| BumblBee | 01.09.2011 13:33 |
VirenScans brechen ab - Neustart?
Ich habe ein Problem (klar, sonst würd ich kein Thema erstellen)
Auf meinem rechner ist Standardmässig Panda installiert. Ein Komplettscan mündet bei ca. 28% in einem neustart des Rechners. Ebenso wenn ich MalWareBytes Antimalware drüberschicke.
Habe mir jetzt noch OldTimerTools runtergeladen und gescannt, damit ich wenigstens irgendein Logfile für Euch habe. Wer kann damit was anfangen?
Danke Danke Danke
OTL Editor:OTL Logfile: Code:
OTL logfile created on: 01.09.2011 13:53:10 - Run 1
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Dokumente und Einstellungen\Internet\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1015,08 Mb Total Physical Memory | 374,47 Mb Available Physical Memory | 36,89% Memory free
2,38 Gb Paging File | 1,72 Gb Available in Paging File | 72,06% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 74,52 Gb Total Space | 55,36 Gb Free Space | 74,29% Space Free | Partition Type: NTFS
Drive D: | 74,53 Gb Total Space | 73,67 Gb Free Space | 98,86% Space Free | Partition Type: NTFS
Drive K: | 148,01 Gb Total Space | 128,54 Gb Free Space | 86,85% Space Free | Partition Type: NTFS
Computer Name: BRANDENBURGER | User Name: Internet | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Dokumente und Einstellungen\Internet\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\Panda Security\Panda Antivirus Pro 2011\TPSrv.exe (Panda Security, S.L.)
PRC - C:\Programme\Panda Security\Panda Antivirus Pro 2011\PavFnSvr.exe (Panda Security, S.L.)
PRC - C:\Programme\Panda Security\Panda Antivirus Pro 2011\ApVxdWin.exe (Panda Security, S.L.)
PRC - C:\Programme\Panda Security\Panda Antivirus Pro 2011\psksvc.exe (Panda Security, S.L.)
PRC - C:\Programme\Panda Security\Panda Antivirus Pro 2011\pavsrvx86.exe (Panda Security, S.L.)
PRC - C:\Programme\Panda Security\Panda Antivirus Pro 2011\AVENGINE.EXE (Panda Security, S.L.)
PRC - C:\Programme\Panda Security\Panda Antivirus Pro 2011\WebProxy.exe (Panda Security, S.L.)
PRC - C:\Programme\Panda Security\Panda Antivirus Pro 2011\PsCtrlS.exe (Panda Security, S.L.)
PRC - C:\Programme\Panda Security\Panda Antivirus Pro 2011\PsImSvc.exe (Panda Security S.L.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Panda Security\PavShld\PavPrSrv.exe (Panda Security, S.L.)
PRC - C:\Windows\system32\spool\drivers\w32x86\3\fpdisp5a.exe (FinePrint Software, LLC)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU ()
MOD - c:\windows\assembly\gac\hpqcprsc\3.0.0.0__a53cf5803f4c3827\hpqcprsc.dll ()
MOD - c:\windows\assembly\gac\hpqcprsc.resources\3.0.0.0_de_a53cf5803f4c3827\hpqcprsc.resources.dll ()
MOD - c:\windows\assembly\gac\hpqietpz\3.0.0.0__a53cf5803f4c3827\hpqietpz.dll ()
MOD - c:\windows\assembly\gac\hpqietpz.resources\3.0.0.0_de_a53cf5803f4c3827\hpqietpz.resources.dll ()
MOD - c:\windows\assembly\gac\interop.hprblog\3.0.0.0__a53cf5803f4c3827\interop.hprblog.dll ()
MOD - c:\windows\assembly\gac\hpqisrtb\4.0.0.0__a53cf5803f4c3827\hpqisrtb.dll ()
MOD - c:\windows\assembly\gac\hpqisrtb.resources\4.0.0.0_de_a53cf5803f4c3827\hpqisrtb.resources.dll ()
MOD - c:\windows\assembly\gac\hpqprrsc\3.0.0.0__a53cf5803f4c3827\hpqprrsc.dll ()
MOD - c:\windows\assembly\gac\hpqimlib\3.0.0.0__a53cf5803f4c3827\hpqimlib.dll ()
MOD - c:\windows\assembly\gac\hpqmdmr\3.0.0.0__a53cf5803f4c3827\hpqmdmr.dll ()
MOD - c:\windows\assembly\gac\lead.wrapper\13.0.0.89__9cf889f53ea9b907\lead.wrapper.dll ()
MOD - c:\windows\assembly\gac\lead.drawing.imaging.imageprocessing\13.0.0.89__9cf889f53ea9b907\lead.drawing.imaging.imageprocessing.dll ()
MOD - c:\windows\assembly\gac\lead.drawing\13.0.0.89__9cf889f53ea9b907\lead.drawing.dll ()
MOD - c:\windows\assembly\gac\lead\13.0.0.89__9cf889f53ea9b907\lead.dll ()
MOD - c:\windows\assembly\gac\lead.windows.forms.drawingcontainer\13.0.0.89__9cf889f53ea9b907\lead.windows.forms.drawingcontainer.dll ()
MOD - c:\windows\assembly\gac\lead.windows.forms\13.0.0.89__9cf889f53ea9b907\lead.windows.forms.dll ()
MOD - c:\windows\assembly\gac\hpqthumb\3.0.0.0__a53cf5803f4c3827\hpqthumb.dll ()
MOD - c:\windows\assembly\gac\interop.hpqimgr\1.0.0.0__a53cf5803f4c3827\interop.hpqimgr.dll ()
MOD - c:\windows\assembly\gac\hpqtray\3.0.0.0__a53cf5803f4c3827\hpqtray.dll ()
MOD - c:\windows\assembly\gac\hpqimgrc\3.0.0.0__a53cf5803f4c3827\hpqimgrc.dll ()
MOD - c:\windows\assembly\gac\hpqtray.resources\3.0.0.0_de_a53cf5803f4c3827\hpqtray.resources.dll ()
MOD - c:\windows\assembly\gac\hpqiface\3.0.0.0__a53cf5803f4c3827\hpqiface.dll ()
MOD - c:\windows\assembly\gac\hpqfmrsc.resources\3.0.0.0_de_a53cf5803f4c3827\hpqfmrsc.resources.dll ()
MOD - c:\windows\assembly\gac\hpqgldlg\3.0.0.0__a53cf5803f4c3827\hpqgldlg.dll ()
MOD - c:\windows\assembly\gac\hpqfmrsc\3.0.0.0__a53cf5803f4c3827\hpqfmrsc.dll ()
MOD - c:\windows\assembly\gac\hpqasset\3.0.0.0__a53cf5803f4c3827\hpqasset.dll ()
MOD - c:\windows\assembly\gac\hpqccrsc\3.0.0.0__a53cf5803f4c3827\hpqccrsc.dll ()
MOD - c:\windows\assembly\gac\hpqccrsc.resources\3.0.0.0_de_a53cf5803f4c3827\hpqccrsc.resources.dll ()
MOD - c:\windows\assembly\gac\hpqutils\3.0.0.0__a53cf5803f4c3827\hpqutils.dll ()
MOD - c:\windows\assembly\gac\hpqcmctl.resources\3.0.0.0_de_a53cf5803f4c3827\hpqcmctl.resources.dll ()
MOD - c:\windows\assembly\gac\hpqgskin\3.0.0.0__a53cf5803f4c3827\hpqgskin.dll ()
MOD - c:\windows\assembly\gac\hpqntrop\3.0.0.0__a53cf5803f4c3827\hpqntrop.dll ()
MOD - c:\windows\assembly\gac\interop.hpqcxm08\3.0.0.0__a53cf5803f4c3827\interop.hpqcxm08.dll ()
MOD - c:\windows\assembly\gac\interop.hpdarc\1.0.0.0__19565c63d39c2842\interop.hpdarc.dll ()
MOD - c:\windows\assembly\gac\hpqptfnd\3.0.0.0__a53cf5803f4c3827\hpqptfnd.dll ()
MOD - c:\windows\assembly\gac\hpqcmctl\3.0.0.0__a53cf5803f4c3827\hpqcmctl.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_792703d6\mscorlib.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_0454e673\system.drawing.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_4fc5b473\system.xml.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_35caeb12\system.windows.forms.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_f00d8031\system.dll ()
MOD - c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll ()
MOD - C:\Programme\Panda Security\Panda Antivirus Pro 2011\MiniCrypto.dll ()
MOD - C:\Programme\Panda Security\Panda Antivirus Pro 2011\APIcr.dll ()
MOD - c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll ()
MOD - c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll ()
MOD - c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll ()
MOD - c:\windows\assembly\gac\mscorlib.resources\1.0.5000.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - c:\windows\assembly\gac\accessibility\1.0.5000.0__b03f5f7f11d50a3a\accessibility.dll ()
MOD - C:\Programme\Panda Security\Panda Antivirus Pro 2011\LIBXML2.DLL ()
========== Win32 Services (SafeList) ==========
SRV - (HidServ) -- File not found
SRV - (AntiVirService) -- File not found
SRV - (AntiVirSchedulerService) -- File not found
SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (TPSrv) -- C:\Programme\Panda Security\Panda Antivirus Pro 2011\TPSrv.exe (Panda Security, S.L.)
SRV - (PAVFNSVR) -- C:\Programme\Panda Security\Panda Antivirus Pro 2011\PavFnSvr.exe (Panda Security, S.L.)
SRV - (PskSvcRetail) -- C:\Programme\Panda Security\Panda Antivirus Pro 2011\PskSvc.exe (Panda Security, S.L.)
SRV - (PAVSRV) -- C:\Programme\Panda Security\Panda Antivirus Pro 2011\pavsrvx86.exe (Panda Security, S.L.)
SRV - (Panda Software Controller) -- C:\Programme\Panda Security\Panda Antivirus Pro 2011\PsCtrls.exe (Panda Security, S.L.)
SRV - (PSIMSVC) -- C:\Programme\Panda Security\Panda Antivirus Pro 2011\PsImSvc.exe (Panda Security S.L.)
SRV - (PavPrSrv) -- C:\Programme\Gemeinsame Dateien\Panda Security\PavShld\pavprsrv.exe (Panda Security, S.L.)
SRV - (IAANTMon) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (PavTPK.sys) -- File not found
DRV - (PavSRK.sys) -- File not found
DRV - (AvFlt) -- File not found
DRV - (MBAMProtector) -- C:\Windows\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (pavboot) -- C:\WINDOWS\system32\drivers\pavboot.sys (Panda Security, S.L.)
DRV - (AmFSM) -- C:\Windows\system32\drivers\amm8651.sys (Panda Security, S.L.)
DRV - (avipbb) -- C:\Windows\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ShldDrv) -- C:\Windows\system32\drivers\ShlDrv51.sys (Panda Security, S.L.)
DRV - (PavProc) -- C:\Windows\system32\drivers\PavProc.sys (Panda Security, S.L.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (vserial) -- C:\Windows\system32\drivers\vserial.sys ()
DRV - (actser) -- C:\Windows\system32\drivers\actser.sys (Siemens AG)
DRV - (vsbus) -- C:\Windows\system32\drivers\vsb.sys ()
DRV - (MTsensor) -- C:\Windows\system32\drivers\ASACPI.sys ()
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Programme\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll (Google)
FF - HKLM\Software\MozillaPlugins\@pandasecurity.com/activescan: C:\Programme\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security, S.L.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011.07.22 16:58:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011.07.22 16:58:22 | 000,000,000 | ---D | M]
[2010.04.23 15:03:41 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\Mozilla\Extensions
[2011.09.01 12:23:23 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\Mozilla\Firefox\Profiles\co621090.default\extensions
[2010.08.07 09:09:42 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\Mozilla\Firefox\Profiles\co621090.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.08.07 09:09:43 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\Mozilla\Firefox\Profiles\co621090.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011.09.01 12:33:17 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.05.06 07:58:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.07 08:58:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.10.21 09:05:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.01.12 15:11:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.03.07 09:16:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.07.06 13:55:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2009.03.09 14:50:14 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAMME\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011.05.04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2011.07.07 07:56:36 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.07.07 07:56:36 | 000,002,344 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2011.07.07 07:56:36 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.07.07 07:56:36 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.07.07 07:56:36 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006.02.28 14:00:00 | 000,000,820 | ---- | M]) - C:\Windows\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [APVXDWIN] C:\Programme\Panda Security\Panda Antivirus Pro 2011\APVXDWIN.EXE (Panda Security, S.L.)
O4 - HKLM..\Run: [FinePrint Dispatcher v5] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe (FinePrint Software, LLC)
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [SCANINICIO] C:\Programme\Panda Security\Panda Antivirus Pro 2011\Inicio.exe (Panda Security, S.L.)
O4 - HKLM..\Run: [SmartSync - ScheduleSync] C:\Programme\Mobile Phone Manager\SmartSync\ScheduleSync.exe (Siemens)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\HP Image Zone Schnellstart.lnk = C:\Programme\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} hxxp://download.microsoft.com/download/e/7/3/e7345c16-80aa-4488-ae10-9ac6be844f99/OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1162468014625 (WUWebControl Class)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} hxxp://office.microsoft.com/officeupdate/content/opuc4.cab (Office Update Installation Engine)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{67395E24-05DD-4BDF-AF1E-E7F25FDFB712}: NameServer = 192.168.88.254
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\Windows\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avldr: DllName - avldr.dll - C:\WINDOWS\System32\avldr.dll (On-Access Anti-Malware Scanner Sync)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.09.01 13:51:40 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Internet\Desktop\OTL.exe
[2011.09.01 13:39:41 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011.09.01 13:39:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2011.09.01 13:39:32 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011.09.01 13:39:32 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2011.09.01 13:38:32 | 009,466,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Dokumente und Einstellungen\Internet\Desktop\mbam-setup1511.exe
[2011.08.25 08:18:50 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Internet\Recent
[2011.08.25 08:11:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2011.08.10 09:06:27 | 000,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2011.08.10 09:05:58 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2011.08.02 16:06:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Internet\Lokale Einstellungen\Anwendungsdaten\Deployment
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.09.01 13:52:02 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Internet\Desktop\OTL.exe
[2011.09.01 13:46:37 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.09.01 13:46:27 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011.09.01 13:46:24 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.09.01 13:46:08 | 1064,464,384 | -HS- | M] () -- C:\hiberfil.sys
[2011.09.01 13:46:08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.09.01 13:39:41 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.09.01 13:38:32 | 009,466,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Dokumente und Einstellungen\Internet\Desktop\mbam-setup1511.exe
[2011.09.01 13:25:11 | 000,001,094 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.09.01 12:06:44 | 000,008,627 | ---- | M] () -- C:\Dokumente und Einstellungen\Internet\PAV_FOG.OPC
[2011.08.31 15:47:12 | 000,008,627 | ---- | M] () -- C:\WINDOWS\System32\PAV_FOG.OPC
[2011.08.29 17:40:04 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011.08.22 08:36:43 | 000,001,613 | ---- | M] () -- C:\Dokumente und Einstellungen\Internet\Desktop\DAC und NRF .lnk
[2011.08.17 13:03:56 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011.08.10 17:32:11 | 000,462,750 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2011.08.10 17:32:11 | 000,444,456 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.08.10 17:32:11 | 000,085,772 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2011.08.10 17:32:11 | 000,072,332 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.09.01 13:39:41 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.08.22 08:56:26 | 000,008,627 | ---- | C] () -- C:\Dokumente und Einstellungen\Internet\PAV_FOG.OPC
[2011.08.02 16:07:33 | 000,001,094 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.08.02 16:07:33 | 000,001,090 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.07.06 17:02:19 | 000,000,242 | ---- | C] () -- C:\WINDOWS\System32\PavCPL.dat
[2011.03.03 19:20:01 | 000,003,584 | ---- | C] () -- C:\Dokumente und Einstellungen\Internet\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.10.18 13:25:59 | 000,000,141 | ---- | C] () -- C:\Dokumente und Einstellungen\Internet\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2010.10.18 13:00:32 | 000,019,696 | ---- | C] () -- C:\WINDOWS\hpomdl05.dat
[2010.04.23 15:03:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010.04.15 16:27:07 | 000,012,697 | ---- | C] () -- C:\WINDOWS\ASS_150E.INI
[2010.03.24 15:35:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2009.04.22 16:05:59 | 000,000,012 | ---- | C] () -- C:\WINDOWS\BRVIDEO.INI
[2009.04.22 16:05:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2009.04.22 16:05:48 | 000,000,432 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2009.04.22 16:04:58 | 000,000,228 | ---- | C] () -- C:\WINDOWS\Brownie.ini
[2008.10.31 16:02:34 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\$_hpcst$.hpc
[2008.10.23 11:08:31 | 000,000,000 | ---- | C] () -- C:\WINDOWS\HPMProp.INI
[2008.05.06 15:31:06 | 000,068,656 | ---- | C] () -- C:\WINDOWS\System32\ListLabel13JNI.dll
[2008.03.28 09:04:28 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html
[2007.11.29 14:56:53 | 000,102,945 | ---- | C] () -- C:\WINDOWS\hpoins05.dat.temp
[2007.11.29 14:56:53 | 000,017,505 | ---- | C] () -- C:\WINDOWS\hpomdl07.dat
[2007.09.07 15:00:22 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.03.29 18:02:36 | 000,069,549 | ---- | C] () -- C:\WINDOWS\hpoins05.dat
[2007.03.29 14:06:32 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007.03.22 15:16:00 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007.03.22 15:05:20 | 000,005,810 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2007.03.22 15:05:13 | 000,000,998 | ---- | C] () -- C:\WINDOWS\System32\OemInfo.ini
[2007.03.22 15:05:05 | 000,001,769 | ---- | C] () -- C:\WINDOWS\LETTER.DAT
[2007.03.22 15:04:56 | 000,462,750 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2007.03.22 15:04:56 | 000,444,456 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2007.03.22 15:04:56 | 000,085,772 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2007.03.22 15:04:56 | 000,072,332 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2007.03.22 15:04:54 | 000,271,784 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2007.03.22 15:04:54 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2007.03.22 15:04:22 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007.03.22 15:04:22 | 000,000,849 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2007.03.22 15:03:25 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2007.03.22 15:02:25 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2007.03.22 15:02:22 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2007.03.22 15:02:22 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2007.03.22 15:02:22 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2007.03.22 15:02:22 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2007.03.22 15:02:20 | 000,004,520 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2007.03.22 15:02:16 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2007.03.22 15:02:15 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2007.03.22 15:02:09 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2007.03.22 15:02:09 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2007.03.22 15:02:02 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2007.03.22 15:01:58 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2007.03.05 13:34:28 | 000,676,224 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2005.11.23 17:33:42 | 000,047,744 | ---- | C] () -- C:\WINDOWS\System32\drivers\vserial.sys
[2005.11.23 17:33:42 | 000,015,264 | ---- | C] () -- C:\WINDOWS\System32\drivers\vsb.sys
[2003.02.20 17:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
< End of report >
--- --- ---
OTL Extras:OTL Logfile: Code:
OTL Extras logfile created on: 01.09.2011 13:53:11 - Run 1
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Dokumente und Einstellungen\Internet\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1015,08 Mb Total Physical Memory | 374,47 Mb Available Physical Memory | 36,89% Memory free
2,38 Gb Paging File | 1,72 Gb Available in Paging File | 72,06% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 74,52 Gb Total Space | 55,36 Gb Free Space | 74,29% Space Free | Partition Type: NTFS
Drive D: | 74,53 Gb Total Space | 73,67 Gb Free Space | 98,86% Space Free | Partition Type: NTFS
Drive K: | 148,01 Gb Total Space | 128,54 Gb Free Space | 86,85% Space Free | Partition Type: NTFS
Computer Name: BRANDENBURGER | User Name: Internet | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.js [@ = JSFile] -- C:\Programme\Panda Security\Panda Antivirus Pro 2011\PAVSCRIP.EXE (Panda Security, S.L.)
.jse [@ = JSEFile] -- C:\Programme\Panda Security\Panda Antivirus Pro 2011\PAVSCRIP.EXE (Panda Security, S.L.)
.vbe [@ = VBEFile] -- C:\Programme\Panda Security\Panda Antivirus Pro 2011\PAVSCRIP.EXE (Panda Security, S.L.)
.vbs [@ = VBSFile] -- C:\Programme\Panda Security\Panda Antivirus Pro 2011\PAVSCRIP.EXE (Panda Security, S.L.)
.wsf [@ = WSFFile] -- C:\Programme\Panda Security\Panda Antivirus Pro 2011\PAVSCRIP.EXE (Panda Security, S.L.)
.wsh [@ = WSHFile] -- C:\Programme\Panda Security\Panda Antivirus Pro 2011\PAVSCRIP.EXE (Panda Security, S.L.)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
jsfile [open] -- C:\PROGRA~1\PANDAS~1\PANDAA~1\PavScrip.exe "%1" %* (Panda Security, S.L.)
jsefile [open] -- C:\PROGRA~1\PANDAS~1\PANDAA~1\PavScrip.exe "%1" %* (Panda Security, S.L.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- C:\PROGRA~1\PANDAS~1\PANDAA~1\PavScrip.exe "%1" %* (Panda Security, S.L.)
vbsfile [open] -- C:\PROGRA~1\PANDAS~1\PANDAA~1\PavScrip.exe "%1" %* (Panda Security, S.L.)
wsffile [open] -- C:\PROGRA~1\PANDAS~1\PANDAA~1\PavScrip.exe "%1" %* (Panda Security, S.L.)
wshfile [open] -- C:\PROGRA~1\PANDAS~1\PANDAA~1\PavScrip.exe "%1" %* (Panda Security, S.L.)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
"DisableMonitoring" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" = C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe:*:Enabled:Kaspersky Anti-Virus
"C:\Programme\Brother\BRAdmin Light\BRAdmLight.exe" = C:\Programme\Brother\BRAdmin Light\BRAdmLight.exe:*:Enabled:BRAdmin Light -- (Brother Industries, Ltd.)
"C:\Programme\Panda Security\Panda Antivirus Pro 2011\ApVxdWin.exe" = C:\Programme\Panda Security\Panda Antivirus Pro 2011\ApVxdWin.exe:*:Enabled:Panda permanent protection -- (Panda Security, S.L.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0B33B738-AD79-4E32-90C5-E67BFB10BBFF}" = AiO_Scan
"{14BEB6DF-A499-4A38-8E06-E173BCD5C087}" = ScannerCopy
"{17293791-C82E-476C-9997-9A0FF234A19B}" = HP Product Assistant
"{181821B7-82AA-44DA-9DAF-EF254CCB670A}" = Fax
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1AD5F465-8282-4DAD-B957-E09C0B783D18}" = InstantShare
"{1B680FBA-E317-4E93-AF43-3B59798A4BE0}" = Copy
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20FBC0A0-3160-4F14-83ED-3A74BB6B8C31}" = TrayApp
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java(TM) 6 Update 26
"{272EC8BA-5A08-4ea1-A189-684466A06B02}" = cp_dwShrek2Albums1
"{2E8428AD-6CD2-4031-916A-3CF9BBF2DEC9}" = Unload
"{342C7C88-D335-4bc2-8CF1-281857629CE2}" = HP PSC & OfficeJet 4.7
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3762DB2D-71BD-421F-9E55-C74DA7DF4D07}" = CueTour
"{391E18CE-7D3B-45E9-A8F0-34E77F14F47A}" = ProductContext
"{3947442A-1409-45fc-A885-FB1CF937675D}" = 1400
"{442BE28B-782B-4DC0-B490-E70A403B1C69}" = Readme
"{498A4E3D-562E-4129-8722-6DCAB12384AE}" = Windows Communication Foundation Language Pack - DEU
"{49FB31C1-26EC-44c6-AB47-73C66E2BC41E}" = HP PSC & OfficeJet 5.3.B
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B9919E4-6E86-485A-82CC-4E353B221031}" = Nero 7 Essentials
"{4CC0E398-BF90-11D4-8E44-000102A1C932}" = Kunden Manager 68.50.358.0
"{511C063E-31A6-4D9D-8797-D092934F2C86}" = etiCAT
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5B12573C-9C90-4790-BFEE-2BC43C2EB997}" = SmartSync
"{5E8D588F-307C-4250-B622-26969027319A}" = PanoStandAlone
"{644D04A2-C682-4FD5-977D-03B804C4B9C5}" = CreativeProjects
"{646A65DD-23FC-418E-B9F0-E0500FB42CB1}" = PhotoGallery
"{64FC0C98-B035-4530-B15D-3D30610B6DF1}" = HP Software Update
"{68963635-14A4-48D9-B431-DF3A74D1AAE1}" = Destinations
"{700A6597-3CE6-49C1-AA75-846B24CDA66D}" = BufferChm
"{7228FD8C-3B9E-4204-AE36-8A466107685B}" = Windows Workflow Foundation DE Language Pack
"{724517BD-1DE1-4986-BFCA-C1DFD379E3BC}" = cp_dwShrek2Cards1
"{7AD25C9F-9957-4D1C-95EF-9BCD09F6D31B}" = HPSystemDiagnostics
"{84CDF5A8-1D57-4B69-BAB6-1F11D8923375}" = SkinsHP1
"{85CFD253-38AE-4DB1-ACB7-F0F4C791990D}" = AiOSoftware
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver
"{8BC3B99B-A6BE-4A0B-8535-B1B94BA4B1B1}" = DocProc
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel Matrix Storage Manager
"{90AF0407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
"{91CA0407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Small Business Edition 2003
"{92DF2F1B-F63C-4D9A-B3E1-B2D11AE29790}" = Windows Presentation Foundation Language Pack (DEU)
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A07BAED2-DA9A-436A-83F1-80BA23FA9E4B}" = 1400_Help
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5B9D22C-755A-4AC6-9904-875E80838BB6}" = CP_AtenaShokunin1Config
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Deutsch
"{B1D3568D-BC21-4C50-92A5-2396570DF1DE}_is1" = Panda Secure Vault 5
"{B37B0F29-81B9-40B1-A6C2-8416E2586C43}" = Panda Antivirus Pro 2011
"{B911B811-BA3E-46D4-90F8-6F3338359651}" = Director
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C506A18C-1469-4678-B094-F4EC9DAE6DB7}" = Scan
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDFCF124-115F-4976-8BF4-08C89187A146}" = WebReg
"{CE0C8CC5-E396-442B-A50E-D1D374A9E820}" = DocumentViewer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DB75941E-30C4-4D97-B000-D17C764B998C}" = Brother BRAdmin Light 1.11
"{DE66E6E1-BFBC-4586-A03C-686598F4CA3C}" = 1400Trb
"{E55FB276-73C9-4776-AB53-BC028C0509ED}" = Panda Antivirus Pro 2011
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2A7F421-1679-48D5-B918-96999014ED53}" = Microsoft .NET Framework 3.0 German Language Pack
"{F7B0E599-C114-4493-BC4D-D8FC7CBBABBB}" = 32 Bit HP CIO Components Installer
"{FC22D020-3005-4715-8DF9-F3EDE81DEB3D}" = CreativeProjectsTemplates
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adressen-Verwaltung" = Adressen-Verwaltung
"CCleaner" = CCleaner (remove only)
"DAC - NRF_is1" = DAC und NRF
"ExtractNow_is1" = ExtractNow
"FinePrint" = FinePrint
"Google Updater" = Google Updater
"HP Photo & Imaging" = HP Image Zone 4.7
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"IrfanView" = IrfanView (remove only)
"Komes 1.7" = Komes 1.7
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.1.1800
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU
"Microsoft .NET Framework 3.0 German Language Pack" = Microsoft .NET Framework 3.0 German Language Pack
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.18)" = Mozilla Firefox (3.6.18)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PROSet" = Intel(R) PRO Network Connections Drivers
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows Mobile Device Handbook" = Windows Mobile®-Gerätehandbuch
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 22.08.2011 11:14:33 | Computer Name = BRANDENBURGER | Source = Application Error | ID = 1004
Description = Fehlgeschlagene Anwendung IAANTMon.exe, Version 5.5.0.1035, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x00000000.
Error - 22.08.2011 11:17:52 | Computer Name = BRANDENBURGER | Source = Application Error | ID = 1004
Description = Fehlgeschlagene Anwendung IAANTMon.exe, Version 5.5.0.1035, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x00000000.
Error - 25.08.2011 01:57:25 | Computer Name = BRANDENBURGER | Source = Application Error | ID = 1005
Description = Aus einem der folgenden Gründe kann nicht auf die Datei C:\Programme\iTunes\iTunes.dll
zugegriffen werden: Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger
auf dem die Datei gespeichert ist bzw. den auf dem Computer installierten Speichertreibern;
oder der Datenträger fehlt. Das Programm iTunes wurde wegen dieses Fehlers geschlossen.
Programm:
iTunes Datei: C:\Programme\iTunes\iTunes.dll Der Fehlerwert ist im Abschnitt "Zusätzliche
Dateien" aufgelistet. Benutzeraktion 1. Öffnen Sie die Datei erneut. Diese Situation
ist eventuell ein temporäres Problem, dass selbstständig behoben wird, wenn das
Programm erneut ausgeführt wird. 2. Wenn Sie weiterhin nicht auf die Datei zugreifen
können und - diese sich im Netzwerk befindet, dann sollte der Netzwerkadministrator
überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem
Server hergestellt werden kann. - diese sich auf einem Wechseldatenträger, wie z.
B. einer Diskette oder einer CD, befindet, dann stellen Sie sicher, dass der Datenträger
richtig in der Computer eingelegt ist. 3. Überprüfen und reparieren Sie das Dateisystem,
indem Sie CHKDSK ausführen. Öffnen Sie dazu das Startmenü, klicken Sie auf "Ausführen",
geben Sie CMD ein und klicken Sie auf "OK". In der Eingabeaufforderung geben Sie
CHKDSK /F ein und drücken Sie die EINGABETASTE. 4. Stellen Sie die Datei von einer
Sicherungskopie wieder her, wenn das Problem weiterhin besteht. 5. Überprüfen Sie,
ob andere Dateien auf demselben Datenträger geöffnet werden können. Falls dies
nicht möglich ist, ist der Datenträger eventuell beschädigt. Wenden Sie sich an
den Administrator oder den Hersteller der Computerhardware um weitere Unterstützung
zu erhalten, wenn es sich um eine Festplatte handelt. Zusätzliche Daten Fehlerwert:
C00000B5 Datenträgertyp: 3
Error - 25.08.2011 01:57:32 | Computer Name = BRANDENBURGER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung iTunes.exe, Version 9.0.2.25, fehlgeschlagenes
Modul iTunes.dll, Version 9.0.2.25, Fehleradresse 0x00457d20.
Error - 25.08.2011 01:57:55 | Computer Name = BRANDENBURGER | Source = MsiInstaller | ID = 11722
Description = Produkt: Apple Software Update -- Fehler 1722. Es liegt ein dieses
Windows Installer-Paket betreffendes Problem vor. Ein Programm, das im Rahmen der
Installation ausgeführt wurde, wurde nicht erfolgreich abgeschlossen. Wenden Sie
sich an das Supportpersonal oder den Hersteller des Pakets. Aktion: SoftwareUpdate_RegServer,
Pfad: C:\Programme\Apple Software Update\SoftwareUpdate.exe, Befehl: /RegServer
Error - 01.09.2011 03:24:15 | Computer Name = BRANDENBURGER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung , Version 0.0.0.0, fehlgeschlagenes Modul
userenv.dll, Version 5.1.2600.5512, Fehleradresse 0x0002f239.
Error - 01.09.2011 03:25:52 | Computer Name = BRANDENBURGER | Source = Application Error | ID = 1004
Description = Fehlgeschlagene Anwendung winlogon.exe, Version 0.0.0.0, fehlgeschlagenes
Modul userenv.dll, Version 5.1.2600.5512, Fehleradresse 0x0002f239.
Error - 01.09.2011 07:17:18 | Computer Name = BRANDENBURGER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung TPSrv.exe, Version 9.2.1.1, fehlgeschlagenes
Modul TPSrv.exe, Version 9.2.1.1, Fehleradresse 0x00003596.
Error - 01.09.2011 07:39:15 | Computer Name = BRANDENBURGER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung WebProxy.exe, Version 9.1.0.0, fehlgeschlagenes
Modul ws2help.dll, Version 5.1.2600.5512, Fehleradresse 0x00003bd0.
Error - 01.09.2011 07:46:58 | Computer Name = BRANDENBURGER | Source = Application Error | ID = 1004
Description = Fehlgeschlagene Anwendung WebProxy.exe, Version 9.1.0.0, fehlgeschlagenes
Modul ws2help.dll, Version 5.1.2600.5512, Fehleradresse 0x00003bd0.
[ System Events ]
Error - 01.09.2011 07:06:04 | Computer Name = BRANDENBURGER | Source = IASTOR | ID = 262153
Description = Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht
geantwortet.
Error - 01.09.2011 07:06:21 | Computer Name = BRANDENBURGER | Source = IASTOR | ID = 262153
Description = Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht
geantwortet.
Error - 01.09.2011 07:21:31 | Computer Name = BRANDENBURGER | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Google
Software Updater.
Error - 01.09.2011 07:23:14 | Computer Name = BRANDENBURGER | Source = DCOM | ID = 10010
Description = Der Server "{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error - 01.09.2011 07:27:09 | Computer Name = BRANDENBURGER | Source = System Error | ID = 1003
Description = Fehlercode 00000077, 1. Parameter 00000001, 2. Parameter 00000000,
3. Parameter 00000000, 4. Parameter f7987d24.
Error - 01.09.2011 07:38:27 | Computer Name = BRANDENBURGER | Source = IASTOR | ID = 262153
Description = Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht
geantwortet.
Error - 01.09.2011 07:38:54 | Computer Name = BRANDENBURGER | Source = IASTOR | ID = 262153
Description = Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht
geantwortet.
Error - 01.09.2011 07:50:05 | Computer Name = BRANDENBURGER | Source = IASTOR | ID = 262153
Description = Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht
geantwortet.
Error - 01.09.2011 07:50:21 | Computer Name = BRANDENBURGER | Source = IASTOR | ID = 262153
Description = Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht
geantwortet.
Error - 01.09.2011 07:50:31 | Computer Name = BRANDENBURGER | Source = IASTOR | ID = 262153
Description = Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht
geantwortet.
< End of report >
--- --- --- |
