Zitat:
Zitat von cosinus
(Beitrag 971489)
Was bitte soll so eine angestaubte Version für einen Nutzen haben? :balla:
| Ich dachte, die alte Norton version kriegt trotzdem die gleichen updates wie die neueren.. ist das nicht so?
Okay, ich mach mich dann mal an den nächsten Schritt :) "OTL.Txt" Code:
OTL logfile created on: 12.12.2012 17:10:52 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1014,98 Mb Total Physical Memory | 537,41 Mb Available Physical Memory | 52,95% Memory free
1,64 Gb Paging File | 1,26 Gb Available in Paging File | 77,28% Paging File free
Paging file location(s): c:\pagefile.sys 756 1512 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 37,27 Gb Total Space | 21,89 Gb Free Space | 58,74% Space Free | Partition Type: NTFS
Computer Name: KUNDE-5971BD14E | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Trademanager\AliIM.exe (Alibaba software (Shanghai) Corporation.)
PRC - C:\Programme\Trademanager\miser\AliimSafe.exe (阿里云计算有限公司)
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Programme\Trademanager\WWUIUnits.dll ()
MOD - C:\Programme\Trademanager\protocol.dll ()
MOD - C:\Programme\Trademanager\P2PEnv.dll ()
MOD - C:\Programme\Trademanager\wwparams.dll ()
MOD - C:\WINDOWS\system32\aliedit\aliedit.dll ()
MOD - C:\Programme\Trademanager\zlibwapi.dll ()
MOD - C:\Programme\Trademanager\pcre.dll ()
========== Services (SafeList) ==========
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (TuneUp.Defrag) -- C:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
SRV - (TuneUp.UtilitiesSvc) -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
========== Driver Services (SafeList) ==========
DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (catchme) -- C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\catchme.sys File not found
DRV - (ALCXWDM) -- system32\drivers\ALCXWDM.SYS File not found
DRV - (SiS315) -- C:\WINDOWS\system32\drivers\sisgrp.sys (Silicon Integrated Systems Corporation)
DRV - (SiSkp) -- C:\WINDOWS\system32\drivers\srvkp.sys (Silicon Integrated Systems Corporation)
DRV - (SISAGP) -- C:\WINDOWS\system32\drivers\SISAGPX.SYS (Silicon Integrated Systems Corporation)
DRV - (RTL8192su) -- C:\WINDOWS\system32\drivers\RTL8192su.sys (Realtek Semiconductor Corporation )
DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (hwdatacard) -- C:\WINDOWS\system32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (AN983) -- C:\WINDOWS\system32\drivers\an983.sys (ADMtek Incorporated.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {94CBD8FD-6FB9-42B4-AB6D-61548E7A9CCB}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{94CBD8FD-6FB9-42B4-AB6D-61548E7A9CCB}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1343024091-1532298954-1606980848-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-1343024091-1532298954-1606980848-500\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1343024091-1532298954-1606980848-500\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-1343024091-1532298954-1606980848-500\..\SearchScopes\{94CBD8FD-6FB9-42B4-AB6D-61548E7A9CCB}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADRA_de
IE - HKU\S-1-5-21-1343024091-1532298954-1606980848-500\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NIS&chn=retail&geo=DE&ver=20&locale=de_DE&gct=sb&qsrc=2869
IE - HKU\S-1-5-21-1343024091-1532298954-1606980848-500\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKU\S-1-5-21-1343024091-1532298954-1606980848-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..CT2269050.browser.search.defaultthis.engineName: true
FF - prefs.js..browser.search.selectedEngine: "DVDVideoSoftTB Customized Web Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=13"
FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.4.3
FF - prefs.js..extensions.enabledAddons: info%40djzig.com:2.0.7
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=2&q="
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@alibaba.com/nptrademanager;version=1.0: C:\Programme\Trademanager\nptrademanager.dll ( )
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.4: C:\Programme\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\{@alibaba.com/alisetup;version=1.0}: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Alibaba\AliSetup\0.1.0.52\npAliSetupOneClick.dll (alibaba)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.12.05 12:31:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.12.05 12:31:01 | 000,000,000 | ---D | M]
[2011.06.18 11:01:09 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Extensions
[2012.12.12 00:15:18 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\mbn5iapt.default\extensions
[2012.09.27 18:46:22 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\mbn5iapt.default\extensions\ich@maltegoetz.de
[2012.10.13 18:52:25 | 000,000,000 | ---D | M] (LavaFox V2) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\mbn5iapt.default\extensions\info@djzig.com
[2012.12.12 00:15:18 | 000,036,098 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\mbn5iapt.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
[2012.11.23 14:59:22 | 000,804,627 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\mbn5iapt.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.12.05 12:30:58 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.12.05 12:31:25 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2012.05.31 10:16:36 | 000,108,576 | ---- | M] ( ) -- C:\Programme\mozilla firefox\plugins\nptrademanager.dll
[2012.11.20 08:13:26 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.11.20 08:13:26 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.11.20 08:13:26 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.11.20 08:13:26 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.11.20 08:13:26 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.11.20 08:13:26 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - homepage: hxxp://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Programme\Google\Chrome\Application\21.0.1180.75\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.270.7 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U27 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Programme\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programme\Windows Media Player\npdsplay.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Programme\Google\Chrome\Application\21.0.1180.75\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Programme\Google\Chrome\Application\21.0.1180.75\pdf.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Programme\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Programme\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Programme\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
O1 HOSTS File: ([2012.12.12 14:44:54 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-1343024091-1532298954-1606980848-500\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-1343024091-1532298954-1606980848-500\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [SiSPower] C:\WINDOWS\System32\SiSPower.dll (Silicon Integrated Systems Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-21-1343024091-1532298954-1606980848-500..\Run: [aliim] C:\Programme\Trademanager\AliIM.exe (Alibaba software (Shanghai) Corporation.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1343024091-1532298954-1606980848-500\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1343024091-1532298954-1606980848-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1343024091-1532298954-1606980848-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1343024091-1532298954-1606980848-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1308386768859 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{01B4C92F-7AAC-4FC4-BF93-6A5CA9C6EF2A}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{66012CC5-D223-468B-9A99-ED68EEB016BC}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7B6AD1CA-7E5C-4466-B2FE-5E23DD52C838}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8AFD740A-90B1-4A7F-B421-2779609568AD}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.06.18 09:22:32 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012.12.12 17:16:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2012.12.12 12:38:29 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012.12.12 12:34:23 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012.12.12 12:34:23 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012.12.12 12:34:23 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012.12.12 12:34:22 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012.12.12 12:31:17 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.12.12 12:30:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2012.12.11 17:35:32 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012.12.11 17:34:53 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Dokumente und Einstellungen\Administrator\Desktop\tdsskiller.exe
[2012.12.11 00:35:41 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Symantec Shared
[2012.12.11 00:29:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton
[2012.12.11 00:25:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Ashampoo
[2012.12.11 00:19:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NortonInstaller
[2012.12.11 00:19:30 | 000,000,000 | ---D | C] -- C:\Programme\Ashampoo
[2012.12.10 23:28:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\18B64F789051B71F000018B636CBC086
[2012.12.10 19:57:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Desktop\AUSDRUCKEN
[2012.12.05 19:26:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Desktop\angsar
[2012.12.05 12:30:57 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox
[2012.12.05 00:15:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Desktop\Originals
[2012.12.04 12:16:06 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2012.12.03 02:00:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Paint XP
[2012.12.03 02:00:52 | 000,000,000 | ---D | C] -- C:\Programme\Paint XP
[2012.11.21 17:38:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Desktop\Booty
[9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.12.12 17:15:04 | 000,001,104 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.12.12 17:15:04 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.12.12 16:43:03 | 000,517,126 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.12.12 16:43:03 | 000,472,866 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.12.12 16:43:03 | 000,100,754 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.12.12 16:43:03 | 000,075,960 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.12.12 16:41:06 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.12.12 16:39:22 | 000,000,514 | ---- | M] () -- C:\WINDOWS\tasks\Automatische Problemsuche.job
[2012.12.12 16:38:40 | 000,001,100 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.12.12 16:38:34 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.12.12 14:44:54 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012.12.12 12:38:47 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012.12.12 12:17:06 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.12.12 12:17:05 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.12.11 21:38:13 | 000,034,816 | -H-- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\photothumb.db
[2012.12.11 20:45:28 | 000,021,329 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\couch11.JPG
[2012.12.11 20:40:11 | 000,044,552 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\dffdfdd.jpg
[2012.12.11 17:34:54 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Dokumente und Einstellungen\Administrator\Desktop\tdsskiller.exe
[2012.12.10 22:34:31 | 000,033,031 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\11420_0.jpg
[2012.12.10 22:34:15 | 000,033,932 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\11422_0.jpg
[2012.12.10 21:43:01 | 000,020,278 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\65108_381374541955934_1042475196_n.jpg
[2012.12.10 21:41:26 | 000,332,004 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\http-26-media-tumblr-com-tumblr_lxdvpwL2Ef1r4t35qo1_400-gif-spongebob-squarepants-28094298-458-322_large.png
[2012.12.10 21:38:20 | 006,844,137 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\penguifall.gif
[2012.12.10 21:37:49 | 000,461,127 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\tumblr_men3dxWjAM1rh85cao1_500.gif
[2012.12.10 21:36:57 | 000,546,935 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\tumblr_m0vv5yHpaq1rqdnodo1_500.gif
[2012.12.10 21:35:22 | 002,149,698 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\tumblr_md3cfyA6jF1rsxi4ao1_400_large.gif
[2012.12.10 21:35:04 | 000,060,035 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\1232109629_the evolution of man and woman.gif
[2012.12.10 17:49:05 | 000,022,309 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\0184782.jpg
[2012.12.10 17:48:39 | 000,058,555 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\0463201.jpg
[2012.12.10 17:47:24 | 000,044,552 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\0435670.jpg
[2012.12.09 22:41:34 | 000,079,794 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\6027566_460s.jpg
[2012.12.08 19:48:00 | 000,000,008 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\MagicEmotions.idx
[2012.12.08 19:28:29 | 000,138,848 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.12.05 00:45:39 | 000,000,754 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI
[2012.12.03 13:51:45 | 000,032,166 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\jdhfjdtumblr.rtf
[2012.12.03 13:05:50 | 000,001,537 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\nkjbhkjsbks.rtf
[2012.12.03 03:32:13 | 000,000,670 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\gfjfj.rtf
[2012.12.03 02:00:53 | 000,000,647 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Paint XP.lnk
[2012.11.24 21:12:49 | 000,000,696 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk
[2012.11.22 06:23:37 | 000,007,683 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\colarezept deutsch.rtf
[2012.11.22 06:18:16 | 000,000,618 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\gvfghfghfvg.rtf
[2012.11.22 06:14:45 | 000,007,735 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\colarezept.rtf
[2012.11.19 05:33:21 | 000,000,224 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\gjfghfgh.rtf
[9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.12.12 12:38:46 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2012.12.12 12:38:41 | 000,262,448 | RHS- | C] () -- C:\cmldr
[2012.12.12 12:34:23 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012.12.12 12:34:23 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012.12.12 12:34:23 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012.12.12 12:34:23 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012.12.12 12:34:23 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012.12.11 20:45:28 | 000,021,329 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\couch11.JPG
[2012.12.11 20:40:10 | 000,044,552 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\dffdfdd.jpg
[2012.12.10 22:34:31 | 000,033,031 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\11420_0.jpg
[2012.12.10 22:34:14 | 000,033,932 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\11422_0.jpg
[2012.12.10 21:42:59 | 000,020,278 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\65108_381374541955934_1042475196_n.jpg
[2012.12.10 21:41:26 | 000,332,004 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\http-26-media-tumblr-com-tumblr_lxdvpwL2Ef1r4t35qo1_400-gif-spongebob-squarepants-28094298-458-322_large.png
[2012.12.10 21:38:18 | 006,844,137 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\penguifall.gif
[2012.12.10 21:37:48 | 000,461,127 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\tumblr_men3dxWjAM1rh85cao1_500.gif
[2012.12.10 21:36:56 | 000,546,935 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\tumblr_m0vv5yHpaq1rqdnodo1_500.gif
[2012.12.10 21:35:21 | 002,149,698 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\tumblr_md3cfyA6jF1rsxi4ao1_400_large.gif
[2012.12.10 21:35:02 | 000,060,035 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\1232109629_the evolution of man and woman.gif
[2012.12.10 17:49:04 | 000,022,309 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\0184782.jpg
[2012.12.10 17:48:38 | 000,058,555 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\0463201.jpg
[2012.12.10 17:47:23 | 000,044,552 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\0435670.jpg
[2012.12.09 22:41:27 | 000,079,794 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\6027566_460s.jpg
[2012.12.05 00:45:39 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2012.12.04 20:53:12 | 000,000,008 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\MagicEmotions.idx
[2012.12.04 12:14:59 | 000,000,813 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\Internet Explorer (ohne Add-Ons).lnk
[2012.12.03 13:51:45 | 000,032,166 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\jdhfjdtumblr.rtf
[2012.12.03 12:28:02 | 000,001,537 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\nkjbhkjsbks.rtf
[2012.12.03 03:32:13 | 000,000,670 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\gfjfj.rtf
[2012.12.03 02:00:53 | 000,000,647 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Paint XP.lnk
[2012.11.22 06:23:37 | 000,007,683 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\colarezept deutsch.rtf
[2012.11.22 06:18:16 | 000,000,618 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\gvfghfghfvg.rtf
[2012.11.22 06:14:43 | 000,007,735 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\colarezept.rtf
[2012.11.19 05:33:15 | 000,000,224 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\gjfghfgh.rtf
[2012.06.11 02:10:40 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.06.30 08:50:14 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.06.18 11:21:24 | 000,032,768 | ---- | C] () -- C:\WINDOWS\SIS_LIB.DLL
[2011.06.18 11:20:21 | 000,103,172 | ---- | C] () -- C:\WINDOWS\VGAsetup.ini
[2011.06.18 11:19:22 | 000,095,987 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini
[2011.06.18 11:01:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011.06.18 10:10:10 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011.06.18 10:08:58 | 000,138,848 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.06.18 09:25:35 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011.06.18 09:18:43 | 000,022,908 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2000.01.01 17:28:00 | 000,004,608 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2000.01.01 12:02:13 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\{E12399B0-75A7-4FA4-B4BA-D29B08002CC8}
========== ZeroAccess Check ==========
[2011.06.18 10:09:44 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2011.04.25 15:47:19 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 11:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 13:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
< End of report >
"Extras.Txt" Code:
OTL Extras logfile created on: 12.12.2012 17:10:52 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1014,98 Mb Total Physical Memory | 537,41 Mb Available Physical Memory | 52,95% Memory free
1,64 Gb Paging File | 1,26 Gb Available in Paging File | 77,28% Paging File free
Paging file location(s): c:\pagefile.sys 756 1512 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 37,27 Gb Total Space | 21,89 Gb Free Space | 58,74% Space Free | Partition Type: NTFS
Computer Name: KUNDE-5971BD14E | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Programme\Google\Chrome\Application\chrome.exe (Google Inc.)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-1343024091-1532298954-1606980848-500\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Programme\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2367FAB6-055A-4923-835F-F57F7BBBA363}_is1" = Paint XP version 1.0
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 27
"{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}" = Paint.NET v3.5.10
"{549CE1BD-88E4-4C5E-BF75-B155624714CC}" = Belkin USB Wireless Adaptor
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics Driver
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI - Deutsch
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}" = OpenOffice.org 3.2
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AliSetup" = AliSetup 0.1.0.52
"CCleaner" = CCleaner
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.34.1015
"Google Chrome" = Google Chrome
"ie8" = Windows Internet Explorer 8
"InstallShield_{549CE1BD-88E4-4C5E-BF75-B155624714CC}" = Belkin USB Wireless Adaptor
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mobile Partner" = Mobile Partner
"Mozilla Firefox 17.0.1 (x86 de)" = Mozilla Firefox 17.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"PhotoScape" = PhotoScape
"PowerTeacher_is1" = PowerTeacher Version 23.04.021
"PROSet" = Intel(R) PRO Network Connections Drivers
"SiS VGA Driver" = SiS VGA Utilities
"TradeManager 2012" = TradeManager 2012
"TuneUp Utilities" = TuneUp Utilities
"VLC media player" = VLC media player 1.1.4
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"XP Codec Pack" = XP Codec Pack
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 11.12.2012 12:27:02 | Computer Name = KUNDE-5971BD14E | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung aswmbr.exe, Version 0.9.9.1707, fehlgeschlagenes
Modul aswmbr.exe, Version 0.9.9.1707, Fehleradresse 0x00055072.
Error - 11.12.2012 18:00:44 | Computer Name = KUNDE-5971BD14E | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung AAMW_Guard.exe, Version 1.0.0.0, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 11.12.2012 18:01:28 | Computer Name = KUNDE-5971BD14E | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung AAMW_Guard.exe, Version 1.0.0.0, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 11.12.2012 18:03:07 | Computer Name = KUNDE-5971BD14E | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung AAMW_Guard.exe, Version 1.0.0.0, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 11.12.2012 18:03:14 | Computer Name = KUNDE-5971BD14E | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung AAMW_Guard.exe, Version 1.0.0.0, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 11.12.2012 18:03:15 | Computer Name = KUNDE-5971BD14E | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung AAMW_Guard.exe, Version 1.0.0.0, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 12.12.2012 07:05:26 | Computer Name = KUNDE-5971BD14E | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung AAMW_Guard.exe, Version 1.0.0.0, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 12.12.2012 07:05:53 | Computer Name = KUNDE-5971BD14E | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung AAMW_Guard.exe, Version 1.0.0.0, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 12.12.2012 07:05:58 | Computer Name = KUNDE-5971BD14E | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung AAMW_Guard.exe, Version 1.0.0.0, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 12.12.2012 07:05:58 | Computer Name = KUNDE-5971BD14E | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung AAMW_Guard.exe, Version 1.0.0.0, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
[ System Events ]
Error - 10.12.2012 19:55:51 | Computer Name = KUNDE-5971BD14E | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Symantec Eraser Control driver" wurde aufgrund folgenden
Fehlers nicht gestartet: %%31
Error - 10.12.2012 19:58:52 | Computer Name = KUNDE-5971BD14E | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Symantec Data Store" wurde aufgrund folgenden Fehlers
nicht gestartet: %%31
Error - 11.12.2012 17:39:49 | Computer Name = KUNDE-5971BD14E | Source = sr | ID = 1
Description = Beim Verarbeiten der Datei "" auf Volume "HarddiskVolume1" ist im
Wiederherstellungsfilter der unerwartete Fehler "0xC0000001" aufgetreten. Die Volumeüberwachung
wurde angehalten.
Error - 11.12.2012 17:41:04 | Computer Name = KUNDE-5971BD14E | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet: %%1060
Error - 11.12.2012 17:41:14 | Computer Name = KUNDE-5971BD14E | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
asc PCIIde SISAGP uagp35
Error - 12.12.2012 06:58:10 | Computer Name = KUNDE-5971BD14E | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet: %%1060
Error - 12.12.2012 07:32:36 | Computer Name = KUNDE-5971BD14E | Source = Service Control Manager | ID = 7032
Description = Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden
des Dienstes "Windows-Verwaltungsinstrumentation" Korrekturmaßnahmen (Starten Sie
den Dienst neu.) durchzuführen, ist fehlgeschlagen. Fehler: %%1056
Error - 12.12.2012 07:52:44 | Computer Name = KUNDE-5971BD14E | Source = Service Control Manager | ID = 7034
Description = Dienst "Ashampoo Anti-Malware WSC Service" wurde unerwartet beendet.
Dies ist bereits 1 Mal passiert.
Error - 12.12.2012 11:30:37 | Computer Name = KUNDE-5971BD14E | Source = PlugPlayManager | ID = 11
Description = Das Gerät "Root\LEGACY_SYMEVENT\0000" wurde ohne vorbereitende Maßnahmen
vom System entfernt.
Error - 12.12.2012 11:41:05 | Computer Name = KUNDE-5971BD14E | Source = Service Control Manager | ID = 7022
Description = Der Dienst "SharedAccess" wurde nicht ordnungsgemäß gestartet.
< End of report >
|
