Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Rechner startet einfach neu

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 11.02.2010, 17:59   #1
sv3b4ck
 
Rechner startet einfach neu - Standard

Rechner startet einfach neu



Hallo,
ich habe das Problem, dass mein Rechner ohne irgendeine Warnung einfach neu startet.
Vor 4 Tagen fiehl es mir das erste mal auf, und zwar um 23h.
Heute um 17:40 wieder.
Ist euch sowas bekannt?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:52:44, on 11.02.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\EPU-6 Engine\SixEngine.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files\Portrait Displays\Pivot Software\wpCtrl.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Portrait Displays\Pivot Software\floater.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Portrait Displays\HP Display Assistant\DTHtml.exe
C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
D:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Sophos\AutoUpdate\ALMon.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
D:\Program Files\Miranda IM\miranda32.exe
D:\Program Files\Mozilla Thunderbird\thunderbird.exe
D:\Program Files\Winamp\winamp.exe
D:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Sophos\Sophos Anti-Virus\SavProgress.exe
C:\Users\Sven\AppData\Local\Temp\Rar$EX00.669\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lastfm.de/listen/user/sv3b4ck/recommended
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Sophos Web Content Scanner - {39EA7695-B3F2-4C44-A4BC-297ADA8FD235} - C:\Program Files\Sophos\Sophos Anti-Virus\SophosBHO.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [DT HWP] C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe -HWP
O4 - HKLM\..\Run: [PivotSoftware] "C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe"
O4 - HKLM\..\Run: [ApplyEsf-eDocPrintPro] "C:\Program Files\Common Files\MAYComputer\eDocPrintPro\\ApplyEsf.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [CloneCDTray] "D:\Program Files\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe /tray
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Miranda IM.lnk = D:\Program Files\Miranda IM\miranda32.exe
O4 - Startup: Thunderbrid (Sven).lnk = D:\Program Files\Mozilla Thunderbird\thunderbird.exe
O4 - Startup: Winampt.lnk = D:\Program Files\Winamp\winamp.exe
O4 - Global Startup: AutoUpdate Monitor.lnk = C:\Program Files\Sophos\AutoUpdate\ALMon.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://D:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O13 - Gopher Prefix:
O20 - AppInit_DLLs: C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Asset Management Daemon - Unknown owner - C:\Program Files\Common Files\Portrait Displays\Plugins\AM\dtsslsrv.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - D:\Program Files\VPN Client\cvpnd.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Common Files\Portrait Displays\Shared\dtsrvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: Sophos Anti-Virus Statusreporter (SAVAdminService) - Sophos Plc - C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe
O23 - Service: Sophos Anti-Virus (SAVService) - Sophos Plc - C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe
O23 - Service: Sophos AutoUpdate Service - Sophos Plc - C:\Program Files\Sophos\AutoUpdate\ALsvc.exe
O23 - Service: UGS License Server (ugslmd) - Macrovision Corporation - D:\Program Files\UGS\UGSLicensing\lmgrd.exe

--
End of file - 7105 bytes

Alt 12.02.2010, 09:05   #2
Kiyoshi
 
Rechner startet einfach neu - Standard

Rechner startet einfach neu



Hey,
bitte tu noch folgendes:
Führe folgendes nacheinander aus: http://www.trojaner-board.de/51464-a...-ccleaner.html
und
http://www.trojaner-board.de/51187-a...i-malware.html

aus.
Poste bitte das Logfile von Malwarebytes hier hinein.

Bin auf der Arbeit, melde mich heute Nachmittag wieder!
__________________


Alt 12.02.2010, 14:05   #3
sv3b4ck
 
Rechner startet einfach neu - Standard

Rechner startet einfach neu



Anti-Malware hat nichts gefunden.


Malwarebytes' Anti-Malware 1.44
Datenbank Version: 3729
Windows 6.1.7600
Internet Explorer 8.0.7600.16385

12.02.2010 14:04:40
mbam-log-2010-02-12 (14-04-40).txt

Scan-Methode: Vollständiger Scan (C:\|D:\|)
Durchsuchte Objekte: 436865
Laufzeit: 39 minute(s), 40 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
__________________

Alt 12.02.2010, 14:14   #4
Kiyoshi
 
Rechner startet einfach neu - Standard

Rechner startet einfach neu



Okay, dann mal folgendes:
Wir schauen mal im Ereignisprotokolle ?
Rechter Mausklick auf Arbeitsplatz -> Verwalten und Ereignisprotokolle wählen

Alt 12.02.2010, 14:54   #5
sv3b4ck
 
Rechner startet einfach neu - Standard

Rechner startet einfach neu



Hab hier was gefunden:

The process wininit.exe ([fe80::c9a1:9b14:a8c2:77b]) has initiated the restart of computer SVEN-PC on behalf of user Sven-PC\Sven for the following reason: Security issue
Reason Code: 0x4050013
Shutdown Type: restart
Comment:


Alt 12.02.2010, 15:20   #6
Kiyoshi
 
Rechner startet einfach neu - Standard

Rechner startet einfach neu



Hey,
unter WIN 7 scheint HijackThis Probleme zu haben.
Benutze dann bitte folgendes:
OTL
Lade Dir OTL von Oldtimer herunter (http://filepony.de/download-otl/) und speichere es auf Deinem Desktop
* Doppelklick auf die OTL.exe
* Vista/Win7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
* Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
* Unter Extra Registry, wähle bitte Use SafeList
* Klicke nun auf Run Scan links oben
* Wenn der Scan beendet wurde werden 2 Logfiles erstellt
* Poste die Logfiles hier in den Thread.

Alt 12.02.2010, 15:36   #7
sv3b4ck
 
Rechner startet einfach neu - Standard

Rechner startet einfach neu



Danke schonmal für deine Mühen.
Hier die Logs:

Zitat:
Zitat von OTL.txt
OTL logfile created on: 12.02.2010 15:21:49 - Run 1
OTL by OldTimer - Version 3.1.28.0 Folder = D:\Eigene Dateien\download
An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 24,41 Gb Total Space | 7,48 Gb Free Space | 30,66% Space Free | Partition Type: NTFS
Drive D: | 571,76 Gb Total Space | 50,52 Gb Free Space | 8,84% Space Free | Partition Type: NTFS
Drive E: | 4,10 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 298,09 Gb Total Space | 155,68 Gb Free Space | 52,22% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded

Computer Name: SVEN-PC
Current User Name: Sven
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - D:\Eigene Dateien\download\OTL.exe (OldTimer Tools)
PRC - D:\Program Files\Miranda IM\miranda32.exe ( )
PRC - D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - D:\Program Files\Winamp\winamp.exe (Nullsoft)
PRC - C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe (Sophos Plc)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - D:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
PRC - C:\Program Files\Sophos\AutoUpdate\ALMon.exe (Sophos Plc)
PRC - C:\Program Files\Sophos\AutoUpdate\ALsvc.exe (Sophos Plc)
PRC - C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe (Sophos Plc)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - D:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
PRC - C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\mmc.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe (Logitech, Inc.)
PRC - C:\Program Files\Common Files\Portrait Displays\Plugins\AM\dtsslsrv.exe ()
PRC - C:\Program Files\Portrait Displays\HP Display Assistant\dthtml.exe (Portrait Displays, Inc)
PRC - C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe ()
PRC - C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe (Portrait Displays Inc.)
PRC - C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
PRC - C:\Windows\System32\AEADISRV.EXE (Andrea Electronics Corporation)
PRC - C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe (Portrait Displays, Inc.)
PRC - C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
PRC - C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe ()
PRC - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
PRC - C:\Program Files\ASUS\EPU-6 Engine\SixEngine.exe ()
PRC - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Advanced Micro Devices Inc.)
PRC - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc.)
PRC - C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe ()
PRC - C:\Program Files\Portrait Displays\Pivot Software\Floater.exe ()
PRC - C:\Program Files\Portrait Displays\Pivot Software\wpCtrl.exe ()
PRC - D:\Program Files\VPN Client\cvpnd.exe (Cisco Systems, Inc.)


========== Modules (SafeList) ==========

MOD - D:\Eigene Dateien\download\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\Sophos\Sophos Anti-Virus\sophos_detoured.dll (Sophos Plc)
MOD - C:\Program Files\Logitech\SetPoint\lgscroll.dll (Logitech, Inc.)
MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)
MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation)
MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcr80.dll (Microsoft Corporation)
MOD - C:\Program Files\Portrait Displays\Pivot Software\Winphook.dll ()


========== Win32 Services (SafeList) ==========

SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (SAVAdminService) -- C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe (Sophos Plc)
SRV - (Sophos AutoUpdate Service) -- C:\Program Files\Sophos\AutoUpdate\ALsvc.exe (Sophos Plc)
SRV - (SAVService) -- C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe (Sophos Plc)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (LBTServ) -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)
SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)
SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)
SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)
SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)
SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)
SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
SRV - (AxInstSV) ActiveX Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)
SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)
SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
SRV - (Asset Management Daemon) -- C:\Program Files\Common Files\Portrait Displays\Plugins\AM\dtsslsrv.exe ()
SRV - (DTSRVC) -- C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe ()
SRV - (AEADIFilters) -- C:\Windows\System32\AEADISRV.EXE (Andrea Electronics Corporation)
SRV - (PdiService) -- C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe (Portrait Displays, Inc.)
SRV - (LVPrcSrv) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (AsSysCtrlService) -- C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe ()
SRV - (CVPND) -- D:\Program Files\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
SRV - (odserv) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (NMIndexingService) -- C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe (Nero AG)
SRV - (UGS License Server (ugslmd)) UGS License Server (ugslmd) -- D:\Program Files\UGS\UGSLicensing\lmgrd.exe (Macrovision Corporation)
SRV - (ose) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (ggsemc) -- C:\Windows\System32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV - (ggflt) -- C:\Windows\System32\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
DRV - (RTL8187) -- C:\Windows\System32\drivers\RTL8187.sys (Realtek Semiconductor Corporation )
DRV - (ElbyCDIO) -- C:\Windows\System32\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (AnyDVD) -- C:\Windows\System32\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV - (SophosBootDriver) -- C:\Windows\System32\drivers\SophosBootDriver.sys (Sophos Plc)
DRV - (SAVOnAccess) -- C:\Windows\System32\drivers\savonaccess.sys (Sophos Plc)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (AtiHdmiService) -- C:\Windows\System32\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (WmXlCore) -- C:\Windows\System32\drivers\WmXlCore.sys (Logitech Inc.)
DRV - (WmVirHid) -- C:\Windows\System32\drivers\WmVirHid.sys (Logitech Inc.)
DRV - (WmFilter) -- C:\Windows\System32\drivers\WmFilter.sys (Logitech Inc.)
DRV - (WmBEnum) -- C:\Windows\System32\drivers\WmBEnum.sys (Logitech Inc.)
DRV - (WinDriver6) -- C:\Windows\System32\drivers\windrvr6.sys (Jungo)
DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)
DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)
DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)
DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)
DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)
DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)
DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)
DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)
DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)
DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)
DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)
DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)
DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)
DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)
DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)
DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)
DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)
DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)
DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)
DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)
DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)
DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation)
DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation)
DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)
DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)
DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)
DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)
DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)
DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)
DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)
DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)
DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)
DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)
DRV - (rdpbus) -- C:\Windows\System32\drivers\rdpbus.sys (Microsoft Corporation)
DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)
DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)
DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
DRV - (vwififlt) -- C:\Windows\System32\drivers\vwififlt.sys (Microsoft Corporation)
DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)
DRV - (1394ohci) -- C:\Windows\System32\drivers\1394ohci.sys (Microsoft Corporation)
DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)
DRV - (usbaudio) USB Audio Driver (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)
DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)
DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation)
DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)
DRV - (HidBatt) -- C:\Windows\system32\DRIVERS\HidBatt.sys (Microsoft Corporation)
DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)
DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation)
DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)
DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)
DRV - (yukonw7) -- C:\Windows\System32\drivers\yk62x86.sys (Marvell)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)
DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)
DRV - (secdrv) -- C:\Windows\System32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (LUsbFilt) -- C:\Windows\System32\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV - (LMouFilt) -- C:\Windows\System32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\Windows\System32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (ADIHdAudAddService) -- C:\Windows\System32\drivers\ADIHdAud.sys (Analog Devices, Inc.)
DRV - (PdiPorts) -- C:\Windows\System32\drivers\PdiPorts.sys (Portrait Displays, Inc.)
DRV - (LVUVC) Logitech QuickCam E3500(UVC) -- C:\Windows\System32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.)
DRV - (LVPr2Mon) -- C:\Windows\System32\drivers\LVPr2Mon.sys ()
DRV - (CVPNDRVA) -- C:\Windows\System32\drivers\CVPNDRVA.sys (Cisco Systems, Inc.)
DRV - (DNE) -- C:\Windows\System32\drivers\dne2000.sys (Deterministic Networks, Inc.)
DRV - (AsIO) -- C:\Windows\System32\drivers\AsIO.sys ()
DRV - (s816mdm) -- C:\Windows\System32\drivers\s816mdm.sys (MCCI Corporation)
DRV - (s816mgmt) Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s816mgmt.sys (MCCI Corporation)
DRV - (s816unic) Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM) -- C:\Windows\System32\drivers\s816unic.sys (MCCI)
DRV - (s816obex) -- C:\Windows\System32\drivers\s816obex.sys (MCCI Corporation)
DRV - (s816nd5) Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS) -- C:\Windows\System32\drivers\s816nd5.sys (MCCI Corporation)
DRV - (s816mdfl) -- C:\Windows\System32\drivers\s816mdfl.sys (MCCI Corporation)
DRV - (s816bus) Sony Ericsson Device 816 driver (WDM) -- C:\Windows\System32\drivers\s816bus.sys (MCCI Corporation)
DRV - (s125mgmt) Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s125mgmt.sys (MCCI Corporation)
DRV - (s125obex) -- C:\Windows\System32\drivers\s125obex.sys (MCCI Corporation)
DRV - (s125mdm) -- C:\Windows\System32\drivers\s125mdm.sys (MCCI Corporation)
DRV - (s125mdfl) -- C:\Windows\System32\drivers\s125mdfl.sys (MCCI Corporation)
DRV - (s125bus) Sony Ericsson Device 125 driver (WDM) -- C:\Windows\System32\drivers\s125bus.sys (MCCI Corporation)
DRV - (s115mgmt) Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s115mgmt.sys (MCCI Corporation)
DRV - (s115obex) -- C:\Windows\System32\drivers\s115obex.sys (MCCI Corporation)
DRV - (s115mdm) -- C:\Windows\System32\drivers\s115mdm.sys (MCCI Corporation)
DRV - (s115mdfl) -- C:\Windows\System32\drivers\s115mdfl.sys (MCCI Corporation)
DRV - (s115bus) Sony Ericsson Device 115 driver (WDM) -- C:\Windows\System32\drivers\s115bus.sys (MCCI Corporation)
DRV - (ElbyCDFL) -- C:\Windows\System32\drivers\ElbyCDFL.sys (SlySoft, Inc.)
DRV - (CVirtA) -- C:\Windows\System32\drivers\CVirtA.sys (Cisco Systems, Inc.)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys ()
DRV - (Sentinel) -- C:\Windows\System32\Drivers\SENTINEL.SYS (Rainbow Technologies, Inc.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.lastfm.de/listen/user/sv3b4ck/recommended
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E5 ED CD B0 73 5C CA 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.spiegel.de/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: amin.eft_Shutdown@gmail.com:3.6.2C
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.8
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20091209.4
FF - prefs.js..network.proxy.backup.ftp: "188.193.6.155"
FF - prefs.js..network.proxy.backup.ftp_port: 8088
FF - prefs.js..network.proxy.backup.gopher: "188.193.6.155"
FF - prefs.js..network.proxy.backup.gopher_port: 8088
FF - prefs.js..network.proxy.backup.socks: "188.193.6.155"
FF - prefs.js..network.proxy.backup.socks_port: 8088
FF - prefs.js..network.proxy.backup.ssl: "188.193.6.155"
FF - prefs.js..network.proxy.backup.ssl_port: 8088
FF - prefs.js..network.proxy.ftp: "193.111.120.47"
FF - prefs.js..network.proxy.ftp_port: 6588
FF - prefs.js..network.proxy.gopher: "193.111.120.47"
FF - prefs.js..network.proxy.gopher_port: 6588
FF - prefs.js..network.proxy.http: "193.111.120.47"
FF - prefs.js..network.proxy.http_port: 6588
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "193.111.120.47"
FF - prefs.js..network.proxy.socks_port: 6588
FF - prefs.js..network.proxy.ssl: "193.111.120.47"
FF - prefs.js..network.proxy.ssl_port: 6588

FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2010.02.12 12:59:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2010.02.11 17:41:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Components: D:\Program Files\Mozilla Thunderbird\components [2010.02.11 02:26:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Plugins: D:\Program Files\Mozilla Thunderbird\plugins [2010.02.11 02:26:08 | 000,000,000 | ---D | M]

[2009.10.05 17:11:23 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\Mozilla\Extensions
[2010.02.11 17:41:37 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\m2k26wji.default\extensions
[2010.01.07 13:24:13 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\m2k26wji.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.01.15 13:44:30 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\m2k26wji.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2009.12.09 13:18:01 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\m2k26wji.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010.01.31 22:45:38 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\m2k26wji.default\extensions\amin.eft_Shutdown@gmail.com
[2009.11.04 14:10:51 | 000,001,805 | ---- | M] () -- C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\m2k26wji.default\searchplugins\google-language-de.xml
[2009.10.21 12:56:42 | 000,002,017 | ---- | M] () -- C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\m2k26wji.default\searchplugins\google-maps.xml
[2009.10.21 11:16:31 | 000,002,747 | ---- | M] () -- C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\m2k26wji.default\searchplugins\imdb.xml

O1 HOSTS File: ([2010.01.06 14:23:42 | 000,338,291 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 11597 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Sophos Web Content Scanner) - {39EA7695-B3F2-4C44-A4BC-297ADA8FD235} - C:\Program Files\Sophos\Sophos Anti-Virus\SophosBHO.dll (Sophos Plc)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ApplyEsf-eDocPrintPro] C:\Program Files\Common Files\MAYComputer\eDocPrintPro\ApplyEsf.exe (May Software)
O4 - HKLM..\Run: [CloneCDTray] D:\Program Files\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [DT HWP] C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe ()
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [PivotSoftware] C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe ()
O4 - HKLM..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [Skype] D:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - Startup: C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Miranda IM.lnk = D:\Program Files\Miranda IM\miranda32.exe ( )
O4 - Startup: C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Thunderbrid (Sven).lnk = D:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
O4 - Startup: C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Winampt.lnk = D:\Program Files\Winamp\winamp.exe (Nullsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - D:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL) - C:\Program Files\Sophos\Sophos Anti-Virus\sophos_detoured.dll (Sophos Plc)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.02.12 13:06:56 | 000,000,000 | ---D | C] -- C:\Users\Sven\AppData\Roaming\Malwarebytes
[2010.02.12 13:06:53 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.02.12 13:06:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.02.12 13:06:50 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.02.12 13:06:50 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.02.12 13:01:06 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010.02.11 02:55:54 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM
[2010.02.11 02:43:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2010.02.11 02:00:38 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Installer Clean Up
[2010.02.11 01:56:44 | 000,000,000 | ---D | C] -- C:\Program Files\MSECACHE
[2010.02.11 00:07:25 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.02.11 00:06:45 | 000,190,696 | ---- | C] (Adobe Systems, Inc.) -- C:\Windows\System32\NPSWF32_FlashUtil.exe
[2010.02.08 18:00:35 | 000,000,000 | ---D | C] -- C:\Program Files\LECTURNITY Player
[2010.02.03 15:37:47 | 000,000,000 | ---D | C] -- C:\Users\Sven\Desktop\New folder
[2010.02.02 20:29:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2010.02.01 01:43:25 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010.01.29 17:43:29 | 001,112,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01007.dll
[2010.01.29 17:43:29 | 000,025,512 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\Windows\System32\drivers\ggsemc.sys
[2010.01.29 17:43:29 | 000,013,224 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\Windows\System32\drivers\ggflt.sys
[2010.01.29 17:43:21 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Ericsson
[2010.01.27 00:49:23 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010.01.25 11:11:36 | 000,000,000 | ---D | C] -- C:\Users\Sven\Desktop\gruppe2
[2010.01.20 14:54:29 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010.01.20 14:54:29 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010.01.15 14:11:00 | 000,000,000 | ---D | C] -- C:\Program Files\Hex-Editor MX
[2010.01.13 19:28:00 | 000,375,808 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\Windows\System32\drivers\RTL8187.sys
[1 C:\Users\Sven\Documents\*.tmp files -> C:\Users\Sven\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.02.12 15:23:06 | 007,077,888 | -HS- | M] () -- C:\Users\Sven\NTUSER.DAT
[2010.02.12 14:54:13 | 000,013,248 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.02.12 14:54:13 | 000,013,248 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.02.12 14:51:24 | 000,713,888 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.02.12 14:51:24 | 000,606,992 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.02.12 14:51:24 | 000,103,370 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.02.12 14:47:07 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.02.12 14:47:04 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs
[2010.02.12 14:47:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.02.12 14:46:38 | 2616,496,128 | -HS- | M] () -- C:\hiberfil.sys
[2010.02.12 14:06:40 | 005,527,869 | -H-- | M] () -- C:\Users\Sven\AppData\Local\IconCache.db
[2010.02.12 13:06:55 | 000,000,989 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.02.12 13:01:07 | 000,001,841 | ---- | M] () -- C:\Users\Sven\Desktop\CCleaner.lnk
[2010.02.11 16:21:11 | 000,261,760 | ---- | M] () -- C:\Users\Sven\Desktop\berechneMittelwert.pdf
[2010.02.11 16:20:30 | 004,296,670 | ---- | M] () -- C:\Users\Sven\Desktop\Unbenannt-1.psd
[2010.02.11 15:56:15 | 000,116,666 | ---- | M] () -- C:\Users\Sven\Desktop\struct1.jpg
[2010.02.11 13:00:13 | 002,453,616 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.02.11 03:03:09 | 000,087,688 | ---- | M] () -- C:\Users\Sven\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.02.09 19:55:59 | 000,011,142 | ---- | M] () -- C:\Users\Sven\Desktop\mtb.xlsx
[2010.02.01 04:30:00 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\At2.job
[2010.01.29 17:45:07 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ggsemc_01007.Wdf
[2010.01.29 17:43:29 | 001,112,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01007.dll
[2010.01.29 17:43:29 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Windows\System32\drivers\ggsemc.sys
[2010.01.29 17:43:29 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Windows\System32\drivers\ggflt.sys
[2010.01.25 11:15:25 | 000,000,085 | -HS- | M] () -- C:\ProgramData\.zreglib
[2010.01.17 04:20:02 | 000,002,009 | ---- | M] () -- C:\Users\Sven\AppData\Local\dsp_edcast_0.cfg
[2010.01.14 11:52:38 | 000,000,375 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[1 C:\Users\Sven\Documents\*.tmp files -> C:\Users\Sven\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.02.12 13:06:55 | 000,000,989 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.02.12 13:01:07 | 000,001,841 | ---- | C] () -- C:\Users\Sven\Desktop\CCleaner.lnk
[2010.02.11 16:21:08 | 000,261,760 | ---- | C] () -- C:\Users\Sven\Desktop\berechneMittelwert.pdf
[2010.02.11 16:16:10 | 004,296,670 | ---- | C] () -- C:\Users\Sven\Desktop\Unbenannt-1.psd
[2010.02.11 15:56:13 | 000,116,666 | ---- | C] () -- C:\Users\Sven\Desktop\struct1.jpg
[2010.02.11 00:06:45 | 002,463,976 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll
[2010.02.08 20:40:53 | 000,011,142 | ---- | C] () -- C:\Users\Sven\Desktop\mtb.xlsx
[2010.02.01 02:30:02 | 000,000,356 | ---- | C] () -- C:\Windows\tasks\At2.job
[2010.01.29 17:45:07 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ggsemc_01007.Wdf
[2010.01.19 19:41:20 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010.01.17 02:55:40 | 000,000,192 | ---- | C] () -- C:\Users\Sven\AppData\Local\dsp_edcast.log
[2010.01.17 02:55:39 | 000,002,009 | ---- | C] () -- C:\Users\Sven\AppData\Local\dsp_edcast_0.cfg
[2009.11.28 20:40:23 | 000,007,605 | ---- | C] () -- C:\Users\Sven\AppData\Local\Resmon.ResmonCfg
[2009.10.27 16:52:55 | 000,000,002 | ---- | C] () -- C:\Users\Sven\AppData\Roaming\ceville_console_history.txt
[2009.10.20 13:50:25 | 000,000,454 | -H-- | C] () -- C:\Users\Sven\AppData\Roaming\vispa.ini
[2009.10.06 15:21:40 | 000,011,832 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp64 - Copy.sys
[2009.10.06 14:04:06 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll
[2009.10.06 14:04:06 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth2.dll
[2009.10.06 14:04:06 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth1.dll
[2009.10.06 14:04:06 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll
[2009.10.06 14:04:06 | 000,000,073 | ---- | C] () -- C:\Windows\System32\ssprs.dll
[2009.10.06 14:04:06 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI
[2009.10.06 12:40:50 | 000,721,904 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009.10.06 12:14:49 | 000,007,432 | ---- | C] () -- C:\Windows\System32\Machnm32.sys
[2009.10.05 17:29:45 | 000,082,289 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2009.10.05 17:24:46 | 000,024,576 | ---- | C] () -- C:\Windows\System32\AsIO.dll
[2009.10.05 17:24:46 | 000,012,400 | ---- | C] () -- C:\Windows\System32\drivers\AsIO.sys
[2009.10.05 17:24:44 | 000,011,832 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp64.sys
[2009.10.05 17:24:44 | 000,010,216 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp32.sys
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.05.08 09:13:04 | 000,013,584 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2009.04.30 15:00:12 | 000,025,624 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2009.04.21 23:19:06 | 000,172,173 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009.01.13 10:28:56 | 000,197,408 | ---- | C] () -- C:\Windows\System32\vpnapi.dll
[2004.08.13 08:56:20 | 000,005,810 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
[2002.10.03 14:42:27 | 000,000,034 | ---- | C] () -- C:\Windows\Q3version.ini

========== Alternate Data Streams ==========

@Alternate Data Stream - 229 bytes -> C:\ProgramData\TEMP:8FF81EB0
< End of report >
Zitat:
Zitat von extras.txt
OTL Extras logfile created on: 12.02.2010 15:21:49 - Run 1
OTL by OldTimer - Version 3.1.28.0 Folder = D:\Eigene Dateien\download
An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 24,41 Gb Total Space | 7,48 Gb Free Space | 30,66% Space Free | Partition Type: NTFS
Drive D: | 571,76 Gb Total Space | 50,52 Gb Free Space | 8,84% Space Free | Partition Type: NTFS
Drive E: | 4,10 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 298,09 Gb Total Space | 155,68 Gb Free Space | 52,22% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded

Computer Name: SVEN-PC
Current User Name: Sven
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "D:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "D:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "D:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Mp3tag] -- "D:\Program Files\Mp3tag\Mp3tag.exe" "/fp:%1" (Florian Heidenreich)
Directory [PlayWithVLC] -- "D:\Program Files\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "D:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "D:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "D:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0217E1D1-BCEF-4A61-AF6D-F7740F65A066}" = Pivot Software
"{034759DA-E21A-4795-BFB3-C66D17FAD183}" = Sophos Anti-Virus
"{034F8B84-40DE-EBB5-4B7E-07E719B1271B}" = Catalyst Control Center HydraVision Full
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}" = Microsoft Games for Windows - LIVE Redistributable
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{1089C72B-8D02-1C2A-1832-B0007D8AA963}" = Catalyst Control Center Core Implementation
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{15C418EB-7675-42be-B2B3-281952DA014D}" = Sophos AutoUpdate
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{17B371B7-740F-4C83-BDFE-0C3A2C585103}" = HP Display Assistant
"{1842532D-0AD3-4470-8E32-798BB63EF496}" = UGSLicensing
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1FF713E1-FE5E-4AD0-9C8C-B2E877846B45}" = Catalyst Control Center - Branding
"{2573A5FB-0352-4B85-E948-10FFCDD28731}" = Catalyst Control Center InstallProxy
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 16
"{2B152D2E-039D-BDD5-DAB8-F9E715CF5FCA}" = Catalyst Control Center Graphics Light
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{33BC9D7E-E790-495E-A4EA-CFB160C17A91}" = Logitech Gaming Software 5.08
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{36A1E3D6-288A-4EEE-A081-30D9808B2BE3}" = Joe
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3AA1DCD6-CEE9-DAD4-79E3-6BF1F5D4744C}" = Catalyst Control Center Graphics Full Existing
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4115D40F-3E40-8D0B-F2B7-5FE20E7D711C}" = Catalyst Control Center Graphics Previews Vista
"{45B8441A-0346-4D6C-88A8-01821DA28D04}" = eDocPrintPro v3.15.2
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4D243BA7-9AC4-46D1-90E5-EEB88974F501}" = Microsoft Games for Windows - LIVE
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{56B83336-FBC1-4C46-8613-90A9E3B440D6}" = EPU-6 Engine
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{59ABBDF0-E1E5-48AF-85FB-F523A08C3490}" = STREET FIGHTER IV
"{5E609F4B-4B10-6DD8-C47D-9703044AC5EF}" = Catalyst Control Center Graphics Full New
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5EF5F1C4-DA0C-406C-A0DE-70A5216B773C}" = Cisco Systems VPN Client 5.0.05.0280
"{602A58C3-BDF2-4B8A-B9D3-B6D9BACA386A}" = Dir-It!
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{6783BD80-A5DB-10A6-9F03-CE0B406BB982}" = Catalyst Control Center Graphics Previews Common
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AB6CBD4-ED44-4EAA-8496-228395B1C1D0}" = gs_x86
"{70E3A868-C269-4E6D-B225-862AADF7D0AF}" = Adobe Creative Suite 4 Production Premium
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{791CAF6C-90A3-11D4-8306-00D0B72E1DB9}" = sentinelsystemdriver
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C2CD35D-FEC4-0272-9D16-CB1585C44FA6}" = ccc-utility
"{7EAB15F0-5857-A3B6-565F-F5A27EC4FD91}" = ATI Catalyst Install Manager
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{8624888C-A959-45A5-98F4-292E956325EA}" = LECTURNITY Player
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{9102836A-D390-415F-45B2-27C9B3680303}" = ccc-core-static
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{A37D76E1-38C4-4A58-A597-BD7C765FB8CF}" = UGS NX 6.0
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1.3 - Deutsch
"{AC96671C-2001-432C-9826-5266D84EF1DC}" = Logitech Webcam Software
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B915FA4E-B670-43E9-8EA0-9F16BFFD8AE8}" = DirComp
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{CA842D69-22DB-456E-95C7-A5C92593C7C4}" = Adobe Setup
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{D4A70F1B-2046-AEBD-9F25-844BECFB163A}" = CCC Help English
"{D6C9AF27-9414-46C8-B9D8-D878BA041031}" = Nero 8
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_36ac9dc8c9a94feb9e5886810012e78" = Adobe Creative Suite 4 Production Premium
"Alcatech BPM Studio Professional v4.9.1" = Alcatech BPM Studio Professional v4.9.1
"AnyDVD" = AnyDVD
"CCleaner" = CCleaner
"CloneCD" = CloneCD
"CloneDVD2" = CloneDVD2
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DMXControl" = DMXControl 2.10
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Host OpenAL (ADI)" = Host OpenAL (ADI)
"IsoBuster_is1" = IsoBuster 2.3
"lvdrivers_12.0" = Logitech Webcam Software-Treiberpaket
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MatlabR2009a" = MATLAB R2009a
"Miranda IM" = Miranda IM 0.8.14
"mIRC" = mIRC
"Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
"Mozilla Thunderbird (2.0.0.23)" = Mozilla Thunderbird (2.0.0.23)
"Mp3tag" = Mp3tag v2.44
"MPE" = MyPhoneExplorer
"qt7lite_is1" = QT Lite 2.9.2
"Quake III Arena Point Release 1.32" = Quake III Arena Point Release 1.32
"SubtitleWorkshop" = Subtitle Workshop 2.51
"uTorrent" = µTorrent
"Veoh Web Player Beta" = Veoh Web Player
"VLC media player" = VLC media player 1.0.3
"Winamp" = Winamp
"WinRAR archiver" = WinRAR archiver
"Zattoo" = Zattoo 3.3.4 Beta

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"NoNameScript" = NNScript
"Winamp Detect" = Winamp Anwendungserkennung

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10.02.2010 19:12:13 | Computer Name = Sven-PC | Source = MsiInstaller | ID = 11704
Description =

Error - 10.02.2010 19:33:05 | Computer Name = Sven-PC | Source = MsiInstaller | ID = 11719
Description =

Error - 10.02.2010 19:54:14 | Computer Name = Sven-PC | Source = MsiInstaller | ID = 11904
Description =

Error - 10.02.2010 21:00:32 | Computer Name = Sven-PC | Source = MsiInstaller | ID = 11500
Description =

Error - 10.02.2010 21:00:34 | Computer Name = Sven-PC | Source = MsiInstaller | ID = 11500
Description =

Error - 10.02.2010 21:00:37 | Computer Name = Sven-PC | Source = MsiInstaller | ID = 11500
Description =

Error - 10.02.2010 21:15:12 | Computer Name = Sven-PC | Source = MsiInstaller | ID = 11904
Description =

Error - 10.02.2010 21:33:09 | Computer Name = Sven-PC | Source = MsiInstaller | ID = 11719
Description =

Error - 11.02.2010 08:29:56 | Computer Name = Sven-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "d:\program files\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "d:\program files\spybot
- search & destroy\DelZip179.dll" on line 8. The value "*" of attribute "language"
in element "assemblyIdentity" is invalid.

Error - 11.02.2010 12:27:11 | Computer Name = Sven-PC | Source = Application Error | ID = 1000
Description = Faulting application name: rundll32.exe_Shell32.dll, version: 6.1.7600.16385,
time stamp: 0x4a5bc637 Faulting module name: SFFXComm.dll, version: 1.0.0.48, time
stamp: 0x49ef4b7c Exception code: 0xc0000005 Fault offset: 0x00009893 Faulting process
id: 0x2554 Faulting application start time: 0x01caab36efe5cc95 Faulting application
path: C:\Windows\system32\rundll32.exe Faulting module path: C:\Windows\system32\SFFXComm.dll
Report
Id: 4df3e7c3-172a-11df-8980-002215150427

[ OSession Events ]
Error - 04.02.2010 12:51:21 | Computer Name = Sven-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 776 seconds with 600 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 01.02.2010 23:33:25 | Computer Name = Sven-PC | Source = SAVOnAccess | ID = 3997781
Description = File [...tem32\WMsgApi.dll]'s scan succeeded following a timeout/busy
condition - it is being logged in case it contributed to that condition. Process
services.exe, (start check timestamp [ 1caa3b87a1cf2bf]).

Error - 01.02.2010 23:33:25 | Computer Name = Sven-PC | Source = SAVOnAccess | ID = 3997781
Description = File [...utomationCore.dll]'s scan succeeded following a timeout/busy
condition - it is being logged in case it contributed to that condition. Process
LogonUI.exe, (start check timestamp [ 1caa3b87a21b57f]).

Error - 02.02.2010 09:05:46 | Computer Name = Sven-PC | Source = Service Control Manager | ID = 7024
Description = The HomeGroup Listener service terminated with service-specific error
%%-2147023143.

Error - 02.02.2010 11:04:40 | Computer Name = Sven-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR6.

Error - 02.02.2010 11:04:50 | Computer Name = Sven-PC | Source = Ntfs | ID = 262281
Description = The default transaction resource manager on volume H: encountered
a non-retryable error and could not start. The data contains the error code.

Error - 02.02.2010 12:25:45 | Computer Name = Sven-PC | Source = Service Control Manager | ID = 7024
Description = The HomeGroup Listener service terminated with service-specific error
%%-2147023143.

Error - 02.02.2010 18:35:23 | Computer Name = Sven-PC | Source = Service Control Manager | ID = 7024
Description = The HomeGroup Listener service terminated with service-specific error
%%-2147023143.

Error - 02.02.2010 19:04:32 | Computer Name = Sven-PC | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
is 10.

Error - 03.02.2010 07:58:05 | Computer Name = Sven-PC | Source = Service Control Manager | ID = 7024
Description = The HomeGroup Listener service terminated with service-specific error
%%-2147023143.

Error - 04.02.2010 11:25:19 | Computer Name = Sven-PC | Source = Service Control Manager | ID = 7024
Description = The HomeGroup Listener service terminated with service-specific error
%%-2147023143.


< End of report >

Alt 12.02.2010, 15:38   #8
Kiyoshi
 
Rechner startet einfach neu - Standard

Rechner startet einfach neu



Guck mit es gleich durch noch eine Frage:
Startet der PC immer noch neu? Oder bisher läuft alles stabil?

Alt 12.02.2010, 15:39   #9
sv3b4ck
 
Rechner startet einfach neu - Standard

Rechner startet einfach neu



Naja bis jetzt läuft er stabil.
Aber wie gesagt, es ist in 4 Tagen auch "nur" 2 mal passiert.

Alt 12.02.2010, 15:47   #10
Kiyoshi
 
Rechner startet einfach neu - Standard

Rechner startet einfach neu



Was hast du denn getan bevor der PC neustartete ? Vielleicht gibt es Probleme mit dem Programm/en das du zum dem Zeitpunkt ausgeführt hast.

Alt 12.02.2010, 15:50   #11
sv3b4ck
 
Rechner startet einfach neu - Standard

Rechner startet einfach neu



hab ich mir auch schon gedacht, konnte aber keine gemeinsamkeit feststellen.
evtl ein hintergrundprogramm, dort ist aber in letzter zeit kein neues hinzugekommen.

außerdem müsste mich doch windows warnen und mir wenigstens die möglichkeit geben den neustart abzubrechen, oder?

ich warte jetzt einfach mal ab und melde mich wieder, wenn der fehler nochmal auftritt.

Alt 12.02.2010, 15:59   #12
cad
/// caddy ☀
 

Rechner startet einfach neu - Standard

Rechner startet einfach neu



Kurz einmische

Stell den automatischen Neustart ab, beim nächsten Absturz notierst Du Dir die vollständigen technischen Infos und postest diese
__________________
Investiere keine Zeit in Jemand oder eine Sache, für die/den du oder die für dich nur eine Option unter Vielen ist


Jede Hilfestellung erfolgt
ohne Gewähr und Haftung



Alt 12.02.2010, 16:03   #13
Kiyoshi
 
Rechner startet einfach neu - Standard

Rechner startet einfach neu



Zitat:
Zitat von cad Beitrag anzeigen
Kurz einmische
@ cad: Das ist unerhört

@sv3b4ck
Lade folgende Datei bei http://www.virustotal.com/de/ hoch:

Code:
ATTFilter
C:\WINDOWS\system32\drivers\sptd.sys
         
Poste bitte das komplette Ergebnis hier hinein

Alt 12.02.2010, 16:11   #14
cad
/// caddy ☀
 

Rechner startet einfach neu - Standard

Rechner startet einfach neu



OT:

@ Kiyoshi
Daran wirst Du Dich wohl gewöhnen müssen, wenn Du so eine Frage des TOs, wie er den Neustart verhindern kann nicht beantwortest
__________________
Investiere keine Zeit in Jemand oder eine Sache, für die/den du oder die für dich nur eine Option unter Vielen ist


Jede Hilfestellung erfolgt
ohne Gewähr und Haftung



Alt 12.02.2010, 16:15   #15
sv3b4ck
 
Rechner startet einfach neu - Standard

Rechner startet einfach neu



C:\WINDOWS\system32\drivers\sptd.sys
auf die datei hab ich keinen zugriff.
probiers gleich mal im abgesicherten.

automatischer neustart ist aus!

Antwort

Themen zu Rechner startet einfach neu
adobe, asus, bho, erste mal, explorer, firefox, hijack, hijackthis, ics, internet, internet explorer, local\temp, micro, microsoft, mozilla, mozilla thunderbird, neu, office, plug-in, problem, server, software, sophos, system, system32, temp, warnung, webcam, windows



Ähnliche Themen: Rechner startet einfach neu


  1. PC startet einfach neu
    Alles rund um Windows - 03.11.2015 (3)
  2. PC geht beim Zocken einfach aus und startet dann neu.
    Netzwerk und Hardware - 22.06.2015 (4)
  3. PC geht einfach aus und startet neu
    Alles rund um Windows - 28.08.2014 (17)
  4. PC startet beim Spielen einfach neu
    Alles rund um Windows - 23.08.2012 (17)
  5. Mein Pc startet einfach neu!!!!
    Alles rund um Windows - 05.08.2012 (1)
  6. Pc startet einfach neu!
    Log-Analyse und Auswertung - 21.07.2012 (4)
  7. pc startet nachts einfach neu wieso ? :S
    Alles rund um Windows - 01.05.2012 (4)
  8. Pc startet sich einfach so beim Spielen neu
    Alles rund um Windows - 03.06.2011 (4)
  9. Pc startet sich einfach so beim Spielen neu.
    Alles rund um Windows - 28.05.2011 (11)
  10. Internet Explorer Startet einfach
    Log-Analyse und Auswertung - 22.09.2010 (1)
  11. pc startet manchmal einfach so neu > NERVEND!
    Alles rund um Windows - 31.05.2010 (8)
  12. pc startet einfach neu, firefoxprozess problem
    Log-Analyse und Auswertung - 19.11.2009 (1)
  13. Rechner startet einfach neu und bleibt hängen
    Log-Analyse und Auswertung - 25.10.2009 (2)
  14. PC startet einfach neu
    Plagegeister aller Art und deren Bekämpfung - 19.04.2009 (7)
  15. PC startet einfach so neu
    Log-Analyse und Auswertung - 03.12.2007 (11)
  16. Rechner startet einfach neu
    Alles rund um Windows - 06.05.2007 (7)
  17. Rechner startet einfach neu, nachdem ich versuche ei nUpdate von WoW zu machen
    Alles rund um Windows - 21.01.2006 (8)

Zum Thema Rechner startet einfach neu - Hallo, ich habe das Problem, dass mein Rechner ohne irgendeine Warnung einfach neu startet. Vor 4 Tagen fiehl es mir das erste mal auf, und zwar um 23h. Heute um - Rechner startet einfach neu...
Archiv
Du betrachtest: Rechner startet einfach neu auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.