,703 | ---- | C] () -- C:\Windows\System32\mfc45.dll
[2009.09.28 09:22:00 | 000,315,392 | ---- | C] () -- C:\Windows\System32\drivers\yk62x86.sys
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2007.08.16 05:23:28 | 000,040,960 | ---- | C] () -- C:\Windows\System32\gpyapi.dll
[2006.11.03 17:25:56 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2006.09.13 12:06:10 | 000,045,056 | ---- | C] () -- C:\Windows\System32\gtapi.dll
[2001.11.14 12:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll

========== LOP Check ==========

[2010.01.27 17:05:40 | 000,000,000 | ---D | M] -- C:\Users\gray\AppData\Roaming\CheckPoint
[2010.03.10 17:05:33 | 000,000,000 | ---D | M] -- C:\Users\gray\AppData\Roaming\Citrix
[2010.01.25 23:33:25 | 000,000,000 | ---D | M] -- C:\Users\gray\AppData\Roaming\DAEMON Tools Lite
[2010.02.01 22:56:10 | 000,000,000 | ---D | M] -- C:\Users\gray\AppData\Roaming\Duden
[2010.07.22 17:27:15 | 000,000,000 | ---D | M] -- C:\Users\gray\AppData\Roaming\gtk-2.0
[2010.03.10 16:21:39 | 000,000,000 | ---D | M] -- C:\Users\gray\AppData\Roaming\ICAClient
[2010.12.25 16:40:38 | 000,000,000 | ---D | M] -- C:\Users\gray\AppData\Roaming\ICQ
[2010.01.25 21:18:19 | 000,000,000 | ---D | M] -- C:\Users\gray\AppData\Roaming\iolo
[2010.07.22 18:12:03 | 000,000,000 | ---D | M] -- C:\Users\gray\AppData\Roaming\IrfanView
[2010.01.28 21:31:25 | 000,000,000 | ---D | M] -- C:\Users\gray\AppData\Roaming\KoshyJohn.com
[2010.03.31 17:58:41 | 000,000,000 | ---D | M] -- C:\Users\gray\AppData\Roaming\LibrariIcon
[2010.05.20 00:26:01 | 000,000,000 | ---D | M] -- C:\Users\gray\AppData\Roaming\Steganos
[2010.01.30 19:29:25 | 000,000,000 | ---D | M] -- C:\Users\gray\AppData\Roaming\StreamTorrent
[2010.12.14 21:52:53 | 000,000,000 | ---D | M] -- C:\Users\gray\AppData\Roaming\think-cell
[2010.12.13 19:45:31 | 000,000,000 | ---D | M] -- C:\Users\gray\AppData\Roaming\Thunderbird
[2010.01.27 08:08:35 | 000,000,000 | ---D | M] -- C:\Users\gray\AppData\Roaming\TuneUp Software
[2010.12.25 19:25:13 | 000,000,000 | ---D | M] -- C:\Users\gray\AppData\Roaming\uTorrent
[2010.03.21 17:36:08 | 000,000,000 | ---D | M] -- C:\Users\gray\AppData\Roaming\Vso
[2010.10.26 18:06:20 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2010.12.25 19:04:05 | 1473,765,417 | ---- | M] ()(C:\Users\gray\Desktop\Buried.2010.?DRip.720p.mkv) -- C:\Users\gray\Desktop\Buried.2010.ВDRip.720p.mkv
[2010.12.25 16:54:58 | 000,000,000 | ---D | M](C:\Users\gray\Desktop\?????????? ??????????.???????????) -- C:\Users\gray\Desktop\Новогоднее настроение.Киноконцерт
[2010.12.25 16:54:48 | 000,000,000 | ---D | C](C:\Users\gray\Desktop\?????????? ??????????.???????????) -- C:\Users\gray\Desktop\Новогоднее настроение.Киноконцерт
[2010.12.25 16:50:30 | 1473,765,417 | ---- | C] ()(C:\Users\gray\Desktop\Buried.2010.?DRip.720p.mkv) -- C:\Users\gray\Desktop\Buried.2010.ВDRip.720p.mkv
[2010.12.23 22:21:37 | 000,000,000 | ---D | M](C:\Users\gray\Desktop\??-2 ? ????????????? ??????? ??? ?????? (2 CD) 2010 (MP3)) -- C:\Users\gray\Desktop\БИ-2 и Симфонический Оркестр МВД России (2 CD) 2010 (MP3)
[2010.12.23 22:21:34 | 000,000,000 | ---D | C](C:\Users\gray\Desktop\??-2 ? ????????????? ??????? ??? ?????? (2 CD) 2010 (MP3)) -- C:\Users\gray\Desktop\БИ-2 и Симфонический Оркестр МВД России (2 CD) 2010 (MP3)
[2010.12.16 01:07:34 | 000,000,000 | ---D | M](C:\Users\gray\Desktop\2010 - ?-????? - ????? ? ?????? [MP3]) -- C:\Users\gray\Desktop\2010 - Ю-Питер - Цветы и Тернии [MP3]
[2010.12.16 01:07:29 | 000,000,000 | ---D | C](C:\Users\gray\Desktop\2010 - ?-????? - ????? ? ?????? [MP3]) -- C:\Users\gray\Desktop\2010 - Ю-Питер - Цветы и Тернии [MP3]
[2010.12.07 11:47:27 | 000,000,000 | ---D | M](C:\Users\gray\Desktop\Dire Straits - ??????????? + ?????? ???????) -- C:\Users\gray\Desktop\Dire Straits - Дискография + Редкие Бутлеги
[2010.12.07 11:47:27 | 000,000,000 | ---D | C](C:\Users\gray\Desktop\Dire Straits - ??????????? + ?????? ???????) -- C:\Users\gray\Desktop\Dire Straits - Дискография + Редкие Бутлеги

========== Alternate Data Streams ==========

@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:63238B95

< End of report >
  • 0

Advertisements

#2
gray36
Posted 26 December 2010 - 06:36 AM

gray36

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
Still the same problem, any guesses? Here is the MBR report:

MBRCheck, version 1.2.3
© 2010, AD

Command-line:
Windows Version: Windows 7 Professional
Windows Information: (build 7600), 32-bit
Base Board Manufacturer: Dell Inc.
BIOS Manufacturer: Dell Inc.
System Manufacturer: Dell Inc.
System Product Name: XPS M1530
Logical Drives Mask: 0x0000013c

Kernel Drivers (total 231):
0x83447000 \SystemRoot\system32\ntkrnlpa.exe
0x83410000 \SystemRoot\system32\halmacpi.dll
0x80BC5000 \SystemRoot\system32\kdcom.dll
0x83A29000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x83AA1000 \SystemRoot\system32\PSHED.dll
0x83AB2000 \SystemRoot\system32\BOOTVID.dll
0x83ABA000 \SystemRoot\system32\CLFS.SYS
0x83AFC000 \SystemRoot\system32\CI.dll
0x8CC32000 \SystemRoot\system32\drivers\Wdf01000.sys
0x8CCA3000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x8CCB1000 \SystemRoot\System32\Drivers\spap.sys
0x8CDA4000 \SystemRoot\System32\Drivers\WMILIB.SYS
0x8CDAD000 \SystemRoot\System32\Drivers\SCSIPORT.SYS
0x83BA7000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x8CDD3000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x8CDDB000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x8CC00000 \SystemRoot\system32\DRIVERS\pci.sys
0x8CDE6000 \SystemRoot\System32\drivers\partmgr.sys
0x8CDF7000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x83BEF000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x83A00000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x8CE0A000 \SystemRoot\System32\drivers\volmgrx.sys
0x8CE55000 \SystemRoot\system32\DRIVERS\intelide.sys
0x8CE5C000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x8CE6A000 \SystemRoot\system32\drivers\hotcore3.sys
0x8CE6F000 \SystemRoot\System32\drivers\mountmgr.sys
0x8CE85000 \SystemRoot\system32\DRIVERS\atapi.sys
0x8CE8E000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x8CEB1000 \SystemRoot\system32\DRIVERS\msahci.sys
0x8CEBB000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x8CEC4000 \SystemRoot\system32\drivers\fltmgr.sys
0x8CEF8000 \SystemRoot\system32\drivers\fileinfo.sys
0x8D02C000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8D15B000 \SystemRoot\System32\Drivers\msrpc.sys
0x8D186000 \SystemRoot\System32\Drivers\ksecdd.sys
0x8D199000 \SystemRoot\System32\Drivers\cng.sys
0x8D000000 \SystemRoot\System32\drivers\pcw.sys
0x8D00E000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x8CF09000 \SystemRoot\system32\drivers\ndis.sys
0x8CFC0000 \SystemRoot\system32\drivers\NETIO.SYS
0x8D215000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x8D23A000 \SystemRoot\System32\drivers\tcpip.sys
0x8D383000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x8D3B4000 \SystemRoot\system32\DRIVERS\vmstorfl.sys
0x8D3BD000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x8D200000 \SystemRoot\System32\Drivers\spldr.sys
0x8D41B000 \SystemRoot\System32\drivers\rdyboost.sys
0x8D448000 \SystemRoot\System32\Drivers\mup.sys
0x8D458000 \SystemRoot\System32\drivers\hwpolicy.sys
0x8D460000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x8D492000 \SystemRoot\system32\DRIVERS\disk.sys
0x8D4A3000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x8D4C8000 \SystemRoot\system32\DRIVERS\85774342.sys
0x8D508000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x8D527000 \SystemRoot\system32\DRIVERS\8577434.sys
0x8D577000 \SystemRoot\System32\Drivers\Null.SYS
0x8D57E000 \SystemRoot\System32\Drivers\Beep.SYS
0x8D585000 \SystemRoot\System32\drivers\vga.sys
0x8D591000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x8D5B2000 \SystemRoot\System32\drivers\watchdog.sys
0x8D5BF000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x8D5C7000 \SystemRoot\system32\drivers\rdpencdd.sys
0x8D5CF000 \SystemRoot\system32\drivers\rdprefmp.sys
0x8D5D7000 \SystemRoot\System32\Drivers\Msfs.SYS
0x8D5E2000 \SystemRoot\System32\Drivers\Npfs.SYS
0x8D400000 \SystemRoot\system32\DRIVERS\tdx.sys
0x8D5F0000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x83A10000 \SystemRoot\system32\DRIVERS\avfwot.sys
0x91E0A000 \SystemRoot\system32\drivers\afd.sys
0x91E64000 \SystemRoot\System32\DRIVERS\netbt.sys
0x91E96000 \SystemRoot\system32\DRIVERS\vsdatant.sys
0x91F1D000 \SystemRoot\system32\drivers\ws2ifsl.sys
0x91F26000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x91F2D000 \SystemRoot\system32\DRIVERS\pacer.sys
0x91F4C000 \SystemRoot\system32\DRIVERS\vpcnfltr.sys
0x91F5C000 \SystemRoot\system32\DRIVERS\netbios.sys
0x91F6A000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x91F7D000 \SystemRoot\system32\drivers\vpcvmm.sys
0x91FC4000 \SystemRoot\system32\DRIVERS\termdd.sys
0x91FD4000 \SystemRoot\system32\DRIVERS\ssmdrv.sys
0x91FDA000 \??\C:\Windows\system32\drivers\Sleen17.sys
0x91FF0000 \SystemRoot\System32\Drivers\SCDEmu.SYS
0x92228000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x92269000 \SystemRoot\system32\drivers\nsiproxy.sys
0x92273000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x9227D000 \SystemRoot\System32\Drivers\ElbyCDIO.sys
0x92282000 \SystemRoot\System32\drivers\discache.sys
0x9228E000 \SystemRoot\system32\drivers\csc.sys
0x922F2000 \SystemRoot\System32\Drivers\dfsc.sys
0x9230A000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x92318000 \SystemRoot\system32\DRIVERS\avipbb.sys
0x92334000 \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys
0x92A07000 \SystemRoot\system32\DRIVERS\85774341.sys
0x92F48000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x93408000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x93F02000 \SystemRoot\system32\DRIVERS\nvBridge.kmd
0x93F04000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x93FBB000 \SystemRoot\System32\drivers\dxgmms1.sys
0x93FF4000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x92F5A000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x92FA5000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x92FB4000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x92336000 \SystemRoot\system32\DRIVERS\yk62x86.sys
0x96234000 \SystemRoot\system32\DRIVERS\netw5v32.sys
0x96647000 \SystemRoot\system32\DRIVERS\1394ohci.sys
0x96673000 \SystemRoot\system32\DRIVERS\sdbus.sys
0x9668C000 \SystemRoot\system32\DRIVERS\rimmptsk.sys
0x9669D000 \SystemRoot\system32\DRIVERS\rimsptsk.sys
0x966B1000 \SystemRoot\system32\DRIVERS\rixdptsk.sys
0x96703000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x9671B000 \SystemRoot\system32\DRIVERS\Apfiltr.sys
0x96750000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x9675D000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x9676A000 \SystemRoot\System32\Drivers\ElbyDelay.sys
0x9676C000 \SystemRoot\System32\Drivers\astos0l3.SYS
0x967A5000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x967A9000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x967B2000 \SystemRoot\system32\DRIVERS\avfwim.sys
0x967C3000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x967D0000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x967E2000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x96200000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x9620B000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x92FD3000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x92387000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x9239E000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x92FEB000 \SystemRoot\system32\DRIVERS\rdpbus.sys
0x9622D000 \SystemRoot\system32\DRIVERS\swenum.sys
0x923B5000 \SystemRoot\system32\DRIVERS\ks.sys
0x923E9000 \SystemRoot\system32\DRIVERS\umbus.sys
0x92200000 \SystemRoot\system32\DRIVERS\vpcusb.sys
0x92218000 \SystemRoot\system32\DRIVERS\usbrpm.sys
0x9622F000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x96837000 \SystemRoot\system32\DRIVERS\vpchbus.sys
0x9686D000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x968B1000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x968C2000 \SystemRoot\system32\drivers\stwrt.sys
0x96917000 \SystemRoot\system32\drivers\portcls.sys
0x96946000 \SystemRoot\system32\drivers\drmk.sys
0x96989000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x969A0000 \SystemRoot\system32\DRIVERS\OEM02Dev.sys
0x969DA000 \SystemRoot\system32\DRIVERS\OEM02Vfx.sys
0x82560000 \SystemRoot\System32\win32k.sys
0x969DC000 \SystemRoot\System32\drivers\Dxapi.sys
0x969E6000 \SystemRoot\System32\Drivers\crashdmp.sys
0x969F3000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x96800000 \SystemRoot\System32\Drivers\dump_msahci.sys
0x9680A000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x9681B000 \SystemRoot\System32\Drivers\BTHUSB.sys
0x82C0E000 \SystemRoot\System32\Drivers\bthport.sys
0x82C72000 \SystemRoot\system32\DRIVERS\rfcomm.sys
0x82C96000 \SystemRoot\system32\DRIVERS\BthEnum.sys
0x82CA3000 \SystemRoot\system32\DRIVERS\bthpan.sys
0x82CBE000 \SystemRoot\system32\DRIVERS\bthmodem.sys
0x82CD0000 \SystemRoot\system32\drivers\modem.sys
0x82CDD000 \SystemRoot\system32\DRIVERS\btwavdt.sys
0x82D43000 \SystemRoot\system32\drivers\btwaudio.sys
0x82DBE000 \SystemRoot\system32\DRIVERS\btwrchid.sys
0x82DC1000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x82DD4000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x82DDB000 \SystemRoot\system32\DRIVERS\monitor.sys
0x82DE6000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x82DF1000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x82C00000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x827C0000 \SystemRoot\System32\TSDDD.dll
0x82400000 \SystemRoot\System32\cdd.dll
0x9695F000 \SystemRoot\system32\drivers\luafv.sys
0x92F27000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0x8D4D5000 \SystemRoot\system32\drivers\WudfPf.sys
0x9697A000 \SystemRoot\system32\DRIVERS\WinUSB.sys
0x9DE39000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
0x9DE5A000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x9DE6A000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x9DEB0000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x9DEC0000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x9DED3000 \SystemRoot\system32\drivers\HTTP.sys
0x9DF58000 \SystemRoot\system32\DRIVERS\bowser.sys
0x9DF71000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x9DF94000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x9DFCF000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x9DE18000 \??\C:\Windows\system32\drivers\cpuz132_x32.sys
0xA382A000 \SystemRoot\system32\drivers\peauth.sys
0xA38C1000 \SystemRoot\System32\Drivers\secdrv.SYS
0xA38CB000 \SystemRoot\System32\DRIVERS\srvnet.sys
0xA38EC000 \??\C:\Windows\system32\Drivers\SSPORT.sys
0xA38F3000 \SystemRoot\System32\drivers\tcpipreg.sys
0xA3900000 \SystemRoot\System32\DRIVERS\srv2.sys
0xA394F000 \SystemRoot\System32\DRIVERS\srv.sys
0xA39A0000 \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys
0xA39A1000 \SystemRoot\System32\Drivers\fastfat.SYS
0xB969D000 \SystemRoot\system32\DRIVERS\asyncmac.sys
0x771E0000 \Windows\System32\ntdll.dll
0x47BC0000 \Windows\System32\smss.exe
0x77420000 \Windows\System32\apisetschema.dll
0x00510000 \Windows\System32\autochk.exe
0x10000000 \Program Files\DAEMON Tools Lite\Engine.dll
0x77370000 \Windows\System32\advapi32.dll
0x77180000 \Windows\System32\shlwapi.dll
0x77350000 \Windows\System32\sechost.dll
0x77340000 \Windows\System32\psapi.dll
0x770B0000 \Windows\System32\msctf.dll
0x76F50000 \Windows\System32\ole32.dll
0x76EA0000 \Windows\System32\msvcrt.dll
0x76D00000 \Windows\System32\setupapi.dll
0x76CA0000 \Windows\System32\difxapi.dll
0x76C60000 \Windows\System32\ws2_32.dll
0x76A60000 \Windows\System32\iertutil.dll
0x77320000 \Windows\System32\imm32.dll
0x769C0000 \Windows\System32\usp10.dll
0x76880000 \Windows\System32\urlmon.dll
0x76830000 \Windows\System32\Wldap32.dll
0x76750000 \Windows\System32\kernel32.dll
0x76740000 \Windows\System32\lpk.dll
0x766F0000 \Windows\System32\gdi32.dll
0x76660000 \Windows\System32\oleaut32.dll
0x765E0000 \Windows\System32\comdlg32.dll
0x765D0000 \Windows\System32\nsi.dll
0x764D0000 \Windows\System32\wininet.dll
0x76440000 \Windows\System32\clbcatq.dll
0x76370000 \Windows\System32\user32.dll
0x75720000 \Windows\System32\shell32.dll
0x75710000 \Windows\System32\normaliz.dll
0x75660000 \Windows\System32\rpcrt4.dll
0x75630000 \Windows\System32\imagehlp.dll
0x755E0000 \Windows\System32\KernelBase.dll
0x75550000 \Windows\System32\comctl32.dll
0x75520000 \Windows\System32\cfgmgr32.dll
0x754F0000 \Windows\System32\wintrust.dll
0x754D0000 \Windows\System32\devobj.dll
0x753B0000 \Windows\System32\crypt32.dll
0x753A0000 \Windows\System32\msasn1.dll

Processes (total 64):
0 System Idle Process
4 System
300 C:\Windows\System32\smss.exe
436 csrss.exe
496 C:\Windows\System32\wininit.exe
508 csrss.exe
552 C:\Windows\System32\services.exe
568 C:\Windows\System32\lsass.exe
576 C:\Windows\System32\lsm.exe
680 C:\Windows\System32\svchost.exe
764 C:\Windows\System32\nvvsvc.exe
804 C:\Windows\System32\svchost.exe
864 C:\Windows\System32\svchost.exe
896 C:\Windows\System32\svchost.exe
936 C:\Windows\System32\svchost.exe
1000 C:\Windows\System32\winlogon.exe
1164 C:\Windows\System32\svchost.exe
1288 C:\Windows\System32\nvvsvc.exe
1348 WUDFHost.exe
1408 C:\Windows\System32\svchost.exe
1464 C:\Windows\System32\ZoneLabs\vsmon.exe
1620 C:\Windows\System32\dwm.exe
1876 C:\Windows\System32\taskhost.exe
1916 C:\Windows\System32\spoolsv.exe
2036 C:\Program Files\Avira\AntiVir Desktop\sched.exe
216 C:\Windows\System32\svchost.exe
1448 C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_24288096a5cd99f6\AEstSrv.exe
1592 C:\Program Files\Avira\AntiVir Desktop\avguard.exe
1936 C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_24288096a5cd99f6\stacsv.exe
620 C:\Windows\System32\svchost.exe
1656 C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
2108 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
2124 C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
2388 C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
2408 C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
2476 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
2592 C:\Windows\System32\SearchIndexer.exe
2660 C:\Windows\System32\svchost.exe
2688 C:\Windows\System32\svchost.exe
2928 C:\Windows\System32\svchost.exe
3116 C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
3124 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
3136 C:\Program Files\Steganos Safe 11\fredirstarter.exe
3144 C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
3204 C:\Program Files\DellTPad\Apoint.exe
3296 C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
3480 C:\Program Files\DellTPad\ApMsgFwd.exe
3568 C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
3608 C:\Program Files\DellTPad\hidfind.exe
3656 C:\Program Files\DellTPad\ApntEx.exe
3696 C:\Windows\System32\conhost.exe
3912 C:\Windows\System32\SearchProtocolHost.exe
2800 C:\Program Files\Windows Media Player\wmpnetwk.exe
3440 C:\Program Files\Avira\AntiVir Desktop\avscan.exe
2812 C:\Program Files\Avira\AntiVir Desktop\avscan.exe
4072 C:\Windows\System32\svchost.exe
3528 C:\Program Files\Windows Media Player\wmpnscfg.exe
3352 C:\Windows\System32\taskmgr.exe
3420 C:\Windows\System32\svchost.exe
3504 C:\Windows\explorer.exe
1520 C:\Windows\System32\svchost.exe
2700 C:\Users\gray\Desktop\7fix\MBRCheck.exe
1336 C:\Windows\System32\conhost.exe
3072 C:\Windows\System32\SearchFilterHost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000005`ccc1d600 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000033`7006d400 (NTFS)
\\.\E: --> \\.\PhysicalDrive0 at offset 0x00000000`07e00000 (NTFS)

PhysicalDrive0 Model Number: HitachiHTS543232L9A300, Rev: FB4OC40C

Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 Windows Vista MBR code detected
SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979


Done!
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP