Ein kritischer Fehler ist aufgetreten, Windows wird in einer Minute neu gestartet
Hallo, und auch ich habe dieses Problem, ich habe nun wie beim Kollegen vom 16.8 alle Log Dateien erstellt, in der Hoffnung, dass mir auch weitergeholfen werden kann. Nochmal die kurzfassung, habe mir wohl nen Trojaner eingefangen, es kam immer die Meldung der PC sei infiziert, egal was ich geöffnet habe. Antimalware Doctor etc waren auf dem PC... ich hoffe dass diese nun weg sind. Naja und Wie wohl schon bekannt, sobald der Lan Stecker drin ist kommt die oben genannte Meldung und der PC startet neu. Bitte um eure Hilfe. Vielen Dank
HijackThis Code:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:02:59, on 29.08.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\G Data\AntiVirus\AVKTray\AVKTray.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Users\fudgi\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Orbitdownloader\orbitdm.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\Orbitdownloader\orbitnet.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\NOTEPAD.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:6522
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: C:\Windows\system32\g3rbzl2.dll - {B1BA40A2-75F2-51BD-F413-04B13A2C8953} - C:\Windows\system32\g3rbzl2.dll (file missing)
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
O3 - Toolbar: G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G Data\AntiVirus\WebFilter\AvkWebIE.dll
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [G Data AntiVirus Tray Application] C:\Program Files\G Data\AntiVirus\AVKTray\AVKTray.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\fudgi\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Users\fudgi\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKLM\..\Policies\Explorer\Run: [2nvtu0] C:\Users\fudgi\AppData\Local\Temp\ui15cr.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe
O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - C:\Program Files\G Data\AntiVirus\AVK\AVKService.exe
O23 - Service: G Data Dateisystem Wächter (AVKWCtl) - G Data Software AG - C:\Program Files\G Data\AntiVirus\AVK\AVKWCtl.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\Windows\system32\brsvc01a.exe
O23 - Service: DirMngr - Unknown owner - C:\Program Files\GNU\GnuPG\dirmngr.exe
O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files\Common Files\G Data\GDScan\GDScan.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
--
End of file - 6900 bytes
OTL Log Code:
OTL logfile created on: 29.08.2010 12:07:57 - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\fudgi\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 66,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 73,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 24,31 Gb Total Space | 2,61 Gb Free Space | 10,74% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 69,77 Gb Total Space | 8,47 Gb Free Space | 12,14% Space Free | Partition Type: NTFS
Drive F: | 56,53 Gb Total Space | 9,03 Gb Free Space | 15,97% Space Free | Partition Type: NTFS
Drive G: | 22,75 Gb Total Space | 0,70 Gb Free Space | 3,10% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
Drive I: | 1,86 Gb Total Space | 1,16 Gb Free Space | 62,39% Space Free | Partition Type: FAT
Drive Z: | 441,34 Gb Total Space | 133,37 Gb Free Space | 30,22% Space Free | Partition Type: NTFS
Computer Name: FUDGI-PC
Current User Name: fudgi
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Users\fudgi\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\TortoiseSVN\bin\TSVNCache.exe (hxxp://tortoisesvn.net)
PRC - C:\Programme\Orbitdownloader\orbitdm.exe (Orbitdownloader.com)
PRC - C:\Programme\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG)
PRC - C:\Programme\GNU\GnuPG\dirmngr.exe ()
PRC - C:\Programme\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG)
PRC - C:\Programme\G Data\AntiVirus\AVKTray\AVKTray.exe (G Data Software AG)
PRC - C:\Programme\G Data\AntiVirus\AVK\AVKService.exe (G Data Software AG)
PRC - C:\Programme\G Data\AntiVirus\AVK\AVKWCtl.exe (G Data Software AG)
PRC - C:\Programme\Brother\ControlCenter3\BrccMCtl.exe (Brother Industries, Ltd.)
PRC - C:\Programme\Foxit Software\Foxit Reader\Foxit Reader.exe ()
PRC - C:\Programme\Orbitdownloader\orbitnet.exe (Orbitdownloader.com)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Windows\System32\brss01a.exe (brother Industries Ltd)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Programme\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
PRC - C:\Programme\Brother\Brmfcmon\BrMfcMon.exe (Brother Industries, Ltd.)
PRC - C:\Users\fudgi\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (Octoshape ApS)
PRC - C:\Windows\System32\brsvc01a.exe (brother Industries Ltd)
========== Modules (SafeList) ==========
MOD - C:\Users\fudgi\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)
MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation)
MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (GDScan) -- C:\Program Files\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG)
SRV - (DirMngr) -- C:\Program Files\GNU\GnuPG\dirmngr.exe ()
SRV - (AVKProxy) -- C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG)
SRV - (AVKService) -- C:\Programme\G Data\AntiVirus\AVK\AVKService.exe (G Data Software AG)
SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (AVKWCtl) -- C:\Programme\G Data\AntiVirus\AVK\AVKWCtl.exe (G Data Software AG)
SRV - (osppsvc) -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)
SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)
SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)
SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)
SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)
SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)
SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)
SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
SRV - (AxInstSV) ActiveX-Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)
SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)
SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
SRV - (Brother XP spl Service) -- C:\Windows\System32\brsvc01a.exe (brother Industries Ltd)
========== Driver Services (SafeList) ==========
DRV - (ALSysIO) -- C:\Users\fudgi\AppData\Local\Temp\ALSysIO.sys File not found
DRV - (GRD) -- C:\Windows\System32\drivers\GRD.sys (G Data Software)
DRV - (HookCentre) -- C:\Windows\System32\drivers\HookCentre.sys (G Data Software AG)
DRV - (GDMnIcpt) -- C:\Windows\System32\drivers\MiniIcpt.sys (G Data Software AG)
DRV - (GDBehave) -- C:\Windows\system32\drivers\GDBehave.sys (G Data Software AG)
DRV - (gdwfpcd) -- C:\Windows\System32\drivers\gdwfpcd32.sys (G DATA Software AG)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)
DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)
DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)
DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)
DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)
DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)
DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)
DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)
DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)
DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)
DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)
DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)
DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)
DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)
DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)
DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)
DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)
DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)
DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)
DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)
DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation)
DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation)
DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)
DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)
DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)
DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)
DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)
DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)
DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)
DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)
DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)
DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)
DRV - (rdpbus) -- C:\Windows\System32\drivers\rdpbus.sys (Microsoft Corporation)
DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)
DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)
DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)
DRV - (1394ohci) -- C:\Windows\System32\drivers\1394ohci.sys (Microsoft Corporation)
DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)
DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)
DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation)
DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)
DRV - (HidBatt) -- C:\Windows\system32\DRIVERS\HidBatt.sys (Microsoft Corporation)
DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)
DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation)
DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)
DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm62x32.sys (NVIDIA Corporation)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)
DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys ()
DRV - (AsIO) -- C:\Windows\System32\drivers\AsIO.sys ()
DRV - (speedfan) -- C:\Windows\system32\speedfan.sys (Windows (R) 2000 DDK provider)
DRV - (giveio) -- C:\Windows\system32\giveio.sys ()
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-344238117-2985730186-2944176282-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-344238117-2985730186-2944176282-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-344238117-2985730186-2944176282-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DC E9 8E 48 4E 3D CB 01 [binary data]
IE - HKU\S-1-5-21-344238117-2985730186-2944176282-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-344238117-2985730186-2944176282-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-344238117-2985730186-2944176282-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:6522
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: {b749fc7c-e949-447f-926c-3f4eed6accfe}:0.6.6
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.25 19:13:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.05.18 10:36:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.6\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.08.01 17:05:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.6\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010.03.03 04:31:41 | 000,000,000 | ---D | M]
[2010.04.25 19:13:09 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\mozilla\Extensions
[2010.02.13 17:20:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\fudgi\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.07.06 17:21:54 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\mozilla\Firefox\Profiles\34xxeldv.default\extensions
[2010.04.25 19:14:07 | 000,000,000 | ---D | M] (Modify Headers) -- C:\Users\fudgi\AppData\Roaming\mozilla\Firefox\Profiles\34xxeldv.default\extensions\{b749fc7c-e949-447f-926c-3f4eed6accfe}
[2010.08.29 02:25:26 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.08.29 02:25:26 | 000,000,000 | ---D | M] (G Data WebFilter) -- C:\Programme\Mozilla Firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE}
[2010.04.01 18:54:38 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.04.01 18:54:38 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.04.01 18:54:38 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.04.01 18:54:38 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.04.01 18:54:38 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2010.08.28 22:05:17 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (C:\Windows\system32\g3rbzl2.dll) - {B1BA40A2-75F2-51BD-F413-04B13A2C8953} - C:\Windows\System32\g3rbzl2.dll File not found
O3 - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Programme\G Data\AntiVirus\Webfilter\AvkWebIE.dll (G Data Software AG)
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Programme\Orbitdownloader\GrabPro.dll ()
O3 - HKU\S-1-5-21-344238117-2985730186-2944176282-1001\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Programme\Orbitdownloader\GrabPro.dll ()
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Programme\G Data\AntiVirus\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe File not found
O4 - HKU\S-1-5-21-344238117-2985730186-2944176282-1001..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-344238117-2985730186-2944176282-1001..\Run: [Octoshape Streaming Services] C:\Users\fudgi\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (Octoshape ApS)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: 2nvtu0 = C:\Users\fudgi\AppData\Local\Temp\ui15cr.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-344238117-2985730186-2944176282-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Download by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{8fa8654d-0c76-11df-a781-001e8c1f79b5}\Shell - "" = AutoRun
O33 - MountPoints2\{8fa8654d-0c76-11df-a781-001e8c1f79b5}\Shell\AutoRun\command - "" = J:\WD SmartWare.exe -- File not found
O33 - MountPoints2\{ace01b18-1c25-11df-a3de-001e8c1f79b5}\Shell - "" = AutoRun
O33 - MountPoints2\{ace01b18-1c25-11df-a3de-001e8c1f79b5}\Shell\AutoRun\command - "" = H:\SETUP.EXE -- File not found
O33 - MountPoints2\{ace01b18-1c25-11df-a3de-001e8c1f79b5}\Shell\configure\command - "" = H:\SETUP.EXE -- File not found
O33 - MountPoints2\{ace01b18-1c25-11df-a3de-001e8c1f79b5}\Shell\install\command - "" = H:\SETUP.EXE -- File not found
O33 - MountPoints2\{ed96028a-0c5c-11df-aee9-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{ed96028a-0c5c-11df-aee9-806e6f6e6963}\Shell\AutoRun\command - "" = Y:\AUTOPLAY.EXE id=10000017000003000036 ver=1.0.0.0 -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: Themes - C:\Windows\System32\themeservice.dll (Microsoft Corporation)
NetSvcs: BDESVC - C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
MsConfig - StartUpFolder: C:^Users^fudgi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Antimalware Doctor.lnk - C:\Users\fudgi\AppData\Roaming\17598169F3609228271747FA321FC526\mediafix70700en02.exe - File not found
MsConfig - StartUpReg: 20W6RLKX65 - hkey= - key= - C:\Users\fudgi\AppData\Local\Temp\Kqr.exe File not found
MsConfig - StartUpReg: bfrhvhdl - hkey= - key= - C:\Users\fudgi\AppData\Local\fpfxijqof\circmmishdw.exe File not found
MsConfig - StartUpReg: bipro - hkey= - key= - C:\Windows\$NtUninstallMTF1011$\mmduch.DLL File not found
MsConfig - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
MsConfig - StartUpReg: EWABQAF7KL - hkey= - key= - C:\Users\fudgi\AppData\Local\Temp\Kqr.exe File not found
MsConfig - StartUpReg: hse897ifdsjf98u3heuidhfdd - hkey= - key= - C:\Users\fudgi\AppData\Local\Temp\wnnf9zt40.exe File not found
MsConfig - StartUpReg: igigkyxx - hkey= - key= - C:\Users\fudgi\AppData\Local\vcmyiqdvn\cawxhqqshdw.exe File not found
MsConfig - StartUpReg: kcpvdifa - hkey= - key= - C:\Users\fudgi\AppData\Local\kpoxiaqfe\cqppwgdshdw.exe File not found
MsConfig - StartUpReg: mediafix70700en02.exe - hkey= - key= - C:\Users\fudgi\AppData\Roaming\17598169F3609228271747FA321FC526\mediafix70700en02.exe File not found
MsConfig - StartUpReg: morxnsacwe.exe - hkey= - key= - C:\Users\fudgi\AppData\Local\Temp\morxnsacwe.exe File not found
MsConfig - StartUpReg: NetLog2 - hkey= - key= - C:\Windows\svc2.exe File not found
MsConfig - StartUpReg: Speech Recognition - hkey= - key= - C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation)
MsConfig - StartUpReg: XBV6RD5SZF - hkey= - key= - C:\Users\fudgi\AppData\Local\Temp\Kqs.exe File not found
MsConfig - State: "startup" - 2
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Power - C:\Windows\System32\umpo.dll (Microsoft Corporation)
SafeBootMin: Primary disk - Driver Group
SafeBootMin: RpcEptMapper - C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: Dhcp - C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: ndiscap - C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Power - C:\Windows\System32\umpo.dll (Microsoft Corporation)
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: RpcEptMapper - C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32: msacm.divxa32 - C:\Windows\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.siren - C:\Windows\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()
========== Files/Folders - Created Within 30 Days ==========
[2010.08.29 12:05:44 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\fudgi\Desktop\OTL.exe
[2010.08.29 12:02:07 | 000,000,000 | ---D | C] -- C:\Programme\Trend Micro
[2010.08.29 03:51:10 | 000,000,000 | ---D | C] -- C:\Users\fudgi\AppData\Roaming\Malwarebytes
[2010.08.29 03:50:28 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.08.29 03:50:26 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.08.29 03:50:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.08.29 03:50:25 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.08.29 02:29:15 | 000,029,992 | ---- | C] (G Data Software) -- C:\Windows\System32\drivers\GRD.sys
[2010.08.29 02:25:28 | 000,038,856 | ---- | C] (G Data Software AG) -- C:\Windows\System32\drivers\HookCentre.sys
[2010.08.29 02:25:24 | 000,061,512 | ---- | C] (G Data Software AG) -- C:\Windows\System32\drivers\MiniIcpt.sys
[2010.08.29 02:25:24 | 000,033,480 | ---- | C] (G Data Software AG) -- C:\Windows\System32\drivers\GDBehave.sys
[2010.08.29 02:25:23 | 000,040,904 | ---- | C] (G DATA Software AG) -- C:\Windows\System32\drivers\gdwfpcd32.sys
[2010.08.29 02:25:15 | 000,000,000 | ---D | C] -- C:\Programme\G Data
[2010.08.29 02:25:15 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\G Data
[2010.08.29 02:25:15 | 000,000,000 | ---D | C] -- C:\ProgramData\G DATA
[2010.08.29 00:48:47 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010.08.28 22:14:41 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010.08.28 21:49:21 | 000,187,392 | ---- | C] (OpenSC Project) -- C:\Windows\Kriced.exe
[2010.08.28 21:47:06 | 000,000,000 | ---D | C] -- C:\Users\fudgi\AppData\Local\Octoshape
[2010.08.28 21:44:47 | 000,187,392 | ---- | C] (OpenSC Project) -- C:\Windows\Kricec.exe
[2010.08.28 21:44:31 | 000,187,392 | ---- | C] (OpenSC Project) -- C:\Windows\Kriceb.exe
[2010.08.28 21:40:49 | 000,187,392 | ---- | C] (OpenSC Project) -- C:\Windows\Kricea.exe
[2010.08.28 21:40:30 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%USERPROFILE%
[2010.08.28 21:40:13 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2010.08.28 21:39:57 | 000,000,000 | ---D | C] -- C:\Users\fudgi\AppData\Local\Windows Server
[2010.08.22 01:35:07 | 000,000,000 | ---D | C] -- C:\Programme\Windows Live Safety Center
========== Files - Modified Within 30 Days ==========
[2010.08.29 12:12:04 | 002,359,296 | -HS- | M] () -- C:\Users\fudgi\NTUSER.DAT
[2010.08.29 12:11:15 | 000,787,456 | ---- | M] () -- C:\Windows\System32\drivers\cxcca.sys
[2010.08.29 12:09:31 | 001,480,602 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.08.29 12:09:31 | 000,647,138 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.08.29 12:09:31 | 000,609,896 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.08.29 12:09:31 | 000,127,198 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.08.29 12:09:31 | 000,104,214 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.08.29 12:06:08 | 000,016,944 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.08.29 12:06:08 | 000,016,944 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.08.29 12:02:07 | 000,002,039 | ---- | M] () -- C:\Users\fudgi\Desktop\HijackThis.lnk
[2010.08.29 12:01:13 | 000,001,843 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Orbit.lnk
[2010.08.29 12:01:08 | 000,000,286 | -H-- | M] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2010.08.29 12:01:07 | 000,000,021 | ---- | M] () -- C:\Windows\S.dirmngr
[2010.08.29 12:01:04 | 001,048,576 | -HS- | M] () -- C:\Users\fudgi\NTUSER.DAT{6cced2f0-6e01-11de-8bed-001e0bcd1824}.TxR.2.regtrans-ms
[2010.08.29 12:01:04 | 001,048,576 | -HS- | M] () -- C:\Users\fudgi\NTUSER.DAT{6cced2f0-6e01-11de-8bed-001e0bcd1824}.TxR.1.regtrans-ms
[2010.08.29 12:01:04 | 001,048,576 | -HS- | M] () -- C:\Users\fudgi\NTUSER.DAT{6cced2f0-6e01-11de-8bed-001e0bcd1824}.TxR.0.regtrans-ms
[2010.08.29 12:01:04 | 000,065,536 | -HS- | M] () -- C:\Users\fudgi\NTUSER.DAT{6cced2f0-6e01-11de-8bed-001e0bcd1824}.TxR.blf
[2010.08.29 12:01:04 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.08.29 12:00:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.08.29 12:00:42 | 1609,424,896 | -HS- | M] () -- C:\hiberfil.sys
[2010.08.29 11:45:20 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\fudgi\Desktop\OTL.exe
[2010.08.29 05:06:50 | 001,534,761 | -H-- | M] () -- C:\Users\fudgi\AppData\Local\IconCache.db
[2010.08.29 04:16:08 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-344238117-2985730186-2944176282-1001UA.job
[2010.08.29 03:50:30 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.29 02:29:15 | 000,029,992 | ---- | M] (G Data Software) -- C:\Windows\System32\drivers\GRD.sys
[2010.08.29 02:25:28 | 000,038,856 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\HookCentre.sys
[2010.08.29 02:25:27 | 000,001,965 | ---- | M] () -- C:\Users\Public\Desktop\G Data AntiVirus 2011.lnk
[2010.08.29 02:25:24 | 000,061,512 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\MiniIcpt.sys
[2010.08.29 02:25:24 | 000,033,480 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\GDBehave.sys
[2010.08.29 02:25:23 | 000,040,904 | ---- | M] (G DATA Software AG) -- C:\Windows\System32\drivers\gdwfpcd32.sys
[2010.08.29 02:16:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-344238117-2985730186-2944176282-1001Core.job
[2010.08.28 21:52:39 | 000,000,198 | -H-- | M] () -- C:\Windows\tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job
[2010.08.28 21:40:47 | 000,187,392 | ---- | M] (OpenSC Project) -- C:\Windows\Kriced.exe
[2010.08.28 21:40:47 | 000,187,392 | ---- | M] (OpenSC Project) -- C:\Windows\Kricec.exe
[2010.08.28 21:40:43 | 000,187,392 | ---- | M] (OpenSC Project) -- C:\Windows\Kriceb.exe
[2010.08.28 21:40:40 | 000,187,392 | ---- | M] (OpenSC Project) -- C:\Windows\Kricea.exe
[2010.08.28 08:01:00 | 050,000,000 | ---- | M] () -- C:\mom-wiitard.r89
[2010.08.24 01:27:25 | 001,078,429 | ---- | M] () -- C:\Users\fudgi\Desktop\Barnitos_Softmod_v0.9.pdf
[2010.08.23 18:25:26 | 002,061,393 | ---- | M] () -- C:\Users\fudgi\Documents\heroes.wma
[2010.08.23 18:22:07 | 000,570,713 | ---- | M] () -- C:\Users\fudgi\Desktop\Unbenannt.wma
[2010.08.23 18:11:03 | 002,564,273 | ---- | M] () -- C:\Users\fudgi\Desktop\blah.wma
[2010.08.23 00:54:56 | 000,101,260 | ---- | M] () -- C:\Users\fudgi\Desktop\desktop.jpg
[2010.08.22 18:41:56 | 000,100,199 | ---- | M] () -- C:\Users\fudgi\Desktop\joachim.jpg
[2010.08.22 18:39:11 | 000,021,076 | ---- | M] () -- C:\Users\fudgi\Desktop\7B9.jpg
[2010.08.22 01:34:21 | 018,250,890 | ---- | M] () -- C:\Users\fudgi\Desktop\daniel.zip
[2010.08.22 01:33:05 | 018,063,988 | ---- | M] () -- C:\Users\fudgi\Desktop\daniel.rar
[2010.08.22 00:02:47 | 000,050,073 | ---- | M] () -- C:\Users\fudgi\Desktop\3806813.s44170954.1c2b73e212c9.jpg
[2010.08.21 23:58:21 | 001,182,184 | ---- | M] () -- C:\Users\fudgi\Desktop\CIMG0791.jpg
[2010.08.21 12:16:21 | 000,002,397 | ---- | M] () -- C:\Users\fudgi\Desktop\Google Chrome.lnk
[2010.08.17 01:19:03 | 000,190,497 | ---- | M] () -- C:\Users\fudgi\Desktop\06082010458.jpeg
[2010.08.16 21:08:28 | 000,069,854 | ---- | M] () -- C:\Users\fudgi\Desktop\picture00259.jpg
[2010.08.16 18:12:29 | 000,069,539 | ---- | M] () -- C:\Users\fudgi\Desktop\ATT02840.jpg
[2010.08.16 17:58:11 | 000,025,066 | ---- | M] () -- C:\Users\fudgi\Desktop\ATT03965.jpg
[2010.08.16 17:55:10 | 004,782,208 | ---- | M] () -- C:\wiixx.dol
[2010.08.16 17:52:56 | 000,049,091 | ---- | M] () -- C:\Users\fudgi\Desktop\picture142.jpg
[2010.08.16 17:52:48 | 000,045,419 | ---- | M] () -- C:\Users\fudgi\Desktop\picture00315.jpg
[2010.08.16 17:52:39 | 000,192,536 | ---- | M] () -- C:\Users\fudgi\Desktop\03072010299.jpeg
[2010.08.16 17:51:24 | 000,036,651 | ---- | M] () -- C:\Users\fudgi\Desktop\picture133.jpg
[2010.08.16 17:50:54 | 002,812,922 | ---- | M] () -- C:\Users\fudgi\Desktop\Video100.avi
[2010.08.16 17:48:32 | 000,036,066 | ---- | M] () -- C:\Users\fudgi\Desktop\n1110930796_289982_2174.jpg
[2010.08.12 18:46:53 | 000,053,475 | ---- | M] () -- C:\Users\fudgi\Desktop\R01.jpg
[2010.08.12 18:14:22 | 000,050,706 | ---- | M] () -- C:\Users\fudgi\Desktop\programm-Aug.pdf
[2010.08.12 17:37:15 | 000,066,022 | ---- | M] () -- C:\Users\fudgi\Desktop\scat6.jpg
[2010.08.12 17:36:55 | 000,244,483 | ---- | M] () -- C:\Users\fudgi\Desktop\DSCI0051a.jpg
[2010.08.12 17:35:43 | 000,209,244 | ---- | M] () -- C:\Users\fudgi\Desktop\DSCI0053a.jpg
[2010.08.12 17:35:39 | 000,273,806 | ---- | M] () -- C:\Users\fudgi\Desktop\DSCI0052a.jpg
[2010.08.12 17:30:48 | 000,242,641 | ---- | M] () -- C:\Users\fudgi\Desktop\DSCI0056a.jpg
[2010.08.12 17:30:40 | 000,227,249 | ---- | M] () -- C:\Users\fudgi\Desktop\DSCI0055a.jpg
[2010.08.12 17:30:17 | 000,270,167 | ---- | M] () -- C:\Users\fudgi\Desktop\DSCI0054a.jpg
[2010.08.04 01:33:08 | 001,936,320 | ---- | M] () -- C:\Users\fudgi\Desktop\DSCI0050a.avi
========== Files Created - No Company Name ==========
[2010.08.29 12:02:07 | 000,002,039 | ---- | C] () -- C:\Users\fudgi\Desktop\HijackThis.lnk
[2010.08.29 12:01:04 | 001,048,576 | -HS- | C] () -- C:\Users\fudgi\NTUSER.DAT{6cced2f0-6e01-11de-8bed-001e0bcd1824}.TxR.2.regtrans-ms
[2010.08.29 12:01:04 | 001,048,576 | -HS- | C] () -- C:\Users\fudgi\NTUSER.DAT{6cced2f0-6e01-11de-8bed-001e0bcd1824}.TxR.1.regtrans-ms
[2010.08.29 12:01:04 | 001,048,576 | -HS- | C] () -- C:\Users\fudgi\NTUSER.DAT{6cced2f0-6e01-11de-8bed-001e0bcd1824}.TxR.0.regtrans-ms
[2010.08.29 12:01:04 | 000,065,536 | -HS- | C] () -- C:\Users\fudgi\NTUSER.DAT{6cced2f0-6e01-11de-8bed-001e0bcd1824}.TxR.blf
[2010.08.29 05:04:29 | 000,000,021 | ---- | C] () -- C:\Windows\S.dirmngr
[2010.08.29 03:50:30 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.29 02:25:27 | 000,001,965 | ---- | C] () -- C:\Users\Public\Desktop\G Data AntiVirus 2011.lnk
[2010.08.28 21:41:18 | 000,787,456 | ---- | C] () -- C:\Windows\System32\drivers\cxcca.sys
[2010.08.28 21:40:53 | 000,000,286 | -H-- | C] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2010.08.28 17:42:30 | 050,000,000 | ---- | C] () -- C:\mom-wiitard.r89
[2010.08.24 01:27:24 | 001,078,429 | ---- | C] () -- C:\Users\fudgi\Desktop\Barnitos_Softmod_v0.9.pdf
[2010.08.23 18:25:26 | 002,061,393 | ---- | C] () -- C:\Users\fudgi\Documents\heroes.wma
[2010.08.23 18:22:07 | 000,570,713 | ---- | C] () -- C:\Users\fudgi\Desktop\Unbenannt.wma
[2010.08.23 18:11:03 | 002,564,273 | ---- | C] () -- C:\Users\fudgi\Desktop\blah.wma
[2010.08.23 00:54:56 | 000,101,260 | ---- | C] () -- C:\Users\fudgi\Desktop\desktop.jpg
[2010.08.22 18:41:56 | 000,100,199 | ---- | C] () -- C:\Users\fudgi\Desktop\joachim.jpg
[2010.08.22 18:39:13 | 000,021,076 | ---- | C] () -- C:\Users\fudgi\Desktop\7B9.jpg
[2010.08.22 01:34:18 | 018,250,890 | ---- | C] () -- C:\Users\fudgi\Desktop\daniel.zip
[2010.08.22 01:32:55 | 018,063,988 | ---- | C] () -- C:\Users\fudgi\Desktop\daniel.rar
[2010.08.22 01:32:37 | 017,586,176 | ---- | C] () -- C:\Users\fudgi\Desktop\daniel.avi
[2010.08.22 00:02:47 | 000,050,073 | ---- | C] () -- C:\Users\fudgi\Desktop\3806813.s44170954.1c2b73e212c9.jpg
[2010.08.21 23:58:23 | 001,182,184 | ---- | C] () -- C:\Users\fudgi\Desktop\CIMG0791.jpg
[2010.08.17 01:19:02 | 000,190,497 | ---- | C] () -- C:\Users\fudgi\Desktop\06082010458.jpeg
[2010.08.16 17:59:23 | 000,069,539 | ---- | C] () -- C:\Users\fudgi\Desktop\ATT02840.jpg
[2010.08.16 17:58:11 | 000,025,066 | ---- | C] () -- C:\Users\fudgi\Desktop\ATT03965.jpg
[2010.08.16 17:58:03 | 000,069,854 | ---- | C] () -- C:\Users\fudgi\Desktop\picture00259.jpg
[2010.08.16 17:55:10 | 004,782,208 | ---- | C] () -- C:\wiixx.dol
[2010.08.16 17:52:55 | 000,049,091 | ---- | C] () -- C:\Users\fudgi\Desktop\picture142.jpg
[2010.08.16 17:52:48 | 000,045,419 | ---- | C] () -- C:\Users\fudgi\Desktop\picture00315.jpg
[2010.08.16 17:52:38 | 000,192,536 | ---- | C] () -- C:\Users\fudgi\Desktop\03072010299.jpeg
[2010.08.16 17:51:23 | 000,036,651 | ---- | C] () -- C:\Users\fudgi\Desktop\picture133.jpg
[2010.08.16 17:50:53 | 002,812,922 | ---- | C] () -- C:\Users\fudgi\Desktop\Video100.avi
[2010.08.16 17:48:31 | 000,036,066 | ---- | C] () -- C:\Users\fudgi\Desktop\n1110930796_289982_2174.jpg
[2010.08.12 18:46:52 | 000,053,475 | ---- | C] () -- C:\Users\fudgi\Desktop\R01.jpg
[2010.08.12 18:14:21 | 000,050,706 | ---- | C] () -- C:\Users\fudgi\Desktop\programm-Aug.pdf
[2010.08.12 17:36:54 | 000,244,483 | ---- | C] () -- C:\Users\fudgi\Desktop\DSCI0051a.jpg
[2010.08.12 17:35:42 | 000,209,244 | ---- | C] () -- C:\Users\fudgi\Desktop\DSCI0053a.jpg
[2010.08.12 17:35:38 | 000,273,806 | ---- | C] () -- C:\Users\fudgi\Desktop\DSCI0052a.jpg
[2010.08.12 17:30:47 | 000,242,641 | ---- | C] () -- C:\Users\fudgi\Desktop\DSCI0056a.jpg
[2010.08.12 17:30:39 | 000,227,249 | ---- | C] () -- C:\Users\fudgi\Desktop\DSCI0055a.jpg
[2010.08.12 17:30:15 | 000,270,167 | ---- | C] () -- C:\Users\fudgi\Desktop\DSCI0054a.jpg
[2010.08.04 01:33:07 | 001,936,320 | ---- | C] () -- C:\Users\fudgi\Desktop\DSCI0050a.avi
[2010.07.11 15:41:18 | 000,006,504 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
[2010.07.11 15:40:16 | 000,024,576 | ---- | C] () -- C:\Windows\System32\AsIO.dll
[2010.07.11 15:40:16 | 000,012,400 | ---- | C] () -- C:\Windows\System32\drivers\AsIO.sys
[2010.07.11 15:40:14 | 000,011,832 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp64.sys
[2010.07.11 15:40:14 | 000,010,216 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp32.sys
[2010.07.09 13:11:58 | 000,000,095 | ---- | C] () -- C:\Windows\wininit.ini
[2010.07.06 21:55:42 | 000,000,051 | ---- | C] () -- C:\Windows\wdopAutoSort.INI
[2010.06.28 13:00:58 | 000,000,043 | ---- | C] () -- C:\Windows\gswin32.ini
[2010.06.20 16:59:20 | 000,000,946 | ---- | C] () -- C:\Users\fudgi\AppData\Local\7F68A003.il
[2010.06.20 16:59:20 | 000,000,280 | ---- | C] () -- C:\Users\fudgi\AppData\Local\IndexIE_7F68A003.il
[2010.03.16 00:22:06 | 000,819,200 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010.03.16 00:22:06 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010.02.18 02:15:43 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2010.02.08 16:26:08 | 000,000,030 | ---- | C] () -- C:\Windows\System32\brss01a.ini
[2010.02.08 16:26:07 | 000,000,468 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010.02.08 16:26:07 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2010.01.29 01:36:17 | 000,015,360 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys
========== LOP Check ==========
[2010.04.23 16:39:34 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\Ashampoo
[2010.02.18 02:40:15 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\DAEMON Tools Lite
[2010.08.16 17:44:24 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\gnupg
[2010.06.04 01:37:29 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\GrabIt
[2010.07.06 17:21:52 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\GrabPro
[2010.07.06 17:20:24 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\Gutscheinmieze
[2010.01.29 01:21:21 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\Helios
[2010.07.21 00:26:42 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\ICQ
[2010.05.18 15:45:58 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\IrfanView
[2010.06.23 22:40:52 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\NewsLeecher
[2010.05.29 21:43:23 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\Octoshape
[2010.03.08 05:25:52 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\Opera
[2010.08.29 12:01:13 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\Orbit
[2010.06.10 18:21:36 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\PixelPlanet
[2010.07.09 12:40:47 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\QuickScan
[2010.07.01 13:09:00 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\Subversion
[2010.02.13 17:20:52 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\Thunderbird
[2010.06.30 02:45:37 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\UseNeXT
[2010.01.29 01:38:59 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\VanDyke
[2009.07.14 06:53:46 | 000,013,732 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.08.29 12:01:08 | 000,000,286 | -H-- | M] () -- C:\Windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2010.08.28 21:52:39 | 000,000,198 | -H-- | M] () -- C:\Windows\Tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job
========== Purity Check ==========
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010.01.29 02:27:27 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\Adobe
[2010.04.23 16:39:34 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\Ashampoo
[2010.02.08 16:33:19 | 000,000,000 | R--D | M] -- C:\Users\fudgi\AppData\Roaming\Brother
[2010.02.18 02:40:15 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\DAEMON Tools Lite
[2010.07.02 02:05:51 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\DivX
[2010.08.02 02:43:11 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\dvdcss
[2010.08.16 17:44:24 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\gnupg
[2010.06.04 01:37:29 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\GrabIt
[2010.07.06 17:21:52 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\GrabPro
[2010.01.29 03:25:59 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\GRETECH
[2010.07.06 17:20:24 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\Gutscheinmieze
[2010.01.29 01:21:21 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\Helios
[2010.07.21 00:26:42 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\ICQ
[2010.01.29 00:40:56 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\Identities
[2010.02.08 16:25:04 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\InstallShield
[2010.05.18 15:45:58 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\IrfanView
[2010.01.29 02:27:27 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\Macromedia
[2010.08.29 03:51:10 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\Malwarebytes
[2009.07.14 10:56:41 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\Media Center Programs
[2010.08.23 18:12:13 | 000,000,000 | --SD | M] -- C:\Users\fudgi\AppData\Roaming\Microsoft
[2010.03.26 18:57:19 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\Move Networks
[2010.05.29 21:43:23 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\Mozilla
[2010.06.23 22:40:52 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\NewsLeecher
[2010.05.29 21:43:23 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\Octoshape
[2010.03.08 05:25:52 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\Opera
[2010.08.29 12:01:13 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\Orbit
[2010.06.10 18:21:36 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\PixelPlanet
[2010.07.09 12:40:47 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\QuickScan
[2010.06.19 11:46:08 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\Skype
[2010.06.19 08:01:01 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\skypePM
[2010.07.01 13:09:00 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\Subversion
[2010.02.13 17:20:52 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\Thunderbird
[2010.07.01 14:13:05 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\TortoiseSVN
[2010.06.30 02:45:37 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\UseNeXT
[2010.01.29 01:38:59 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\VanDyke
[2010.08.02 04:30:51 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\vlc
[2010.04.21 19:55:09 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\Winamp
[2010.07.11 16:15:57 | 000,000,000 | ---D | M] -- C:\Users\fudgi\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2007.03.22 12:46:40 | 000,126,976 | ---- | M] () -- C:\Users\fudgi\AppData\Roaming\GRETECH\GomPlayer\GrLauncher.exe
[2010.06.10 18:38:28 | 000,149,360 | R--- | M] (Acresso Software Inc.) -- C:\Users\fudgi\AppData\Roaming\Microsoft\Installer\{A3A61264-B075-46BE-9C97-376EA4CEEEF5}\ARPPRODUCTICON.exe
[2010.06.10 18:38:28 | 000,149,360 | R--- | M] (Acresso Software Inc.) -- C:\Users\fudgi\AppData\Roaming\Microsoft\Installer\{A3A61264-B075-46BE-9C97-376EA4CEEEF5}\NewShortcut11_1B47E40F0FE04A059EF1DDA8922D0BA2.exe
[2010.06.10 18:38:28 | 000,149,360 | R--- | M] (Acresso Software Inc.) -- C:\Users\fudgi\AppData\Roaming\Microsoft\Installer\{A3A61264-B075-46BE-9C97-376EA4CEEEF5}\NewShortcut1_367DA4EF0C9243128CC33655B17DC263.exe
[2010.06.10 18:38:28 | 000,067,440 | R--- | M] (Acresso Software Inc.) -- C:\Users\fudgi\AppData\Roaming\Microsoft\Installer\{A3A61264-B075-46BE-9C97-376EA4CEEEF5}\NewShortcut2_DD172C74541145868246ADE181F1051F.exe
[2010.06.10 18:28:23 | 000,059,368 | R--- | M] (Acresso Software Inc.) -- C:\Users\fudgi\AppData\Roaming\Microsoft\Installer\{D66DBB4B-3E39-4DE9-833E-423EB0DE247C}\ARPPRODUCTICON.exe
[2010.03.26 18:57:19 | 000,144,053 | ---- | M] () -- C:\Users\fudgi\AppData\Roaming\Move Networks\uninstall.exe
[2010.02.11 21:31:38 | 000,097,216 | ---- | M] () -- C:\Users\fudgi\AppData\Roaming\Move Networks\ie_bin\MovePlayerUpgrade.exe
[2009.01.08 15:44:06 | 000,070,936 | ---- | M] (Octoshape ApS) -- C:\Users\fudgi\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
< MD5 for: IASTORV.SYS >
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\drivers\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
< MD5 for: USER32.DLL >
[2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\System32\user32.dll
[2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
< MD5 for: USERINIT.EXE >
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.08.29 12:16:21 | 000,787,456 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\drivers\cxcca.sys
[2010.02.18 02:15:43 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2009.07.14 03:15:36 | 000,226,816 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\LocationApi.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 180 bytes -> C:\ProgramData\TEMP:8779C396
< End of report >
OTL Extras LOG Code:
OTL Extras logfile created on: 29.08.2010 12:07:57 - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\fudgi\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 66,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 73,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 24,31 Gb Total Space | 2,61 Gb Free Space | 10,74% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 69,77 Gb Total Space | 8,47 Gb Free Space | 12,14% Space Free | Partition Type: NTFS
Drive F: | 56,53 Gb Total Space | 9,03 Gb Free Space | 15,97% Space Free | Partition Type: NTFS
Drive G: | 22,75 Gb Total Space | 0,70 Gb Free Space | 3,10% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
Drive I: | 1,86 Gb Total Space | 1,16 Gb Free Space | 62,39% Space Free | Partition Type: FAT
Drive Z: | 441,34 Gb Total Space | 133,37 Gb Free Space | 30,22% Space Free | Partition Type: NTFS
Computer Name: FUDGI-PC
Current User Name: fudgi
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-344238117-2985730186-2944176282-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Users\fudgi\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Orbitdownloader\orbitdm.exe" = C:\Program Files\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Program Files\Orbitdownloader\orbitnet.exe" = C:\Program Files\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{022F6097-A053-4B1B-BE50-3AADE4116B92}" = Opera 10.50
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp version 0.99.7
"{1ADE1AA0-7F82-4BB1-B1BD-727DE438057B}" = Cool & Quiet
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4723f199-fa64-4233-8e6e-9fccc95a18ee}" = Python 2.6.5
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B6A3B5E-D26E-4690-A061-F3E2FB10F0E5}" = TortoiseSVN 1.6.9.19725 (32 bit)
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7AD89AAA-31DB-44F6-9440-24F0761E4B72}" = VanDyke Software SecureCRT 6.2
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0017-0407-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0000-0000-0000000FF1CE}" = Microsoft Office Word 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0100-0407-0000-0000000FF1CE}" = Microsoft Office O MUI (German) 2010
"{90140000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A3A61264-B075-46BE-9C97-376EA4CEEEF5}" = PdfGrabber 6.0
"{A7FB84F1-FA4F-4B50-9AEC-4F83AB1DFEBE}" = G Data AntiVirus 2011
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6EC7388-E277-4A5B-8C8F-71067A41BA64}" = TextPad 5
"{BB9AC6BF-71B6-42A4-9689-C17D9F44E79A}" = Brother MFL-Pro Suite DCP-120C
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Alt.Binz" = Alt.Binz 0.25.0
"Ashampoo Burning Studio 9_is1" = Ashampoo Burning Studio 9.21
"devkitProUpdater" = devkitProUpdater 1.5.0
"DivX Setup.divx.com" = DivX-Setup
"Foxit PDF Editor" = Foxit PDF Editor
"Foxit Reader" = Foxit Reader
"FTPRush_is1" = FTPRush v1 Unicode
"GOM Player" = GOM Player
"GPG4Win" = Gpg4win (2.0.2)
"GPL Ghostscript 8.71" = GPL Ghostscript 8.71
"GrabIt_is1" = GrabIt 1.7.2 Beta 4 (build 997)
"HijackThis" = HijackThis 2.0.2
"IrfanView" = IrfanView (remove only)
"JDownloader" = JDownloader
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"Mozilla Thunderbird (3.0.6)" = Mozilla Thunderbird (3.0.6)
"NewsLeecher_is1" = NewsLeecher v3.9 Final
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.OMUI.de-de" = Microsoft Office Language Pack 2010 - German/Deutsch
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Office14.WORD" = Microsoft Word 2010
"Orbit_is1" = Orbit Downloader
"QuickSFV" = QuickSFV (Remove only)
"SpeedFan" = SpeedFan (remove only)
"UseNeXT_is1" = UseNeXT
"VLC media player" = VLC media player 1.0.5
"watchDirectory version 4_is1" = watchDirectory 4.6.2/2
"WBFS Manager 3.0" = WBFS Manager 3.0
"Wiiload" = Wiiload
"Winamp" = Winamp
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"Xvid_is1" = Xvid 1.2.2 final uninstall
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-344238117-2985730186-2944176282-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Move Media Player" = Move Media Player
"Octoshape Streaming Services" = Octoshape Streaming Services
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 28.08.2010 15:49:22 | Computer Name = fudgi-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: services.exe, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bbf1b Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7600.16385,
Zeitstempel: 0x4a5bda6f Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000de51 ID des fehlerhaften
Prozesses: 0x1f4 Startzeit der fehlerhaften Anwendung: 0x01cb46ea0d9ec680 Pfad der
fehlerhaften Anwendung: C:\Windows\system32\services.exe Pfad des fehlerhaften Moduls:
C:\Windows\system32\msvcrt.dll Berichtskennung: 5a4c7180-b2dd-11df-8d0e-001e8c1f79b5
Error - 28.08.2010 15:51:36 | Computer Name = fudgi-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: services.exe, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bbf1b Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00b3ff41 ID des fehlerhaften
Prozesses: 0x1fc Startzeit der fehlerhaften Anwendung: 0x01cb46ea60820380 Pfad der
fehlerhaften Anwendung: C:\Windows\system32\services.exe Pfad des fehlerhaften Moduls:
unknown Berichtskennung: aa4e2200-b2dd-11df-b5e8-001e8c1f79b5
Error - 28.08.2010 19:34:36 | Computer Name = fudgi-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: services.exe, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bbf1b Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00c3ff41 ID des fehlerhaften
Prozesses: 0x200 Startzeit der fehlerhaften Anwendung: 0x01cb47087d9ef900 Pfad der
fehlerhaften Anwendung: C:\Windows\system32\services.exe Pfad des fehlerhaften Moduls:
unknown Berichtskennung: d1686a20-b2fc-11df-9fa6-001e8c1f79b5
Error - 28.08.2010 19:39:15 | Computer Name = fudgi-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: services.exe, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bbf1b Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00d4ff41 ID des fehlerhaften
Prozesses: 0x1e0 Startzeit der fehlerhaften Anwendung: 0x01cb4709eb45d860 Pfad der
fehlerhaften Anwendung: C:\Windows\system32\services.exe Pfad des fehlerhaften Moduls:
unknown Berichtskennung: 77a15500-b2fd-11df-9a0e-001e8c1f79b5
Error - 28.08.2010 20:16:07 | Computer Name = fudgi-PC | Source = Google Update | ID = 20
Description =
Error - 28.08.2010 20:34:39 | Computer Name = fudgi-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: GDScan.exe, Version: 1.4.10112.839,
Zeitstempel: 0x4bd03a23 Name des fehlerhaften Moduls: xapauthenticodesip.dll, Version:
4.0.50524.0, Zeitstempel: 0x4bf9f4b3 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00002d66
ID
des fehlerhaften Prozesses: 0xa74 Startzeit der fehlerhaften Anwendung: 0x01cb47111d1896f0
Pfad
der fehlerhaften Anwendung: C:\Program Files\Common Files\G Data\GDScan\GDScan.exe
Pfad
des fehlerhaften Moduls: C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll
Berichtskennung:
34794f50-b305-11df-a982-001e8c1f79b5
Error - 28.08.2010 20:57:41 | Computer Name = fudgi-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: GDScan.exe, Version: 1.4.10112.839,
Zeitstempel: 0x4bd03a23 Name des fehlerhaften Moduls: xapauthenticodesip.dll, Version:
4.0.50524.0, Zeitstempel: 0x4bf9f4b3 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00002d66
ID
des fehlerhaften Prozesses: 0xec0 Startzeit der fehlerhaften Anwendung: 0x01cb47130583fd70
Pfad
der fehlerhaften Anwendung: C:\Program Files\Common Files\G Data\GDScan\GDScan.exe
Pfad
des fehlerhaften Moduls: C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll
Berichtskennung:
6c50a150-b308-11df-a982-001e8c1f79b5
Error - 28.08.2010 21:01:54 | Computer Name = fudgi-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: GDScan.exe, Version: 1.4.10112.839,
Zeitstempel: 0x4bd03a23 Name des fehlerhaften Moduls: xapauthenticodesip.dll, Version:
4.0.50524.0, Zeitstempel: 0x4bf9f4b3 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00002d66
ID
des fehlerhaften Prozesses: 0x404 Startzeit der fehlerhaften Anwendung: 0x01cb471543e54f90
Pfad
der fehlerhaften Anwendung: C:\Program Files\Common Files\G Data\GDScan\GDScan.exe
Pfad
des fehlerhaften Moduls: C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll
Berichtskennung:
03687090-b309-11df-a982-001e8c1f79b5
Error - 28.08.2010 21:16:07 | Computer Name = fudgi-PC | Source = Google Update | ID = 20
Description =
Error - 28.08.2010 22:16:08 | Computer Name = fudgi-PC | Source = Google Update | ID = 20
Description =
[ System Events ]
Error - 28.08.2010 18:43:09 | Computer Name = fudgi-PC | Source = DCOM | ID = 10005
Description =
Error - 28.08.2010 18:43:09 | Computer Name = fudgi-PC | Source = DCOM | ID = 10005
Description =
Error - 28.08.2010 18:43:09 | Computer Name = fudgi-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 28.08.2010 19:04:06 | Computer Name = fudgi-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 28.08.2010 19:37:12 | Computer Name = fudgi-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?29.?08.?2010 um 01:33:38 unerwartet heruntergefahren.
Error - 28.08.2010 20:06:48 | Computer Name = fudgi-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?29.?08.?2010 um 01:38:58 unerwartet heruntergefahren.
Error - 28.08.2010 20:42:13 | Computer Name = fudgi-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "G Data Scanner" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 28.08.2010 20:57:46 | Computer Name = fudgi-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "G Data Scanner" wurde unerwartet beendet. Dies ist bereits
2 Mal passiert.
Error - 28.08.2010 20:58:16 | Computer Name = fudgi-PC | Source = DCOM | ID = 10010
Description =
Error - 28.08.2010 21:01:59 | Computer Name = fudgi-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "G Data Scanner" wurde unerwartet beendet. Dies ist bereits
3 Mal passiert.
< End of report >
|
