Antwort schreiben 
 
Themabewertung:
  • 0 Bewertungen - 0 im Durchschnitt
  • 1
  • 2
  • 3
  • 4
  • 5
Baumstrukturmodus | Linearer Modus
Win 7 Starter - Herunterfahren muss erzwungen werden - 331bigdog startup
14-01-2012, 10:43
Beitrag: #1
Win 7 Starter - Herunterfahren muss erzwungen werden - 331bigdog startup
Ich suche dringend eine Lösung.

Mein drei Wochen altes Netbook fährt sich seit dem erstmaligen Einschalten nicht selbstständig herunter. Beim Klick auf Herunterfahren oder Betätigen des Powerknopfes (hab das mit Herunterfahren belegt) kommt die Meldung, dass einige Programme im Hintergrund noch darauf warten, geschlossen zu werden. Das Feld, wo die Programme aufgelistet sein sollen, ist aber leer. Ich muss dann immer manuell bestätigen, dass heruntergefahren werden soll (bzw den Ausschalteknopf nochmal drücken), damit es weiter geht.

Ziemlich nervig, die Sache. Zumal es in der Tat seit Anfang so ist.

Hier die OTL-Logfile:

OTL logfile created on: 17.01.2011 15:15:34 - Run 1
OTL by OldTimer - Version 3.2.20.2 Folder = C:\Users\Sarah\Downloads
Starter Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

1.013,00 Mb Total Physical Memory | 602,00 Mb Available Physical Memory | 59,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 63,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 187,67 Gb Total Space | 155,58 Gb Free Space | 82,90% Space Free | Partition Type: NTFS
Drive D: | 30,27 Gb Total Space | 29,36 Gb Free Space | 96,99% Space Free | Partition Type: NTFS

Computer Name: MUTZI | User Name: Sarah | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.01.17 15:11:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Sarah\Downloads\OTL.exe
PRC - [2010.12.29 17:50:08 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Programme\Google\GoogleToolbarNotifier\GoogleTo olbarNotifier.exe
PRC - [2010.12.13 08:39:27 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2010.12.13 08:39:19 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.12.13 08:39:19 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2010.11.09 21:08:58 | 000,146,000 | ---- | M] (Logitech, Inc.) -- C:\Programme\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
PRC - [2010.10.29 00:32:48 | 001,352,272 | ---- | M] (Logitech, Inc.) -- C:\Programme\Logitech\SetPointP\SetPoint.exe
PRC - [2010.06.02 02:32:13 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.05.20 23:59:30 | 011,312,128 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.bin
PRC - [2010.05.20 23:59:28 | 011,318,784 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.exe
PRC - [2010.01.15 12:38:46 | 000,536,576 | ---- | M] (Vimicro) -- C:\Programme\USB Camera\VM331_STI.EXE
PRC - [2010.01.14 21:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009.12.29 10:39:22 | 000,331,776 | -H-- | M] (DeviceVM, Inc.) -- C:\QSTART.SYS\config\DVMExportService.exe
PRC - [2009.11.25 11:16:32 | 008,120,864 | ---- | M] (Realtek Semiconductor) -- C:\Programme\Realtek\Audio\HDA\RtHDVCpl.exe
PRC - [2009.11.25 11:16:32 | 000,678,432 | ---- | M] (Realtek Semiconductor) -- C:\Programme\Realtek\Audio\HDA\RtHDVBg.exe
PRC - [2009.10.23 03:17:10 | 004,114,288 | ---- | M] (Lenovo(beijing) Limited) -- C:\Programme\Lenovo\Energy Management\utility.exe
PRC - [2009.10.23 03:16:26 | 005,064,560 | ---- | M] (Lenovo (Beijing) Limited) -- C:\Programme\Lenovo\Energy Management\Energy Management.exe
PRC - [2009.10.21 17:47:08 | 000,039,952 | ---- | M] (Lenovo.) -- C:\Windows\System32\TPHDEXLG.exe
PRC - [2009.09.22 20:34:48 | 000,795,936 | ---- | M] (Broadcom Corporation.) -- C:\Programme\Lenovo\Bluetooth Software\BTTray.exe
PRC - [2009.09.22 20:34:48 | 000,595,232 | ---- | M] (Broadcom Corporation.) -- C:\Programme\Lenovo\Bluetooth Software\btwdins.exe
PRC - [2009.09.02 13:37:18 | 000,186,208 | ---- | M] (Lenovo.) -- C:\Windows\System32\TpShocks.exe
PRC - [2009.07.14 15:27:26 | 000,038,152 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\ReadyComm\common\IGRS.exe
PRC - [2009.07.14 02:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2009.07.14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IgrsSvcs.exe
PRC - [2009.07.14 02:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2009.06.04 20:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009.06.04 20:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009.01.14 17:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) -- C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe


========== Modules (SafeList) ==========

MOD - [2011.01.17 15:11:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Sarah\Downloads\OTL.exe
MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420f e3fa2b8113bd\comctl32.dll
MOD - [2009.07.14 02:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009.07.14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009.07.14 02:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009.07.14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009.07.14 02:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009.07.14 02:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009.07.14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009.07.14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009.07.14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009.07.14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010.12.13 08:39:27 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.12.13 08:39:19 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.12.08 14:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.11.02 05:36:16 | 000,801,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2010.10.28 11:13:30 | 000,293,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.12.29 10:39:22 | 000,331,776 | -H-- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\QSTART.SYS\config\DVMExportService.exe -- (DvmMDES)
SRV - [2009.10.21 17:47:08 | 000,039,952 | ---- | M] (Lenovo.) [Auto | Running] -- C:\Windows\System32\TPHDEXLG.exe -- (TPHDEXLGSVC)
SRV - [2009.09.22 20:34:48 | 000,595,232 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\Lenovo\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009.09.22 19:16:32 | 000,579,400 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe -- (Lenovo ReadyComm ConnSvc)
SRV - [2009.08.14 15:22:48 | 000,509,192 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files\Lenovo\ReadyComm\AppSvc.exe -- (Lenovo ReadyComm AppSvc)
SRV - [2009.07.14 15:27:26 | 000,038,152 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe -- (IGRS)
SRV - [2009.07.14 02:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009.07.14 02:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009.07.14 02:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009.07.14 02:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009.07.14 02:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009.07.14 02:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009.07.14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009.07.14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009.07.14 02:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009.07.14 02:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.07.14 02:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009.07.14 02:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009.07.14 02:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009.07.14 02:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009.07.14 02:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX-Installer (AxInstSV)
SRV - [2009.07.14 02:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\System32\IgrsSvcs.exe -- (ReadyComm.DirectRouter)
SRV - [2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\System32\IgrsSvcs.exe -- (PS_MDP)
SRV - [2009.07.14 02:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2009.06.04 20:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2009.01.14 17:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)


========== Driver Services (SafeList) ==========

DRV - [2010.12.13 08:39:39 | 000,135,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010.12.13 08:39:38 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.10.25 04:10:06 | 004,807,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2010.08.24 18:31:02 | 000,037,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2010.08.24 18:30:52 | 000,038,864 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2010.07.30 14:16:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010.07.30 14:16:44 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.07.30 14:16:42 | 000,023,040 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.07.30 14:16:38 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.06.23 09:10:54 | 000,275,048 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rt86win7.sys -- (RTL8167)
DRV - [2010.06.17 14:27:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.01.27 07:43:50 | 000,185,344 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vm331avs.sys -- (vm331avs)
DRV - [2010.01.20 06:14:42 | 000,023,136 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV - [2009.12.14 13:44:42 | 001,245,696 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009.12.11 08:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009.11.25 11:04:16 | 002,813,792 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009.11.25 09:37:18 | 000,230,576 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2009.10.21 17:47:00 | 000,020,496 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\windows\System32\DRIVERS\ApsHM86.sys -- (TPDIGIMN)
DRV - [2009.10.21 17:46:58 | 000,118,800 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\windows\System32\DRIVERS\Apsx86.sys -- (Shockprf)
DRV - [2009.09.30 02:59:12 | 000,175,104 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009.08.28 12:15:20 | 000,086,056 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio)
DRV - [2009.08.28 12:15:16 | 000,108,072 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt)
DRV - [2009.08.28 12:15:12 | 000,018,472 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid)
DRV - [2009.07.28 22:09:36 | 000,063,240 | ---- | M] (Lenovo) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdbridge.sys -- (Bridge0)
DRV - [2009.07.21 22:14:58 | 000,081,704 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wsvd.sys -- (wsvd)
DRV - [2009.07.16 13:37:14 | 000,011,792 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WDMirror.sys -- (wdmirror)
DRV - [2009.07.14 02:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009.07.14 02:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009.07.14 02:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009.07.14 02:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009.07.14 02:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009.07.14 02:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009.07.14 02:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009.07.14 02:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009.07.14 02:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009.07.14 02:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009.07.14 02:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009.07.14 02:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009.07.14 02:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009.07.14 02:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009.07.14 02:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009.07.14 02:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009.07.14 02:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009.07.14 02:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009.07.14 02:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009.07.14 02:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009.07.14 02:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009.07.14 02:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009.07.14 02:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009.07.14 02:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009.07.14 02:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009.07.14 02:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.14 02:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009.07.14 02:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009.07.14 02:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009.07.14 02:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009.07.14 02:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009.07.14 02:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009.07.14 02:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009.07.14 02:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009.07.14 02:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009.07.14 01:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009.07.14 01:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\rdpbus.sys -- (rdpbus)
DRV - [2009.07.14 01:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009.07.14 00:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009.07.14 00:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009.07.14 00:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009.07.14 00:52:04 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vwififlt.sys -- (vwififlt)
DRV - [2009.07.14 00:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009.07.14 00:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)
DRV - [2009.07.14 00:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009.07.14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.14 00:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009.07.14 00:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009.07.14 00:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009.07.14 00:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009.07.14 00:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009.07.14 00:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009.07.14 00:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009.07.14 00:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\amdppm.sys -- (AmdPPM)
DRV - [2009.07.13 23:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.13 23:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009.07.13 23:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009.07.13 23:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009.07.13 23:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009.07.13 23:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009.07.13 23:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel®
DRV - [2009.07.13 23:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x) Broadcom NetLink ™
DRV - [2009.07.13 23:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009.07.13 23:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009.07.13 23:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
DRV - [2009.07.01 05:46:20 | 000,043,944 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btusbflt.sys -- (btusbflt)
DRV - [2009.06.04 19:43:16 | 000,330,264 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2009.04.07 08:32:50 | 000,029,472 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwl2cap.sys -- (btwl2cap)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.08.06 13:34:16 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: 'ProxyEnable' = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.48
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23

FF - HKLM\software\mozilla\Firefox\Extensions\\{3112ca9 c-de6d-4884-a869-9855de68056c}: C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2010.12.29 17:53:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FE F-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.12.30 20:50:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.4\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.12.29 17:52:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.4\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.01.13 22:11:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011.01.12 16:45:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB 7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.12.30 20:50:25 | 000,000,000 | ---D | M]

[2011.01.12 16:46:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sarah\AppData\Roaming\mozilla\Extensions
[2011.01.12 16:46:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sarah\AppData\Roaming\mozilla\Extensions\ {3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.01.14 21:38:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sarah\AppData\Roaming\mozilla\Firefox\Pro files\efvex0e9.default\extensions
[2011.01.03 00:48:05 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Sarah\AppData\Roaming\mozilla\Firefox\Pro files\efvex0e9.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.12.31 13:03:33 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Sarah\AppData\Roaming\mozilla\Firefox\Pro files\efvex0e9.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011.01.13 22:11:19 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.01.13 22:11:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.01.13 22:11:19 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010.12.30 20:50:25 | 000,000,000 | ---D | M] (Firefox Synchronisation Extension) -- C:\PROGRAM FILES\NOKIA\NOKIA OVI SUITE\CONNECTORS\BOOKMARKS CONNECTOR\FIREFOXEXTENSION
[2010.12.29 17:53:07 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\PROGRAMDATA\GOOGLE\TOOLBAR FOR FIREFOX\{3112CA9C-DE6D-4884-A869-9855DE68056C}
[2011.01.13 22:10:37 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.06.12 02:24:05 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.06.12 02:24:05 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.06.12 02:24:05 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.06.12 02:24:05 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.06.12 02:24:05 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.2.4204 .1700\swg.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [331BigDog] C:\Programme\USB Camera\VM331_STI.EXE (Vimicro)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Energy Management] C:\Programme\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4 - HKLM..\Run: [EnergyUtility] C:\Programme\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [TpShocks] C:\Windows\System32\TpShocks.exe (Lenovo.)
O4 - HKCU..\Run: [] File not found
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe (Google Inc.)
O4 - Startup: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstal...s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstal...s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstal...s-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.ex e (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\windows\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\Programme\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30 - LSA: Security Packages - (pku2u) - C:\windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- '%1' %*
O35 - HKLM\..exefile [open] -- '%1' %*
O37 - HKLM\...com [@ = comfile] -- '%1' %*
O37 - HKLM\...exe [@ = exefile] -- '%1' %*
Danke im voraus.
Alle Beiträge dieses Benutzers finden
Diese Nachricht in einer Antwort zitieren
14-01-2012, 12:39
Beitrag: #2
Re: Win 7 Starter - Herunterfahren muss erzwungen werden - yhs-elex_myv9
Und hier der zweite Teil der Logfile:

========== Files/Folders - Created Within 30 Days ==========

[2011.01.14 00:36:00 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Roaming\OpenOffice.org
[2011.01.14 00:29:26 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.2
[2011.01.14 00:27:48 | 000,000,000 | ---D | C] -- C:\Programme\OpenOffice.org 3
[2011.01.13 22:11:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011.01.13 22:11:40 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Java
[2011.01.13 22:10:31 | 000,000,000 | ---D | C] -- C:\Programme\Java
[2011.01.13 17:56:54 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\2DBoy
[2011.01.13 17:56:54 | 000,000,000 | ---D | C] -- C:\ProgramData\2DBoy
[2011.01.13 17:55:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Goo
[2011.01.13 17:52:00 | 000,000,000 | ---D | C] -- C:\windows\World of Goo
[2011.01.13 17:52:00 | 000,000,000 | ---D | C] -- C:\Programme\World of Goo
[2011.01.13 17:29:33 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\Adobe
[2011.01.13 17:13:39 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\WinRAR
[2011.01.13 17:13:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011.01.13 17:13:22 | 000,000,000 | ---D | C] -- C:\Programme\WinRAR
[2011.01.12 16:45:56 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Roaming\Thunderbird
[2011.01.12 16:45:56 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\Thunderbird
[2011.01.12 16:45:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird
[2011.01.12 16:45:38 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Thunderbird
[2011.01.03 18:18:04 | 000,000,000 | ---D | C] -- C:\windows\System32\x64
[2011.01.03 02:03:29 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Roaming\ArcSyncConfig
[2011.01.03 02:03:28 | 000,000,000 | ---D | C] -- C:\Users\Sarah\My Others
[2011.01.03 00:50:39 | 000,000,000 | ---D | C] -- C:\windows\System32\Macromed
[2011.01.03 00:44:28 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Roaming\Avira
[2011.01.02 20:27:27 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Roaming\TS3Client
[2011.01.02 20:27:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2011.01.02 20:26:55 | 000,000,000 | ---D | C] -- C:\Programme\TeamSpeak 3 Client
[2011.01.01 14:26:15 | 000,000,000 | ---D | C] -- C:\Programme\MSXML 4.0
[2010.12.31 12:45:59 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Roaming\Mozilla
[2010.12.31 12:45:59 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\Mozilla
[2010.12.30 22:41:59 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\Microsoft Games
[2010.12.30 21:33:57 | 000,000,000 | ---D | C] -- C:\Users\Sarah\Documents\Ovi
[2010.12.30 21:32:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Nokia
[2010.12.30 20:58:43 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\NokiaAccount
[2010.12.30 20:54:45 | 000,000,000 | ---D | C] -- C:\Users\Sarah\Documents\CCleaner Registrysicherungen
[2010.12.30 20:54:17 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\Nokia
[2010.12.30 20:54:05 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Suite
[2010.12.30 20:54:02 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Roaming\PC Suite
[2010.12.30 20:53:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
[2010.12.30 20:50:51 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Nokia
[2010.12.30 20:50:13 | 000,018,816 | ---- | C] (Nokia) -- C:\windows\System32\drivers\pccsmcfd.sys
[2010.12.30 20:50:09 | 000,000,000 | ---D | C] -- C:\windows\System32\DRVSTORE
[2010.12.30 20:49:58 | 000,000,000 | ---D | C] -- C:\Programme\PC Connectivity Solution
[2010.12.30 20:48:47 | 000,075,264 | ---- | C] (Nokia) -- C:\windows\System32\nmwcdcls.dll
[2010.12.30 20:47:49 | 000,000,000 | ---D | C] -- C:\ProgramData\NokiaInstallerCache
[2010.12.30 20:47:49 | 000,000,000 | ---D | C] -- C:\Programme\Nokia
[2010.12.30 20:43:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2010.12.30 20:43:45 | 000,000,000 | R--D | C] -- C:\Programme\Skype
[2010.12.30 20:04:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Logitech
[2010.12.30 20:03:09 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Roaming\Leadertech
[2010.12.30 20:01:49 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\LogiShrd
[2010.12.30 20:01:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2010.12.30 20:01:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Logishrd
[2010.12.30 20:01:09 | 000,000,000 | ---D | C] -- C:\Programme\Logitech
[2010.12.30 20:00:27 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\LogiShrd
[2010.12.30 20:00:08 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Roaming\Logitech
[2010.12.30 20:00:08 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Roaming\Logishrd
[2010.12.30 12:19:29 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft.NET
[2010.12.30 02:16:48 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\Diagnostics
[2010.12.29 18:47:17 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Roaming\skypePM
[2010.12.29 18:46:30 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Roaming\Skype
[2010.12.29 18:30:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2010.12.29 18:30:53 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2010.12.29 18:26:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2010.12.29 18:26:18 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\ssmdrv.sys
[2010.12.29 18:26:08 | 000,135,096 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\avipbb.sys
[2010.12.29 18:26:08 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\avgntflt.sys
[2010.12.29 18:26:00 | 000,000,000 | ---D | C] -- C:\Programme\Avira
[2010.12.29 18:26:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010.12.29 18:22:39 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Adobe
[2010.12.29 18:22:39 | 000,000,000 | ---D | C] -- C:\Programme\Adobe
[2010.12.29 18:20:54 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Roaming\Macromedia
[2010.12.29 18:20:54 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Roaming\Adobe
[2010.12.29 18:19:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2010.12.29 18:16:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010.12.29 17:58:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2010.12.29 17:54:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
[2010.12.29 17:54:24 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\Google
[2010.12.29 17:53:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox
[2010.12.29 17:52:18 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox
[2010.12.29 17:51:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2010.12.29 17:50:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Updater
[2010.12.29 17:49:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Google Updater
[2010.12.29 17:49:48 | 000,000,000 | ---D | C] -- C:\Programme\Google
[2010.12.29 00:53:51 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\Broadcom
[2010.12.29 00:53:51 | 000,000,000 | ---D | C] -- C:\Users\Sarah\Documents\Bluetooth-Exchange-Ordner
[2010.12.29 00:53:23 | 000,000,000 | R--D | C] -- C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Startup
[2010.12.29 00:53:23 | 000,000,000 | R--D | C] -- C:\Users\Sarah\Searches
[2010.12.29 00:53:23 | 000,000,000 | R--D | C] -- C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Administrative Tools
[2010.12.29 00:53:13 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Roaming\Identities
[2010.12.29 00:53:09 | 000,000,000 | R--D | C] -- C:\Users\Sarah\Contacts
[2010.12.29 00:52:59 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\VirtualStore
[2010.12.29 00:52:57 | 000,000,000 | -HSD | C] -- C:\Users\Sarah\Vorlagen
[2010.12.29 00:52:57 | 000,000,000 | -HSD | C] -- C:\Users\Sarah\AppData\Local\Verlauf
[2010.12.29 00:52:57 | 000,000,000 | -HSD | C] -- C:\Users\Sarah\AppData\Local\Temporary Internet Files
[2010.12.29 00:52:57 | 000,000,000 | -HSD | C] -- C:\Users\Sarah\Startmenü
[2010.12.29 00:52:57 | 000,000,000 | -HSD | C] -- C:\Users\Sarah\SendTo
[2010.12.29 00:52:57 | 000,000,000 | -HSD | C] -- C:\Users\Sarah\Recent
[2010.12.29 00:52:57 | 000,000,000 | -HSD | C] -- C:\Users\Sarah\Netzwerkumgebung
[2010.12.29 00:52:57 | 000,000,000 | -HSD | C] -- C:\Users\Sarah\Lokale Einstellungen
[2010.12.29 00:52:57 | 000,000,000 | -HSD | C] -- C:\Users\Sarah\Documents\Eigene Videos
[2010.12.29 00:52:57 | 000,000,000 | -HSD | C] -- C:\Users\Sarah\Documents\Eigene Musik
[2010.12.29 00:52:57 | 000,000,000 | -HSD | C] -- C:\Users\Sarah\Eigene Dateien
[2010.12.29 00:52:57 | 000,000,000 | -HSD | C] -- C:\Users\Sarah\Documents\Eigene Bilder
[2010.12.29 00:52:57 | 000,000,000 | -HSD | C] -- C:\Users\Sarah\Druckumgebung
[2010.12.29 00:52:57 | 000,000,000 | -HSD | C] -- C:\Users\Sarah\Cookies
[2010.12.29 00:52:57 | 000,000,000 | -HSD | C] -- C:\Users\Sarah\AppData\Local\Anwendungsdaten
[2010.12.29 00:52:57 | 000,000,000 | -HSD | C] -- C:\Users\Sarah\Anwendungsdaten
[2010.12.29 00:52:56 | 000,000,000 | --SD | C] -- C:\Users\Sarah\AppData\Roaming\Microsoft
[2010.12.29 00:52:56 | 000,000,000 | R--D | C] -- C:\Users\Sarah\Videos
[2010.12.29 00:52:56 | 000,000,000 | R--D | C] -- C:\Users\Sarah\Saved Games
[2010.12.29 00:52:56 | 000,000,000 | R--D | C] -- C:\Users\Sarah\Pictures
[2010.12.29 00:52:56 | 000,000,000 | R--D | C] -- C:\Users\Sarah\Music
[2010.12.29 00:52:56 | 000,000,000 | R--D | C] -- C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Maintenance
[2010.12.29 00:52:56 | 000,000,000 | R--D | C] -- C:\Users\Sarah\Links
[2010.12.29 00:52:56 | 000,000,000 | R--D | C] -- C:\Users\Sarah\Favorites
[2010.12.29 00:52:56 | 000,000,000 | R--D | C] -- C:\Users\Sarah\Downloads
[2010.12.29 00:52:56 | 000,000,000 | R--D | C] -- C:\Users\Sarah\Documents
[2010.12.29 00:52:56 | 000,000,000 | R--D | C] -- C:\Users\Sarah\Desktop
[2010.12.29 00:52:56 | 000,000,000 | R--D | C] -- C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Accessories
[2010.12.29 00:52:56 | 000,000,000 | -H-D | C] -- C:\Users\Sarah\AppData
[2010.12.29 00:52:56 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\Temp
[2010.12.29 00:52:56 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\Microsoft
[2010.12.29 00:52:56 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Lenovo
[2010.12.29 00:52:06 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Sync Framework
[2010.12.29 00:50:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2010.12.29 00:50:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2010.12.29 00:50:25 | 000,000,000 | -HSD | C] -- C:\Recovery
[2010.12.29 00:50:25 | 000,000,000 | -HSD | C] -- C:\Programme
[2010.12.29 00:50:25 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien
[2010.12.29 00:50:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2010.12.29 00:50:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2010.12.29 00:50:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2010.12.29 00:50:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2010.12.29 00:50:25 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2010.12.29 00:50:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2010.12.29 00:50:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten

========== Files - Modified Within 30 Days ==========

[2011.01.17 15:06:00 | 000,001,094 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.01.17 15:03:44 | 000,000,177 | -H-- | M] () -- C:\dvmexp.idx
[2011.01.17 14:01:03 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.01.17 14:01:03 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.01.17 13:56:07 | 000,001,022 | ---- | M] () -- C:\windows\tasks\Google Software Updater.job
[2011.01.17 13:53:42 | 000,001,090 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.01.17 13:53:21 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011.01.17 13:53:12 | 796,987,392 | -HS- | M] () -- C:\hiberfil.sys
[2011.01.14 16:04:00 | 000,297,832 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2011.01.14 00:36:27 | 000,001,197 | ---- | M] () -- C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Startup\OpenOffice.org 3.2.lnk
[2011.01.13 17:55:18 | 000,001,885 | ---- | M] () -- C:\Users\Public\Desktop\World of Goo.lnk
[2011.01.13 17:51:02 | 070,928,747 | ---- | M] () -- C:\Users\Sarah\Desktop\World of Goo.exe
[2011.01.12 17:29:51 | 000,654,166 | ---- | M] () -- C:\windows\System32\perfh007.dat
[2011.01.12 17:29:51 | 000,616,008 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2011.01.12 17:29:51 | 000,130,006 | ---- | M] () -- C:\windows\System32\perfc007.dat
[2011.01.12 17:29:51 | 000,106,388 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2011.01.12 16:45:52 | 000,001,955 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2011.01.03 02:03:01 | 000,000,088 | ---- | M] () -- C:\ProgramData\profile.xml
[2011.01.02 20:27:04 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2010.12.30 21:32:08 | 000,006,656 | ---- | M] () -- C:\Users\Sarah\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.12.30 20:58:43 | 000,000,000 | -H-- | M] () -- C:\windows\System32\drivers\Msft_User_PCCSWpdDrive r_01_09_00.Wdf
[2010.12.30 20:58:06 | 000,000,000 | -H-- | M] () -- C:\windows\System32\drivers\Msft_User_WpdMtpDr_01_ 09_00.Wdf
[2010.12.30 20:57:49 | 000,000,000 | -H-- | M] () -- C:\windows\System32\drivers\Msft_Kernel_ccdcmb_010 09.Wdf
[2010.12.30 20:53:39 | 000,002,098 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Ovi Suite.lnk
[2010.12.30 20:43:47 | 000,002,505 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.12.30 01:49:00 | 000,048,637 | ---- | M] () -- C:\windows\System32\license.rtf
[2010.12.29 18:47:19 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2010.12.29 18:26:39 | 000,002,016 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010.12.29 18:23:48 | 000,001,984 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.12.29 18:20:29 | 000,002,205 | ---- | M] () -- C:\Users\Sarah\Desktop\Google Chrome.lnk
[2010.12.29 18:05:31 | 000,001,754 | ---- | M] () -- C:\Users\Public\Desktop\Browserwahl.lnk
[2010.12.29 17:58:21 | 000,002,246 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010.12.29 17:53:00 | 000,001,889 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

========== Files Created - No Company Name ==========

[2011.01.14 19:06:16 | 000,021,542 | ---- | C] () -- C:\Users\Sarah\Documents\Spitäler.odt
[2011.01.14 00:36:27 | 000,001,197 | ---- | C] () -- C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Startup\OpenOffice.org 3.2.lnk
[2011.01.13 17:55:18 | 000,001,885 | ---- | C] () -- C:\Users\Public\Desktop\World of Goo.lnk
[2011.01.13 17:44:24 | 070,928,747 | ---- | C] () -- C:\Users\Sarah\Desktop\World of Goo.exe
[2011.01.12 16:45:52 | 000,001,955 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2011.01.03 19:19:35 | 000,024,856 | ---- | C] () -- C:\Users\Sarah\Documents\1247023-6MRRZY2KTNME.pdf
[2011.01.03 02:03:01 | 000,000,088 | ---- | C] () -- C:\ProgramData\profile.xml
[2011.01.02 20:27:04 | 000,001,124 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2010.12.30 21:31:06 | 000,006,656 | ---- | C] () -- C:\Users\Sarah\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.12.30 20:58:43 | 000,000,000 | -H-- | C] () -- C:\windows\System32\drivers\Msft_User_PCCSWpdDrive r_01_09_00.Wdf
[2010.12.30 20:58:06 | 000,000,000 | -H-- | C] () -- C:\windows\System32\drivers\Msft_User_WpdMtpDr_01_ 09_00.Wdf
[2010.12.30 20:57:49 | 000,000,000 | -H-- | C] () -- C:\windows\System32\drivers\Msft_Kernel_ccdcmb_010 09.Wdf
[2010.12.30 20:53:39 | 000,002,098 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Ovi Suite.lnk
[2010.12.30 20:43:47 | 000,002,505 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.12.29 18:47:19 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.12.29 18:26:39 | 000,002,016 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010.12.29 18:23:48 | 000,001,984 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.12.29 18:20:29 | 000,002,205 | ---- | C] () -- C:\Users\Sarah\Desktop\Google Chrome.lnk
[2010.12.29 18:05:31 | 000,001,754 | ---- | C] () -- C:\Users\Public\Desktop\Browserwahl.lnk
[2010.12.29 17:58:21 | 000,002,246 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010.12.29 17:55:29 | 000,001,094 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.12.29 17:55:28 | 000,001,090 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.12.29 17:53:00 | 000,001,889 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.12.29 17:49:51 | 000,001,022 | ---- | C] () -- C:\windows\tasks\Google Software Updater.job
[2010.12.29 00:52:56 | 000,002,257 | ---- | C] () -- C:\Users\Sarah\Desktop\OneKey Recovery.lnk
[2010.06.01 19:37:49 | 000,016,648 | R--- | C] () -- C:\windows\System32\LogAPI.dll
[2010.06.01 19:20:17 | 001,410,400 | ---- | C] () -- C:\windows\System32\IcnOvrly.dll
[2010.06.01 19:20:17 | 000,660,832 | ---- | C] () -- C:\windows\System32\EncIcons.dll
[2010.06.01 19:20:17 | 000,513,376 | ---- | C] () -- C:\windows\System32\SimpleExt.dll
[2010.06.01 19:20:16 | 002,110,816 | ---- | C] () -- C:\windows\System32\Apblend.dll
[2010.06.01 19:20:16 | 001,171,456 | ---- | C] () -- C:\windows\System32\PicNotify.dll
[2010.06.01 19:19:55 | 001,044,480 | ---- | C] () -- C:\windows\System32\3DImageRenderer.dll
[2010.06.01 18:59:57 | 000,001,341 | ---- | C] () -- C:\windows\vm331Rmv.ini
[2009.12.03 09:27:30 | 000,080,416 | ---- | C] () -- C:\windows\System32\RtNicProp32.dll
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\windows\System32\BWContextHandler.dll
[2008.10.28 15:14:10 | 000,362,029 | ---- | C] () -- C:\windows\System32\sqlite3.dll

========== LOP Check ==========

[2011.01.03 19:18:59 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\ArcSyncConfig
[2010.12.30 20:03:09 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\Leadertech
[2011.01.14 00:36:00 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\OpenOffice.org
[2010.12.30 20:59:18 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\PC Suite
[2011.01.12 16:45:59 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\Thunderbird
[2011.01.03 01:44:55 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\TS3Client
[2009.07.14 05:53:46 | 000,010,956 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:5D458568

< End of report >
Schöne Grüße, Matthias172
Alle Beiträge dieses Benutzers finden
Diese Nachricht in einer Antwort zitieren
14-01-2012, 13:29
Beitrag: #3
Re: Win 7 Starter - Herunterfahren muss erzwungen werden - yhs-elex_myv9
grüessech!

Es handelt sich wohl offensichtlich um das vorinstallierte Windows 7 Starter.

Wenn Du die ganzen Tral Versionen und sonstigen Craps nicht benötigst, dann mach doch eine saubere Neuinstallation :

http://www.unawave.de/windows-7/downloads.html
Alle Beiträge dieses Benutzers finden
Diese Nachricht in einer Antwort zitieren
Tags
331bigdog startup, yhs-elex_myv9, intcazaudaddservice, was ist 331bigdog, stromversorgung anzeigen windows 7, windows 7 kein zugriff auf dienste, windows 7 x64 mit x32 seriennummer gültig, xbel datei, medion mobile gerät reagiert nicht, standardkommunikationsgerät xp, windows 8 schreibschutz entfernen, homegroup log, sites
« Ein Thema zurück | Ein Thema vor »
Antwort schreiben 


  • Druckversion anzeigen
  • Thema einem Freund senden
  • Thema abonnieren
Gehe zu:




Kontakt | Windows Forum | Nach oben | Zum Inhalt | Archiv-Modus | RSS-Synchronisation| Impressum