| mersch2332 | 17.01.2013 17:14 |
Müsste ich schauen, aber OTL hat was gefunden, schreib ich dir gleich, genauso wie der Quickscan von OTL.
Folgendes steht im Fix von OTL:
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: All Users
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
Unable to create HKLM\Software\OldTimer Tools\OTL key.
->Temporary Internet Files folder emptied: 33170 bytes
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: schleim
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: schleim.PHYSICAL
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: richteu
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: sqlservice
Unable to create HKLM\Software\OldTimer Tools\OTL key.
->Temp folder emptied: 16384 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: postgres
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: kinder
->Temp folder emptied: 194228 bytes
Unable to create HKLM\Software\OldTimer Tools\OTL key.
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 01172013_191119
Folgendes steht in OTL.txt vom Quickscan:OTL Logfile: Code:
OTL logfile created on: 17.01.2013 19:18:02 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\kinder\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
510,98 Mb Total Physical Memory | 182,03 Mb Available Physical Memory | 35,62% Memory free
1,22 Gb Paging File | 0,90 Gb Available in Paging File | 73,78% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 68,70 Gb Total Space | 26,26 Gb Free Space | 38,22% Space Free | Partition Type: FAT32
Drive D: | 24,41 Gb Total Space | 15,73 Gb Free Space | 64,43% Space Free | Partition Type: FAT32
Drive F: | 1,86 Gb Total Space | 1,68 Gb Free Space | 90,46% Space Free | Partition Type: FAT
Computer Name: ACERMDS | User Name: kinder | NOT logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.01.07 17:34:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\kinder\Desktop\OTL.exe
PRC - [2007.06.28 07:42:40 | 000,949,376 | ---- | M] (Eset ) -- C:\Programme\ESET\nod32kui.exe
PRC - [2006.06.22 20:28:46 | 002,334,720 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 2.0\program\soffice.exe
PRC - [2006.06.22 09:34:14 | 002,478,080 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 2.0\program\soffice.bin
PRC - [2005.09.23 23:05:26 | 000,029,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
PRC - [2005.04.21 15:11:18 | 000,328,704 | ---- | M] (SlySoft, Inc.) -- C:\Programme\SlySoft\AnyDVD\AnyDVD.exe
PRC - [2004.08.11 13:22:52 | 000,065,588 | ---- | M] (SafeNet) -- C:\Programme\Juniper\NetScreen-Remote\SafeCfg.exe
PRC - [2004.08.04 00:57:54 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003.10.07 06:44:12 | 000,561,152 | ---- | M] (Nokia Mobile Phones Ltd.) -- C:\Programme\Nokia\Nokia PC Suite 5\DataLayer.exe
PRC - [2003.09.25 12:41:18 | 000,102,400 | ---- | M] (Nokia Corp.) -- C:\Programme\Gemeinsame Dateien\Nokia\Services\ServiceLayer.exe
PRC - [2003.09.03 11:36:00 | 000,253,952 | ---- | M] (Dritek System Inc.) -- C:\Programme\Launch Manager\CPLBY31.EXE
PRC - [2003.08.05 13:59:54 | 000,057,344 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2003.05.16 17:09:34 | 000,509,952 | ---- | M] (Acer) -- C:\Programme\Acer\Notebook Manager\almxptray.exe
PRC - [2003.05.15 01:19:50 | 000,217,193 | ---- | M] (Adobe Systems Inc.) -- C:\Programme\Adobe\Acrobat 6.0\Distillr\acrotray.exe
PRC - [2003.04.24 16:51:36 | 000,110,592 | ---- | M] (Synaptics, Inc.) -- C:\Programme\Synaptics\SynTP\SynTPLpr.exe
PRC - [2003.03.11 13:08:52 | 000,172,032 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe
PRC - [2003.02.10 14:30:10 | 000,425,984 | ---- | M] (Nokia) -- C:\Programme\Gemeinsame Dateien\Nokia\NCLTools\NclTray.exe
PRC - [2003.01.09 00:05:12 | 000,073,728 | ---- | M] (MyComp) -- C:\Programme\CRW\shwicon.exe
PRC - [2002.12.17 11:40:22 | 000,049,152 | R--- | M] () -- C:\Programme\Hewlett-Packard\HP Software Update\hpwuSchd.exe
PRC - [2002.06.21 15:55:56 | 000,208,896 | ---- | M] (The Webshots Corporation) -- C:\Programme\Webshots\WebshotsTray.exe
PRC - [2002.06.03 11:38:12 | 000,049,152 | ---- | M] (ScanSoft, Inc) -- C:\Programme\ScanSoft\OmniPageSE\opware32.exe
========== Modules (No Company Name) ==========
MOD - [2007.06.28 07:42:42 | 000,105,528 | ---- | M] () -- C:\Programme\ESET\nod32rui.dll
MOD - [2007.06.28 07:42:42 | 000,060,544 | ---- | M] () -- C:\Programme\ESET\nodshex.dll
MOD - [2007.06.28 07:42:42 | 000,060,472 | ---- | M] () -- C:\Programme\ESET\pr_emon.dll
MOD - [2007.06.28 07:42:42 | 000,052,280 | ---- | M] () -- C:\Programme\ESET\pr_upd.dll
MOD - [2007.06.28 07:42:42 | 000,052,280 | ---- | M] () -- C:\Programme\ESET\pr_imon.dll
MOD - [2007.06.28 07:42:42 | 000,019,512 | ---- | M] () -- C:\Programme\ESET\pr_dmon.dll
MOD - [2006.05.13 05:36:58 | 000,828,416 | ---- | M] () -- C:\Programme\OpenOffice.org 2.0\program\libxml2.dll
MOD - [2002.12.17 11:40:22 | 000,049,152 | R--- | M] () -- C:\Programme\Hewlett-Packard\HP Software Update\hpwuSchd.exe
MOD - [1999.05.25 17:45:36 | 000,073,728 | ---- | M] () -- C:\Programme\WinRAR\rarext.dll
========== Services (SafeList) ==========
SRV - File not found [Disabled | Unknown] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2007.06.28 07:42:40 | 000,552,064 | ---- | M] (Eset ) [Auto | Unknown] -- C:\Programme\ESET\nod32krn.exe -- (NOD32krn)
SRV - [2007.04.20 11:22:22 | 000,079,324 | ---- | M] (PostgreSQL Global Development Group) [Auto | Unknown] -- C:\Programme\WeatherProfessional\database\bin\pg_ctl.exe -- (pgsql-8.2)
SRV - [2006.10.17 11:47:16 | 000,230,944 | ---- | M] (Acronis) [Auto | Unknown] -- C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2005.03.17 11:40:48 | 000,118,784 | ---- | M] (Bytemobile, Inc.) [Auto | Unknown] -- C:\WINDOWS\system32\bmwebcfg.exe -- (bmwebcfg)
SRV - [2004.08.11 13:22:46 | 000,057,398 | ---- | M] (SafeNet) [Auto | Unknown] -- C:\Programme\Juniper\NetScreen-Remote\IPSecMon.exe -- (IPSECMON)
SRV - [2004.08.11 13:22:44 | 000,319,538 | ---- | M] (SafeNet) [Auto | Unknown] -- C:\Programme\Juniper\NetScreen-Remote\IreIKE.exe -- (IreIKE)
SRV - [2004.08.04 00:57:40 | 000,089,088 | ---- | M] (Microsoft Corporation) [Unknown (-1) | Unknown] -- C:\WINDOWS\system32\wbem\wmiaprpl.dll -- (WmiApRpl)
SRV - [2002.08.01 11:22:40 | 000,065,536 | ---- | M] (HP) [On_Demand | Unknown] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\vsdatant.sys -- (vsdatant)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Unknown] -- -- (PCIDump)
DRV - File not found [Kernel | System | Unknown] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOKUME~1\SCHLEI~1.PHY\LOKALE~1\Temp\krdpdre.sys -- (krdpdre)
DRV - File not found [Kernel | System | Unknown] -- -- (i2omgmt)
DRV - File not found [Kernel | Boot | Unknown] -- System32\DRIVERS\ElbyVCD.sys -- (ElbyVCD)
DRV - File not found [Kernel | System | Unknown] -- -- (Changer)
DRV - [2007.06.28 07:42:42 | 000,512,096 | ---- | M] (Eset ) [Kernel | Auto | Unknown] -- C:\WINDOWS\system32\drivers\amon.sys -- (AMON)
DRV - [2007.06.28 07:42:40 | 000,015,424 | ---- | M] () [Kernel | System | Unknown] -- C:\WINDOWS\system32\drivers\nod32drv.sys -- (nod32drv)
DRV - [2007.05.18 20:37:00 | 000,099,840 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Unknown] -- C:\WINDOWS\system32\drivers\ACEDRV06.sys -- (ACEDRV06)
DRV - [2007.02.23 04:29:02 | 000,028,160 | ---- | M] (F5 Networks) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\urvpndrv.sys -- (urvpndrv)
DRV - [2006.11.10 11:15:44 | 000,395,744 | ---- | M] (Acronis) [Kernel | Boot | Unknown] -- C:\WINDOWS\system32\drivers\timntr.sys -- (timounter)
DRV - [2006.11.10 11:15:44 | 000,039,264 | ---- | M] (Acronis) [File_System | Auto | Unknown] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2006.11.10 11:15:38 | 000,114,048 | ---- | M] (Acronis) [Kernel | Boot | Unknown] -- C:\WINDOWS\system32\drivers\snapman.sys -- (snapman)
DRV - [2006.08.16 10:37:30 | 000,225,664 | ---- | M] (Microsoft Corporation) [Kernel | System | Unknown] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2006.05.18 08:48:50 | 000,047,249 | R--- | M] (FTDI Ltd.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2005.12.15 08:41:22 | 000,010,256 | ---- | M] (F5 Networks) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\urfltw2k.sys -- (f5ipfw)
DRV - [2005.11.06 14:17:10 | 000,082,380 | ---- | M] (Oak Technology Inc.) [Kernel | System | Unknown] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2005.06.29 18:21:24 | 000,019,328 | R--- | M] (WideView Technology Inc.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\DTV_Loader_2X1.sys -- (DTV_Loader_2X1)
DRV - [2005.04.21 15:06:06 | 000,019,328 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2004.10.07 15:37:16 | 000,185,344 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\RTL8180.sys -- (rtl8180)
DRV - [2004.09.06 21:40:04 | 000,018,432 | R--- | M] (Computer & Entertainment, Inc.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\DTV_Capture_2X0.sys -- (DTV_Capture_2X0)
DRV - [2004.08.11 12:01:40 | 000,119,864 | ---- | M] (SafeNet) [Kernel | Auto | Unknown] -- C:\WINDOWS\system32\drivers\IpSecDrv.sys -- (IPSECDRV)
DRV - [2004.08.04 00:57:40 | 000,089,088 | ---- | M] (Microsoft Corporation) [Unknown (-1) | Unknown (-1) | Unknown] -- C:\WINDOWS\system32\wbem\wmiaprpl.dll -- (WmiApRpl)
DRV - [2004.08.04 00:38:58 | 000,701,952 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004.08.03 23:07:46 | 000,063,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\mf.sys -- (mf)
DRV - [2004.08.03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139)
DRV - [2004.07.30 13:20:58 | 000,521,786 | ---- | M] (SafeNet) [Kernel | Auto | Unknown] -- C:\WINDOWS\System32\drivers\Crypto.sys -- (Crypto)
DRV - [2003.11.19 15:41:18 | 001,205,292 | ---- | M] (Agere Systems) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2003.11.18 12:01:34 | 000,062,673 | ---- | M] (Funk Software, Inc.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\odysseyIM3.sys -- (odysseyIM3)
DRV - [2003.09.05 14:35:02 | 000,139,604 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\dne2000.sys -- (DNE)
DRV - [2003.08.07 22:15:06 | 000,404,608 | ---- | M] (Sensaura Ltd) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2003.08.05 14:51:10 | 000,460,864 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
DRV - [2003.07.10 12:17:18 | 000,006,431 | ---- | M] () [Kernel | Auto | Unknown] -- C:\WINDOWS\system32\drivers\acernbm.sys -- (acernbm)
DRV - [2003.07.01 01:53:00 | 000,013,174 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Unknown] -- C:\WINDOWS\system32\drivers\atisgkaf.SYS -- (caboagp)
DRV - [2003.06.19 14:41:00 | 000,064,512 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\Rtlnic51.sys -- (RTL8023)
DRV - [2003.06.03 15:18:58 | 000,039,996 | ---- | M] (SMC) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA)
DRV - [2003.04.09 04:24:40 | 000,051,208 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2003.03.12 09:34:00 | 000,030,171 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2003.02.21 11:26:54 | 000,144,480 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2003.02.21 11:25:16 | 000,022,119 | ---- | M] () [Kernel | Auto | Unknown] -- C:\WINDOWS\system32\drivers\btserial.sys -- (BTSERIAL)
DRV - [2003.02.21 11:24:56 | 000,222,164 | ---- | M] () [Kernel | Auto | Unknown] -- C:\WINDOWS\system32\drivers\btslbcsp.sys -- (BTSLBCSP)
DRV - [2003.02.21 11:23:14 | 001,149,978 | ---- | M] () [Kernel | Boot | Unknown] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2001.12.14 16:26:06 | 000,036,188 | ---- | M] (Deterministic Networks Inc.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\vap.sys -- (DniVap)
DRV - [2001.08.17 14:02:50 | 000,002,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\HIDSwvd.sys -- (HIDSwvd)
DRV - [1997.12.23 03:02:46 | 000,023,936 | ---- | M] (Adaptec) [Kernel | Auto | Unknown] -- C:\WINDOWS\System32\drivers\aspi32.sys -- (Aspi32)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://global.acer.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://global.acer.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKCU\Software\MozillaPlugins\@adobe.com/Acrobat,version=5.1: C:\Programme\Adobe\Acrobat 5.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 2.0.0.6\extensions\\Components: C:\Programme\Mozilla Firefox\components [2006.04.13 09:45:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 2.0.0.6\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2006.04.13 09:45:24 | 000,000,000 | ---D | M]
[2008.01.13 18:44:58 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\kinder\Anwendungsdaten\Mozilla\Firefox\Profiles\5wytbwa7.default\extensions
[2006.04.13 09:45:26 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2007.02.25 13:25:32 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\Programme\Mozilla Firefox\extensions\inspector@mozilla.org
[2007.08.09 10:41:52 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRA~1\MOZILL~1\EXTENSIONS\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
[2007.02.25 13:25:32 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\PROGRA~1\MOZILL~1\EXTENSIONS\INSPECTOR@MOZILLA.ORG
[2007.08.02 08:14:58 | 000,066,408 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\jar50.dll
[2007.08.02 08:14:58 | 000,054,112 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\jsd3250.dll
[2007.08.02 08:15:00 | 000,034,688 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\myspell.dll
[2007.08.02 08:15:00 | 000,046,456 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\spellchk.dll
[2007.08.02 08:15:00 | 000,171,880 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\xpinstal.dll
[2007.02.22 19:19:00 | 000,165,248 | ---- | M] (F5 Networks) -- C:\Programme\mozilla firefox\plugins\NPuroamHost.dll
[2006.08.24 22:07:50 | 000,001,525 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2006.08.24 22:07:50 | 000,001,063 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2006.11.10 12:42:00 | 000,000,998 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2006.11.10 23:32:04 | 000,000,815 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2007.09.02 14:53:04 | 000,000,897 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 10.20.240.11 sql_mu
O1 - Hosts: 10.20.240.11 msgs110i.physical.de
O1 - Hosts: 10.20.50.100 SMB_PRI1
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_02\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O4 - HKLM..\Run: [AcerNotebookManager] C:\Programme\Acer\Notebook Manager\almxptray.exe (Acer)
O4 - HKLM..\Run: [AnyDVD] C:\Programme\SlySoft\AnyDVD\AnyDVD.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [ATIModeChange] C:\WINDOWS\System32\Ati2mdxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [DataLayer] C:\Programme\Nokia\Nokia PC Suite 5\DataLayer.exe (Nokia Mobile Phones Ltd.)
O4 - HKLM..\Run: [DeviceDiscovery] C:\Programme\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HP Software Update] C:\Programme\Hewlett-Packard\HP Software Update\hpwuSchd.exe ()
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe (HP)
O4 - HKLM..\Run: [LaunchApp] C:\WINDOWS\Alaunch.exe (Acer Inc.)
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\CPLBY31.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [nod32kui] C:\Programme\Eset\nod32kui.exe (Eset )
O4 - HKLM..\Run: [Nokia Tray Application] C:\Programme\Gemeinsame Dateien\Nokia\NCLTools\NclTray.exe (Nokia)
O4 - HKLM..\Run: [Omnipage] C:\Programme\ScanSoft\OmniPageSE\opware32.exe (ScanSoft, Inc)
O4 - HKLM..\Run: [ShowIcon_Chander_CRW Series Driver v1.17r019] C:\Programme\CRW\shwicon.exe -t"Chander\CRW Series Driver v1.17r019" File not found
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [windows auto update] File not found
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Gamma Loader.exe.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Acrobat Assistant.lnk = C:\Programme\Adobe\Acrobat 6.0\Distillr\acrotray.exe (Adobe Systems Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\NetScreen-Remote.lnk = C:\Programme\Juniper\NetScreen-Remote\SafeCfg.exe (SafeNet)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\p6_19_erinnerung.lnk = C:\Programme\phase6\phase6_19\WinStart\p6erinnerung.exe (phase6)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Dokumente und Einstellungen\kinder\Startmenü\Programme\Autostart\OpenOffice.org 2.0.lnk = C:\Programme\OpenOffice.org 2.0\program\quickstart.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\kinder\Startmenü\Programme\Autostart\Webshots.lnk = C:\Programme\Webshots\WebshotsTray.exe (The Webshots Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_02\bin\npjpi160_02.dll (Sun Microsystems, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - %SystemRoot%\System32\mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\System32\imon.dll (Eset )
O12 - Plugin for: .spop - C:\Programme\Internet Explorer\PLUGINS\NPDocBox.dll (Intertrust Technologies, Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {2BCDB465-81F9-41CB-832C-8037A4064446} https://vpn.msg.de/vdesk/terminal/urxvpn.cab#version=6010,2007,0223,0327 (F5 Networks VPN Manager)
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} hxxp://codecs.microsoft.com/codecs/i386/wmv9dmo.cab (Reg Error: Key error.)
O16 - DPF: {5D9E4B6D-CD17-4D85-99D4-6A52B394EC3B} hxxp://www.webshots.com/samplers/WSDownloader.ocx (WSDownloader Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1139402952203 (WUWebControl Class)
O16 - DPF: {6C275925-A1ED-4DD2-9CEE-9823F5FDAA10} https://vpn.msg.de/vdesk/terminal/urTermProxy.cab#version=6010,2007,0223,0314 (F5 Networks SSLTunnel)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} hxxp://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37917.4102893519 (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} https://vpn.msg.de/vdesk/terminal/urxshost.cab#version=6010,2007,0223,0320 (F5 Networks SuperHost Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} https://vpn.msg.de/vdesk/terminal/urxhost.cab#version=6010,2007,0223,0312 (F5 Networks Host Control)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = physical.de
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ckpNotify: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O22 - SharedTaskScheduler: {ab340860-fd81-4a65-b345-82eb77a66b5e} - featherweed - C:\WINDOWS\system32\jbtazy.dll File not found
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\kinder\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\kinder\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013.01.17 19:04:54 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\kinder\Desktop\OTL.exe
[2013.01.10 20:54:20 | 000,000,000 | ---D | C] -- C:\_OTL
[2013.01.06 17:33:48 | 000,000,000 | -HSD | C] -- C:\FOUND.012
========== Files - Modified Within 30 Days ==========
[2013.01.17 19:14:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.01.17 19:14:52 | 535,875,584 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.17 18:59:10 | 004,410,054 | ---- | M] () -- C:\WINDOWS\WebshotsForKinder.bmp
[2013.01.17 18:53:40 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.01.17 16:53:14 | 000,731,136 | ---- | M] () -- C:\Dokumente und Einstellungen\kinder\Desktop\avenger.exe
[2013.01.07 20:11:42 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\kinder\defogger_reenable
[2013.01.07 17:34:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\kinder\Desktop\OTL.exe
========== Files Created - No Company Name ==========
[2013.01.17 19:04:42 | 000,731,136 | ---- | C] () -- C:\Dokumente und Einstellungen\kinder\Desktop\avenger.exe
[2013.01.10 20:59:39 | 535,875,584 | -HS- | C] () -- C:\hiberfil.sys
[2013.01.07 20:11:40 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\kinder\defogger_reenable
[2006.02.09 14:39:27 | 000,002,412 | RHS- | C] () -- C:\Dokumente und Einstellungen\All Users\ntuser.pol
[2005.05.26 03:17:16 | 000,110,657 | ---- | C] () -- C:\Programme\Gemeinsame Dateien\UninstallDrv.exe
========== ZeroAccess Check ==========
[2005.10.30 21:46:46 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\System32\shdocvw.dll -- [2006.10.23 16:18:00 | 001,494,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\fastprox.dll -- [2004.08.04 00:57:20 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\wbemess.dll -- [2004.08.04 00:57:38 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2006.01.30 11:31:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SSScanAppDataDir
[2006.01.30 11:31:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SSScanWizard
[2006.10.02 17:10:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ScanSoft
[2006.11.10 11:19:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Acronis
[2007.12.16 22:15:16 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{62727C56-8352-4A6D-B7C7-D26378124ED0}
[2003.09.18 12:09:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\kinder\Anwendungsdaten\InterTrust
[2008.01.31 18:08:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\kinder\Anwendungsdaten\Diercke Globus
[2009.01.30 19:26:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\kinder\Anwendungsdaten\Wildlife Park 2
[2009.09.03 14:23:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\kinder\Anwendungsdaten\ProtectDisc
[2010.02.25 18:45:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\kinder\Anwendungsdaten\ScanSoft
========== Purity Check ==========
< End of report >
--- --- ---
Und dies steht in Extras.txt vom Quickscan:OTL Logfile: Code:
OTL Extras logfile created on: 17.01.2013 19:18:02 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\kinder\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
510,98 Mb Total Physical Memory | 182,03 Mb Available Physical Memory | 35,62% Memory free
1,22 Gb Paging File | 0,90 Gb Available in Paging File | 73,78% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 68,70 Gb Total Space | 26,26 Gb Free Space | 38,22% Space Free | Partition Type: FAT32
Drive D: | 24,41 Gb Total Space | 15,73 Gb Free Space | 64,43% Space Free | Partition Type: FAT32
Drive F: | 1,86 Gb Total Space | 1,68 Gb Free Space | 90,46% Space Free | Partition Type: FAT
Computer Name: ACERMDS | User Name: kinder | NOT logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programme\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- C:\PROGRA~1\MOZILL~1\FIREFOX.EXE -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- C:\PROGRA~1\MOZILL~1\FIREFOX.EXE -requestPending -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"5432:TCP" = 5432:TCP:*:Enabled:WeatherProfessional
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"5432:TCP" = 5432:TCP:*:Enabled:WeatherProfessional
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\WCESCOMM.EXE" = C:\Programme\Microsoft ActiveSync\WCESCOMM.EXE:*:Enabled:Connection Manager -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\WCESMgr.exe" = C:\Programme\Microsoft ActiveSync\WCESMgr.exe:*:Enabled:ActiveSync Application -- (Microsoft Corporation)
"C:\Programme\Mozilla Firefox\firefox.exe" = C:\Programme\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Programme\Juniper\NetScreen-Remote\IreIKE.exe" = C:\Programme\Juniper\NetScreen-Remote\IreIKE.exe:*:Enabled:IreIke -- (SafeNet)
"C:\Programme\Juniper\NetScreen-Remote\ViewLog.exe" = C:\Programme\Juniper\NetScreen-Remote\ViewLog.exe:127.0.0.1/255.255.255.255:Enabled:ViewLog -- (SafeNet)
"C:\Programme\Juniper\NetScreen-Remote\CmonApp.exe" = C:\Programme\Juniper\NetScreen-Remote\CmonApp.exe:127.0.0.1/255.255.255.255:Enabled:CMonApp -- (SafeNet)
"C:\Programme\Juniper\NetScreen-Remote\Vpn.exe" = C:\Programme\Juniper\NetScreen-Remote\Vpn.exe:127.0.0.1/255.255.255.255:Enabled:VPN Connection Manager -- (SafeNet)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\WCESCOMM.EXE" = C:\Programme\Microsoft ActiveSync\WCESCOMM.EXE:*:Enabled:Connection Manager -- (Microsoft Corporation)
"C:\Spiele\Need For Speed6\NFSHP2.EXE" = C:\Spiele\Need For Speed6\NFSHP2.EXE:*:Enabled:NFSHP2 -- ()
"C:\Programme\Microsoft ActiveSync\WCESMGR.EXE" = C:\Programme\Microsoft ActiveSync\WCESMGR.EXE:*:Enabled:ActiveSync Application -- (Microsoft Corporation)
"C:\Programme\totalcmd\TOTALCMD.EXE" = C:\Programme\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows -- (C. Ghisler & Co.)
"C:\Programme\Internet Explorer\IEXPLORE.EXE" = C:\Programme\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer -- (Microsoft Corporation)
"C:\Programme\mybooxx\Fotobuch\mybooxx.exe" = C:\Programme\mybooxx\Fotobuch\mybooxx.exe:*:mybooxx.exe -- ()
"C:\Programme\Juniper\NetScreen-Remote\IreIKE.exe" = C:\Programme\Juniper\NetScreen-Remote\IreIKE.exe:*:Enabled:IreIke -- (SafeNet)
"C:\Programme\Juniper\NetScreen-Remote\ViewLog.exe" = C:\Programme\Juniper\NetScreen-Remote\ViewLog.exe:127.0.0.1/255.255.255.255:Enabled:ViewLog -- (SafeNet)
"C:\Programme\Juniper\NetScreen-Remote\CmonApp.exe" = C:\Programme\Juniper\NetScreen-Remote\CmonApp.exe:127.0.0.1/255.255.255.255:Enabled:CMonApp -- (SafeNet)
"C:\Programme\Juniper\NetScreen-Remote\Vpn.exe" = C:\Programme\Juniper\NetScreen-Remote\Vpn.exe:127.0.0.1/255.255.255.255:Enabled:VPN Connection Manager -- (SafeNet)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00010407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 SR-1 Professional
"{0049F6AE-4FE2-4C43-A039-60FCE98A1986}" = Opera 9.01
"{03C1AFCE-94E5-475B-8BA3-607C4B6F4670}" = FW CURE
"{03F1CC67-5BD8-4C36-8394-76311B2AE69A}" = ArcSoft PhotoStudio 5
"{053A7E07-3D44-4CDB-B79C-EE8755BFD7D6}" = Class_50_Content_Update
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0F51A262-1ADF-4914-B448-78AC58C4178A}" = WIDCOMM Bluetooth Software
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1CE59656-4104-44AA-00BF-D2546C7EA497}" = Tiger Woods PGA TOUR 06
"{1F701DBD-1660-4108-B10A-FB435EA63BF0}" = PostgreSQL 8.2
"{2F931B84-0CEE-11D1-AA7D-0080AD1AC47A}" = NetScreen-Remote
"{31671B31-682F-499E-00B9-7AD7D33C9E4F}" = Need For Speed Hot Pursuit 2
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{33D6723B-DE6B-4E86-A6BC-CD1F3E42DD26}" = OpenOffice.org 2.0
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{39AE0413-CEFC-4559-AC5F-855A1C006D2F}" = CRW Series Driver v1.17r019
"{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}" = Google Earth
"{419CF344-3D94-4DAD-99C8-EA7B00E5EA8B}" = Acronis*True*Image*Home
"{471A9640-39F8-11D5-A07F-005004F915E3}" = Microsoft Games Pocket Pak for Pocket PC
"{5B23E5AD-23E2-45C8-A24C-97D3A23FB6EE}" = Carcassonne
"{5F71EB81-C72E-4B28-8D90-FDEECFEBC2DE}" = Drive Image
"{6249C22D-E6A8-407B-BA8B-40298848ED94}" = OmniPage SE
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{65D70656-D248-4C83-B594-E3029C43B37A}" = phase6_19
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6991C042-73DB-11D6-A2F9-00105AF81F08}" = Der kleine Professor
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = Die Sims 2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}" = RollerCoaster Tycoon 2
"{77EDEF61-D63C-4441-9BEC-1874CE56FF6E}" = WeatherProfessional
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{7FB70A9B-6591-42EB-BD84-6F9C55368E06}" = LEGO Creator Harry Potter
"{8AC3A65A-03B0-428A-A216-075687AA0F3F}" = Carcassonne Add-On
"{8C2FA1ED-8248-42DF-A78A-48D40133129E}" = Acer Notebook Manager
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader
"{8CDC6712-AF80-459E-911F-F1E156CB0AB0}" = hp deskjet 5600
"{911A0407-6000-11D3-8CFE-0050048383C9}" = Microsoft Outlook 2002
"{9D53CC39-7680-40D9-BC31-80AEC9B18C74}" = Nokia PC Suite 5.62
"{AC76BA86-1033-0000-7760-000000000001}" = Adobe Acrobat 6.0 Professional
"{AC76BA86-7AD7-1031-7B44-A70500000002}" = Adobe Reader 7.0.5 - Deutsch
"{B376402D-58EA-45EA-BD50-DD924EB67A70}" = HP Speicher-Disc
"{C186B723-E9E3-4AB1-BC5F-DD8A0FC8DD34}" = NAVIGON MobileNavigator|4
"{C438B7C4-B4F8-49C5-A4DF-FF6F1F242778}" = NTI CD & DVD-Maker
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE65A3B9-08C3-4A2F-B2CB-8EAC3F17F440}" = ATI-Treiber
"{DE29025A-091F-4998-AD2D-24C84421190F}" = Railroad Tycoon 3
"{E0828692-FD9D-459F-9312-C645C3CA6650}" = HP Photo and Imaging 2.0 - Deskjet Series
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{EAA38532-7AD0-4f78-918A-4F4F02096ECE}" = Die Sims™ 2 Party-Accessoires
"{EAF5E394-BC2B-42D3-9A94-E0AD66851922}" = Vodafone Mobile Connect
"{EBBB1DEF-8878-4CB8-BC0D-1196B30E7527}" = ANNO 1503
"{F455665A-A82D-485F-9E1E-7D6CDCEC338E}" = Wireless Manager
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT-Erweiterung für den Microsoft Windows XP-Assistenten zum Schreiben von CDs
"3D Traumhaus Designer 7 Pro_is1" = DATA BECKER 3D Traumhaus Designer 7 Pro
"82A44D22-9452-49FB-00FB-CEC7DCAF7E23" = EA SPORTS online 2006
"Ad-Aware SE Professional" = Ad-Aware SE Professional
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player Plugin" = Adobe Flash Player Plugin
"Adobe Photoshop 6.0" = Adobe Photoshop 6.0
"Agere Systems Soft Modem" = Agere Systems AC'97 Modem
"AmoK DateWizard" = AmoK DateWizard 1.1b
"AnyDVD" = AnyDVD
"ATI Display Driver" = ATI Display Driver
"AutoSketch v6.0" = AutoSketch v6.0
"Diercke Globus" = Diercke Globus
"DTV_1.0" = DVB-T USB 2.0
"Eisenbahn.exe Professional 4.0" = Eisenbahn.exe Professional 4.0
"FileSync" = FileSync
"FlowFact" = FlowFact
"FTDICOMM" = USB Serial Converter Drivers
"German Railroads - DB 232" = German Railroads - DB 232
"German Railroads - Vol 1 - Biggetal" = German Railroads - Vol 1 - Biggetal
"German Railroads - Vol 2 - Rollbahn" = German Railroads - Vol 2 - Rollbahn
"GSpot" = GSpot Codec Information Appliance
"hp LaserJet 2300 Uninstaller" = hp LaserJet 2300-Deinstallationsprogramm
"hp print screen utility" = hp print screen utility
"Indeo® Software" = Indeo® Software
"InstallShield_{5F71EB81-C72E-4B28-8D90-FDEECFEBC2DE}" = PowerQuest Drive Image 2002
"InstallShield_{9D53CC39-7680-40D9-BC31-80AEC9B18C74}" = Nokia PC Suite 5.62
"InstallShield_{C438B7C4-B4F8-49C5-A4DF-FF6F1F242778}" = NTI CD & DVD-Maker 6.5 Gold
"InterActual Player" = InterActual Player
"iPhoto Plus 4" = iPhoto Plus 4
"KONICA MINOLTA magicolor 5430DL" = KONICA MINOLTA magicolor 5430DL
"LManager" = Launch Manager
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (2.0.0.6)" = Mozilla Firefox (2.0.0.6)
"mybooxx_is1" = mybooxx
"NASA World Wind 1.3" = NASA World Wind 1.3
"Network Print Monitor" = Network Print Monitor for Windows 2000/XP/2003
"NOD32" = NOD32 Antivirus System
"ODBC" = ODBC
"Organizer V97.1" = Lotus Organizer 97 GS
"PocketPlus" = PocketPlus
"PocketPlus_German" = PocketPlus_German
"PowerDVD" = PowerDVD
"ProTrain 3.1 3.1" = ProTrain 3.1 3.1
"ProTrain Rheintal 1.0" = ProTrain Rheintal 1.0
"ProTrain Tauernbahn 1.0" = ProTrain Tauernbahn 1.0
"Public Messenger ver 2.03" = Public Messenger ver 2.03
"QuickTime" = QuickTime
"Schiffsim" = Schiffsim 2006
"ShipSim2008" = Schiff-Simulator 2008
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.4
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"ThumbsPlus2000" = ThumbsPlus 2000-R
"Totalcmd" = Total Commander (Remove or Repair)
"Train Simulator 1.0" = Microsoft Train Simulator
"TravelMate540screen" = TravelMate540screen
"TreeSize Professional 2.4" = TreeSize Professional 2.4
"WeatherProfessional" = WeatherProfessional
"WEBPlotterX" = WEBPlotter ActiveX
"Webshots" = Webshots!
"Windows CE Services" = Microsoft ActiveSync 3.7
"Windows XP Service Pack" = Windows XP Service Pack 2
"WinPhlash" = WinPhlash
"WinRAR archiver" = WinRAR Archivierer
"ZoomPlayer" = Zoom Player (remove only)
========== Last 20 Event Log Errors ==========
Error: Unable to start EventLog service!
< End of report >
--- --- ---
Müsste ich heute noch was erledigen, oder kann ich den Laptop schon herunterfahren?? |
Textbox.