Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Rechner startet einfach neu (https://www.trojaner-board.de/82827-rechner-startet-einfach-neu.html)

sv3b4ck 11.02.2010 17:59
Rechner startet einfach neu
 
Hallo,
ich habe das Problem, dass mein Rechner ohne irgendeine Warnung einfach neu startet.
Vor 4 Tagen fiehl es mir das erste mal auf, und zwar um 23h.
Heute um 17:40 wieder.
Ist euch sowas bekannt?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:52:44, on 11.02.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\EPU-6 Engine\SixEngine.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files\Portrait Displays\Pivot Software\wpCtrl.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Portrait Displays\Pivot Software\floater.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Portrait Displays\HP Display Assistant\DTHtml.exe
C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
D:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Sophos\AutoUpdate\ALMon.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
D:\Program Files\Miranda IM\miranda32.exe
D:\Program Files\Mozilla Thunderbird\thunderbird.exe
D:\Program Files\Winamp\winamp.exe
D:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Sophos\Sophos Anti-Virus\SavProgress.exe
C:\Users\Sven\AppData\Local\Temp\Rar$EX00.669\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lastfm.de/listen/user/sv3b4ck/recommended
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Sophos Web Content Scanner - {39EA7695-B3F2-4C44-A4BC-297ADA8FD235} - C:\Program Files\Sophos\Sophos Anti-Virus\SophosBHO.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [DT HWP] C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe -HWP
O4 - HKLM\..\Run: [PivotSoftware] "C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe"
O4 - HKLM\..\Run: [ApplyEsf-eDocPrintPro] "C:\Program Files\Common Files\MAYComputer\eDocPrintPro\\ApplyEsf.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [CloneCDTray] "D:\Program Files\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe /tray
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Miranda IM.lnk = D:\Program Files\Miranda IM\miranda32.exe
O4 - Startup: Thunderbrid (Sven).lnk = D:\Program Files\Mozilla Thunderbird\thunderbird.exe
O4 - Startup: Winampt.lnk = D:\Program Files\Winamp\winamp.exe
O4 - Global Startup: AutoUpdate Monitor.lnk = C:\Program Files\Sophos\AutoUpdate\ALMon.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://D:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O13 - Gopher Prefix:
O20 - AppInit_DLLs: C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Asset Management Daemon - Unknown owner - C:\Program Files\Common Files\Portrait Displays\Plugins\AM\dtsslsrv.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - D:\Program Files\VPN Client\cvpnd.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Common Files\Portrait Displays\Shared\dtsrvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: Sophos Anti-Virus Statusreporter (SAVAdminService) - Sophos Plc - C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe
O23 - Service: Sophos Anti-Virus (SAVService) - Sophos Plc - C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe
O23 - Service: Sophos AutoUpdate Service - Sophos Plc - C:\Program Files\Sophos\AutoUpdate\ALsvc.exe
O23 - Service: UGS License Server (ugslmd) - Macrovision Corporation - D:\Program Files\UGS\UGSLicensing\lmgrd.exe

--
End of file - 7105 bytes

Kiyoshi 12.02.2010 09:05
Hey,
bitte tu noch folgendes:
Führe folgendes nacheinander aus: http://www.trojaner-board.de/51464-a...-ccleaner.html
und
http://www.trojaner-board.de/51187-a...i-malware.html

aus.
Poste bitte das Logfile von Malwarebytes hier hinein.

Bin auf der Arbeit, melde mich heute Nachmittag wieder!

sv3b4ck 12.02.2010 14:05
Anti-Malware hat nichts gefunden.


Malwarebytes' Anti-Malware 1.44
Datenbank Version: 3729
Windows 6.1.7600
Internet Explorer 8.0.7600.16385

12.02.2010 14:04:40
mbam-log-2010-02-12 (14-04-40).txt

Scan-Methode: Vollständiger Scan (C:\|D:\|)
Durchsuchte Objekte: 436865
Laufzeit: 39 minute(s), 40 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Kiyoshi 12.02.2010 14:14
Okay, dann mal folgendes:
Wir schauen mal im Ereignisprotokolle ?
Rechter Mausklick auf Arbeitsplatz -> Verwalten und Ereignisprotokolle wählen

sv3b4ck 12.02.2010 14:54
Hab hier was gefunden:

The process wininit.exe ([fe80::c9a1:9b14:a8c2:77b]) has initiated the restart of computer SVEN-PC on behalf of user Sven-PC\Sven for the following reason: Security issue
Reason Code: 0x4050013
Shutdown Type: restart
Comment:

Kiyoshi 12.02.2010 15:20
Hey,
unter WIN 7 scheint HiJackThis Probleme zu haben.
Benutze dann bitte folgendes:
OTL
Lade Dir OTL von Oldtimer herunter (http://filepony.de/download-otl/) und speichere es auf Deinem Desktop
* Doppelklick auf die OTL.exe
* Vista/Win7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
* Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
* Unter Extra Registry, wähle bitte Use SafeList
* Klicke nun auf Run Scan links oben
* Wenn der Scan beendet wurde werden 2 Logfiles erstellt
* Poste die Logfiles hier in den Thread.

sv3b4ck 12.02.2010 15:36
Danke schonmal für deine Mühen.
Hier die Logs:

Zitat:
Zitat von OTL.txt
OTL logfile created on: 12.02.2010 15:21:49 - Run 1
OTL by OldTimer - Version 3.1.28.0 Folder = D:\Eigene Dateien\download
An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 24,41 Gb Total Space | 7,48 Gb Free Space | 30,66% Space Free | Partition Type: NTFS
Drive D: | 571,76 Gb Total Space | 50,52 Gb Free Space | 8,84% Space Free | Partition Type: NTFS
Drive E: | 4,10 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 298,09 Gb Total Space | 155,68 Gb Free Space | 52,22% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded

Computer Name: SVEN-PC
Current User Name: Sven
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - D:\Eigene Dateien\download\OTL.exe (OldTimer Tools)
PRC - D:\Program Files\Miranda IM\miranda32.exe ( )
PRC - D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - D:\Program Files\Winamp\winamp.exe (Nullsoft)
PRC - C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe (Sophos Plc)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - D:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
PRC - C:\Program Files\Sophos\AutoUpdate\ALMon.exe (Sophos Plc)
PRC - C:\Program Files\Sophos\AutoUpdate\ALsvc.exe (Sophos Plc)
PRC - C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe (Sophos Plc)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - D:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
PRC - C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\mmc.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe (Logitech, Inc.)
PRC - C:\Program Files\Common Files\Portrait Displays\Plugins\AM\dtsslsrv.exe ()
PRC - C:\Program Files\Portrait Displays\HP Display Assistant\dthtml.exe (Portrait Displays, Inc)
PRC - C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe ()
PRC - C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe (Portrait Displays Inc.)
PRC - C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
PRC - C:\Windows\System32\AEADISRV.EXE (Andrea Electronics Corporation)
PRC - C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe (Portrait Displays, Inc.)
PRC - C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
PRC - C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe ()
PRC - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
PRC - C:\Program Files\ASUS\EPU-6 Engine\SixEngine.exe ()
PRC - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Advanced Micro Devices Inc.)
PRC - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc.)
PRC - C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe ()
PRC - C:\Program Files\Portrait Displays\Pivot Software\Floater.exe ()
PRC - C:\Program Files\Portrait Displays\Pivot Software\wpCtrl.exe ()
PRC - D:\Program Files\VPN Client\cvpnd.exe (Cisco Systems, Inc.)


========== Modules (SafeList) ==========

MOD - D:\Eigene Dateien\download\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\Sophos\Sophos Anti-Virus\sophos_detoured.dll (Sophos Plc)
MOD - C:\Program Files\Logitech\SetPoint\lgscroll.dll (Logitech, Inc.)
MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)
MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation)
MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcr80.dll (Microsoft Corporation)
MOD - C:\Program Files\Portrait Displays\Pivot Software\Winphook.dll ()


========== Win32 Services (SafeList) ==========

SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (SAVAdminService) -- C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe (Sophos Plc)
SRV - (Sophos AutoUpdate Service) -- C:\Program Files\Sophos\AutoUpdate\ALsvc.exe (Sophos Plc)
SRV - (SAVService) -- C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe (Sophos Plc)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (LBTServ) -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)
SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)
SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)
SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)
SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)
SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)
SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
SRV - (AxInstSV) ActiveX Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)
SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)
SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
SRV - (Asset Management Daemon) -- C:\Program Files\Common Files\Portrait Displays\Plugins\AM\dtsslsrv.exe ()
SRV - (DTSRVC) -- C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe ()
SRV - (AEADIFilters) -- C:\Windows\System32\AEADISRV.EXE (Andrea Electronics Corporation)
SRV - (PdiService) -- C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe (Portrait Displays, Inc.)
SRV - (LVPrcSrv) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (AsSysCtrlService) -- C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe ()
SRV - (CVPND) -- D:\Program Files\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
SRV - (odserv) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (NMIndexingService) -- C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe (Nero AG)
SRV - (UGS License Server (ugslmd)) UGS License Server (ugslmd) -- D:\Program Files\UGS\UGSLicensing\lmgrd.exe (Macrovision Corporation)
SRV - (ose) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (ggsemc) -- C:\Windows\System32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV - (ggflt) -- C:\Windows\System32\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
DRV - (RTL8187) -- C:\Windows\System32\drivers\RTL8187.sys (Realtek Semiconductor Corporation )
DRV - (ElbyCDIO) -- C:\Windows\System32\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (AnyDVD) -- C:\Windows\System32\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV - (SophosBootDriver) -- C:\Windows\System32\drivers\SophosBootDriver.sys (Sophos Plc)
DRV - (SAVOnAccess) -- C:\Windows\System32\drivers\savonaccess.sys (Sophos Plc)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (AtiHdmiService) -- C:\Windows\System32\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (WmXlCore) -- C:\Windows\System32\drivers\WmXlCore.sys (Logitech Inc.)
DRV - (WmVirHid) -- C:\Windows\System32\drivers\WmVirHid.sys (Logitech Inc.)
DRV - (WmFilter) -- C:\Windows\System32\drivers\WmFilter.sys (Logitech Inc.)
DRV - (WmBEnum) -- C:\Windows\System32\drivers\WmBEnum.sys (Logitech Inc.)
DRV - (WinDriver6) -- C:\Windows\System32\drivers\windrvr6.sys (Jungo)
DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)
DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)
DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)
DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)
DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)
DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)
DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)
DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)
DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)
DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)
DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)
DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)
DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)
DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)
DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)
DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)
DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)
DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)
DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)
DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)
DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)
DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation)
DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation)
DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)
DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)
DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)
DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)
DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)
DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)
DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)
DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)
DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)
DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)
DRV - (rdpbus) -- C:\Windows\System32\drivers\rdpbus.sys (Microsoft Corporation)
DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)
DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)
DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
DRV - (vwififlt) -- C:\Windows\System32\drivers\vwififlt.sys (Microsoft Corporation)
DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)
DRV - (1394ohci) -- C:\Windows\System32\drivers\1394ohci.sys (Microsoft Corporation)
DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)
DRV - (usbaudio) USB Audio Driver (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)
DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)
DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation)
DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)
DRV - (HidBatt) -- C:\Windows\system32\DRIVERS\HidBatt.sys (Microsoft Corporation)
DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)
DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation)
DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)
DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)
DRV - (yukonw7) -- C:\Windows\System32\drivers\yk62x86.sys (Marvell)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)
DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)
DRV - (secdrv) -- C:\Windows\System32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (LUsbFilt) -- C:\Windows\System32\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV - (LMouFilt) -- C:\Windows\System32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\Windows\System32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (ADIHdAudAddService) -- C:\Windows\System32\drivers\ADIHdAud.sys (Analog Devices, Inc.)
DRV - (PdiPorts) -- C:\Windows\System32\drivers\PdiPorts.sys (Portrait Displays, Inc.)
DRV - (LVUVC) Logitech QuickCam E3500(UVC) -- C:\Windows\System32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.)
DRV - (LVPr2Mon) -- C:\Windows\System32\drivers\LVPr2Mon.sys ()
DRV - (CVPNDRVA) -- C:\Windows\System32\drivers\CVPNDRVA.sys (Cisco Systems, Inc.)
DRV - (DNE) -- C:\Windows\System32\drivers\dne2000.sys (Deterministic Networks, Inc.)
DRV - (AsIO) -- C:\Windows\System32\drivers\AsIO.sys ()
DRV - (s816mdm) -- C:\Windows\System32\drivers\s816mdm.sys (MCCI Corporation)
DRV - (s816mgmt) Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s816mgmt.sys (MCCI Corporation)
DRV - (s816unic) Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM) -- C:\Windows\System32\drivers\s816unic.sys (MCCI)
DRV - (s816obex) -- C:\Windows\System32\drivers\s816obex.sys (MCCI Corporation)
DRV - (s816nd5) Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS) -- C:\Windows\System32\drivers\s816nd5.sys (MCCI Corporation)
DRV - (s816mdfl) -- C:\Windows\System32\drivers\s816mdfl.sys (MCCI Corporation)
DRV - (s816bus) Sony Ericsson Device 816 driver (WDM) -- C:\Windows\System32\drivers\s816bus.sys (MCCI Corporation)
DRV - (s125mgmt) Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s125mgmt.sys (MCCI Corporation)
DRV - (s125obex) -- C:\Windows\System32\drivers\s125obex.sys (MCCI Corporation)
DRV - (s125mdm) -- C:\Windows\System32\drivers\s125mdm.sys (MCCI Corporation)
DRV - (s125mdfl) -- C:\Windows\System32\drivers\s125mdfl.sys (MCCI Corporation)
DRV - (s125bus) Sony Ericsson Device 125 driver (WDM) -- C:\Windows\System32\drivers\s125bus.sys (MCCI Corporation)
DRV - (s115mgmt) Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s115mgmt.sys (MCCI Corporation)
DRV - (s115obex) -- C:\Windows\System32\drivers\s115obex.sys (MCCI Corporation)
DRV - (s115mdm) -- C:\Windows\System32\drivers\s115mdm.sys (MCCI Corporation)
DRV - (s115mdfl) -- C:\Windows\System32\drivers\s115mdfl.sys (MCCI Corporation)
DRV - (s115bus) Sony Ericsson Device 115 driver (WDM) -- C:\Windows\System32\drivers\s115bus.sys (MCCI Corporation)
DRV - (ElbyCDFL) -- C:\Windows\System32\drivers\ElbyCDFL.sys (SlySoft, Inc.)
DRV - (CVirtA) -- C:\Windows\System32\drivers\CVirtA.sys (Cisco Systems, Inc.)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys ()
DRV - (Sentinel) -- C:\Windows\System32\Drivers\SENTINEL.SYS (Rainbow Technologies, Inc.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.lastfm.de/listen/user/sv3b4ck/recommended
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E5 ED CD B0 73 5C CA 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.spiegel.de/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: amin.eft_Shutdown@gmail.com:3.6.2C
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.8
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20091209.4
FF - prefs.js..network.proxy.backup.ftp: "188.193.6.155"
FF - prefs.js..network.proxy.backup.ftp_port: 8088
FF - prefs.js..network.proxy.backup.gopher: "188.193.6.155"
FF - prefs.js..network.proxy.backup.gopher_port: 8088
FF - prefs.js..network.proxy.backup.socks: "188.193.6.155"
FF - prefs.js..network.proxy.backup.socks_port: 8088
FF - prefs.js..network.proxy.backup.ssl: "188.193.6.155"
FF - prefs.js..network.proxy.backup.ssl_port: 8088
FF - prefs.js..network.proxy.ftp: "193.111.120.47"
FF - prefs.js..network.proxy.ftp_port: 6588
FF - prefs.js..network.proxy.gopher: "193.111.120.47"
FF - prefs.js..network.proxy.gopher_port: 6588
FF - prefs.js..network.proxy.http: "193.111.120.47"
FF - prefs.js..network.proxy.http_port: 6588
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "193.111.120.47"
FF - prefs.js..network.proxy.socks_port: 6588
FF - prefs.js..network.proxy.ssl: "193.111.120.47"
FF - prefs.js..network.proxy.ssl_port: 6588

FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2010.02.12 12:59:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2010.02.11 17:41:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Components: D:\Program Files\Mozilla Thunderbird\components [2010.02.11 02:26:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Plugins: D:\Program Files\Mozilla Thunderbird\plugins [2010.02.11 02:26:08 | 000,000,000 | ---D | M]

[2009.10.05 17:11:23 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\Mozilla\Extensions
[2010.02.11 17:41:37 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\m2k26wji.default\extensions
[2010.01.07 13:24:13 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\m2k26wji.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.01.15 13:44:30 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\m2k26wji.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2009.12.09 13:18:01 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\m2k26wji.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010.01.31 22:45:38 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\m2k26wji.default\extensions\amin.eft_Shutdown@gmail.com
[2009.11.04 14:10:51 | 000,001,805 | ---- | M] () -- C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\m2k26wji.default\searchplugins\google-language-de.xml
[2009.10.21 12:56:42 | 000,002,017 | ---- | M] () -- C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\m2k26wji.default\searchplugins\google-maps.xml
[2009.10.21 11:16:31 | 000,002,747 | ---- | M] () -- C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\m2k26wji.default\searchplugins\imdb.xml

O1 HOSTS File: ([2010.01.06 14:23:42 | 000,338,291 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 11597 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Sophos Web Content Scanner) - {39EA7695-B3F2-4C44-A4BC-297ADA8FD235} - C:\Program Files\Sophos\Sophos Anti-Virus\SophosBHO.dll (Sophos Plc)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ApplyEsf-eDocPrintPro] C:\Program Files\Common Files\MAYComputer\eDocPrintPro\ApplyEsf.exe (May Software)
O4 - HKLM..\Run: [CloneCDTray] D:\Program Files\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [DT HWP] C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe ()
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [PivotSoftware] C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe ()
O4 - HKLM..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [Skype] D:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - Startup: C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Miranda IM.lnk = D:\Program Files\Miranda IM\miranda32.exe ( )
O4 - Startup: C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Thunderbrid (Sven).lnk = D:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
O4 - Startup: C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Winampt.lnk = D:\Program Files\Winamp\winamp.exe (Nullsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - D:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL) - C:\Program Files\Sophos\Sophos Anti-Virus\sophos_detoured.dll (Sophos Plc)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.02.12 13:06:56 | 000,000,000 | ---D | C] -- C:\Users\Sven\AppData\Roaming\Malwarebytes
[2010.02.12 13:06:53 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.02.12 13:06:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.02.12 13:06:50 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.02.12 13:06:50 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.02.12 13:01:06 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010.02.11 02:55:54 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM
[2010.02.11 02:43:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2010.02.11 02:00:38 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Installer Clean Up
[2010.02.11 01:56:44 | 000,000,000 | ---D | C] -- C:\Program Files\MSECACHE
[2010.02.11 00:07:25 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.02.11 00:06:45 | 000,190,696 | ---- | C] (Adobe Systems, Inc.) -- C:\Windows\System32\NPSWF32_FlashUtil.exe
[2010.02.08 18:00:35 | 000,000,000 | ---D | C] -- C:\Program Files\LECTURNITY Player
[2010.02.03 15:37:47 | 000,000,000 | ---D | C] -- C:\Users\Sven\Desktop\New folder
[2010.02.02 20:29:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2010.02.01 01:43:25 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010.01.29 17:43:29 | 001,112,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01007.dll
[2010.01.29 17:43:29 | 000,025,512 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\Windows\System32\drivers\ggsemc.sys
[2010.01.29 17:43:29 | 000,013,224 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\Windows\System32\drivers\ggflt.sys
[2010.01.29 17:43:21 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Ericsson
[2010.01.27 00:49:23 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010.01.25 11:11:36 | 000,000,000 | ---D | C] -- C:\Users\Sven\Desktop\gruppe2
[2010.01.20 14:54:29 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010.01.20 14:54:29 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010.01.15 14:11:00 | 000,000,000 | ---D | C] -- C:\Program Files\Hex-Editor MX
[2010.01.13 19:28:00 | 000,375,808 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\Windows\System32\drivers\RTL8187.sys
[1 C:\Users\Sven\Documents\*.tmp files -> C:\Users\Sven\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.02.12 15:23:06 | 007,077,888 | -HS- | M] () -- C:\Users\Sven\NTUSER.DAT
[2010.02.12 14:54:13 | 000,013,248 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.02.12 14:54:13 | 000,013,248 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.02.12 14:51:24 | 000,713,888 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.02.12 14:51:24 | 000,606,992 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.02.12 14:51:24 | 000,103,370 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.02.12 14:47:07 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.02.12 14:47:04 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs
[2010.02.12 14:47:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.02.12 14:46:38 | 2616,496,128 | -HS- | M] () -- C:\hiberfil.sys
[2010.02.12 14:06:40 | 005,527,869 | -H-- | M] () -- C:\Users\Sven\AppData\Local\IconCache.db
[2010.02.12 13:06:55 | 000,000,989 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.02.12 13:01:07 | 000,001,841 | ---- | M] () -- C:\Users\Sven\Desktop\CCleaner.lnk
[2010.02.11 16:21:11 | 000,261,760 | ---- | M] () -- C:\Users\Sven\Desktop\berechneMittelwert.pdf
[2010.02.11 16:20:30 | 004,296,670 | ---- | M] () -- C:\Users\Sven\Desktop\Unbenannt-1.psd
[2010.02.11 15:56:15 | 000,116,666 | ---- | M] () -- C:\Users\Sven\Desktop\struct1.jpg
[2010.02.11 13:00:13 | 002,453,616 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.02.11 03:03:09 | 000,087,688 | ---- | M] () -- C:\Users\Sven\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.02.09 19:55:59 | 000,011,142 | ---- | M] () -- C:\Users\Sven\Desktop\mtb.xlsx
[2010.02.01 04:30:00 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\At2.job
[2010.01.29 17:45:07 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ggsemc_01007.Wdf
[2010.01.29 17:43:29 | 001,112,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01007.dll
[2010.01.29 17:43:29 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Windows\System32\drivers\ggsemc.sys
[2010.01.29 17:43:29 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Windows\System32\drivers\ggflt.sys
[2010.01.25 11:15:25 | 000,000,085 | -HS- | M] () -- C:\ProgramData\.zreglib
[2010.01.17 04:20:02 | 000,002,009 | ---- | M] () -- C:\Users\Sven\AppData\Local\dsp_edcast_0.cfg
[2010.01.14 11:52:38 | 000,000,375 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[1 C:\Users\Sven\Documents\*.tmp files -> C:\Users\Sven\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.02.12 13:06:55 | 000,000,989 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.02.12 13:01:07 | 000,001,841 | ---- | C] () -- C:\Users\Sven\Desktop\CCleaner.lnk
[2010.02.11 16:21:08 | 000,261,760 | ---- | C] () -- C:\Users\Sven\Desktop\berechneMittelwert.pdf
[2010.02.11 16:16:10 | 004,296,670 | ---- | C] () -- C:\Users\Sven\Desktop\Unbenannt-1.psd
[2010.02.11 15:56:13 | 000,116,666 | ---- | C] () -- C:\Users\Sven\Desktop\struct1.jpg
[2010.02.11 00:06:45 | 002,463,976 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll
[2010.02.08 20:40:53 | 000,011,142 | ---- | C] () -- C:\Users\Sven\Desktop\mtb.xlsx
[2010.02.01 02:30:02 | 000,000,356 | ---- | C] () -- C:\Windows\tasks\At2.job
[2010.01.29 17:45:07 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ggsemc_01007.Wdf
[2010.01.19 19:41:20 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010.01.17 02:55:40 | 000,000,192 | ---- | C] () -- C:\Users\Sven\AppData\Local\dsp_edcast.log
[2010.01.17 02:55:39 | 000,002,009 | ---- | C] () -- C:\Users\Sven\AppData\Local\dsp_edcast_0.cfg
[2009.11.28 20:40:23 | 000,007,605 | ---- | C] () -- C:\Users\Sven\AppData\Local\Resmon.ResmonCfg
[2009.10.27 16:52:55 | 000,000,002 | ---- | C] () -- C:\Users\Sven\AppData\Roaming\ceville_console_history.txt
[2009.10.20 13:50:25 | 000,000,454 | -H-- | C] () -- C:\Users\Sven\AppData\Roaming\vispa.ini
[2009.10.06 15:21:40 | 000,011,832 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp64 - Copy.sys
[2009.10.06 14:04:06 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll
[2009.10.06 14:04:06 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth2.dll
[2009.10.06 14:04:06 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth1.dll
[2009.10.06 14:04:06 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll
[2009.10.06 14:04:06 | 000,000,073 | ---- | C] () -- C:\Windows\System32\ssprs.dll
[2009.10.06 14:04:06 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI
[2009.10.06 12:40:50 | 000,721,904 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009.10.06 12:14:49 | 000,007,432 | ---- | C] () -- C:\Windows\System32\Machnm32.sys
[2009.10.05 17:29:45 | 000,082,289 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2009.10.05 17:24:46 | 000,024,576 | ---- | C] () -- C:\Windows\System32\AsIO.dll
[2009.10.05 17:24:46 | 000,012,400 | ---- | C] () -- C:\Windows\System32\drivers\AsIO.sys
[2009.10.05 17:24:44 | 000,011,832 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp64.sys
[2009.10.05 17:24:44 | 000,010,216 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp32.sys
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.05.08 09:13:04 | 000,013,584 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2009.04.30 15:00:12 | 000,025,624 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2009.04.21 23:19:06 | 000,172,173 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009.01.13 10:28:56 | 000,197,408 | ---- | C] () -- C:\Windows\System32\vpnapi.dll
[2004.08.13 08:56:20 | 000,005,810 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
[2002.10.03 14:42:27 | 000,000,034 | ---- | C] () -- C:\Windows\Q3version.ini

========== Alternate Data Streams ==========

@Alternate Data Stream - 229 bytes -> C:\ProgramData\TEMP:8FF81EB0
< End of report >
Zitat:
Zitat von extras.txt
OTL Extras logfile created on: 12.02.2010 15:21:49 - Run 1
OTL by OldTimer - Version 3.1.28.0 Folder = D:\Eigene Dateien\download
An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 24,41 Gb Total Space | 7,48 Gb Free Space | 30,66% Space Free | Partition Type: NTFS
Drive D: | 571,76 Gb Total Space | 50,52 Gb Free Space | 8,84% Space Free | Partition Type: NTFS
Drive E: | 4,10 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 298,09 Gb Total Space | 155,68 Gb Free Space | 52,22% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded

Computer Name: SVEN-PC
Current User Name: Sven
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "D:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "D:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "D:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Mp3tag] -- "D:\Program Files\Mp3tag\Mp3tag.exe" "/fp:%1" (Florian Heidenreich)
Directory [PlayWithVLC] -- "D:\Program Files\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "D:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "D:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "D:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0217E1D1-BCEF-4A61-AF6D-F7740F65A066}" = Pivot Software
"{034759DA-E21A-4795-BFB3-C66D17FAD183}" = Sophos Anti-Virus
"{034F8B84-40DE-EBB5-4B7E-07E719B1271B}" = Catalyst Control Center HydraVision Full
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}" = Microsoft Games for Windows - LIVE Redistributable
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{1089C72B-8D02-1C2A-1832-B0007D8AA963}" = Catalyst Control Center Core Implementation
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{15C418EB-7675-42be-B2B3-281952DA014D}" = Sophos AutoUpdate
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{17B371B7-740F-4C83-BDFE-0C3A2C585103}" = HP Display Assistant
"{1842532D-0AD3-4470-8E32-798BB63EF496}" = UGSLicensing
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1FF713E1-FE5E-4AD0-9C8C-B2E877846B45}" = Catalyst Control Center - Branding
"{2573A5FB-0352-4B85-E948-10FFCDD28731}" = Catalyst Control Center InstallProxy
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 16
"{2B152D2E-039D-BDD5-DAB8-F9E715CF5FCA}" = Catalyst Control Center Graphics Light
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{33BC9D7E-E790-495E-A4EA-CFB160C17A91}" = Logitech Gaming Software 5.08
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{36A1E3D6-288A-4EEE-A081-30D9808B2BE3}" = Joe
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3AA1DCD6-CEE9-DAD4-79E3-6BF1F5D4744C}" = Catalyst Control Center Graphics Full Existing
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4115D40F-3E40-8D0B-F2B7-5FE20E7D711C}" = Catalyst Control Center Graphics Previews Vista
"{45B8441A-0346-4D6C-88A8-01821DA28D04}" = eDocPrintPro v3.15.2
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4D243BA7-9AC4-46D1-90E5-EEB88974F501}" = Microsoft Games for Windows - LIVE
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{56B83336-FBC1-4C46-8613-90A9E3B440D6}" = EPU-6 Engine
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{59ABBDF0-E1E5-48AF-85FB-F523A08C3490}" = STREET FIGHTER IV
"{5E609F4B-4B10-6DD8-C47D-9703044AC5EF}" = Catalyst Control Center Graphics Full New
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5EF5F1C4-DA0C-406C-A0DE-70A5216B773C}" = Cisco Systems VPN Client 5.0.05.0280
"{602A58C3-BDF2-4B8A-B9D3-B6D9BACA386A}" = Dir-It!
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{6783BD80-A5DB-10A6-9F03-CE0B406BB982}" = Catalyst Control Center Graphics Previews Common
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AB6CBD4-ED44-4EAA-8496-228395B1C1D0}" = gs_x86
"{70E3A868-C269-4E6D-B225-862AADF7D0AF}" = Adobe Creative Suite 4 Production Premium
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{791CAF6C-90A3-11D4-8306-00D0B72E1DB9}" = sentinelsystemdriver
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C2CD35D-FEC4-0272-9D16-CB1585C44FA6}" = ccc-utility
"{7EAB15F0-5857-A3B6-565F-F5A27EC4FD91}" = ATI Catalyst Install Manager
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{8624888C-A959-45A5-98F4-292E956325EA}" = LECTURNITY Player
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{9102836A-D390-415F-45B2-27C9B3680303}" = ccc-core-static
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{A37D76E1-38C4-4A58-A597-BD7C765FB8CF}" = UGS NX 6.0
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1.3 - Deutsch
"{AC96671C-2001-432C-9826-5266D84EF1DC}" = Logitech Webcam Software
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B915FA4E-B670-43E9-8EA0-9F16BFFD8AE8}" = DirComp
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{CA842D69-22DB-456E-95C7-A5C92593C7C4}" = Adobe Setup
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{D4A70F1B-2046-AEBD-9F25-844BECFB163A}" = CCC Help English
"{D6C9AF27-9414-46C8-B9D8-D878BA041031}" = Nero 8
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_36ac9dc8c9a94feb9e5886810012e78" = Adobe Creative Suite 4 Production Premium
"Alcatech BPM Studio Professional v4.9.1" = Alcatech BPM Studio Professional v4.9.1
"AnyDVD" = AnyDVD
"CCleaner" = CCleaner
"CloneCD" = CloneCD
"CloneDVD2" = CloneDVD2
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DMXControl" = DMXControl 2.10
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Host OpenAL (ADI)" = Host OpenAL (ADI)
"IsoBuster_is1" = IsoBuster 2.3
"lvdrivers_12.0" = Logitech Webcam Software-Treiberpaket
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MatlabR2009a" = MATLAB R2009a
"Miranda IM" = Miranda IM 0.8.14
"mIRC" = mIRC
"Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
"Mozilla Thunderbird (2.0.0.23)" = Mozilla Thunderbird (2.0.0.23)
"Mp3tag" = Mp3tag v2.44
"MPE" = MyPhoneExplorer
"qt7lite_is1" = QT Lite 2.9.2
"Quake III Arena Point Release 1.32" = Quake III Arena Point Release 1.32
"SubtitleWorkshop" = Subtitle Workshop 2.51
"uTorrent" = µTorrent
"Veoh Web Player Beta" = Veoh Web Player
"VLC media player" = VLC media player 1.0.3
"Winamp" = Winamp
"WinRAR archiver" = WinRAR archiver
"Zattoo" = Zattoo 3.3.4 Beta

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"NoNameScript" = NNScript
"Winamp Detect" = Winamp Anwendungserkennung

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10.02.2010 19:12:13 | Computer Name = Sven-PC | Source = MsiInstaller | ID = 11704
Description =

Error - 10.02.2010 19:33:05 | Computer Name = Sven-PC | Source = MsiInstaller | ID = 11719
Description =

Error - 10.02.2010 19:54:14 | Computer Name = Sven-PC | Source = MsiInstaller | ID = 11904
Description =

Error - 10.02.2010 21:00:32 | Computer Name = Sven-PC | Source = MsiInstaller | ID = 11500
Description =

Error - 10.02.2010 21:00:34 | Computer Name = Sven-PC | Source = MsiInstaller | ID = 11500
Description =

Error - 10.02.2010 21:00:37 | Computer Name = Sven-PC | Source = MsiInstaller | ID = 11500
Description =

Error - 10.02.2010 21:15:12 | Computer Name = Sven-PC | Source = MsiInstaller | ID = 11904
Description =

Error - 10.02.2010 21:33:09 | Computer Name = Sven-PC | Source = MsiInstaller | ID = 11719
Description =

Error - 11.02.2010 08:29:56 | Computer Name = Sven-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "d:\program files\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "d:\program files\spybot
- search & destroy\DelZip179.dll" on line 8. The value "*" of attribute "language"
in element "assemblyIdentity" is invalid.

Error - 11.02.2010 12:27:11 | Computer Name = Sven-PC | Source = Application Error | ID = 1000
Description = Faulting application name: rundll32.exe_Shell32.dll, version: 6.1.7600.16385,
time stamp: 0x4a5bc637 Faulting module name: SFFXComm.dll, version: 1.0.0.48, time
stamp: 0x49ef4b7c Exception code: 0xc0000005 Fault offset: 0x00009893 Faulting process
id: 0x2554 Faulting application start time: 0x01caab36efe5cc95 Faulting application
path: C:\Windows\system32\rundll32.exe Faulting module path: C:\Windows\system32\SFFXComm.dll
Report
Id: 4df3e7c3-172a-11df-8980-002215150427

[ OSession Events ]
Error - 04.02.2010 12:51:21 | Computer Name = Sven-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 776 seconds with 600 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 01.02.2010 23:33:25 | Computer Name = Sven-PC | Source = SAVOnAccess | ID = 3997781
Description = File [...tem32\WMsgApi.dll]'s scan succeeded following a timeout/busy
condition - it is being logged in case it contributed to that condition. Process
services.exe, (start check timestamp [ 1caa3b87a1cf2bf]).

Error - 01.02.2010 23:33:25 | Computer Name = Sven-PC | Source = SAVOnAccess | ID = 3997781
Description = File [...utomationCore.dll]'s scan succeeded following a timeout/busy
condition - it is being logged in case it contributed to that condition. Process
LogonUI.exe, (start check timestamp [ 1caa3b87a21b57f]).

Error - 02.02.2010 09:05:46 | Computer Name = Sven-PC | Source = Service Control Manager | ID = 7024
Description = The HomeGroup Listener service terminated with service-specific error
%%-2147023143.

Error - 02.02.2010 11:04:40 | Computer Name = Sven-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR6.

Error - 02.02.2010 11:04:50 | Computer Name = Sven-PC | Source = Ntfs | ID = 262281
Description = The default transaction resource manager on volume H: encountered
a non-retryable error and could not start. The data contains the error code.

Error - 02.02.2010 12:25:45 | Computer Name = Sven-PC | Source = Service Control Manager | ID = 7024
Description = The HomeGroup Listener service terminated with service-specific error
%%-2147023143.

Error - 02.02.2010 18:35:23 | Computer Name = Sven-PC | Source = Service Control Manager | ID = 7024
Description = The HomeGroup Listener service terminated with service-specific error
%%-2147023143.

Error - 02.02.2010 19:04:32 | Computer Name = Sven-PC | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
is 10.

Error - 03.02.2010 07:58:05 | Computer Name = Sven-PC | Source = Service Control Manager | ID = 7024
Description = The HomeGroup Listener service terminated with service-specific error
%%-2147023143.

Error - 04.02.2010 11:25:19 | Computer Name = Sven-PC | Source = Service Control Manager | ID = 7024
Description = The HomeGroup Listener service terminated with service-specific error
%%-2147023143.


< End of report >

Kiyoshi 12.02.2010 15:38
Guck mit es gleich durch noch eine Frage:
Startet der PC immer noch neu? Oder bisher läuft alles stabil?

sv3b4ck 12.02.2010 15:39
Naja bis jetzt läuft er stabil.
Aber wie gesagt, es ist in 4 Tagen auch "nur" 2 mal passiert.

Kiyoshi 12.02.2010 15:47
Was hast du denn getan bevor der PC neustartete ? Vielleicht gibt es Probleme mit dem Programm/en das du zum dem Zeitpunkt ausgeführt hast.

sv3b4ck 12.02.2010 15:50
hab ich mir auch schon gedacht, konnte aber keine gemeinsamkeit feststellen.
evtl ein hintergrundprogramm, dort ist aber in letzter zeit kein neues hinzugekommen.

außerdem müsste mich doch windows warnen und mir wenigstens die möglichkeit geben den neustart abzubrechen, oder?

ich warte jetzt einfach mal ab und melde mich wieder, wenn der fehler nochmal auftritt.

cad 12.02.2010 15:59
Kurz einmische :)

Stell den automatischen Neustart ab, beim nächsten Absturz notierst Du Dir die vollständigen technischen Infos und postest diese

Kiyoshi 12.02.2010 16:03
Zitat:
Zitat von cad (Beitrag 503260)
Kurz einmische :)
@ cad: Das ist unerhört :pfui: ;)

@sv3b4ck
Lade folgende Datei bei http://www.virustotal.com/de/ hoch:

Code:
C:\WINDOWS\system32\drivers\sptd.sys
Poste bitte das komplette Ergebnis hier hinein

cad 12.02.2010 16:11
OT:

@ Kiyoshi
Daran wirst Du Dich wohl gewöhnen müssen, wenn Du so eine Frage des TOs, wie er den Neustart verhindern kann nicht beantwortest :D

sv3b4ck 12.02.2010 16:15
C:\WINDOWS\system32\drivers\sptd.sys
auf die datei hab ich keinen zugriff.
probiers gleich mal im abgesicherten.

automatischer neustart ist aus!

Leonixx 12.02.2010 16:23
Das muss nicht unbedingt an einer Infizierung liegen. Könnte auch ein Temperaturproblem oder ein angekündigter Hardwaredefekt vorliegen.

Temps kannst du mit dem Tool Everest Home Edition auslesen und hier posten. Ausserdem mal den Rechner öffnen und von Staub und sonstigem Dreck reinigen.

sv3b4ck 12.02.2010 16:44
Zitat:
--------[ EVEREST Ultimate Edition ]------------------------------------------------------------------------------------

Version EVEREST v5.00.1650/de
Benchmark Modul 2.4.258.0
Homepage Lavalys - Comprehensive IT Security and Management
Berichtsart Berichts-Assistent
Computer SVEN-PC
Ersteller Sven
Betriebssystem Microsoft Windows 7 Professional 6.1.7600
Datum 2010-02-12
Zeit 16:44


--------[ Sensoren ]----------------------------------------------------------------------------------------------------

Sensor Eigenschaften:
Sensortyp Winbond W83667HG (ISA 290h)
GPU Sensortyp Diode (ATI-Diode)
Motherboard Name Asus P5Q / P5Q3 / P5QL Series
Gehäusezutritt gefunden Nein

Temperaturen:
Motherboard 40 °C (104 °F)
CPU 35 °C (95 °F)
1. CPU / 1. Kern 43 °C (109 °F)
1. CPU / 2. Kern 43 °C (109 °F)
GPU Diode (DispIO) 45 °C (113 °F)
GPU Diode (MemIO) 44 °C (111 °F)
GPU Diode (Shader) 42 °C (108 °F)
SAMSUNG HD642JJ 23 °C (73 °F)

Kühllüfter:
CPU 879 RPM
Gehäuse #1 586 RPM
Gehäuse #2 541 RPM
Stromversorgung 586 RPM

Spannungswerte:
CPU Kern 0.88 V
+3.3 V 3.33 V
+5 V 4.99 V
+12 V 12.10 V
+5 V Bereitschaftsmodus 5.12 V

Leistungswerte:
CPU 10.28 W
Debug Info F 12 60 48 27 FF
Debug Info T 40 35 18
Debug Info V 6E D8 D2 D0 D0 FF AB (03)
Debug Info I C1 A513


--------[ Debug - PCI ]-------------------------------------------------------------------------------------------------

B00 D00 F00: Intel G43/G45/P43/P45 Chipset - Memory Controller Hub [A-2]

Offset 000: 86 80 20 2E 06 00 90 20 02 00 00 06 00 00 00 00
Offset 010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 43 10 D3 82
Offset 030: 00 00 00 00 E0 00 00 00 00 00 00 00 00 00 00 00
Offset 040: 01 90 D1 FE 00 00 00 00 01 40 D1 FE 00 00 00 00
Offset 050: 00 00 00 00 03 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 01 00 00 E0 00 00 00 00 01 80 D1 FE 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 01 08 00 00 00 00 00 00
Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 10 11 11 00 00 33 33 00 40 00 4B 00 00 1A 38 00
Offset 0A0: 40 00 00 13 00 00 00 D0 00 00 00 D0 00 00 00 D0
Offset 0B0: 00 D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 03 03 00 00 60 66 66 13 00 00 00 4B
Offset 0E0: 09 00 0C 81 20 45 37 88 D2 4D 0B 80 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 A6 0F 02 00 00 00 00 00

B00 D01 F00: Intel G43/G45/P43/P45 Chipset - Primary PCI Express x16 Root [A-2]

Offset 000: 86 80 21 2E 07 01 10 00 02 00 04 06 08 00 01 00
Offset 010: 00 00 00 00 00 00 00 00 00 01 01 00 B0 B0 00 20
Offset 020: 80 FE 80 FE 01 D0 F1 DF 00 00 00 00 00 00 00 00
Offset 030: 00 00 00 00 88 00 00 00 00 00 00 00 10 01 1A 00
Offset 040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02
Offset 080: 01 90 03 C8 08 00 00 00 0D 80 00 00 43 10 D3 82
Offset 090: 05 A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 10 00 42 01 00 80 00 00 00 00 00 00 02 25 21 02
Offset 0B0: 40 00 02 D1 80 25 00 00 00 00 48 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 01 00 03 41 3F 80 90 0F 02 00 00 F0 00 F0

B00 D1A F00: Intel 82801JB ICH10 - USB Universal Host Controller

Offset 000: 86 80 37 3A 05 00 90 02 00 00 03 0C 00 00 80 00
Offset 010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 01 A8 00 00 00 00 00 00 00 00 00 00 43 10 D4 82
Offset 030: 00 00 00 00 50 00 00 00 00 00 00 00 10 01 00 00
Offset 040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 050: 09 00 06 20 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 20 00 00 00 00 00 00 00 00 01 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 86 0F 00 00 00 00 00 00

B00 D1A F01: Intel 82801JB ICH10 - USB Universal Host Controller

Offset 000: 86 80 38 3A 05 00 90 02 00 00 03 0C 00 00 00 00
Offset 010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 81 A8 00 00 00 00 00 00 00 00 00 00 43 10 D4 82
Offset 030: 00 00 00 00 50 00 00 00 00 00 00 00 15 02 00 00
Offset 040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 050: 09 00 06 20 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 20 00 00 00 00 00 00 00 00 01 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 86 0F 00 00 00 00 00 00

B00 D1A F02: Intel 82801JB ICH10 - USB Universal Host Controller

Offset 000: 86 80 39 3A 05 00 90 02 00 00 03 0C 00 00 00 00
Offset 010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 01 AC 00 00 00 00 00 00 00 00 00 00 43 10 D4 82
Offset 030: 00 00 00 00 50 00 00 00 00 00 00 00 12 03 00 00
Offset 040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 050: 09 00 06 20 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 20 00 00 00 00 00 00 00 00 01 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 86 0F 00 00 00 00 00 00

B00 D1A F07: Intel 82801JB ICH10 - USB2 Enhanced Host Controller

Offset 000: 86 80 3C 3A 06 00 90 02 00 20 03 0C 00 00 00 00
Offset 010: 00 FC 7F FE 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 43 10 D4 82
Offset 030: 00 00 00 00 50 00 00 00 00 00 00 00 12 03 00 00
Offset 040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 050: 01 58 C2 C9 00 00 00 00 0A 98 A0 20 00 00 00 00
Offset 060: 20 20 FF 01 00 00 00 00 01 00 00 00 00 20 00 C0
Offset 070: 00 00 DF 0F 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 00 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 09 00 06 20 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 AA FF 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 86 85 40 00 86 0F 00 00 0A 13 02 20

B00 D1B F00: Intel 82801JB ICH10 - High Definition Audio Controller

Offset 000: 86 80 3E 3A 06 00 10 00 00 00 03 04 08 00 00 00
Offset 010: 04 80 7F FE 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 43 10 11 83
Offset 030: 00 00 00 00 50 00 00 00 00 00 00 00 16 01 00 00
Offset 040: 01 00 00 07 07 00 00 00 00 00 00 00 00 00 00 00
Offset 050: 01 60 42 C8 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 05 70 80 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 10 00 91 00 00 00 00 10 00 08 10 00 00 00 00 00
Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 04 00 01 00 00 00 00 31 00 A3 02 00 00 00 00
Offset 0D0: 61 00 A3 02 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 86 0F 00 00 00 00 00 00

B00 D1C F00: Intel 82801JB ICH10 - PCI Express Root Port 1

Offset 000: 86 80 40 3A 06 01 10 00 00 00 04 06 08 00 81 00
Offset 010: 00 00 00 00 00 00 00 00 00 04 04 00 F0 00 00 20
Offset 020: F0 FF 00 00 F1 FD F1 FD 00 00 00 00 00 00 00 00
Offset 030: 00 00 00 00 40 00 00 00 00 00 00 00 11 01 02 00
Offset 040: 10 80 41 01 00 80 00 00 00 00 10 00 41 2C 11 01
Offset 050: 40 00 01 10 60 05 00 00 00 00 00 00 00 00 00 00
Offset 060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 05 90 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 0D A0 00 00 43 10 D4 82 00 00 00 00 00 00 00 00
Offset 0A0: 01 00 02 C8 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 11 08 00 00 00 00
Offset 0E0: 00 00 C7 00 06 07 08 00 30 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 86 0F 00 00 00 00 00 00

B00 D1C F04: Intel 82801JB ICH10 - PCI Express Root Port 5

Offset 000: 86 80 48 3A 07 01 10 00 00 00 04 06 08 00 81 00
Offset 010: 00 00 00 00 00 00 00 00 00 03 03 00 D0 D0 00 20
Offset 020: A0 FE A0 FE F1 FF 01 00 00 00 00 00 00 00 00 00
Offset 030: 00 00 00 00 40 00 00 00 00 00 00 00 11 01 02 00
Offset 040: 10 80 41 01 00 80 00 00 01 00 10 00 11 2C 11 05
Offset 050: 40 00 11 30 60 05 00 00 00 00 48 01 00 00 00 00
Offset 060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 05 90 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 0D A0 00 00 43 10 D4 82 00 00 00 00 00 00 00 00
Offset 0A0: 01 00 02 C8 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 11 08 00 00 00 00
Offset 0E0: 00 00 C7 00 06 07 08 00 30 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 86 0F 00 00 00 00 00 00

B00 D1C F05: Intel 82801JB ICH10 - PCI Express Root Port 6

Offset 000: 86 80 4A 3A 07 01 10 00 00 00 04 06 08 00 81 00
Offset 010: 00 00 00 00 00 00 00 00 00 02 02 00 C0 C0 00 20
Offset 020: 90 FE 90 FE F1 FF 01 00 00 00 00 00 00 00 00 00
Offset 030: 00 00 00 00 40 00 00 00 00 00 00 00 10 02 02 00
Offset 040: 10 80 41 01 00 80 00 00 00 00 10 00 11 2C 11 06
Offset 050: 40 00 11 30 60 05 00 00 00 00 48 01 00 00 00 00
Offset 060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 05 90 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 0D A0 00 00 43 10 D4 82 00 00 00 00 00 00 00 00
Offset 0A0: 01 00 02 C8 00 01 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 11 08 00 00 00 00
Offset 0E0: 00 00 C7 00 06 07 08 00 30 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 86 0F 00 00 00 00 00 00

B00 D1D F00: Intel 82801JB ICH10 - USB Universal Host Controller

Offset 000: 86 80 34 3A 05 00 90 02 00 00 03 0C 00 00 80 00
Offset 010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 81 A0 00 00 00 00 00 00 00 00 00 00 43 10 D4 82
Offset 030: 00 00 00 00 50 00 00 00 00 00 00 00 17 01 00 00
Offset 040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 050: 09 00 06 20 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 20 00 00 00 00 00 00 00 00 01 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 86 0F 00 00 00 00 00 00

B00 D1D F01: Intel 82801JB ICH10 - USB Universal Host Controller

Offset 000: 86 80 35 3A 05 00 90 02 00 00 03 0C 00 00 00 00
Offset 010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 01 A4 00 00 00 00 00 00 00 00 00 00 43 10 D4 82
Offset 030: 00 00 00 00 50 00 00 00 00 00 00 00 13 02 00 00
Offset 040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 050: 09 00 06 20 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 20 00 00 00 00 00 00 00 00 01 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 86 0F 00 00 00 00 00 00

B00 D1D F02: Intel 82801JB ICH10 - USB Universal Host Controller

Offset 000: 86 80 36 3A 05 00 90 02 00 00 03 0C 00 00 00 00
Offset 010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 81 A4 00 00 00 00 00 00 00 00 00 00 43 10 D4 82
Offset 030: 00 00 00 00 50 00 00 00 00 00 00 00 12 03 00 00
Offset 040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 050: 09 00 06 20 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 20 00 00 00 00 00 00 00 00 01 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 86 0F 00 00 00 00 00 00

B00 D1D F07: Intel 82801JB ICH10 - USB2 Enhanced Host Controller

Offset 000: 86 80 3A 3A 06 00 90 02 00 20 03 0C 00 00 00 00
Offset 010: 00 F8 7F FE 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 43 10 D4 82
Offset 030: 00 00 00 00 50 00 00 00 00 00 00 00 17 01 00 00
Offset 040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 050: 01 58 C2 C9 00 00 00 00 0A 98 A0 20 00 00 00 00
Offset 060: 20 20 FF 01 00 00 00 00 01 00 00 00 00 20 00 C0
Offset 070: 00 00 CF 0F 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 00 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 09 00 06 20 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 AA FF 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 86 85 40 00 86 0F 00 00 0A 13 02 20

B00 D1E F00: Intel 82801JB I/O Controller Hub 10 (ICH10) [A-0]

Offset 000: 86 80 4E 24 07 01 10 00 90 01 04 06 00 00 01 00
Offset 010: 00 00 00 00 00 00 00 00 00 05 05 20 E0 E0 80 22
Offset 020: B0 FE B0 FE F1 FF 01 00 00 00 00 00 00 00 00 00
Offset 030: 00 00 00 00 50 00 00 00 00 00 00 00 FF 00 02 00
Offset 040: 00 00 00 00 00 00 00 00 00 00 00 00 00 12 00 00
Offset 050: 0D 00 00 00 43 10 D4 82 00 00 00 00 00 00 00 00
Offset 060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 86 0F 00 00 00 00 00 00

B00 D1F F00: Intel 82801JB ICH10R - LPC Bridge

Offset 000: 86 80 16 3A 07 00 10 02 00 00 01 06 00 00 80 00
Offset 010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 43 10 D4 82
Offset 030: 00 00 00 00 E0 00 00 00 00 00 00 00 00 00 00 00
Offset 040: 01 08 00 00 80 00 00 00 01 05 00 00 10 00 00 00
Offset 050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 8A 8B 8F 85 D0 00 00 00 80 8E 83 87 F8 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 00 00 0F 34 95 02 00 00 00 00 00 00 01 47 1C 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: A0 06 00 00 39 03 01 00 13 1C 0A 24 00 03 00 00
Offset 0B0: 00 00 F0 06 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 33 22 11 00 67 45 00 00 C0 F0 00 00 00 00 00 00
Offset 0E0: 09 00 0C 10 01 00 C4 02 64 02 00 00 00 00 00 00
Offset 0F0: 01 C0 D1 FE 00 00 00 00 86 0F 00 00 00 00 00 00

B00 D1F F02: Intel 82801JB ICH10 - 6-port SATA AHCI Controller

Offset 000: 86 80 22 3A 07 00 B0 02 00 01 06 01 00 00 00 00
Offset 010: 01 9C 00 00 81 98 00 00 01 98 00 00 81 94 00 00
Offset 020: 01 94 00 00 00 E8 7F FE 00 00 00 00 43 10 D4 82
Offset 030: 00 00 00 00 80 00 00 00 00 00 00 00 13 02 00 00
Offset 040: 00 80 00 80 00 00 00 00 00 00 00 00 00 00 00 00
Offset 050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 01 A8 03 40 08 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 05 70 08 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 60 00 3F 83 93 01 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 12 B0 10 00 48 00 00 00
Offset 0B0: 09 00 06 20 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 86 0F 00 00 00 00 00 00

B00 D1F F03: Intel 82801JB ICH10 - SMBus Controller

Offset 000: 86 80 30 3A 03 00 80 02 00 00 05 0C 00 00 00 00
Offset 010: 04 F4 7F FE 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 01 04 00 00 00 00 00 00 00 00 00 00 43 10 D4 82
Offset 030: 00 00 00 00 00 00 00 00 00 00 00 00 0F 03 00 00
Offset 040: 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 03 04 04 00 00 00 08 08 00 00 00 00 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 86 0F 00 00 00 00 00 00

B01 D00 F00: ATI Radeon HD 4850 Video Adapter

Offset 000: 02 10 42 94 07 04 10 00 00 00 00 03 08 00 80 00
Offset 010: 0C 00 00 D0 00 00 00 00 04 00 8E FE 00 00 00 00
Offset 020: 01 B0 00 00 00 00 00 00 00 00 00 00 87 17 66 22
Offset 030: 00 00 00 00 50 00 00 00 00 00 00 00 00 01 00 00
Offset 040: 00 00 00 00 00 00 00 00 00 00 00 00 87 17 66 22
Offset 050: 01 58 03 06 00 00 00 00 10 A0 12 00 A0 8F 2C 01
Offset 060: 10 09 00 00 02 0D 00 00 40 00 02 11 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 00 00 00 00 00 00 00 00 02 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 05 00 81 00 0C 30 E0 FE 00 00 00 00 B0 49 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

B01 D00 F01: ATI RV770 - High Definition Audio Controller

Offset 000: 02 10 30 AA 06 00 10 00 00 00 03 04 08 00 80 00
Offset 010: 04 C0 8F FE 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 87 17 30 AA
Offset 030: 00 00 00 00 50 00 00 00 00 00 00 00 11 02 00 00
Offset 040: 00 00 00 00 00 00 00 00 00 00 00 00 87 17 30 AA
Offset 050: 01 58 03 06 00 00 00 00 10 A0 12 00 A0 8F 2C 01
Offset 060: 10 09 00 00 02 0D 00 00 00 00 02 11 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 05 00 80 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

B02 D00 F00: Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller

Offset 000: AB 11 64 43 07 00 10 00 12 00 00 02 08 00 00 00
Offset 010: 04 C0 9F FE 00 00 00 00 01 C8 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 43 10 F8 81
Offset 030: 00 00 00 00 48 00 00 00 00 00 00 00 11 01 00 00
Offset 040: 00 00 F0 01 00 80 A0 01 01 50 03 FE 00 21 00 13
Offset 050: 03 5C 00 80 00 00 00 01 00 00 00 01 05 E0 80 00
Offset 060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 00 00 00 00 00 70 00 00 00 00 00 00 82 A8 E8 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 10 00 11 00 C0 8F 28 00 00 40 19 00 11 AC 07 00
Offset 0F0: 08 00 11 10 00 00 00 00 00 00 00 00 00 00 00 00

B03 D00 F00: Marvell 88SE6121 Serial ATA II Host Controller

Offset 000: AB 11 21 61 07 00 10 00 B1 8F 01 01 08 00 00 00
Offset 010: 01 DC 00 00 81 D8 00 00 01 D8 00 00 81 D4 00 00
Offset 020: 01 D4 00 00 00 FC AF FE 00 00 00 00 43 10 12 82
Offset 030: 00 00 00 00 48 00 00 00 00 00 00 00 10 01 00 00
Offset 040: 24 C9 C0 00 1F 80 00 00 01 50 02 5A 00 20 00 13
Offset 050: 05 E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 50 C4 21 40 B0 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 10 00 11 00 C0 0F 0C 00 00 24 08 00 11 A4 03 00
Offset 0F0: 00 00 11 10 00 00 00 00 00 00 00 00 00 00 00 00

B05 D02 F00: Marvell Yukon 88E8001/8003/8010 Gigabit Ethernet Adapter

Offset 000: AB 11 20 43 10 04 B0 02 14 00 00 02 08 40 00 00
Offset 010: 00 C0 BF FE 01 E8 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 43 10 1A 81
Offset 030: 00 00 BC FE 48 00 00 00 00 00 00 00 0F 01 17 1F
Offset 040: 00 00 F0 05 00 80 A0 01 01 50 02 FE 03 20 00 13
Offset 050: 03 00 00 80 00 00 00 01 00 00 04 01 00 00 00 00
Offset 060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

B05 D03 F00: AT&T/Lucent IEEE1394 FireWire Controller

Offset 000: C1 11 11 58 16 00 90 02 70 10 00 0C 08 40 00 00
Offset 010: 00 B0 BF FE 00 00 00 00 00 00 00 00 00 00 00 00
Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 43 10 94 82
Offset 030: 00 00 00 00 44 00 00 00 00 00 00 00 13 01 0C 18
Offset 040: 00 00 00 00 01 00 02 7E 00 80 00 00 00 00 00 00
Offset 050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 070: 00 8C 1E 00 74 22 4C 01 00 00 00 00 00 00 00 00
Offset 080: 00 8C 1E 00 74 22 4C 01 00 00 00 00 00 00 00 00
Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

PCI-8086-2E20: Intel 3-series/4-series/32xx MCHBAR

Offset 100: 00 00 00 00 00 10 00 00 00 08 00 08 00 00 00 00
Offset 110: 45 2C 00 00 00 9A 01 AA 48 10 7E 81 00 08 7D 00
Offset 120: 5F 7F 8D 50 07 E0 3B 40 05 1F 80 00 10 54 00 5E
Offset 130: A2 FF A9 9F 00 3C A6 29 A1 8F 81 40 22 D1 71 40
Offset 140: CB 82 32 01 89 92 4A 01 9F 07 73 01 1B 27 93 01
Offset 150: 00 00 00 00 00 00 00 00 00 00 00 00 44 31 18 06
Offset 160: 99 09 00 00 25 17 20 18 00 00 00 00 00 00 00 00
Offset 170: 00 00 00 00 FF 73 00 00 35 01 00 00 00 FF FF FF
Offset 180: 04 0D C8 00 FF FF FF FF 1B BF 0F 0F 00 00 00 00
Offset 190: 00 00 01 0F 33 00 00 00 AA AA AA 22 19 32 00 00
Offset 1A0: 03 18 55 00 40 00 00 00 F1 00 BB FF DF 70 73 36
Offset 1B0: 00 03 00 00 C0 01 00 00 00 00 00 00 02 04 06 08
Offset 1C0: 20 01 00 00 00 80 00 00 0D 00 00 00 00 00 00 00
Offset 1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 1E0: 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 200: 10 00 20 00 20 00 20 00 86 86 00 00 00 00 00 00
Offset 210: 3F 00 7F FF 00 00 00 00 00 00 00 00 00 00 00 00
Offset 220: 17 11 00 58 01 02 22 00 02 00 00 00 00 00 00 00
Offset 230: 00 00 00 00 00 00 00 00 00 13 00 00 89 7B 00 00
Offset 240: 02 11 00 01 10 23 05 00 33 6A C5 0E 00 11 3F 00
Offset 250: 95 03 34 AC 06 04 78 54 46 B5 0A 34 0C 0F A5 15
Offset 260: C9 3C 37 0B 78 00 0B 13 4A 30 CC CF 33 5F 25 03
Offset 270: 00 0E 55 01 01 87 08 00 81 18 14 88 41 00 04 48
Offset 280: 00 00 00 00 00 00 00 00 00 02 04 08 10 20 40 FF
Offset 290: 1C 09 F2 04 00 00 00 00 11 00 00 00 6B 06 00 00
Offset 2A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 2B0: 00 00 00 00 00 00 00 00 00 18 06 00 70 70 70 00
Offset 2C0: F0 C5 0C 48 7C 00 00 00 00 00 00 00 00 00 00 00
Offset 2D0: 00 31 28 FF 00 36 45 40 00 00 00 00 00 00 00 00
Offset 2E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 2F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

PCI-8086-2E20: Intel 3-series/4-series/32xx MCHBAR

Offset 500: 39 39 39 39 49 49 49 49 59 59 59 59 69 69 69 69
Offset 510: 0A 0A 0A 0A 18 18 18 18 57 57 57 57 26 26 26 26
Offset 520: 52 52 52 52 62 62 62 62 03 03 03 03 03 03 03 03
Offset 530: 33 33 33 33 02 02 02 02 31 31 31 31 30 30 30 30
Offset 540: 55 77 92 00 55 77 49 00 66 77 00 00 55 77 6D 00
Offset 550: 66 77 92 00 66 77 49 00 77 77 00 00 55 77 B6 00
Offset 560: 75 00 00 00 75 00 00 00 74 00 00 00 75 00 00 00
Offset 570: 76 00 00 00 77 00 00 00 77 00 00 00 71 00 00 00
Offset 580: 43 5B 5B 00 32 32 32 32 00 00 00 00 55 95 00 00
Offset 590: 55 55 38 1E 68 00 00 80 00 33 00 00 CC CC F1 00
Offset 5A0: 10 0C 00 38 00 00 00 00 00 00 00 00 00 00 00 00
Offset 5B0: 00 00 00 00 FF FE 01 00 FF FE 01 00 FF FE 01 00
Offset 5C0: FF FE 01 00 07 18 00 00 55 55 55 55 55 55 55 55
Offset 5D0: 55 55 55 55 55 55 55 55 0F 72 00 00 80 3F 00 00
Offset 5E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 5F0: FC 07 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 600: 10 00 20 00 20 00 20 00 86 86 00 00 00 00 00 00
Offset 610: 32 32 64 28 00 00 00 00 00 00 00 00 00 00 00 00
Offset 620: 17 11 00 58 01 02 22 00 02 00 00 00 00 00 00 04
Offset 630: 00 00 00 00 00 00 00 00 00 13 00 00 89 7B 00 00
Offset 640: 02 11 00 01 10 23 25 00 33 6A C5 0E 00 11 3F 00
Offset 650: 95 03 34 AC 06 04 78 54 46 B5 0A 34 0C 0F A5 15
Offset 660: C9 3C 37 0B 78 00 0B 13 4A 30 CC CF 33 5F 25 03
Offset 670: 00 0E 55 01 01 87 08 00 81 18 14 88 41 00 04 48
Offset 680: 00 00 00 00 00 00 00 00 00 02 04 08 10 20 40 FF
Offset 690: 1C 09 F2 04 00 00 00 00 11 00 00 00 6B 06 00 00
Offset 6A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 6B0: 00 00 00 00 00 00 00 00 00 18 06 00 70 70 70 01
Offset 6C0: A0 34 20 80 02 00 00 00 00 00 00 00 00 00 00 00
Offset 6D0: 00 00 1D 0F 00 00 00 00 00 00 00 00 00 04 02 10
Offset 6E0: 00 00 00 00 00 04 02 10 00 00 00 02 00 01 04 00
Offset 6F0: 00 00 00 02 00 01 04 00 00 00 00 00 00 00 00 00

PCI-8086-2E20: Intel 3-series/4-series/32xx MCHBAR

Offset 900: 39 39 39 39 49 49 49 49 59 59 59 59 69 69 69 69
Offset 910: 0A 0A 0A 0A 18 18 18 18 57 57 57 57 26 26 26 26
Offset 920: 52 52 52 52 62 62 62 62 03 03 03 03 03 03 03 03
Offset 930: 33 33 33 33 02 02 02 02 31 31 31 31 30 30 30 30
Offset 940: 55 77 B6 00 55 77 49 00 55 77 92 00 55 77 24 00
Offset 950: 66 77 49 00 55 77 24 00 66 77 49 00 55 77 24 00
Offset 960: 73 00 00 00 72 00 00 00 71 00 00 00 71 00 00 00
Offset 970: 74 00 00 00 74 00 00 00 76 00 00 00 75 00 00 00
Offset 980: 43 5B 5B 00 32 32 32 32 00 00 00 00 AA AA 00 00
Offset 990: 55 55 18 1E 68 00 00 80 00 33 00 00 CC CC F1 00
Offset 9A0: 10 0C 00 38 00 00 00 00 00 00 00 00 00 00 00 00
Offset 9B0: 00 00 00 00 FF FE 01 00 FF FE 01 00 FF FE 01 00
Offset 9C0: FF FE 01 00 07 18 00 00 55 55 55 55 55 55 55 55
Offset 9D0: 55 55 55 55 55 55 55 55 0F 72 00 00 00 3F 00 00
Offset 9E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Offset 9F0: FC 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00


--------[ Debug - Video BIOS ]------------------------------------------------------------------------------------------

C000:0000 U.{.....................H.....IBM............... 761295520......
C000:0040 ........".......09/09/08 01:46..1....*...=.......c..4c........f"
C000:0080 PA.S.*..B...........113-BA0102-X07.RV770.PCI_EXPRESS.GDDR3...RV7
C000:00C0 70 GDDR3 512MB 86909BCD.QFO
C000:0100 .. .....................................................
C000:0140 ................................................................
C000:0180 ........................(C) 1988-2005, ATI Technologies Inc. .AT
C000:01C0 OMBIOSBK-ATI VER011.010.000.002.029910.86909BCD.QFO.424791 .810
C000:0200 64 . .B50102\config.h....$...ATOM......m...X.......f"H.
C000:0240 ........PCIR..B.........{.......ATI ATOMBIOS../4..........e.B...
C000:0280 w.....'.,....V.......LP. .^..fPfQfRfSfUfVfW...6...*........6.f..
C000:02C0 ..*.f.(....u.2...8...%..%..%.......E%.Y%.z%.......G..DP. u......
C000:0300 c.Uc....1..LP........f.......fP. .....fXt.. f.........f_f^f]f[fZ
C000:0340 fYfX.........F.f3..F...F..R......CZ..........f........f.\.f.L.;.
C000:0380 u...f.^.f.N............>...u.............f....e.....@.X...B.....
C000:03C0 X.......|..k..~......o.........e.............e..e..e...PMIDX.rK.


------------------------------------------------------------------------------------------------------------------------

The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
Rechner ist sauber.

Kiyoshi 12.02.2010 16:55
Zitat:
Zitat von Kiyoshi (Beitrag 503262)
@sv3b4ck
Lade folgende Datei bei VirusTotal - Kostenloser online Viren- und Malwarescanner hoch:

Code:
C:\WINDOWS\system32\drivers\sptd.sys
Poste bitte das komplette Ergebnis hier hinein
Würdest uns bitte noch das Log zeigen

Leonixx 12.02.2010 17:01
Gut, die Temps sehen zumindest normal aus. Wie sieht es mit anderer Hardware aus. Schon mal getestet? Poste mal deine Rechnerdaten. Kannst du ebenfalls mit Everest auslesen.

sv3b4ck 12.02.2010 17:09
musste erstmal ne aktuelle knoppix distribu besorgen und damit ne kopie der datei ziehen.
hier das ergebnis.
eins von diesen 40 meldet was.

Zitat:
Antivirus Version letzte aktualisierung Ergebnis
a-squared 4.5.0.50 2010.02.12 -
AhnLab-V3 5.0.0.2 2010.02.12 -
AntiVir 7.9.1.160 2010.02.12 -
Antiy-AVL 2.0.3.7 2010.02.11 -
Authentium 5.2.0.5 2010.02.12 -
Avast 4.8.1351.0 2010.02.12 -
AVG 9.0.0.730 2010.02.12 -
BitDefender 7.2 2010.02.12 -
CAT-QuickHeal 10.00 2010.02.12 -
ClamAV 0.96.0.0-git 2010.02.12 -
Comodo 3911 2010.02.12 -
DrWeb 5.0.1.12222 2010.02.12 -
eSafe 7.0.17.0 2010.02.11 Win32.TrojanHorse
eTrust-Vet 35.2.7299 2010.02.12 -
F-Prot 4.5.1.85 2010.02.12 -
F-Secure 9.0.15370.0 2010.02.12 -
Fortinet 4.0.14.0 2010.02.12 -
GData 19 2010.02.12 -
Ikarus T3.1.1.80.0 2010.02.12 -
Jiangmin 13.0.900 2010.02.08 -
K7AntiVirus 7.10.971 2010.02.11 -
Kaspersky 7.0.0.125 2010.02.12 -
McAfee 5889 2010.02.11 -
McAfee+Artemis 5889 2010.02.11 -
McAfee-GW-Edition 6.8.5 2010.02.12 -
Microsoft 1.5406 2010.02.12 -
NOD32 4861 2010.02.12 -
Norman 6.04.08 2010.02.12 -
nProtect 2009.1.8.0 2010.02.12 -
Panda 10.0.2.2 2010.02.12 -
PCTools 7.0.3.5 2010.02.12 -
Rising 22.34.01.03 2010.02.11 -
Sophos 4.50.0 2010.02.12 -
Sunbelt 5671 2010.02.11 -
Symantec 20091.2.0.41 2010.02.12 -
TheHacker 6.5.1.3.190 2010.02.12 -
TrendMicro 9.120.0.1004 2010.02.12 -
VBA32 3.12.12.2 2010.02.12 -
ViRobot 2010.2.12.2184 2010.02.12 -
VirusBuster 5.0.21.0 2010.02.12 -
weitere Informationen
File size: 721904 bytes
MD5...: d15da1ba189770d93eea2d7e18f95af9
SHA1..: 118f6e32db0b0dd13b6c304fe3030ca650f125cc
SHA256: 9b0bb676cf0cd1aace915a624f13939cb152f136e13f58e6156984bd92f6ba2e
ssdeep: 12288:YdZ14hC/YqpuiLr0Av3Fnpj+DmFfwTTuNtN/tVEk8m/T54vZ:cChKpUiV/
YifwOp8gl4vZ
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x69b6c
timedatestamp.....: 0x49c72e69 (Mon Mar 23 06:38:33 2009)
machinetype.......: 0x14c (I386)

( 12 sections )
name viradd virsiz rawdsiz ntrpy md5
.edata 0x1000 0x1a0e4 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.edata 0x1c000 0x27310 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.text 0x44000 0x20637 0x20800 7.94 8c359576426c3c6ffb70933bf5912723
.data 0x65000 0x154c 0x600 1.80 c9d47458fecff4667c36d7aad53516e3
INIT 0x67000 0x6241 0x6400 7.64 929ab3ce5efcd68083457adf28161d23
.edata 0x6e000 0x80ea 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.idata 0x77000 0xe5c 0x1000 5.17 b2c86d9f985d8c69c27328ced118da6f
.const 0x78000 0x58200 0x58200 7.06 e2eee885262e3b7b345722f552cb05ca
.rsrc 0xd1000 0x388 0x400 2.99 6086fdcc40751e9071c61fb6601f607d
.sptd0 0xd2000 0x4674 0x4800 7.50 876808606cfa3a660e42b96f9bb68c9a
.sptd1 0xd7000 0x24211 0x24400 8.00 3e0981d924a7cc4d4c3205dc92c4a103
.reloc 0xfc000 0x4e00 0x4e00 7.12 2e578eab0c4eb38c4ade37e95f2e5786

( 3 imports )
> ntoskrnl.exe: IofCallDriver, IofCompleteRequest, ObfDereferenceObject, IoWriteErrorLogEntry, IoAllocateErrorLogEntry, ExInitializePagedLookasideList, ExInitializeNPagedLookasideList, ExDeletePagedLookasideList, ExDeleteNPagedLookasideList, MmUnmapIoSpace, MmMapIoSpace, RtlInitAnsiString, sprintf, RtlAnsiStringToUnicodeString, RtlUnicodeStringToAnsiString, ExDeleteResourceLite, ObReferenceObjectByHandle, ZwOpenDirectoryObject, ExInitializeResourceLite, KeClearEvent, KeSetEvent, IoCreateDevice, ObfReferenceObject, _allmul, _aulldiv, swprintf, KeQuerySystemTime, KeInitializeEvent, _wcsnicmp, RtlWriteRegistryValue, MmLockPagableDataSection, PsGetCurrentProcessId, IoGetCurrentProcess, _allshr, _except_handler3, KeLeaveCriticalRegion, ExReleaseResourceLite, ExfInterlockedInsertTailList, ExAcquireResourceSharedLite, ExAcquireResourceExclusiveLite, KeEnterCriticalRegion, ExGetPreviousMode, RtlEqualUnicodeString, ProbeForRead, MmUserProbeAddress, RtlUpcaseUnicodeString, memmove, _aullrem, ExAllocatePoolWithTagPriority, _alldiv, IoDeleteDevice, KeWaitForSingleObject, MmMapLockedPagesSpecifyCache, wcsstr, IoWMIRegistrationControl, IoBuildSynchronousFsdRequest, RtlDeleteRegistryValue, _allrem, IoReuseIrp, ExFreeToPagedLookasideList, ExAllocateFromPagedLookasideList, IoBuildDeviceIoControlRequest, IoSetThreadHardErrorMode, IoBuildPartialMdl, IoAllocateMdl, KeResetEvent, KeDelayExecutionThread, IoDriverObjectType, IoRegisterShutdownNotification, ZwQuerySymbolicLinkObject, ZwOpenSymbolicLinkObject, KeWaitForMultipleObjects, MmHighestUserAddress, IoFileObjectType, IoFreeIrp, IoAllocateIrp, MmIsAddressValid, MmProbeAndLockPages, IoFreeMdl, MmUnlockPages, MmSizeOfMdl, strncpy, KefAcquireSpinLockAtDpcLevel, KefReleaseSpinLockFromDpcLevel, MmIsDriverVerifying, PsGetVersion, ProbeForWrite, IoGetDeviceObjectPointer, IoInitializeIrp, ExfInterlockedRemoveHeadList, ExQueueWorkItem, KeReleaseSemaphore, KeInitializeSemaphore, MmGetPhysicalAddress, RtlLookupElementGenericTable, ZwClose, RtlInitializeGenericTable, RtlDeleteElementGenericTable, RtlInsertElementGenericTable, RtlCompareMemory, RtlQueryRegistryValues, RtlStringFromGUID, RtlFreeUnicodeString, RtlInitUnicodeString, MmGetSystemRoutineAddress, ExAllocatePoolWithTag, IoWMIWriteEvent, ExFreePoolWithTag, KeGetCurrentThread, memcpy, _wcsicmp, memset, KeBugCheckEx, ObReferenceObjectByPointer, IoDeviceObjectType, ExInterlockedPopEntrySList, ExInterlockedPushEntrySList, FsRtlGetFileSize, KeSetImportanceDpc, KeInitializeDpc, IoBuildAsynchronousFsdRequest, KeCancelTimer, MmBuildMdlForNonPagedPool, KeInitializeTimer, KeInsertQueueDpc, KeSetTimer, IoGetRelatedDeviceObject
> HAL.dll: KeRaiseIrqlToDpcLevel, KeStallExecutionProcessor, KfRaiseIrql, KeGetCurrentIrql, KfLowerIrql, KfAcquireSpinLock, KfReleaseSpinLock, READ_PORT_UCHAR
> SCSIPORT.SYS: ScsiPortInitialize

( 0 exports )
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win32 Executable Generic (58.4%)
Clipper DOS Executable (13.8%)
Generic Win/DOS Executable (13.7%)
DOS Executable Generic (13.7%)
VXD Driver (0.2%)
sigcheck:
publisher....: Duplex Secure Ltd.
copyright....: Copyright (C) 2004
product......: SCSI Pass Through Direct
description..: SCSI Pass Through Direct Host
original name: sptd.sys
internal name: SPTD.SYS
file version.: 1.58.0.0 built by: WinDDK
comments.....: n/a
signers......: Duplex Secure Ltd
VeriSign Class 3 Code Signing 2004 CA
Class 3 Public Primary Certification Authority
signing date.: 7:38 AM 3/23/2009
verified.....: -

was meinst du mit rechnerdaten?
Zitat:
--------[ EVEREST Ultimate Edition ]------------------------------------------------------------------------------------

Version EVEREST v5.00.1650/de
Benchmark Modul 2.4.258.0
Homepage http://www.lavalys.com/
Berichtsart Berichts-Assistent
Computer SVEN-PC
Ersteller Sven
Betriebssystem Microsoft Windows 7 Professional 6.1.7600
Datum 2010-02-12
Zeit 17:11


--------[ Übersicht ]---------------------------------------------------------------------------------------------------

Computer:
Computertyp ACPI x86-based PC
Betriebssystem Microsoft Windows 7 Professional
OS Service Pack -
Internet Explorer 8.0.7600.16385
DirectX DirectX 10.1
Computername SVEN-PC
Benutzername Sven
Domainanmeldung Sven-PC
Datum / Uhrzeit 2010-02-12 / 17:11

Motherboard:
CPU Typ DualCore Intel Core 2 Duo E8400, 3066 MHz (9 x 341)
Motherboard Name Asus P5Q-E (2 PCI, 2 PCI-E x1, 3 PCI-E x16, 4 DDR2 DIMM, Audio, Dual Gigabit LAN, IEEE-1394)
Motherboard Chipsatz Intel Eaglelake P45
Arbeitsspeicher 3328 MB (DDR2-800 DDR2 SDRAM)
DIMM1: G Skill F2-8000CL5-2GBPQ 2 GB DDR2-800 DDR2 SDRAM (5-5-5-15 @ 400 MHz) (4-4-4-10 @ 266 MHz)
DIMM3: G Skill F2-8000CL5-2GBPQ 2 GB DDR2-800 DDR2 SDRAM (5-5-5-15 @ 400 MHz) (4-4-4-10 @ 266 MHz)
BIOS Typ AMI (04/06/09)
Anschlüsse (COM und LPT) Communications Port (COM1)

Anzeige:
Grafikkarte ATI Radeon HD 4800 Series (512 MB)
Grafikkarte ATI Radeon HD 4800 Series (512 MB)
3D-Beschleuniger ATI Radeon HD 4850 (RV770)
Monitor HP LP2475w [24" LCD] (CZC848022B)

Multimedia:
Soundkarte Analog Devices AD2000B @ Intel 82801JB ICH10 - High Definition Audio Controller
Soundkarte ATI Radeon HDMI @ ATI RV770 - High Definition Audio Controller

Datenträger:
IDE Controller Standard AHCI 1.0 Serial ATA Controller
IDE Controller Standard Dual Channel PCI IDE Controller
Massenspeicher Controller ATSLJM64 IDE Controller
Festplatte SAMSUNG HD642JJ ATA Device (640 GB, 7200 RPM, SATA-II)
Optisches Laufwerk HL-DT-ST DVDRAM GH20NS15 ATA Device (DVD+R9:12x, DVD-R9:12x, DVD+RW:20x/8x, DVD-RW:20x/6x, DVD-RAM:12x, DVD-ROM:16x, CD:48x/32x/48x DVD+RW/DVD-RW/DVD-RAM)
Optisches Laufwerk XKBODY PYRWPAV SCSI CdRom Device
S.M.A.R.T. Festplatten-Status OK

Partitionen:
C: (NTFS) 24999 MB (7649 MB frei)
D: (NTFS) 571.8 GB (49.4 GB frei)
Speicherkapazität 596.2 GB (56.9 GB frei)

Eingabegeräte:
Tastatur Logitech HID-Compliant Keyboard
Maus Logitech HID-compliant Cordless Mouse

Netzwerk:
Primäre IP-Adresse 192.168.2.100
Primäre MAC-Adresse 00-22-15-15-04-27
Netzwerkkarte Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller (192.168.2.100)

Peripheriegeräte:
Drucker Canon Inkjet iP5300
Drucker eDocPrintPro
Drucker Microsoft XPS Document Writer
FireWire Controller AT&T/Lucent IEEE1394 FireWire Controller (PHY: Agere LFW3226/3227)
USB1 Controller Intel 82801JB ICH10 - USB Universal Host Controller
USB1 Controller Intel 82801JB ICH10 - USB Universal Host Controller
USB1 Controller Intel 82801JB ICH10 - USB Universal Host Controller
USB1 Controller Intel 82801JB ICH10 - USB Universal Host Controller
USB1 Controller Intel 82801JB ICH10 - USB Universal Host Controller
USB1 Controller Intel 82801JB ICH10 - USB Universal Host Controller
USB2 Controller Intel 82801JB ICH10 - USB2 Enhanced Host Controller
USB2 Controller Intel 82801JB ICH10 - USB2 Enhanced Host Controller
USB-Geräte Generic USB Hub
USB-Geräte Logitech Cordless USB Keyboard
USB-Geräte Logitech Cordless USB Mouse & Enhanced Keys
USB-Geräte Logitech Mic (QuickCam E3500)
USB-Geräte Logitech QuickCam E3500
USB-Geräte Logitech USB Camera (QuickCam E3500)
USB-Geräte USB Composite Device
USB-Geräte USB Printing Support

DMI:
DMI BIOS Anbieter American Megatrends Inc.
DMI BIOS Version 2101
DMI Systemhersteller System manufacturer
DMI Systemprodukt P5Q-E
DMI Systemversion System Version
DMI Systemseriennummer System Serial Number
DMI System UUID E06D001E-8C00014C-22740022-15150427
DMI Motherboardhersteller ASUSTeK Computer INC.
DMI Motherboardprodukt P5Q-E
DMI Motherboardversion Rev 1.xx
DMI Motherboardseriennummer MS1C86B50400677
DMI Gehäusehersteller Chassis Manufacture
DMI Gehäuseversion Chassis Version
DMI Gehäuseseriennummer Chassis Serial Number
DMI Gehäusekennzeichnung Asset-1234567890
DMI Gehäusetyp Desktop Case
DMI gesamte / freie Speichersockel 4 / 2

Leonixx 12.02.2010 17:27
Das ist nichts. Fehlalarm des Scanners.

Lade dir das Diagnosetool von Samsung für deine Festplatte herunter.http://www.samsung.com/global/business/hdd/support/utilities/Support_DiskManager.html

Prüfe mal auf Fehler.

sv3b4ck 12.02.2010 18:55
Das Samsung Doag-Tool läuft nicht bei mir.
Lass grad ne HDTune Diagnose durchlaufen.


Alle Zeitangaben in WEZ +1. Es ist jetzt 22:59 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131