Rechner startet einfach neu

sv3b4ck · 11.02.2010, 17:59

Hallo,
ich habe das Problem, dass mein Rechner ohne irgendeine Warnung einfach neu startet.
Vor 4 Tagen fiehl es mir das erste mal auf, und zwar um 23h.
Heute um 17:40 wieder.
Ist euch sowas bekannt?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:52:44, on 11.02.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\EPU-6 Engine\SixEngine.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files\Portrait Displays\Pivot Software\wpCtrl.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Portrait Displays\Pivot Software\floater.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Portrait Displays\HP Display Assistant\DTHtml.exe
C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
D:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Sophos\AutoUpdate\ALMon.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
D:\Program Files\Miranda IM\miranda32.exe
D:\Program Files\Mozilla Thunderbird\thunderbird.exe
D:\Program Files\Winamp\winamp.exe
D:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Sophos\Sophos Anti-Virus\SavProgress.exe
C:\Users\Sven\AppData\Local\Temp\Rar$EX00.669\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lastfm.de/listen/user/sv3b4ck/recommended
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Sophos Web Content Scanner - {39EA7695-B3F2-4C44-A4BC-297ADA8FD235} - C:\Program Files\Sophos\Sophos Anti-Virus\SophosBHO.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [DT HWP] C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe -HWP
O4 - HKLM\..\Run: [PivotSoftware] "C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe"
O4 - HKLM\..\Run: [ApplyEsf-eDocPrintPro] "C:\Program Files\Common Files\MAYComputer\eDocPrintPro\\ApplyEsf.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [CloneCDTray] "D:\Program Files\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe /tray
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Miranda IM.lnk = D:\Program Files\Miranda IM\miranda32.exe
O4 - Startup: Thunderbrid (Sven).lnk = D:\Program Files\Mozilla Thunderbird\thunderbird.exe
O4 - Startup: Winampt.lnk = D:\Program Files\Winamp\winamp.exe
O4 - Global Startup: AutoUpdate Monitor.lnk = C:\Program Files\Sophos\AutoUpdate\ALMon.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://D:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O13 - Gopher Prefix:
O20 - AppInit_DLLs: C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Asset Management Daemon - Unknown owner - C:\Program Files\Common Files\Portrait Displays\Plugins\AM\dtsslsrv.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - D:\Program Files\VPN Client\cvpnd.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Common Files\Portrait Displays\Shared\dtsrvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: Sophos Anti-Virus Statusreporter (SAVAdminService) - Sophos Plc - C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe
O23 - Service: Sophos Anti-Virus (SAVService) - Sophos Plc - C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe
O23 - Service: Sophos AutoUpdate Service - Sophos Plc - C:\Program Files\Sophos\AutoUpdate\ALsvc.exe
O23 - Service: UGS License Server (ugslmd) - Macrovision Corporation - D:\Program Files\UGS\UGSLicensing\lmgrd.exe

--
End of file - 7105 bytes

Kiyoshi · 12.02.2010, 09:05

Hey,
bitte tu noch folgendes:
Führe folgendes nacheinander aus: http://www.trojaner-board.de/51464-a...-ccleaner.html
und
http://www.trojaner-board.de/51187-a...i-malware.html

aus.
Poste bitte das Logfile von Malwarebytes hier hinein.

Bin auf der Arbeit, melde mich heute Nachmittag wieder!

sv3b4ck · 12.02.2010, 14:05

Anti-Malware hat nichts gefunden.

Malwarebytes' Anti-Malware 1.44
Datenbank Version: 3729
Windows 6.1.7600
Internet Explorer 8.0.7600.16385

12.02.2010 14:04:40
mbam-log-2010-02-12 (14-04-40).txt

Scan-Methode: Vollständiger Scan (C:\|D:\|)
Durchsuchte Objekte: 436865
Laufzeit: 39 minute(s), 40 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Kiyoshi · 12.02.2010, 14:14

Okay, dann mal folgendes:
Wir schauen mal im Ereignisprotokolle ?
Rechter Mausklick auf Arbeitsplatz -> Verwalten und Ereignisprotokolle wählen

sv3b4ck · 12.02.2010, 14:54

Hab hier was gefunden:

The process wininit.exe ([fe80::c9a1:9b14:a8c2:77b]) has initiated the restart of computer SVEN-PC on behalf of user Sven-PC\Sven for the following reason: Security issue
Reason Code: 0x4050013
Shutdown Type: restart
Comment:

Kiyoshi · 12.02.2010, 15:20

Hey,
unter WIN 7 scheint HijackThis Probleme zu haben.
Benutze dann bitte folgendes:
OTL
Lade Dir OTL von Oldtimer herunter (http://filepony.de/download-otl/) und speichere es auf Deinem Desktop
* Doppelklick auf die OTL.exe
* Vista/Win7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
* Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
* Unter Extra Registry, wähle bitte Use SafeList
* Klicke nun auf Run Scan links oben
* Wenn der Scan beendet wurde werden 2 Logfiles erstellt
* Poste die Logfiles hier in den Thread.

sv3b4ck · 12.02.2010, 15:36

Danke schonmal für deine Mühen.
Hier die Logs:

Zitat:

Zitat von OTL.txt

OTL logfile created on: 12.02.2010 15:21:49 - Run 1
OTL by OldTimer - Version 3.1.28.0 Folder = D:\Eigene Dateien\download
An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 24,41 Gb Total Space | 7,48 Gb Free Space | 30,66% Space Free | Partition Type: NTFS
Drive D: | 571,76 Gb Total Space | 50,52 Gb Free Space | 8,84% Space Free | Partition Type: NTFS
Drive E: | 4,10 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 298,09 Gb Total Space | 155,68 Gb Free Space | 52,22% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded

Computer Name: SVEN-PC
Current User Name: Sven
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - D:\Eigene Dateien\download\OTL.exe (OldTimer Tools)
PRC - D:\Program Files\Miranda IM\miranda32.exe ( )
PRC - D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - D:\Program Files\Winamp\winamp.exe (Nullsoft)
PRC - C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe (Sophos Plc)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - D:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
PRC - C:\Program Files\Sophos\AutoUpdate\ALMon.exe (Sophos Plc)
PRC - C:\Program Files\Sophos\AutoUpdate\ALsvc.exe (Sophos Plc)
PRC - C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe (Sophos Plc)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - D:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
PRC - C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\mmc.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe (Logitech, Inc.)
PRC - C:\Program Files\Common Files\Portrait Displays\Plugins\AM\dtsslsrv.exe ()
PRC - C:\Program Files\Portrait Displays\HP Display Assistant\dthtml.exe (Portrait Displays, Inc)
PRC - C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe ()
PRC - C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe (Portrait Displays Inc.)
PRC - C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
PRC - C:\Windows\System32\AEADISRV.EXE (Andrea Electronics Corporation)
PRC - C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe (Portrait Displays, Inc.)
PRC - C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
PRC - C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe ()
PRC - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
PRC - C:\Program Files\ASUS\EPU-6 Engine\SixEngine.exe ()
PRC - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Advanced Micro Devices Inc.)
PRC - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc.)
PRC - C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe ()
PRC - C:\Program Files\Portrait Displays\Pivot Software\Floater.exe ()
PRC - C:\Program Files\Portrait Displays\Pivot Software\wpCtrl.exe ()
PRC - D:\Program Files\VPN Client\cvpnd.exe (Cisco Systems, Inc.)

========== Modules (SafeList) ==========

MOD - D:\Eigene Dateien\download\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\Sophos\Sophos Anti-Virus\sophos_detoured.dll (Sophos Plc)
MOD - C:\Program Files\Logitech\SetPoint\lgscroll.dll (Logitech, Inc.)
MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)
MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation)
MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcr80.dll (Microsoft Corporation)
MOD - C:\Program Files\Portrait Displays\Pivot Software\Winphook.dll ()

========== Win32 Services (SafeList) ==========

SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (SAVAdminService) -- C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe (Sophos Plc)
SRV - (Sophos AutoUpdate Service) -- C:\Program Files\Sophos\AutoUpdate\ALsvc.exe (Sophos Plc)
SRV - (SAVService) -- C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe (Sophos Plc)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (LBTServ) -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)
SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)
SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)
SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)
SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)
SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)
SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
SRV - (AxInstSV) ActiveX Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)
SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)
SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
SRV - (Asset Management Daemon) -- C:\Program Files\Common Files\Portrait Displays\Plugins\AM\dtsslsrv.exe ()
SRV - (DTSRVC) -- C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe ()
SRV - (AEADIFilters) -- C:\Windows\System32\AEADISRV.EXE (Andrea Electronics Corporation)
SRV - (PdiService) -- C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe (Portrait Displays, Inc.)
SRV - (LVPrcSrv) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (AsSysCtrlService) -- C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe ()
SRV - (CVPND) -- D:\Program Files\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
SRV - (odserv) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (NMIndexingService) -- C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe (Nero AG)
SRV - (UGS License Server (ugslmd)) UGS License Server (ugslmd) -- D:\Program Files\UGS\UGSLicensing\lmgrd.exe (Macrovision Corporation)
SRV - (ose) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (ggsemc) -- C:\Windows\System32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV - (ggflt) -- C:\Windows\System32\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
DRV - (RTL8187) -- C:\Windows\System32\drivers\RTL8187.sys (Realtek Semiconductor Corporation )
DRV - (ElbyCDIO) -- C:\Windows\System32\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (AnyDVD) -- C:\Windows\System32\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV - (SophosBootDriver) -- C:\Windows\System32\drivers\SophosBootDriver.sys (Sophos Plc)
DRV - (SAVOnAccess) -- C:\Windows\System32\drivers\savonaccess.sys (Sophos Plc)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (AtiHdmiService) -- C:\Windows\System32\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (WmXlCore) -- C:\Windows\System32\drivers\WmXlCore.sys (Logitech Inc.)
DRV - (WmVirHid) -- C:\Windows\System32\drivers\WmVirHid.sys (Logitech Inc.)
DRV - (WmFilter) -- C:\Windows\System32\drivers\WmFilter.sys (Logitech Inc.)
DRV - (WmBEnum) -- C:\Windows\System32\drivers\WmBEnum.sys (Logitech Inc.)
DRV - (WinDriver6) -- C:\Windows\System32\drivers\windrvr6.sys (Jungo)
DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)
DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)
DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)
DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)
DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)
DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)
DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)
DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)
DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)
DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)
DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)
DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)
DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)
DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)
DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)
DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)
DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)
DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)
DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)
DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)
DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)
DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation)
DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation)
DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)
DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)
DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)
DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)
DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)
DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)
DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)
DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)
DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)
DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)
DRV - (rdpbus) -- C:\Windows\System32\drivers\rdpbus.sys (Microsoft Corporation)
DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)
DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)
DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
DRV - (vwififlt) -- C:\Windows\System32\drivers\vwififlt.sys (Microsoft Corporation)
DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)
DRV - (1394ohci) -- C:\Windows\System32\drivers\1394ohci.sys (Microsoft Corporation)
DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)
DRV - (usbaudio) USB Audio Driver (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)
DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)
DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation)
DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)
DRV - (HidBatt) -- C:\Windows\system32\DRIVERS\HidBatt.sys (Microsoft Corporation)
DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)
DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation)
DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)
DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)
DRV - (yukonw7) -- C:\Windows\System32\drivers\yk62x86.sys (Marvell)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)
DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)
DRV - (secdrv) -- C:\Windows\System32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (LUsbFilt) -- C:\Windows\System32\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV - (LMouFilt) -- C:\Windows\System32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\Windows\System32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (ADIHdAudAddService) -- C:\Windows\System32\drivers\ADIHdAud.sys (Analog Devices, Inc.)
DRV - (PdiPorts) -- C:\Windows\System32\drivers\PdiPorts.sys (Portrait Displays, Inc.)
DRV - (LVUVC) Logitech QuickCam E3500(UVC) -- C:\Windows\System32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.)
DRV - (LVPr2Mon) -- C:\Windows\System32\drivers\LVPr2Mon.sys ()
DRV - (CVPNDRVA) -- C:\Windows\System32\drivers\CVPNDRVA.sys (Cisco Systems, Inc.)
DRV - (DNE) -- C:\Windows\System32\drivers\dne2000.sys (Deterministic Networks, Inc.)
DRV - (AsIO) -- C:\Windows\System32\drivers\AsIO.sys ()
DRV - (s816mdm) -- C:\Windows\System32\drivers\s816mdm.sys (MCCI Corporation)
DRV - (s816mgmt) Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s816mgmt.sys (MCCI Corporation)
DRV - (s816unic) Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM) -- C:\Windows\System32\drivers\s816unic.sys (MCCI)
DRV - (s816obex) -- C:\Windows\System32\drivers\s816obex.sys (MCCI Corporation)
DRV - (s816nd5) Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS) -- C:\Windows\System32\drivers\s816nd5.sys (MCCI Corporation)
DRV - (s816mdfl) -- C:\Windows\System32\drivers\s816mdfl.sys (MCCI Corporation)
DRV - (s816bus) Sony Ericsson Device 816 driver (WDM) -- C:\Windows\System32\drivers\s816bus.sys (MCCI Corporation)
DRV - (s125mgmt) Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s125mgmt.sys (MCCI Corporation)
DRV - (s125obex) -- C:\Windows\System32\drivers\s125obex.sys (MCCI Corporation)
DRV - (s125mdm) -- C:\Windows\System32\drivers\s125mdm.sys (MCCI Corporation)
DRV - (s125mdfl) -- C:\Windows\System32\drivers\s125mdfl.sys (MCCI Corporation)
DRV - (s125bus) Sony Ericsson Device 125 driver (WDM) -- C:\Windows\System32\drivers\s125bus.sys (MCCI Corporation)
DRV - (s115mgmt) Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s115mgmt.sys (MCCI Corporation)
DRV - (s115obex) -- C:\Windows\System32\drivers\s115obex.sys (MCCI Corporation)
DRV - (s115mdm) -- C:\Windows\System32\drivers\s115mdm.sys (MCCI Corporation)
DRV - (s115mdfl) -- C:\Windows\System32\drivers\s115mdfl.sys (MCCI Corporation)
DRV - (s115bus) Sony Ericsson Device 115 driver (WDM) -- C:\Windows\System32\drivers\s115bus.sys (MCCI Corporation)
DRV - (ElbyCDFL) -- C:\Windows\System32\drivers\ElbyCDFL.sys (SlySoft, Inc.)
DRV - (CVirtA) -- C:\Windows\System32\drivers\CVirtA.sys (Cisco Systems, Inc.)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys ()
DRV - (Sentinel) -- C:\Windows\System32\Drivers\SENTINEL.SYS (Rainbow Technologies, Inc.)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.lastfm.de/listen/user/sv3b4ck/recommended
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E5 ED CD B0 73 5C CA 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.spiegel.de/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: amin.eft_Shutdown@gmail.com:3.6.2C
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.8
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20091209.4
FF - prefs.js..network.proxy.backup.ftp: "188.193.6.155"
FF - prefs.js..network.proxy.backup.ftp_port: 8088
FF - prefs.js..network.proxy.backup.gopher: "188.193.6.155"
FF - prefs.js..network.proxy.backup.gopher_port: 8088
FF - prefs.js..network.proxy.backup.socks: "188.193.6.155"
FF - prefs.js..network.proxy.backup.socks_port: 8088
FF - prefs.js..network.proxy.backup.ssl: "188.193.6.155"
FF - prefs.js..network.proxy.backup.ssl_port: 8088
FF - prefs.js..network.proxy.ftp: "193.111.120.47"
FF - prefs.js..network.proxy.ftp_port: 6588
FF - prefs.js..network.proxy.gopher: "193.111.120.47"
FF - prefs.js..network.proxy.gopher_port: 6588
FF - prefs.js..network.proxy.http: "193.111.120.47"
FF - prefs.js..network.proxy.http_port: 6588
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "193.111.120.47"
FF - prefs.js..network.proxy.socks_port: 6588
FF - prefs.js..network.proxy.ssl: "193.111.120.47"
FF - prefs.js..network.proxy.ssl_port: 6588

FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2010.02.12 12:59:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2010.02.11 17:41:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Components: D:\Program Files\Mozilla Thunderbird\components [2010.02.11 02:26:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Plugins: D:\Program Files\Mozilla Thunderbird\plugins [2010.02.11 02:26:08 | 000,000,000 | ---D | M]

[2009.10.05 17:11:23 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\Mozilla\Extensions
[2010.02.11 17:41:37 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\m2k26wji.default\extensions
[2010.01.07 13:24:13 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\m2k26wji.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.01.15 13:44:30 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\m2k26wji.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2009.12.09 13:18:01 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\m2k26wji.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010.01.31 22:45:38 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\m2k26wji.default\extensions\amin.eft_Shutdown@gmail.com
[2009.11.04 14:10:51 | 000,001,805 | ---- | M] () -- C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\m2k26wji.default\searchplugins\google-language-de.xml
[2009.10.21 12:56:42 | 000,002,017 | ---- | M] () -- C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\m2k26wji.default\searchplugins\google-maps.xml
[2009.10.21 11:16:31 | 000,002,747 | ---- | M] () -- C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\m2k26wji.default\searchplugins\imdb.xml

O1 HOSTS File: ([2010.01.06 14:23:42 | 000,338,291 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 11597 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Sophos Web Content Scanner) - {39EA7695-B3F2-4C44-A4BC-297ADA8FD235} - C:\Program Files\Sophos\Sophos Anti-Virus\SophosBHO.dll (Sophos Plc)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ApplyEsf-eDocPrintPro] C:\Program Files\Common Files\MAYComputer\eDocPrintPro\ApplyEsf.exe (May Software)
O4 - HKLM..\Run: [CloneCDTray] D:\Program Files\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [DT HWP] C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe ()
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [PivotSoftware] C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe ()
O4 - HKLM..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [Skype] D:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - Startup: C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Miranda IM.lnk = D:\Program Files\Miranda IM\miranda32.exe ( )
O4 - Startup: C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Thunderbrid (Sven).lnk = D:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
O4 - Startup: C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Winampt.lnk = D:\Program Files\Winamp\winamp.exe (Nullsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - D:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL) - C:\Program Files\Sophos\Sophos Anti-Virus\sophos_detoured.dll (Sophos Plc)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.02.12 13:06:56 | 000,000,000 | ---D | C] -- C:\Users\Sven\AppData\Roaming\Malwarebytes
[2010.02.12 13:06:53 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.02.12 13:06:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.02.12 13:06:50 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.02.12 13:06:50 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.02.12 13:01:06 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010.02.11 02:55:54 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM
[2010.02.11 02:43:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2010.02.11 02:00:38 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Installer Clean Up
[2010.02.11 01:56:44 | 000,000,000 | ---D | C] -- C:\Program Files\MSECACHE
[2010.02.11 00:07:25 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.02.11 00:06:45 | 000,190,696 | ---- | C] (Adobe Systems, Inc.) -- C:\Windows\System32\NPSWF32_FlashUtil.exe
[2010.02.08 18:00:35 | 000,000,000 | ---D | C] -- C:\Program Files\LECTURNITY Player
[2010.02.03 15:37:47 | 000,000,000 | ---D | C] -- C:\Users\Sven\Desktop\New folder
[2010.02.02 20:29:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2010.02.01 01:43:25 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010.01.29 17:43:29 | 001,112,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01007.dll
[2010.01.29 17:43:29 | 000,025,512 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\Windows\System32\drivers\ggsemc.sys
[2010.01.29 17:43:29 | 000,013,224 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\Windows\System32\drivers\ggflt.sys
[2010.01.29 17:43:21 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Ericsson
[2010.01.27 00:49:23 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010.01.25 11:11:36 | 000,000,000 | ---D | C] -- C:\Users\Sven\Desktop\gruppe2
[2010.01.20 14:54:29 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010.01.20 14:54:29 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010.01.15 14:11:00 | 000,000,000 | ---D | C] -- C:\Program Files\Hex-Editor MX
[2010.01.13 19:28:00 | 000,375,808 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\Windows\System32\drivers\RTL8187.sys
[1 C:\Users\Sven\Documents\*.tmp files -> C:\Users\Sven\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.02.12 15:23:06 | 007,077,888 | -HS- | M] () -- C:\Users\Sven\NTUSER.DAT
[2010.02.12 14:54:13 | 000,013,248 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.02.12 14:54:13 | 000,013,248 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.02.12 14:51:24 | 000,713,888 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.02.12 14:51:24 | 000,606,992 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.02.12 14:51:24 | 000,103,370 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.02.12 14:47:07 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.02.12 14:47:04 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs
[2010.02.12 14:47:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.02.12 14:46:38 | 2616,496,128 | -HS- | M] () -- C:\hiberfil.sys
[2010.02.12 14:06:40 | 005,527,869 | -H-- | M] () -- C:\Users\Sven\AppData\Local\IconCache.db
[2010.02.12 13:06:55 | 000,000,989 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.02.12 13:01:07 | 000,001,841 | ---- | M] () -- C:\Users\Sven\Desktop\CCleaner.lnk
[2010.02.11 16:21:11 | 000,261,760 | ---- | M] () -- C:\Users\Sven\Desktop\berechneMittelwert.pdf
[2010.02.11 16:20:30 | 004,296,670 | ---- | M] () -- C:\Users\Sven\Desktop\Unbenannt-1.psd
[2010.02.11 15:56:15 | 000,116,666 | ---- | M] () -- C:\Users\Sven\Desktop\struct1.jpg
[2010.02.11 13:00:13 | 002,453,616 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.02.11 03:03:09 | 000,087,688 | ---- | M] () -- C:\Users\Sven\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.02.09 19:55:59 | 000,011,142 | ---- | M] () -- C:\Users\Sven\Desktop\mtb.xlsx
[2010.02.01 04:30:00 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\At2.job
[2010.01.29 17:45:07 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ggsemc_01007.Wdf
[2010.01.29 17:43:29 | 001,112,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01007.dll
[2010.01.29 17:43:29 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Windows\System32\drivers\ggsemc.sys
[2010.01.29 17:43:29 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Windows\System32\drivers\ggflt.sys
[2010.01.25 11:15:25 | 000,000,085 | -HS- | M] () -- C:\ProgramData\.zreglib
[2010.01.17 04:20:02 | 000,002,009 | ---- | M] () -- C:\Users\Sven\AppData\Local\dsp_edcast_0.cfg
[2010.01.14 11:52:38 | 000,000,375 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[1 C:\Users\Sven\Documents\*.tmp files -> C:\Users\Sven\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.02.12 13:06:55 | 000,000,989 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.02.12 13:01:07 | 000,001,841 | ---- | C] () -- C:\Users\Sven\Desktop\CCleaner.lnk
[2010.02.11 16:21:08 | 000,261,760 | ---- | C] () -- C:\Users\Sven\Desktop\berechneMittelwert.pdf
[2010.02.11 16:16:10 | 004,296,670 | ---- | C] () -- C:\Users\Sven\Desktop\Unbenannt-1.psd
[2010.02.11 15:56:13 | 000,116,666 | ---- | C] () -- C:\Users\Sven\Desktop\struct1.jpg
[2010.02.11 00:06:45 | 002,463,976 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll
[2010.02.08 20:40:53 | 000,011,142 | ---- | C] () -- C:\Users\Sven\Desktop\mtb.xlsx
[2010.02.01 02:30:02 | 000,000,356 | ---- | C] () -- C:\Windows\tasks\At2.job
[2010.01.29 17:45:07 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ggsemc_01007.Wdf
[2010.01.19 19:41:20 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010.01.17 02:55:40 | 000,000,192 | ---- | C] () -- C:\Users\Sven\AppData\Local\dsp_edcast.log
[2010.01.17 02:55:39 | 000,002,009 | ---- | C] () -- C:\Users\Sven\AppData\Local\dsp_edcast_0.cfg
[2009.11.28 20:40:23 | 000,007,605 | ---- | C] () -- C:\Users\Sven\AppData\Local\Resmon.ResmonCfg
[2009.10.27 16:52:55 | 000,000,002 | ---- | C] () -- C:\Users\Sven\AppData\Roaming\ceville_console_history.txt
[2009.10.20 13:50:25 | 000,000,454 | -H-- | C] () -- C:\Users\Sven\AppData\Roaming\vispa.ini
[2009.10.06 15:21:40 | 000,011,832 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp64 - Copy.sys
[2009.10.06 14:04:06 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll
[2009.10.06 14:04:06 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth2.dll
[2009.10.06 14:04:06 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth1.dll
[2009.10.06 14:04:06 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll
[2009.10.06 14:04:06 | 000,000,073 | ---- | C] () -- C:\Windows\System32\ssprs.dll
[2009.10.06 14:04:06 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI
[2009.10.06 12:40:50 | 000,721,904 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009.10.06 12:14:49 | 000,007,432 | ---- | C] () -- C:\Windows\System32\Machnm32.sys
[2009.10.05 17:29:45 | 000,082,289 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2009.10.05 17:24:46 | 000,024,576 | ---- | C] () -- C:\Windows\System32\AsIO.dll
[2009.10.05 17:24:46 | 000,012,400 | ---- | C] () -- C:\Windows\System32\drivers\AsIO.sys
[2009.10.05 17:24:44 | 000,011,832 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp64.sys
[2009.10.05 17:24:44 | 000,010,216 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp32.sys
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.05.08 09:13:04 | 000,013,584 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2009.04.30 15:00:12 | 000,025,624 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2009.04.21 23:19:06 | 000,172,173 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009.01.13 10:28:56 | 000,197,408 | ---- | C] () -- C:\Windows\System32\vpnapi.dll
[2004.08.13 08:56:20 | 000,005,810 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
[2002.10.03 14:42:27 | 000,000,034 | ---- | C] () -- C:\Windows\Q3version.ini

========== Alternate Data Streams ==========

@Alternate Data Stream - 229 bytes -> C:\ProgramData\TEMP:8FF81EB0
< End of report >

Zitat:

Zitat von extras.txt

OTL Extras logfile created on: 12.02.2010 15:21:49 - Run 1
OTL by OldTimer - Version 3.1.28.0 Folder = D:\Eigene Dateien\download
An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 24,41 Gb Total Space | 7,48 Gb Free Space | 30,66% Space Free | Partition Type: NTFS
Drive D: | 571,76 Gb Total Space | 50,52 Gb Free Space | 8,84% Space Free | Partition Type: NTFS
Drive E: | 4,10 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 298,09 Gb Total Space | 155,68 Gb Free Space | 52,22% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded

Computer Name: SVEN-PC
Current User Name: Sven
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "D:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "D:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "D:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Mp3tag] -- "D:\Program Files\Mp3tag\Mp3tag.exe" "/fp:%1" (Florian Heidenreich)
Directory [PlayWithVLC] -- "D:\Program Files\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "D:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "D:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "D:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0217E1D1-BCEF-4A61-AF6D-F7740F65A066}" = Pivot Software
"{034759DA-E21A-4795-BFB3-C66D17FAD183}" = Sophos Anti-Virus
"{034F8B84-40DE-EBB5-4B7E-07E719B1271B}" = Catalyst Control Center HydraVision Full
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}" = Microsoft Games for Windows - LIVE Redistributable
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{1089C72B-8D02-1C2A-1832-B0007D8AA963}" = Catalyst Control Center Core Implementation
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{15C418EB-7675-42be-B2B3-281952DA014D}" = Sophos AutoUpdate
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{17B371B7-740F-4C83-BDFE-0C3A2C585103}" = HP Display Assistant
"{1842532D-0AD3-4470-8E32-798BB63EF496}" = UGSLicensing
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1FF713E1-FE5E-4AD0-9C8C-B2E877846B45}" = Catalyst Control Center - Branding
"{2573A5FB-0352-4B85-E948-10FFCDD28731}" = Catalyst Control Center InstallProxy
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 16
"{2B152D2E-039D-BDD5-DAB8-F9E715CF5FCA}" = Catalyst Control Center Graphics Light
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{33BC9D7E-E790-495E-A4EA-CFB160C17A91}" = Logitech Gaming Software 5.08
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{36A1E3D6-288A-4EEE-A081-30D9808B2BE3}" = Joe
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3AA1DCD6-CEE9-DAD4-79E3-6BF1F5D4744C}" = Catalyst Control Center Graphics Full Existing
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4115D40F-3E40-8D0B-F2B7-5FE20E7D711C}" = Catalyst Control Center Graphics Previews Vista
"{45B8441A-0346-4D6C-88A8-01821DA28D04}" = eDocPrintPro v3.15.2
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4D243BA7-9AC4-46D1-90E5-EEB88974F501}" = Microsoft Games for Windows - LIVE
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{56B83336-FBC1-4C46-8613-90A9E3B440D6}" = EPU-6 Engine
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{59ABBDF0-E1E5-48AF-85FB-F523A08C3490}" = STREET FIGHTER IV
"{5E609F4B-4B10-6DD8-C47D-9703044AC5EF}" = Catalyst Control Center Graphics Full New
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5EF5F1C4-DA0C-406C-A0DE-70A5216B773C}" = Cisco Systems VPN Client 5.0.05.0280
"{602A58C3-BDF2-4B8A-B9D3-B6D9BACA386A}" = Dir-It!
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{6783BD80-A5DB-10A6-9F03-CE0B406BB982}" = Catalyst Control Center Graphics Previews Common
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AB6CBD4-ED44-4EAA-8496-228395B1C1D0}" = gs_x86
"{70E3A868-C269-4E6D-B225-862AADF7D0AF}" = Adobe Creative Suite 4 Production Premium
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{791CAF6C-90A3-11D4-8306-00D0B72E1DB9}" = sentinelsystemdriver
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C2CD35D-FEC4-0272-9D16-CB1585C44FA6}" = ccc-utility
"{7EAB15F0-5857-A3B6-565F-F5A27EC4FD91}" = ATI Catalyst Install Manager
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{8624888C-A959-45A5-98F4-292E956325EA}" = LECTURNITY Player
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{9102836A-D390-415F-45B2-27C9B3680303}" = ccc-core-static
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{A37D76E1-38C4-4A58-A597-BD7C765FB8CF}" = UGS NX 6.0
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1.3 - Deutsch
"{AC96671C-2001-432C-9826-5266D84EF1DC}" = Logitech Webcam Software
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B915FA4E-B670-43E9-8EA0-9F16BFFD8AE8}" = DirComp
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{CA842D69-22DB-456E-95C7-A5C92593C7C4}" = Adobe Setup
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{D4A70F1B-2046-AEBD-9F25-844BECFB163A}" = CCC Help English
"{D6C9AF27-9414-46C8-B9D8-D878BA041031}" = Nero 8
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_36ac9dc8c9a94feb9e5886810012e78" = Adobe Creative Suite 4 Production Premium
"Alcatech BPM Studio Professional v4.9.1" = Alcatech BPM Studio Professional v4.9.1
"AnyDVD" = AnyDVD
"CCleaner" = CCleaner
"CloneCD" = CloneCD
"CloneDVD2" = CloneDVD2
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DMXControl" = DMXControl 2.10
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Host OpenAL (ADI)" = Host OpenAL (ADI)
"IsoBuster_is1" = IsoBuster 2.3
"lvdrivers_12.0" = Logitech Webcam Software-Treiberpaket
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MatlabR2009a" = MATLAB R2009a
"Miranda IM" = Miranda IM 0.8.14
"mIRC" = mIRC
"Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
"Mozilla Thunderbird (2.0.0.23)" = Mozilla Thunderbird (2.0.0.23)
"Mp3tag" = Mp3tag v2.44
"MPE" = MyPhoneExplorer
"qt7lite_is1" = QT Lite 2.9.2
"Quake III Arena Point Release 1.32" = Quake III Arena Point Release 1.32
"SubtitleWorkshop" = Subtitle Workshop 2.51
"uTorrent" = µTorrent
"Veoh Web Player Beta" = Veoh Web Player
"VLC media player" = VLC media player 1.0.3
"Winamp" = Winamp
"WinRAR archiver" = WinRAR archiver
"Zattoo" = Zattoo 3.3.4 Beta

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"NoNameScript" = NNScript
"Winamp Detect" = Winamp Anwendungserkennung

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10.02.2010 19:12:13 | Computer Name = Sven-PC | Source = MsiInstaller | ID = 11704
Description =

Error - 10.02.2010 19:33:05 | Computer Name = Sven-PC | Source = MsiInstaller | ID = 11719
Description =

Error - 10.02.2010 19:54:14 | Computer Name = Sven-PC | Source = MsiInstaller | ID = 11904
Description =

Error - 10.02.2010 21:00:32 | Computer Name = Sven-PC | Source = MsiInstaller | ID = 11500
Description =

Error - 10.02.2010 21:00:34 | Computer Name = Sven-PC | Source = MsiInstaller | ID = 11500
Description =

Error - 10.02.2010 21:00:37 | Computer Name = Sven-PC | Source = MsiInstaller | ID = 11500
Description =

Error - 10.02.2010 21:15:12 | Computer Name = Sven-PC | Source = MsiInstaller | ID = 11904
Description =

Error - 10.02.2010 21:33:09 | Computer Name = Sven-PC | Source = MsiInstaller | ID = 11719
Description =

Error - 11.02.2010 08:29:56 | Computer Name = Sven-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "d:\program files\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "d:\program files\spybot
- search & destroy\DelZip179.dll" on line 8. The value "*" of attribute "language"
in element "assemblyIdentity" is invalid.

Error - 11.02.2010 12:27:11 | Computer Name = Sven-PC | Source = Application Error | ID = 1000
Description = Faulting application name: rundll32.exe_Shell32.dll, version: 6.1.7600.16385,
time stamp: 0x4a5bc637 Faulting module name: SFFXComm.dll, version: 1.0.0.48, time
stamp: 0x49ef4b7c Exception code: 0xc0000005 Fault offset: 0x00009893 Faulting process
id: 0x2554 Faulting application start time: 0x01caab36efe5cc95 Faulting application
path: C:\Windows\system32\rundll32.exe Faulting module path: C:\Windows\system32\SFFXComm.dll
Report
Id: 4df3e7c3-172a-11df-8980-002215150427

[ OSession Events ]
Error - 04.02.2010 12:51:21 | Computer Name = Sven-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 776 seconds with 600 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 01.02.2010 23:33:25 | Computer Name = Sven-PC | Source = SAVOnAccess | ID = 3997781
Description = File [...tem32\WMsgApi.dll]'s scan succeeded following a timeout/busy
condition - it is being logged in case it contributed to that condition. Process
services.exe, (start check timestamp [ 1caa3b87a1cf2bf]).

Error - 01.02.2010 23:33:25 | Computer Name = Sven-PC | Source = SAVOnAccess | ID = 3997781
Description = File [...utomationCore.dll]'s scan succeeded following a timeout/busy
condition - it is being logged in case it contributed to that condition. Process
LogonUI.exe, (start check timestamp [ 1caa3b87a21b57f]).

Error - 02.02.2010 09:05:46 | Computer Name = Sven-PC | Source = Service Control Manager | ID = 7024
Description = The HomeGroup Listener service terminated with service-specific error
%%-2147023143.

Error - 02.02.2010 11:04:40 | Computer Name = Sven-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR6.

Error - 02.02.2010 11:04:50 | Computer Name = Sven-PC | Source = Ntfs | ID = 262281
Description = The default transaction resource manager on volume H: encountered
a non-retryable error and could not start. The data contains the error code.

Error - 02.02.2010 12:25:45 | Computer Name = Sven-PC | Source = Service Control Manager | ID = 7024
Description = The HomeGroup Listener service terminated with service-specific error
%%-2147023143.

Error - 02.02.2010 18:35:23 | Computer Name = Sven-PC | Source = Service Control Manager | ID = 7024
Description = The HomeGroup Listener service terminated with service-specific error
%%-2147023143.

Error - 02.02.2010 19:04:32 | Computer Name = Sven-PC | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
is 10.

Error - 03.02.2010 07:58:05 | Computer Name = Sven-PC | Source = Service Control Manager | ID = 7024
Description = The HomeGroup Listener service terminated with service-specific error
%%-2147023143.

Error - 04.02.2010 11:25:19 | Computer Name = Sven-PC | Source = Service Control Manager | ID = 7024
Description = The HomeGroup Listener service terminated with service-specific error
%%-2147023143.

< End of report >

Kiyoshi · 12.02.2010, 15:38

Guck mit es gleich durch noch eine Frage:
Startet der PC immer noch neu? Oder bisher läuft alles stabil?

sv3b4ck · 12.02.2010, 15:39

Naja bis jetzt läuft er stabil.
Aber wie gesagt, es ist in 4 Tagen auch "nur" 2 mal passiert.

Kiyoshi · 12.02.2010, 15:47

Was hast du denn getan bevor der PC neustartete ? Vielleicht gibt es Probleme mit dem Programm/en das du zum dem Zeitpunkt ausgeführt hast.

Leonixx · 12.02.2010, 17:01

Gut, die Temps sehen zumindest normal aus. Wie sieht es mit anderer Hardware aus. Schon mal getestet? Poste mal deine Rechnerdaten. Kannst du ebenfalls mit Everest auslesen.

sv3b4ck · 12.02.2010, 17:09

musste erstmal ne aktuelle knoppix distribu besorgen und damit ne kopie der datei ziehen.
hier das ergebnis.
eins von diesen 40 meldet was.

Zitat:

Antivirus Version letzte aktualisierung Ergebnis
a-squared 4.5.0.50 2010.02.12 -
AhnLab-V3 5.0.0.2 2010.02.12 -
AntiVir 7.9.1.160 2010.02.12 -
Antiy-AVL 2.0.3.7 2010.02.11 -
Authentium 5.2.0.5 2010.02.12 -
Avast 4.8.1351.0 2010.02.12 -
AVG 9.0.0.730 2010.02.12 -
BitDefender 7.2 2010.02.12 -
CAT-QuickHeal 10.00 2010.02.12 -
ClamAV 0.96.0.0-git 2010.02.12 -
Comodo 3911 2010.02.12 -
DrWeb 5.0.1.12222 2010.02.12 -
eSafe 7.0.17.0 2010.02.11 Win32.TrojanHorse
eTrust-Vet 35.2.7299 2010.02.12 -
F-Prot 4.5.1.85 2010.02.12 -
F-Secure 9.0.15370.0 2010.02.12 -
Fortinet 4.0.14.0 2010.02.12 -
GData 19 2010.02.12 -
Ikarus T3.1.1.80.0 2010.02.12 -
Jiangmin 13.0.900 2010.02.08 -
K7AntiVirus 7.10.971 2010.02.11 -
Kaspersky 7.0.0.125 2010.02.12 -
McAfee 5889 2010.02.11 -
McAfee+Artemis 5889 2010.02.11 -
McAfee-GW-Edition 6.8.5 2010.02.12 -
Microsoft 1.5406 2010.02.12 -
NOD32 4861 2010.02.12 -
Norman 6.04.08 2010.02.12 -
nProtect 2009.1.8.0 2010.02.12 -
Panda 10.0.2.2 2010.02.12 -
PCTools 7.0.3.5 2010.02.12 -
Rising 22.34.01.03 2010.02.11 -
Sophos 4.50.0 2010.02.12 -
Sunbelt 5671 2010.02.11 -
Symantec 20091.2.0.41 2010.02.12 -
TheHacker 6.5.1.3.190 2010.02.12 -
TrendMicro 9.120.0.1004 2010.02.12 -
VBA32 3.12.12.2 2010.02.12 -
ViRobot 2010.2.12.2184 2010.02.12 -
VirusBuster 5.0.21.0 2010.02.12 -
weitere Informationen
File size: 721904 bytes
MD5...: d15da1ba189770d93eea2d7e18f95af9
SHA1..: 118f6e32db0b0dd13b6c304fe3030ca650f125cc
SHA256: 9b0bb676cf0cd1aace915a624f13939cb152f136e13f58e6156984bd92f6ba2e
ssdeep: 12288:YdZ14hC/YqpuiLr0Av3Fnpj+DmFfwTTuNtN/tVEk8m/T54vZ:cChKpUiV/
YifwOp8gl4vZ
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x69b6c
timedatestamp.....: 0x49c72e69 (Mon Mar 23 06:38:33 2009)
machinetype.......: 0x14c (I386)

( 12 sections )
name viradd virsiz rawdsiz ntrpy md5
.edata 0x1000 0x1a0e4 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.edata 0x1c000 0x27310 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.text 0x44000 0x20637 0x20800 7.94 8c359576426c3c6ffb70933bf5912723
.data 0x65000 0x154c 0x600 1.80 c9d47458fecff4667c36d7aad53516e3
INIT 0x67000 0x6241 0x6400 7.64 929ab3ce5efcd68083457adf28161d23
.edata 0x6e000 0x80ea 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.idata 0x77000 0xe5c 0x1000 5.17 b2c86d9f985d8c69c27328ced118da6f
.const 0x78000 0x58200 0x58200 7.06 e2eee885262e3b7b345722f552cb05ca
.rsrc 0xd1000 0x388 0x400 2.99 6086fdcc40751e9071c61fb6601f607d
.sptd0 0xd2000 0x4674 0x4800 7.50 876808606cfa3a660e42b96f9bb68c9a
.sptd1 0xd7000 0x24211 0x24400 8.00 3e0981d924a7cc4d4c3205dc92c4a103
.reloc 0xfc000 0x4e00 0x4e00 7.12 2e578eab0c4eb38c4ade37e95f2e5786

( 3 imports )
> ntoskrnl.exe: IofCallDriver, IofCompleteRequest, ObfDereferenceObject, IoWriteErrorLogEntry, IoAllocateErrorLogEntry, ExInitializePagedLookasideList, ExInitializeNPagedLookasideList, ExDeletePagedLookasideList, ExDeleteNPagedLookasideList, MmUnmapIoSpace, MmMapIoSpace, RtlInitAnsiString, sprintf, RtlAnsiStringToUnicodeString, RtlUnicodeStringToAnsiString, ExDeleteResourceLite, ObReferenceObjectByHandle, ZwOpenDirectoryObject, ExInitializeResourceLite, KeClearEvent, KeSetEvent, IoCreateDevice, ObfReferenceObject, _allmul, _aulldiv, swprintf, KeQuerySystemTime, KeInitializeEvent, _wcsnicmp, RtlWriteRegistryValue, MmLockPagableDataSection, PsGetCurrentProcessId, IoGetCurrentProcess, _allshr, _except_handler3, KeLeaveCriticalRegion, ExReleaseResourceLite, ExfInterlockedInsertTailList, ExAcquireResourceSharedLite, ExAcquireResourceExclusiveLite, KeEnterCriticalRegion, ExGetPreviousMode, RtlEqualUnicodeString, ProbeForRead, MmUserProbeAddress, RtlUpcaseUnicodeString, memmove, _aullrem, ExAllocatePoolWithTagPriority, _alldiv, IoDeleteDevice, KeWaitForSingleObject, MmMapLockedPagesSpecifyCache, wcsstr, IoWMIRegistrationControl, IoBuildSynchronousFsdRequest, RtlDeleteRegistryValue, _allrem, IoReuseIrp, ExFreeToPagedLookasideList, ExAllocateFromPagedLookasideList, IoBuildDeviceIoControlRequest, IoSetThreadHardErrorMode, IoBuildPartialMdl, IoAllocateMdl, KeResetEvent, KeDelayExecutionThread, IoDriverObjectType, IoRegisterShutdownNotification, ZwQuerySymbolicLinkObject, ZwOpenSymbolicLinkObject, KeWaitForMultipleObjects, MmHighestUserAddress, IoFileObjectType, IoFreeIrp, IoAllocateIrp, MmIsAddressValid, MmProbeAndLockPages, IoFreeMdl, MmUnlockPages, MmSizeOfMdl, strncpy, KefAcquireSpinLockAtDpcLevel, KefReleaseSpinLockFromDpcLevel, MmIsDriverVerifying, PsGetVersion, ProbeForWrite, IoGetDeviceObjectPointer, IoInitializeIrp, ExfInterlockedRemoveHeadList, ExQueueWorkItem, KeReleaseSemaphore, KeInitializeSemaphore, MmGetPhysicalAddress, RtlLookupElementGenericTable, ZwClose, RtlInitializeGenericTable, RtlDeleteElementGenericTable, RtlInsertElementGenericTable, RtlCompareMemory, RtlQueryRegistryValues, RtlStringFromGUID, RtlFreeUnicodeString, RtlInitUnicodeString, MmGetSystemRoutineAddress, ExAllocatePoolWithTag, IoWMIWriteEvent, ExFreePoolWithTag, KeGetCurrentThread, memcpy, _wcsicmp, memset, KeBugCheckEx, ObReferenceObjectByPointer, IoDeviceObjectType, ExInterlockedPopEntrySList, ExInterlockedPushEntrySList, FsRtlGetFileSize, KeSetImportanceDpc, KeInitializeDpc, IoBuildAsynchronousFsdRequest, KeCancelTimer, MmBuildMdlForNonPagedPool, KeInitializeTimer, KeInsertQueueDpc, KeSetTimer, IoGetRelatedDeviceObject
> HAL.dll: KeRaiseIrqlToDpcLevel, KeStallExecutionProcessor, KfRaiseIrql, KeGetCurrentIrql, KfLowerIrql, KfAcquireSpinLock, KfReleaseSpinLock, READ_PORT_UCHAR
> SCSIPORT.SYS: ScsiPortInitialize

( 0 exports )
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win32 Executable Generic (58.4%)
Clipper DOS Executable (13.8%)
Generic Win/DOS Executable (13.7%)
DOS Executable Generic (13.7%)
VXD Driver (0.2%)
sigcheck:
publisher....: Duplex Secure Ltd.
copyright....: Copyright (C) 2004
product......: SCSI Pass Through Direct
description..: SCSI Pass Through Direct Host
original name: sptd.sys
internal name: SPTD.SYS
file version.: 1.58.0.0 built by: WinDDK
comments.....: n/a
signers......: Duplex Secure Ltd
VeriSign Class 3 Code Signing 2004 CA
Class 3 Public Primary Certification Authority
signing date.: 7:38 AM 3/23/2009
verified.....: -

was meinst du mit rechnerdaten?

Zitat:

--------[ EVEREST Ultimate Edition ]------------------------------------------------------------------------------------

Version EVEREST v5.00.1650/de
Benchmark Modul 2.4.258.0
Homepage http://www.lavalys.com/
Berichtsart Berichts-Assistent
Computer SVEN-PC
Ersteller Sven
Betriebssystem Microsoft Windows 7 Professional 6.1.7600
Datum 2010-02-12
Zeit 17:11

--------[ Übersicht ]---------------------------------------------------------------------------------------------------

Computer:
Computertyp ACPI x86-based PC
Betriebssystem Microsoft Windows 7 Professional
OS Service Pack -
Internet Explorer 8.0.7600.16385
DirectX DirectX 10.1
Computername SVEN-PC
Benutzername Sven
Domainanmeldung Sven-PC
Datum / Uhrzeit 2010-02-12 / 17:11

Motherboard:
CPU Typ DualCore Intel Core 2 Duo E8400, 3066 MHz (9 x 341)
Motherboard Name Asus P5Q-E (2 PCI, 2 PCI-E x1, 3 PCI-E x16, 4 DDR2 DIMM, Audio, Dual Gigabit LAN, IEEE-1394)
Motherboard Chipsatz Intel Eaglelake P45
Arbeitsspeicher 3328 MB (DDR2-800 DDR2 SDRAM)
DIMM1: G Skill F2-8000CL5-2GBPQ 2 GB DDR2-800 DDR2 SDRAM (5-5-5-15 @ 400 MHz) (4-4-4-10 @ 266 MHz)
DIMM3: G Skill F2-8000CL5-2GBPQ 2 GB DDR2-800 DDR2 SDRAM (5-5-5-15 @ 400 MHz) (4-4-4-10 @ 266 MHz)
BIOS Typ AMI (04/06/09)
Anschlüsse (COM und LPT) Communications Port (COM1)

Anzeige:
Grafikkarte ATI Radeon HD 4800 Series (512 MB)
Grafikkarte ATI Radeon HD 4800 Series (512 MB)
3D-Beschleuniger ATI Radeon HD 4850 (RV770)
Monitor HP LP2475w [24" LCD] (CZC848022B)

Multimedia:
Soundkarte Analog Devices AD2000B @ Intel 82801JB ICH10 - High Definition Audio Controller
Soundkarte ATI Radeon HDMI @ ATI RV770 - High Definition Audio Controller

Datenträger:
IDE Controller Standard AHCI 1.0 Serial ATA Controller
IDE Controller Standard Dual Channel PCI IDE Controller
Massenspeicher Controller ATSLJM64 IDE Controller
Festplatte SAMSUNG HD642JJ ATA Device (640 GB, 7200 RPM, SATA-II)
Optisches Laufwerk HL-DT-ST DVDRAM GH20NS15 ATA Device (DVD+R9:12x, DVD-R9:12x, DVD+RW:20x/8x, DVD-RW:20x/6x, DVD-RAM:12x, DVD-ROM:16x, CD:48x/32x/48x DVD+RW/DVD-RW/DVD-RAM)
Optisches Laufwerk XKBODY PYRWPAV SCSI CdRom Device
S.M.A.R.T. Festplatten-Status OK

Partitionen:
C: (NTFS) 24999 MB (7649 MB frei)
D: (NTFS) 571.8 GB (49.4 GB frei)
Speicherkapazität 596.2 GB (56.9 GB frei)

Eingabegeräte:
Tastatur Logitech HID-Compliant Keyboard
Maus Logitech HID-compliant Cordless Mouse

Netzwerk:
Primäre IP-Adresse 192.168.2.100
Primäre MAC-Adresse 00-22-15-15-04-27
Netzwerkkarte Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller (192.168.2.100)

Peripheriegeräte:
Drucker Canon Inkjet iP5300
Drucker eDocPrintPro
Drucker Microsoft XPS Document Writer
FireWire Controller AT&T/Lucent IEEE1394 FireWire Controller (PHY: Agere LFW3226/3227)
USB1 Controller Intel 82801JB ICH10 - USB Universal Host Controller
USB1 Controller Intel 82801JB ICH10 - USB Universal Host Controller
USB1 Controller Intel 82801JB ICH10 - USB Universal Host Controller
USB1 Controller Intel 82801JB ICH10 - USB Universal Host Controller
USB1 Controller Intel 82801JB ICH10 - USB Universal Host Controller
USB1 Controller Intel 82801JB ICH10 - USB Universal Host Controller
USB2 Controller Intel 82801JB ICH10 - USB2 Enhanced Host Controller
USB2 Controller Intel 82801JB ICH10 - USB2 Enhanced Host Controller
USB-Geräte Generic USB Hub
USB-Geräte Logitech Cordless USB Keyboard
USB-Geräte Logitech Cordless USB Mouse & Enhanced Keys
USB-Geräte Logitech Mic (QuickCam E3500)
USB-Geräte Logitech QuickCam E3500
USB-Geräte Logitech USB Camera (QuickCam E3500)
USB-Geräte USB Composite Device
USB-Geräte USB Printing Support

DMI:
DMI BIOS Anbieter American Megatrends Inc.
DMI BIOS Version 2101
DMI Systemhersteller System manufacturer
DMI Systemprodukt P5Q-E
DMI Systemversion System Version
DMI Systemseriennummer System Serial Number
DMI System UUID E06D001E-8C00014C-22740022-15150427
DMI Motherboardhersteller ASUSTeK Computer INC.
DMI Motherboardprodukt P5Q-E
DMI Motherboardversion Rev 1.xx
DMI Motherboardseriennummer MS1C86B50400677
DMI Gehäusehersteller Chassis Manufacture
DMI Gehäuseversion Chassis Version
DMI Gehäuseseriennummer Chassis Serial Number
DMI Gehäusekennzeichnung Asset-1234567890
DMI Gehäusetyp Desktop Case
DMI gesamte / freie Speichersockel 4 / 2

Leonixx · 12.02.2010, 17:27

Das ist nichts. Fehlalarm des Scanners.

Lade dir das Diagnosetool von Samsung für deine Festplatte herunter.http://www.samsung.com/global/business/hdd/support/utilities/Support_DiskManager.html

Prüfe mal auf Fehler.

sv3b4ck · 12.02.2010, 18:55

Das Samsung Doag-Tool läuft nicht bei mir.
Lass grad ne HDTune Diagnose durchlaufen.

12.02.2010, 17:01	#11
Leonixx /// Helfer-Team	Rechner startet einfach neu Gut, die Temps sehen zumindest normal aus. Wie sieht es mit anderer Hardware aus. Schon mal getestet? Poste mal deine Rechnerdaten. Kannst du ebenfalls mit Everest auslesen.

12.02.2010, 17:27	#13
Leonixx /// Helfer-Team	Rechner startet einfach neu Das ist nichts. Fehlalarm des Scanners. Lade dir das Diagnosetool von Samsung für deine Festplatte herunter.http://www.samsung.com/global/business/hdd/support/utilities/Support_DiskManager.html Prüfe mal auf Fehler.

Rechner startet einfach neu

Log-Analyse und Auswertung: Rechner startet einfach neu