System Care Antivirus bei Windows XP

MichaH · 15.05.2013, 21:48

Hallo liebes Forum
Wie die Überschrift schon sagt,hat da etwas meinen Rechner gekarpert.
Besonders blöd für mich,weil ich keine Ahnung von PCs habe,
sie aber gerne benutze.
Gemäß einer früheren Anleitung habe ich OTL,im abgesicherten Modus
scannen lassen und die Logs gespeichert.
Wäre schön,wenn mal jemand einen Blick drauf werfen und mich
anleiten könnte,den Mist wieder loszuwerden.
Danke
Micha

OTL.txt:

OTL logfile created on: 15.05.2013 22:15:57 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\B_T\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2,00 Gb Total Physical Memory | 1,74 Gb Available Physical Memory | 87,12% Memory free
3,85 Gb Paging File | 3,78 Gb Available in Paging File | 98,16% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Programme
Drive C: | 36,91 Gb Total Space | 7,14 Gb Free Space | 19,35% Space Free | Partition Type: NTFS
Drive D: | 58,59 Gb Total Space | 58,33 Gb Free Space | 99,56% Space Free | Partition Type: NTFS
Drive E: | 19,53 Gb Total Space | 19,46 Gb Free Space | 99,60% Space Free | Partition Type: NTFS
Drive F: | 74,51 Gb Total Space | 32,47 Gb Free Space | 43,58% Space Free | Partition Type: FAT32

Computer Name: BT | User Name: B_T | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.05.15 21:33:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\B_T\Desktop\OTL.exe
PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (No Company Name) ==========

========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2013.04.13 13:28:57 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.03.29 20:41:59 | 000,170,912 | ---- | M] (Oracle Corporation) [Auto | Stopped] -- C:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012.04.20 07:59:04 | 000,092,592 | ---- | M] (TomTom) [Auto | Stopped] -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2011.06.28 17:09:44 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.04.30 15:30:36 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009.04.21 13:59:02 | 002,869,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Auto | Stopped] -- C:\WINDOWS\system32\hasplms.exe -- (hasplms)
SRV - [2008.04.07 10:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\usbaapl.sys -- (USBAAPL)
DRV - File not found [File_System | On_Demand | Stopped] -- -- (StarOpen)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\NETFWDSL.SYS -- (NETFWDSL)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- H:\Eigene Programme\mpeg4 converter\MediaCoder\SysInfo.sys -- (CrystalSysInfo)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2011.06.28 17:09:44 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.06.28 17:09:44 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.06.14 02:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009.07.09 14:18:56 | 000,587,776 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (hardlock)
DRV - [2009.06.22 11:06:32 | 000,016,384 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aksusb.sys -- (aksusb)
DRV - [2009.05.11 12:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009.05.11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.03.13 12:55:26 | 000,238,208 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\akshasp.sys -- (akshasp)
DRV - [2009.01.16 12:42:28 | 000,352,256 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\aksfridge.sys -- (aksfridge)
DRV - [2008.04.13 20:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008.04.13 20:40:30 | 000,096,512 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\atapi.sys -- (atapi)
DRV - [2007.09.17 16:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.07.23 16:12:44 | 000,046,336 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\akshhl.sys -- (akshhl)
DRV - [2006.05.03 18:50:42 | 001,540,608 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004.04.30 09:37:02 | 000,160,640 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\a347bus.sys -- (a347bus)
DRV - [2004.04.30 09:33:00 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\a347scsi.sys -- (a347scsi)
DRV - [2003.06.27 02:00:00 | 000,665,600 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\fdssbase.sys -- (FDSSBASE)
DRV - [2003.06.27 02:00:00 | 000,039,552 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avmdsloe.sys -- (AVMDSLPPPOE)
DRV - [2003.06.27 02:00:00 | 000,038,992 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avmndsl.sys -- (AVMNDSL)
DRV - [2002.10.31 05:58:42 | 000,030,848 | R--- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SISAGPX.SYS -- (SISAGP)
DRV - [2002.07.10 17:39:34 | 000,032,256 | R--- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
DRV - [2001.12.07 04:11:42 | 000,003,583 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SiSport.sys -- (SiSPort)
DRV - [2001.10.24 15:49:16 | 000,006,752 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\PfModNT.sys -- (PfModNT)
DRV - [2001.08.17 15:02:56 | 000,003,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SWUSBFLT.SYS -- (SWUSBFLT)
DRV - [2001.08.17 15:02:50 | 000,002,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HIDSwvd.sys -- (HIDSwvd)
DRV - [2001.08.17 13:19:34 | 000,040,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\es1371mp.sys -- (es1371)
DRV - [2001.08.17 12:12:40 | 000,019,017 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8029.sys -- (rtl8029)
DRV - [2001.08.10 08:00:00 | 000,003,252 | ---- | M] () [Kernel | System | Stopped] -- C:\windows\System32\drivers\PQNTDRV.SYS -- (PQNTDrv)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Reg Error: Value error.
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{0C5B2405-FE4E-4EE1-82DB-5E3378F1A8AF}: "URL" = hxxp://go.1und1.de/suchbox/google?q={searchTerms}
IE - HKLM\..\SearchScopes\{4BFA6697-1659-4896-93D5-8BEBB1F7F5AE}: "URL" = hxxp://go.web.de/suchbox/amazon?field-keywords={searchTerms}
IE - HKLM\..\SearchScopes\{F1B92CC2-DA00-413F-90A7-A52B1A8F7DE5}: "URL" = hxxp://go.web.de/suchbox/ebay?query={searchTerms}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1409082233-1682526488-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Mein Versatel
IE - HKU\S-1-5-21-1409082233-1682526488-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Delta Search
IE - HKU\S-1-5-21-1409082233-1682526488-1417001333-1003\..\SearchScopes,DefaultScope = {8A96AF9E-4074-43b7-BEA3-87217BDA74C8}
IE - HKU\S-1-5-21-1409082233-1682526488-1417001333-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-1409082233-1682526488-1417001333-1003\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.delta-search.com/?q={searchTerms}&affID=119556&tt=190313_wctrl&babsrc=SP_ss&mntrId=7006000B6A16C0C0
IE - HKU\S-1-5-21-1409082233-1682526488-1417001333-1003\..\SearchScopes\{37E67706-4596-45F5-8C8D-950AFF3D3B76}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKU\S-1-5-21-1409082233-1682526488-1417001333-1003\..\SearchScopes\{3CC0C37D-1409-4B4E-9E49-C0F7C48E6762}: "URL" = hxxp://go.1und1.de/suchbox/1und1suche?su={searchTerms}
IE - HKU\S-1-5-21-1409082233-1682526488-1417001333-1003\..\SearchScopes\{43B8D344-A8AB-447F-9B8E-DE1985314F20}: "URL" = hxxp://go.web.de/suchbox/google?q={searchTerms}
IE - HKU\S-1-5-21-1409082233-1682526488-1417001333-1003\..\SearchScopes\{63057227-D4AC-48D2-87C4-70A630C50552}: "URL" = hxxp://go.web.de/suchbox/ebay?query={searchTerms}
IE - HKU\S-1-5-21-1409082233-1682526488-1417001333-1003\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8}: "URL" = hxxp://www.searchqu.com/web?src=ieb&q={SearchTerms}
IE - HKU\S-1-5-21-1409082233-1682526488-1417001333-1003\..\SearchScopes\{8D5958AF-8012-436F-898C-86D9E814A4EC}: "URL" = hxxp://go.1und1.de/suchbox/amazon?tag=1und1icon-21&field-keywords={searchTerms}
IE - HKU\S-1-5-21-1409082233-1682526488-1417001333-1003\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredimail.com/?search={searchTerms}&loc=search_box_im2_test_v2
IE - HKU\S-1-5-21-1409082233-1682526488-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "https://www.google.de/"
FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.4.8
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2013.04.13 13:28:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins

[2012.05.13 21:30:25 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\B_T\Anwendungsdaten\Mozilla\Extensions
[2012.05.13 21:30:25 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\B_T\Anwendungsdaten\Mozilla\Extensions\home2@tomtom.com
[2013.04.18 23:07:14 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\B_T\Anwendungsdaten\Mozilla\Firefox\Profiles\3qyllwj4.default\extensions
[2013.04.05 23:24:47 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Dokumente und Einstellungen\B_T\Anwendungsdaten\Mozilla\Firefox\Profiles\3qyllwj4.default\extensions\ich@maltegoetz.de
[2013.04.18 23:07:14 | 000,408,852 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\B_T\Anwendungsdaten\Mozilla\Firefox\Profiles\3qyllwj4.default\extensions\jid0-w1UVmoLd6VGudaIERuRJCPQx1dQ@jetpack.xpi
[2013.03.30 18:16:27 | 000,006,510 | ---- | M] () -- C:\Dokumente und Einstellungen\B_T\Anwendungsdaten\Mozilla\Firefox\Profiles\3qyllwj4.default\searchplugins\BrowserProtect.xml
[2013.03.30 18:16:47 | 000,001,294 | ---- | M] () -- C:\Dokumente und Einstellungen\B_T\Anwendungsdaten\Mozilla\Firefox\Profiles\3qyllwj4.default\searchplugins\delta.xml
[2013.04.13 13:28:44 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2013.04.13 13:28:57 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2012.02.08 19:36:16 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.03.30 18:16:27 | 000,006,510 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\babylon.xml
[2012.08.31 19:52:42 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.02.08 19:36:16 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.08 19:36:16 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.08 19:36:16 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.08 19:36:16 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml

========== Chrome ==========

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: Google

O1 HOSTS File: ([2001.08.23 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (1&&1 Internet AG Browser Configuration by mquadr.at) - {D48FF4B4-E68F-47D1-8E25-81A0F0EEB341} - C:\WINDOWS\system32\ieconfig_1und1.dll (mquadr.at software engineering und consulting GmbH)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATICCC] C:\Programme\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd File not found
O4 - HKLM..\Run: [ControlCenter3] C:\Programme\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [HTpatch] C:\WINDOWS\htpatch.exe ()
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\windows\System32\nwiz.exe ()
O4 - HKLM..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe (Silicon Integrated Systems Corp.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-21-1409082233-1682526488-1417001333-1003..\Run: [TomTomHOME.exe] C:\Programme\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKU\S-1-5-21-1409082233-1682526488-1417001333-1003..\RunOnce: [7009713AC647AA2D000070090133AC14] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7009713AC647AA2D000070090133AC14\7009713AC647AA2D000070090133AC14.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Ereigniserinnerung.lnk = C:\Programme\Broderbund\PrintMaster\PMREMIND.EXE (The Learning Company)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1409082233-1682526488-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - res://C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} hxxp://lads.myspace.com/upload/MySpaceUploader2.cab (MySpace Uploader Control)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\windows\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\B_T\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\B_T\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{561b1c80-f25a-11df-9d52-000b6a16c0c0}\Shell - "" = AutoRun
O33 - MountPoints2\{561b1c80-f25a-11df-9d52-000b6a16c0c0}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{561b1c80-f25a-11df-9d52-000b6a16c0c0}\Shell\AutoRun\command - "" = G:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013.05.15 22:13:07 | 000,000,000 | ---D | C] -- C:\windows\CSC
[2013.05.15 22:08:43 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\B_T\Desktop\OTL.exe
[2013.05.14 20:33:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\B_T\Startmenü\Programme\System Care Antivirus
[2013.05.14 17:52:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7009713AC647AA2D000070090133AC14
[5 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[13 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\Dokumente und Einstellungen\B_T\Lokale Einstellungen\Anwendungsdaten\*.tmp files -> C:\Dokumente und Einstellungen\B_T\Lokale Einstellungen\Anwendungsdaten\*.tmp -> ]
[1 C:\Dokumente und Einstellungen\B_T\Eigene Dateien\*.tmp files -> C:\Dokumente und Einstellungen\B_T\Eigene Dateien\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013.05.15 22:13:50 | 000,002,206 | ---- | M] () -- C:\windows\System32\wpa.dbl
[2013.05.15 22:13:03 | 000,002,048 | --S- | M] () -- C:\windows\bootstat.dat
[2013.05.15 22:07:00 | 000,000,414 | -H-- | M] () -- C:\windows\tasks\User_Feed_Synchronization-{E26D0320-2172-4818-98C3-ED99B959E044}.job
[2013.05.15 21:44:00 | 000,001,090 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.05.15 21:33:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\B_T\Desktop\OTL.exe
[2013.05.15 20:31:14 | 000,001,086 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.05.14 20:33:59 | 000,002,392 | ---- | M] () -- C:\Dokumente und Einstellungen\B_T\Desktop\System Care Antivirus.lnk
[2013.05.13 17:55:58 | 000,000,049 | ---- | M] () -- C:\windows\NeroDigital.ini
[2013.05.04 21:24:49 | 000,002,477 | ---- | M] () -- C:\Dokumente und Einstellungen\B_T\Desktop\Microsoft Word.lnk
[2013.05.04 08:33:07 | 2145,386,496 | ---- | M] () -- C:\windows\MEMORY.DMP
[2013.04.29 09:54:50 | 000,039,424 | ---- | M] () -- C:\Dokumente und Einstellungen\B_T\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[5 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[13 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\Dokumente und Einstellungen\B_T\Lokale Einstellungen\Anwendungsdaten\*.tmp files -> C:\Dokumente und Einstellungen\B_T\Lokale Einstellungen\Anwendungsdaten\*.tmp -> ]
[1 C:\Dokumente und Einstellungen\B_T\Eigene Dateien\*.tmp files -> C:\Dokumente und Einstellungen\B_T\Eigene Dateien\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.05.14 17:59:28 | 000,002,392 | ---- | C] () -- C:\Dokumente und Einstellungen\B_T\Desktop\System Care Antivirus.lnk
[2012.12.29 13:00:34 | 000,000,031 | ---- | C] () -- C:\windows\wwwbatch.ini
[2012.12.29 13:00:33 | 000,045,056 | ---- | C] () -- C:\windows\wsutil.exe
[2012.12.29 12:56:07 | 000,172,032 | ---- | C] () -- C:\windows\WsBtn.dll
[2012.11.07 22:53:26 | 000,000,113 | ---- | C] () -- C:\windows\Inetreg.ini
[2012.11.04 18:46:25 | 000,032,768 | ---- | C] () -- C:\windows\SIS_LIB.DLL
[2012.11.04 18:46:24 | 000,028,672 | R--- | C] () -- C:\windows\htpatch.exe
[2012.11.04 18:46:24 | 000,003,072 | R--- | C] () -- C:\windows\winio.sys
[2012.11.04 18:45:29 | 000,001,930 | ---- | C] () -- C:\windows\Ascd_tmp.ini
[2012.11.04 18:45:27 | 000,005,824 | ---- | C] () -- C:\windows\System32\drivers\ASUSHWIO.SYS
[2012.10.07 21:25:54 | 000,000,105 | ---- | C] () -- C:\windows\mapiuid.ini
[2012.09.23 18:18:38 | 000,160,640 | ---- | C] ( ) -- C:\windows\System32\drivers\a347bus.sys
[2012.09.23 18:18:38 | 000,005,248 | ---- | C] ( ) -- C:\windows\System32\drivers\a347scsi.sys
[2012.09.23 18:16:54 | 004,289,024 | ---- | C] () -- C:\Programme\trial_setup.msi
[2012.09.23 18:16:54 | 000,040,448 | ---- | C] () -- C:\Programme\trial_setup.exe
[2012.09.23 18:16:54 | 000,000,777 | ---- | C] () -- C:\Programme\trial_setup.ini
[2012.02.25 21:45:00 | 000,284,160 | ---- | C] () -- C:\windows\unin0407.exe
[2012.02.18 18:21:33 | 000,000,049 | ---- | C] () -- C:\windows\NeroDigital.ini
[2012.02.18 13:41:29 | 000,000,021 | ---- | C] () -- C:\windows\CS_setup.ini
[2012.02.16 00:04:50 | 000,000,425 | ---- | C] () -- C:\windows\BRWMARK.INI
[2012.02.16 00:04:50 | 000,000,027 | ---- | C] () -- C:\windows\BRPP2KA.INI
[2012.02.16 00:03:52 | 000,000,208 | ---- | C] () -- C:\windows\Brpfx04a.ini
[2012.02.16 00:03:52 | 000,000,093 | ---- | C] () -- C:\windows\brpcfx.ini
[2012.02.16 00:03:52 | 000,000,050 | ---- | C] () -- C:\windows\System32\bridf07a.dat
[2012.02.16 00:02:37 | 000,106,496 | ---- | C] () -- C:\windows\System32\BrMuSNMP.dll
[2012.02.16 00:02:33 | 000,000,000 | ---- | C] () -- C:\windows\brdfxspd.dat
[2012.02.15 23:59:47 | 000,031,664 | ---- | C] () -- C:\windows\maxlink.ini
[2012.02.15 21:48:39 | 000,520,192 | ---- | C] () -- C:\windows\System32\ati2sgag.exe
[2011.06.02 12:09:14 | 000,001,324 | ---- | C] () -- C:\windows\System32\d3d9caps.dat
[2009.10.25 10:44:54 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\B_T\Anwendungsdaten\$_hpcst$.hpc
[2009.09.14 14:48:09 | 000,036,177 | ---- | C] () -- C:\Dokumente und Einstellungen\B_T\Startmenü.zip
[2009.09.14 14:46:39 | 000,008,306 | ---- | C] () -- C:\Dokumente und Einstellungen\B_T\Startmenü.7z
[2009.08.30 08:51:21 | 000,000,129 | ---- | C] () -- C:\Dokumente und Einstellungen\B_T\Anwendungsdaten\AVSDVDPlayer.m3u
[2009.08.21 11:49:23 | 000,005,051 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\xqkcebzs.dik
[2009.03.08 22:05:53 | 000,039,424 | ---- | C] () -- C:\Dokumente und Einstellungen\B_T\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2010.05.21 22:35:38 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 04:22:25 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 04:22:32 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >

Extras.txt:

OTL Extras logfile created on: 15.05.2013 22:15:57 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\B_T\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2,00 Gb Total Physical Memory | 1,74 Gb Available Physical Memory | 87,12% Memory free
3,85 Gb Paging File | 3,78 Gb Available in Paging File | 98,16% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Programme
Drive C: | 36,91 Gb Total Space | 7,14 Gb Free Space | 19,35% Space Free | Partition Type: NTFS
Drive D: | 58,59 Gb Total Space | 58,33 Gb Free Space | 99,56% Space Free | Partition Type: NTFS
Drive E: | 19,53 Gb Total Space | 19,46 Gb Free Space | 99,60% Space Free | Partition Type: NTFS
Drive F: | 74,51 Gb Total Space | 32,47 Gb Free Space | 43,58% Space Free | Partition Type: FAT32

Computer Name: BT | User Name: B_T | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-1409082233-1682526488-1417001333-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programme\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Software\Programme\vlc Plkayer\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Software\Programme\vlc Plkayer\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Programme\MSN Messenger\msnmsgr.exe" = C:\Programme\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\WINDOWS\system32\dpnsvr.exe" = C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server -- (Microsoft Corporation)
"C:\Programme\Internet Explorer\iexplore.exe" = C:\Programme\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer -- (Microsoft Corporation)
"C:\Programme\Samsung\Samsung New PC Studio\npsasvr.exe" = C:\Programme\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server
"C:\Programme\Samsung\Samsung New PC Studio\npsvsvr.exe" = C:\Programme\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server
"C:\WINDOWS\system32\hasplms.exe" = C:\WINDOWS\system32\hasplms.exe:*:Enabled:HASP LLM -- (Aladdin Knowledge Systems Ltd.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{09298F26-A95C-31E2-9D95-2C60F586F075}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26881D3C-F2A7-4BD4-80DF-D7B35AD01B69}" = DigitizerJr
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java(TM) 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{332CC6BF-E6C7-48EE-BA3D-435E576AD67F}" = PaperPort Image Printer
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4677AAF8-8D7A-4EE2-BCE4-0068BB052353}" = ArcSoft Camera Suite
"{46833C09-65B5-4C22-9013-9F89391AF90C}_is1" = TOPP Vorlagen-Druckstudio (3608)
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5E154237-38E0-4013-8672-3B1CD1A41EC7}" = MC350E Update Tool
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}" = Brother MFL-Pro Suite
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.6 - Deutsch
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI - Deutsch
"{B6C89654-A6A2-477C-873B-724EC1C56407}" = ScanSoft PaperPort 11
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E39C74DF-58FD-4E52-9888-2CC59DFB0B34}" = PowerQuest PartitionMagic Pro 7.0
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{E9F81423-211E-46B6-9AE0-38568BC5CF6F}" =
"{EA9FAF16-0E5C-42C4-9742-9AF8D5F6D69B}" = ATI Catalyst Control Center
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F82C6574-AD88-4B40-A432-970BC77F1BD2}" = DesignPro 5
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows-Treiberpaket - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"Audiograbber" = Audiograbber 1.83 SE
"Audiograbber-Lame" = Audiograbber MP3-Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"C-Media Audio Driver" = C-Media WDM Audio Driver
"ie8" = Windows Internet Explorer 8
"InstallShield_{F82C6574-AD88-4B40-A432-970BC77F1BD2}" = DesignPro 5
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nero - Burning Rom!UninstallKey" = Nero OEM
"NVIDIA Drivers" = NVIDIA Drivers
"PrintMaster 8.0" = PrintMaster® Gold 8.0
"SBPCIUnInstall" = Creative PCI Audio Drivers
"Serif DrawPlus 3.0" = Serif DrawPlus 3.0
"SiSLan" = SiS 900 PCI Fast Ethernet Adapter Driver
"Sound Blaster PCI128 Drivers Online Help" = Sound Blaster PCI128 Drivers Online Help
"TomTom HOME" = TomTom HOME 2.8.4.2596
"Versatel" = Versatel
"VLC media player" = VLC media player 1.1.11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR Archivierer

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 07.10.2012 11:22:39 | Computer Name = BT | Source = ESENT | ID = 490
Description = svchost (1172) Versuch, Datei "C:\windows\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb"
für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der
Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet
wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.

Error - 16.10.2012 14:12:15 | Computer Name = BT | Source = ESENT | ID = 490
Description = svchost (1152) Versuch, Datei "C:\windows\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb"
für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der
Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet
wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.

Error - 20.10.2012 07:52:55 | Computer Name = BT | Source = ESENT | ID = 490
Description = svchost (1152) Versuch, Datei "C:\windows\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb"
für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der
Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet
wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.

Error - 22.10.2012 13:53:05 | Computer Name = BT | Source = JavaQuickStarterService | ID = 1
Description =

Error - 07.11.2012 11:47:23 | Computer Name = BT | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung outlook.exe, Version 9.0.0.2416, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x00000000.

Error - 22.11.2012 09:39:34 | Computer Name = BT | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung firefox.exe, Version 16.0.2.4680, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error - 29.11.2012 17:16:48 | Computer Name = BT | Source = ESENT | ID = 490
Description = svchost (1164) Versuch, Datei "C:\windows\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb"
für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der
Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet
wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.

Error - 05.12.2012 05:06:33 | Computer Name = BT | Source = MsiInstaller | ID = 11706
Description = Produkt: Microsoft Office 2000 Premium -- Fehler 1706. Es wurde keine
gültige Quelle für das Produkt "Microsoft Office 2000 Premium" gefunden. Die Installation
kann nicht fortgesetzt werden.

Error - 07.12.2012 16:05:11 | Computer Name = BT | Source = MsiInstaller | ID = 11706
Description = Produkt: Microsoft Office 2000 Premium -- Fehler 1706. Es wurde keine
gültige Quelle für das Produkt "Microsoft Office 2000 Premium" gefunden. Die Installation
kann nicht fortgesetzt werden.

Error - 07.12.2012 16:05:19 | Computer Name = BT | Source = MsiInstaller | ID = 11706
Description = Produkt: Microsoft Office 2000 Premium -- Fehler 1706. Es wurde keine
gültige Quelle für das Produkt "Microsoft Office 2000 Premium" gefunden. Die Installation
kann nicht fortgesetzt werden.

[ System Events ]
Error - 15.05.2013 14:33:07 | Computer Name = BT | Source = Service Control Manager | ID = 7000
Description = Der Dienst "IMAPI-CD-Brenn-COM-Dienste" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053

Error - 15.05.2013 14:33:07 | Computer Name = BT | Source = Service Control Manager | ID = 7034
Description = Dienst "HASP License Manager" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.

Error - 15.05.2013 14:33:07 | Computer Name = BT | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Avira AntiVir Guard" wurde unerwartet beendet. Dies ist
bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden
durchgeführt: Starten Sie den Dienst neu..

Error - 15.05.2013 14:33:07 | Computer Name = BT | Source = Service Control Manager | ID = 7034
Description = Dienst "Java Quick Starter" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.

Error - 15.05.2013 14:33:08 | Computer Name = BT | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Avira AntiVir Guard" wurde aufgrund folgenden Fehlers
nicht gestartet: %%109

Error - 15.05.2013 14:33:10 | Computer Name = BT | Source = DCOM | ID = 10010
Description = Der Server "{6295DF2D-35EE-11D1-8707-00C04FD93327}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error - 15.05.2013 14:44:00 | Computer Name = BT | Source = Service Control Manager | ID = 7034
Description = Dienst "Google Update Service (gupdate1c9bac279483c6e)" wurde unerwartet
beendet. Dies ist bereits 1 Mal passiert.

Error - 15.05.2013 15:44:00 | Computer Name = BT | Source = Service Control Manager | ID = 7034
Description = Dienst "Google Update Service (gupdate1c9bac279483c6e)" wurde unerwartet
beendet. Dies ist bereits 2 Mal passiert.

Error - 15.05.2013 16:14:07 | Computer Name = BT | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 15.05.2013 16:14:45 | Computer Name = BT | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
AmdK7 avgio avipbb Fips ssmdrv

< End of report >

System Care Antivirus bei Windows XP

Plagegeister aller Art und deren Bekämpfung: System Care Antivirus bei Windows XP

System Care Antivirus bei Windows XP

Ähnliche Themen: System Care Antivirus bei Windows XP