OTL Extras logfile created on: 04.06.2010 09:29:56 - Run 1 OTL by OldTimer - Version 3.2.5.3 Folder = D:\Programme\admintools\OTL Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 57,00% Memory free 1,00 Gb Paging File | 1,00 Gb Available in Paging File | 61,00% Paging File free Paging file location(s): C:\pagefile.sys 360 720 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 9,77 Gb Total Space | 1,09 Gb Free Space | 11,15% Space Free | Partition Type: NTFS Drive D: | 102,01 Gb Total Space | 10,70 Gb Free Space | 10,49% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: LAPTOPP_TRAVELM Current User Name: admin Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 360 Days Output = Minimal [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .html [@ = Opera.HTML] -- D:\Programme\Browser\Opera 10.10\Opera.exe (Opera Software) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. http [open] -- "D:\Programme\Browser\Opera 10.10\opera.exe" (Opera Software) https [open] -- "D:\Programme\Browser\Opera 10.10\opera.exe" (Opera Software) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 1 "UpdatesDisableNotify" = 1 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "D:\Programme\Browser\Opera 10.10\opera.exe" = D:\Programme\Browser\Opera 10.10\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software) "D:\Programme\icq\ICQ6.5\ICQ.exe" = D:\Programme\icq\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00010407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Professional "{02D29CDE-779D-3082-85C9-4086A49A9390}" = Microsoft Visual C++ 2010 Beta 2 x86 Runtime - 10.0.21006 "{07FCBED5-94C3-4F94-B9D3-360FA27C7B06}" = Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32 "{0DC48D87-CB1F-453D-BAB6-CCE877384E1C}" = Microsoft Sync Framework Services v1.0 SP1 Beta (x86) "{1545207E-C6F3-31D7-9918-BDBB65075FBF}" = Microsoft .NET Framework 3.5 Language Pack - deu "{159098AF-4EB8-4C10-B0C6-24CDA32B45F9}" = Microsoft SQL Server Compact 3.5 DEU "{1A0D2EFC-C4FC-446A-8BC3-57A54CE5EADD}" = Opera 10.53 "{1D1D8ADC-BF08-4E61-9393-5FA305B16864}" = Microsoft SQL Server Native Client "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18 "{2A7153F7-38EC-3398-BDB4-2A237E717EE9}" = Microsoft Visual Studio 2010 Professional Beta 2 - ENU "{3038CC3B-F786-4371-8594-6F0FE87A5230}" = Microsoft SQL Server 2008 R2 Data-Tier Application Framework "{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3D133CD6-EBDF-4C14-BBB9-5D3AE0BD7C58}" = Sygate Personal Firewall Pro "{40653574-F426-36BB-A1DC-3AD075E1EB3C}" = Microsoft Help 3.0 Beta 2 "{53FA14B9-A754-4568-819E-BE4270FDEE13}" = SQL Server 2008 R2 Management Objects "{57EC5BFE-7CB7-3057-8385-C9D72918511C}" = Microsoft .NET Framework 4 Client Profile Beta 2 "{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePowerManagement "{5EFFD8C8-BE42-3A47-A5A6-1B3985FD1EC0}" = Microsoft .NET Framework 4 Multi-Targeting Pack "{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5 "{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools "{6E405B40-3879-3C9B-9286-8D5E71258C35}" = Microsoft .NET Framework 4 Extended Beta 2 "{736CE9DD-F589-485B-ACFF-78C235A57066}" = WinPatrol 2007 Step 2 "{84E00510-8474-3214-BEE8-67B9F344E4FC}" = Microsoft Visual F# Runtime 1.0 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics 2 Driver "{9309DD7E-EBFE-3C95-8B47-30D3A012F606}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - DEU "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{A1071AEB-B0EF-3F5F-BC84-83A270EBE496}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - DEU "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{AA74ED37-681C-4AE8-8D1D-5485EBB3ED3D}" = SQL Server System CLR Types "{AC76BA86-1033-0000-7760-000000000001}" = Adobe Acrobat 6.0 Professional "{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4 "{AE386AEA-F4BC-4457-BF6B-495992437C82}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project "{AFF3DA8C-6E6B-4845-830C-1847F0421ABA}" = Microsoft Sync Framework Runtime v1.0 SP1 Beta (x86) "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B48DCEC2-BE3F-49C5-96F3-AB05E65C4EB4}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service "{BF7D87C5-CFC3-40C5-A367-24586EEBB8CA}" = BitDefender GameSafe "{C07B8BC4-AFD9-3AA4-BDF5-330A07591FDE}" = Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE3B2257-BAAD-4EAF-BC4D-259582353A1B}" = Microsoft Sync Framework SDK v1.0 SP1 Beta "{CE65493C-EA18-3458-AA58-EEDB9D671528}" = Visual Studio 2010 Tools for Office Runtime Beta 2 (x86) "{D1B7B5F9-4FB7-48BE-9425-1C6930D67DD1}" = Visual Studio 2010 Beta 2 Tools for SQL Server Compact ENU "{D691C608-B6A6-3E9F-9457-4F0B8EE9DE25}" = Microsoft Office Development Tools for Visual Studio 2010 (x86) "{D73CBB43-E7F9-48A1-9F68-690F05392537}" = Crystal Reports for Visual Studio "{E32260E7-0B10-43C7-9B77-AB9F4184676D}" = Microsoft SQL Server Compact 3.5 Design Tools DEU "{E9A6F23E-F603-4C73-A41B-5C6996DB3713}" = Microsoft Sync Services for ADO.NET v2.0 SP1 Beta (x86) "{F849775B-F39D-4EDD-A266-1A3E258F0498}" = Microsoft SQL Server Compact 3.5 SP2 Beta English "{FC2C89A7-76E2-32F1-A2C2-428B480F570E}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools Beta 2 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Photoshop 6.0" = Adobe Photoshop 6.0 "CNXT_MODEM_PCI_VEN_8086&DEV_24C6&SUBSYS_00641025" = SoftV92 Data Fax Modem with SmartCP "Conexant PCI Audio" = Conexant AC-Link Audio "HijackThis" = HijackThis 2.0.2 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 3.5 Language Pack - deu" = Microsoft .NET Framework 3.5 Language Pack - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile Beta 2" = Microsoft .NET Framework 4 Client Profile Beta 2 "Microsoft .NET Framework 4 Extended Beta 2" = Microsoft .NET Framework 4 Extended Beta 2 "Microsoft Help 3.0 Beta 2" = Microsoft Help 3.0 Beta 2 "Microsoft Visual Studio 2010 Professional Beta 2 - ENU" = Microsoft Visual Studio 2010 Professional Beta 2 - ENU "Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools "Mozilla Firefox (2.0.0.11)" = Mozilla Firefox (2.0.0.11) "Noki_is1" = Noki v1.6 "Open Ports Scanner_is1" = Open Ports Scanner 1.2 "Tweak UI 2.10" = Tweak UI "Visual Studio 2010 Tools for Office Runtime Beta 2 (x86)" = Visual Studio 2010 Tools for Office Runtime Beta 2 (x86) "VLC media player" = VideoLAN VLC media player 0.8.4a "Warcraft III" = Warcraft III "Windows XP Service Pack" = Windows XP Service Pack 3 "WinPatrol" = WinPatrol "WinPatrol 2007" = WinPatrol 2007 Restore/Remove First "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 22.03.2010 02:24:25 | Computer Name = LAPTOPP_TRAVELM | Source = vbexpress | ID = 0 Description = Error - 22.03.2010 02:38:33 | Computer Name = LAPTOPP_TRAVELM | Source = vbexpress | ID = 0 Description = Error - 23.03.2010 09:46:28 | Computer Name = LAPTOPP_TRAVELM | Source = MsiInstaller | ID = 11406 Description = Produkt: Wartungsplaner -- Fehler 1406. Wert Wartungsplaner 4.0 - Automatischer Check konnte nicht unter den Schlüssel \SOFTWARE\Microsoft\Windows\CurrentVersion\Run geschrieben werden. Systemfehler . Überprüfen Sie, ob Sie ausreichende Zugriffsrechte auf diesen Schlüssel besitzen, oder setzen Sie sich mit Ihrem Supportpersonal in Verbindung. [ System Events ] Error - 18.05.2010 05:21:40 | Computer Name = LAPTOPP_TRAVELM | Source = Service Control Manager | ID = 7031 Description = Der Dienst "Windows Presentation Foundation Font Cache 4.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Starten Sie den Dienst neu.. Error - 18.05.2010 05:21:44 | Computer Name = LAPTOPP_TRAVELM | Source = Service Control Manager | ID = 7031 Description = Der Dienst "Windows Presentation Foundation Font Cache 4.0.0.0" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Starten Sie den Dienst neu.. Error - 18.05.2010 05:21:52 | Computer Name = LAPTOPP_TRAVELM | Source = Service Control Manager | ID = 7034 Description = Dienst "Windows Presentation Foundation Font Cache 4.0.0.0" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert. Error - 24.05.2010 03:10:24 | Computer Name = LAPTOPP_TRAVELM | Source = Service Control Manager | ID = 7034 Description = Dienst "Java Quick Starter" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error - 27.05.2010 07:34:33 | Computer Name = LAPTOPP_TRAVELM | Source = atapi | ID = 262153 Description = Das Gerät \Device\Ide\IdePort0 hat innerhalb der Fehlerwartezeit nicht geantwortet. Error - 27.05.2010 07:34:47 | Computer Name = LAPTOPP_TRAVELM | Source = atapi | ID = 262153 Description = Das Gerät \Device\Ide\IdePort0 hat innerhalb der Fehlerwartezeit nicht geantwortet. < End of report >