| |  50 Euro-Trojaner - PC gesperrt bei Verbindung mit dem Internet
 Hallo ihr,
ich habe das hier oft erwähnte Problem: bei Verbindung mit dem Internet kommt nach gewisser Zeit (oft gleich, manchmal auch erst nach 10 Minuten) ein schwarzer Bildschirm mit Zahlungsaufforderung ("WINDOWS GESPERRT etc.).
Ich brauche Hilfe! Ich bin alles andere als ein Experte.
Mein Betriebssystem ist XP Pro.
Der OTL-Scan sieht folgendermaßen aus: Zitat:
OTL logfile created on: 08.03.2012 21:38:04 - Run 1
OTL by OldTimer - Version 3.2.36.1 Folder = C:\Dokumente und Einstellungen\toff\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,99 Gb Total Physical Memory | 1,40 Gb Available Physical Memory | 70,45% Memory free
3,84 Gb Paging File | 3,30 Gb Available in Paging File | 85,77% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 51,98 Gb Total Space | 18,24 Gb Free Space | 35,09% Space Free | Partition Type: NTFS
Computer Name: APFELMUS | User Name: toff | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.03.08 21:37:34 | 000,594,432 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\toff\Desktop\OTL.exe
PRC - [2011.07.01 13:37:30 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.04.28 13:14:13 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.03.18 18:56:37 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2011.01.10 14:22:55 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.09.27 10:58:24 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) -- C:\Programme\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2010.05.20 23:59:32 | 000,305,152 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\swriter.exe
PRC - [2010.05.20 23:59:30 | 011,312,128 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.bin
PRC - [2010.05.20 23:59:28 | 011,318,784 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.exe
PRC - [2010.01.14 21:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2007.06.13 14:21:45 | 001,036,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.01.31 22:24:28 | 000,147,456 | ---- | M] (Lenovo) -- C:\Programme\ThinkPad\ConnectUtilities\AcSvc.exe
PRC - [2006.01.31 22:23:08 | 000,040,960 | ---- | M] () -- C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
PRC - [2006.01.31 22:19:26 | 000,409,600 | ---- | M] (Lenovo) -- C:\Programme\ThinkPad\ConnectUtilities\ACTray.exe
PRC - [2006.01.31 22:12:04 | 000,098,304 | ---- | M] (Lenovo) -- C:\Programme\ThinkPad\ConnectUtilities\ACWLIcon.exe
PRC - [2005.12.21 18:34:58 | 000,077,824 | ---- | M] () -- C:\Programme\IBM ThinkVantage\Common\Scheduler\tvtsched.exe
PRC - [2005.12.21 18:27:00 | 000,032,768 | ---- | M] () -- C:\Programme\IBM ThinkVantage\Common\Logger\logmon.exe
PRC - [2005.12.21 18:20:56 | 001,384,448 | ---- | M] () -- C:\Programme\IBM ThinkVantage\Rescue and Recovery\rrservice.exe
PRC - [2005.12.21 18:13:20 | 002,369,072 | ---- | M] (Lenovo Group Limited) -- C:\Programme\IBM ThinkVantage\Client Security Solution\pwmgr.exe
PRC - [2005.12.21 18:08:02 | 001,996,336 | ---- | M] (Lenovo Group Limited) -- C:\Programme\IBM ThinkVantage\Client Security Solution\cssauth.exe
PRC - [2005.12.21 17:17:54 | 000,722,480 | ---- | M] (IBM) -- C:\Programme\IBM ThinkVantage\Client Security Solution\ibmtcsd.exe
PRC - [2005.12.14 11:51:12 | 000,622,700 | ---- | M] (Diskeeper Corporation) -- C:\Programme\Diskeeper Corporation\Diskeeper\DkService.exe
PRC - [2005.12.01 01:09:00 | 000,073,728 | ---- | M] (Lenovo Group Limited) -- C:\WINDOWS\system32\IPSSVC.EXE
PRC - [2005.11.15 13:13:24 | 000,049,152 | R--- | M] (Utimaco Safeware AG) -- C:\Programme\IBM ThinkVantage\SafeGuard PrivateDisk\pdservice.exe
PRC - [2005.11.01 15:04:02 | 000,258,103 | ---- | M] (Broadcom Corporation.) -- C:\Programme\ThinkPad\Bluetooth Software\bin\btwdins.exe
PRC - [2005.10.28 19:08:32 | 000,335,872 | ---- | M] (Google Inc.) -- C:\Programme\Picasa2\PicasaMediaDetector.exe
PRC - [2005.10.26 00:44:30 | 000,086,016 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe
PRC - [2005.09.15 13:57:42 | 000,110,592 | ---- | M] (Synaptics, Inc.) -- C:\Programme\Synaptics\SynTP\SynTPLpr.exe
PRC - [2005.08.01 17:32:40 | 000,040,960 | ---- | M] () -- C:\Programme\ThinkVantage\SystemUpdate\UCLauncherService.exe
PRC - [2005.08.01 05:10:00 | 000,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE
PRC - [2005.07.05 14:57:12 | 000,077,824 | ---- | M] () -- C:\Programme\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe
PRC - [2005.06.06 21:26:22 | 000,032,768 | ---- | M] () -- C:\WINDOWS\system32\TpKmpSvc.exe
PRC - [2004.07.27 16:50:18 | 000,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe
========== Modules (No Company Name) ==========
MOD - [2011.03.18 18:56:37 | 001,874,904 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2010.11.18 10:43:04 | 000,166,400 | ---- | M] () -- C:\Programme\OpenOffice.org 3\program\libxslt.dll
MOD - [2010.09.27 11:03:08 | 000,201,512 | ---- | M] () -- C:\WINDOWS\system32\vpnapi.dll
MOD - [2010.06.17 14:27:02 | 000,355,688 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2010.05.04 15:36:28 | 000,970,752 | ---- | M] () -- C:\Programme\OpenOffice.org 3\program\libxml2.dll
MOD - [2006.01.31 22:24:24 | 000,413,696 | ---- | M] () -- C:\Programme\ThinkPad\ConnectUtilities\AcSvcHlpr.dll
MOD - [2006.01.31 22:23:58 | 000,188,416 | ---- | M] () -- C:\Programme\ThinkPad\ConnectUtilities\AcGolan.dll
MOD - [2006.01.31 22:23:24 | 000,114,688 | ---- | M] () -- C:\Programme\ThinkPad\ConnectUtilities\AcLocMigrator.dll
MOD - [2006.01.31 22:23:08 | 000,073,728 | ---- | M] () -- C:\Programme\ThinkPad\ConnectUtilities\AcAdaptersInfo.dll
MOD - [2006.01.31 22:23:08 | 000,040,960 | ---- | M] () -- C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
MOD - [2006.01.31 22:22:56 | 000,499,712 | ---- | M] () -- C:\Programme\ThinkPad\ConnectUtilities\ACon.dll
MOD - [2006.01.31 22:19:06 | 000,007,680 | ---- | M] () -- C:\Programme\ThinkPad\ConnectUtilities\ACTurinSupport.dll
MOD - [2006.01.31 22:14:36 | 000,094,208 | ---- | M] () -- C:\Programme\ThinkPad\ConnectUtilities\ThinQCon.dll
MOD - [2006.01.31 22:02:14 | 000,090,112 | ---- | M] () -- C:\Programme\ThinkPad\ConnectUtilities\AcSvcStub.dll
MOD - [2006.01.31 22:00:02 | 000,143,360 | ---- | M] () -- C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgr.dll
MOD - [2006.01.31 21:59:56 | 000,077,824 | ---- | M] () -- C:\Programme\ThinkPad\ConnectUtilities\AcCryptHlpr.dll
MOD - [2006.01.31 21:59:50 | 000,151,552 | ---- | M] () -- C:\Programme\ThinkPad\ConnectUtilities\AcLocSettings.dll
MOD - [2006.01.31 21:59:26 | 000,069,632 | ---- | M] () -- C:\Programme\ThinkPad\ConnectUtilities\ACHelper.dll
MOD - [2006.01.25 01:03:00 | 000,057,344 | ---- | M] () -- C:\Programme\ThinkVantage\PrdCtr\GR\LPRESMGR.DLL
MOD - [2005.12.21 18:34:58 | 000,077,824 | ---- | M] () -- C:\Programme\IBM ThinkVantage\Common\Scheduler\tvtsched.exe
MOD - [2005.12.21 18:27:00 | 000,032,768 | ---- | M] () -- C:\Programme\IBM ThinkVantage\Common\Logger\logmon.exe
MOD - [2005.12.21 18:23:06 | 000,139,264 | ---- | M] () -- C:\Programme\IBM ThinkVantage\Rescue and Recovery\CDRecord.dll
MOD - [2005.12.21 18:20:56 | 001,384,448 | ---- | M] () -- C:\Programme\IBM ThinkVantage\Rescue and Recovery\rrservice.exe
MOD - [2005.12.21 18:19:10 | 000,155,648 | ---- | M] () -- C:\Programme\IBM ThinkVantage\Rescue and Recovery\ui.dll
MOD - [2005.12.21 18:19:02 | 000,069,632 | ---- | M] () -- C:\Programme\IBM ThinkVantage\Rescue and Recovery\zlib.dll
MOD - [2005.12.21 18:15:14 | 000,671,744 | ---- | M] () -- C:\Programme\IBM ThinkVantage\Rescue and Recovery\rr_res.dll
MOD - [2005.12.07 01:12:00 | 000,073,728 | ---- | M] () -- C:\Programme\ThinkPad\Utilities\PWRMGRIF.DLL
MOD - [2005.12.07 01:12:00 | 000,040,960 | ---- | M] () -- C:\Programme\ThinkPad\Utilities\GR\PWRMGRRT.DLL
MOD - [2005.11.30 20:16:02 | 000,024,576 | ---- | M] () -- C:\WINDOWS\system32\tphklock.dll
MOD - [2005.11.28 11:59:16 | 000,876,544 | ---- | M] () -- C:\Programme\Intel\Wireless\Bin\Libeay32.dll
MOD - [2005.11.28 11:59:16 | 000,208,965 | ---- | M] () -- C:\Programme\Intel\Wireless\Bin\iWMSProv.dll
MOD - [2005.11.28 11:59:16 | 000,053,322 | ---- | M] () -- C:\Programme\Intel\Wireless\Bin\IntStngs.dll
MOD - [2005.11.17 02:22:00 | 000,057,344 | ---- | M] () -- C:\Programme\ThinkPad\Utilities\GR\EZMAPRES.DLL
MOD - [2005.10.28 20:29:52 | 000,208,896 | ---- | M] () -- C:\Programme\Lenovo\PkgMgr\HOTKEY\tpfnf7.dll
MOD - [2005.08.05 21:22:58 | 000,081,920 | ---- | M] () -- C:\Programme\ThinkPad\TpShocks\MUI\0407\TpShocks.dll
MOD - [2005.08.01 17:32:40 | 000,040,960 | ---- | M] () -- C:\Programme\ThinkVantage\SystemUpdate\UCLauncherService.exe
MOD - [2005.08.01 17:32:36 | 000,147,456 | ---- | M] () -- C:\Programme\ThinkVantage\SystemUpdate\UCLauncherCommon.dll
MOD - [2005.07.20 03:34:28 | 000,126,976 | ---- | M] () -- C:\Programme\ThinkVantage\AMSG\ahlprunl.dll
MOD - [2005.07.05 23:45:08 | 000,028,672 | ---- | M] () -- C:\WINDOWS\system32\notifyf2.dll
MOD - [2005.07.05 14:57:12 | 000,077,824 | ---- | M] () -- C:\Programme\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe
MOD - [2005.06.30 03:54:50 | 000,180,224 | ---- | M] () -- C:\Programme\ThinkVantage\AMSG\AcpPollingEngine.dll
MOD - [2005.06.06 21:26:22 | 000,032,768 | ---- | M] () -- C:\WINDOWS\system32\TpKmpSvc.exe
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- -- (PsaSrv)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2012.02.15 13:30:18 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011.07.01 13:37:30 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.04.28 13:14:13 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.09.27 10:58:24 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Programme\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2006.01.31 22:24:28 | 000,147,456 | ---- | M] (Lenovo) [Auto | Running] -- C:\Programme\ThinkPad\ConnectUtilities\AcSvc.exe -- (AcSvc)
SRV - [2006.01.31 22:23:08 | 000,040,960 | ---- | M] () [Auto | Running] -- C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe -- (AcPrfMgrSvc)
SRV - [2005.12.21 18:34:58 | 000,077,824 | ---- | M] () [Auto | Running] -- C:\Programme\IBM ThinkVantage\Common\Scheduler\tvtsched.exe -- (TVT Scheduler)
SRV - [2005.12.21 18:20:56 | 001,384,448 | ---- | M] () [Auto | Running] -- C:\Programme\IBM ThinkVantage\Rescue and Recovery\rrservice.exe -- (TVT Backup Service)
SRV - [2005.12.21 17:17:54 | 000,722,480 | ---- | M] (IBM) [Auto | Running] -- C:\Programme\IBM ThinkVantage\Client Security Solution\ibmtcsd.exe -- (TSSCoreService)
SRV - [2005.12.14 11:51:12 | 000,622,700 | ---- | M] (Diskeeper Corporation) [Auto | Running] -- C:\Programme\Diskeeper Corporation\Diskeeper\DkService.exe -- (Diskeeper)
SRV - [2005.12.01 01:09:00 | 000,073,728 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\WINDOWS\system32\IPSSVC.EXE -- (IPSSVC)
SRV - [2005.11.01 15:04:02 | 000,258,103 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\ThinkPad\Bluetooth Software\bin\btwdins.exe -- (btwdins)
SRV - [2005.08.01 17:32:40 | 000,040,960 | ---- | M] () [Auto | Running] -- C:\Programme\ThinkVantage\SystemUpdate\UCLauncherService.exe -- (UCLauncherService)
SRV - [2005.06.06 21:26:22 | 000,032,768 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\TpKmpSvc.exe -- (TpKmpSVC)
SRV - [2004.10.22 03:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004.08.11 00:46:56 | 000,483,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Programme\Windows Media Connect\mswmccds.exe -- (WmcCds) Windows Media Connect (WMC)
SRV - [2004.08.10 21:50:42 | 000,028,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Connect\mswmcls.exe -- (WmcCdsLs)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2011.07.01 13:37:31 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.07.01 13:37:31 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.11.13 23:36:20 | 000,016,256 | ---- | M] (Lenovo) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\psadd.sys -- (psadd)
DRV - [2010.09.27 10:56:00 | 000,308,859 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2010.06.17 14:27:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.06.17 14:26:52 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008.11.16 17:39:44 | 000,131,984 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dne2000.sys -- (DNE)
DRV - [2007.11.14 18:05:16 | 000,394,952 | ---- | M] (Zone Labs, LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2007.01.18 19:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2006.01.13 00:33:22 | 000,006,016 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\IBMBLDID.sys -- (IBMTPCHK)
DRV - [2005.12.21 17:14:58 | 000,012,544 | ---- | M] (IBM) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ibmfilter.sys -- (ibmfilter)
DRV - [2005.12.07 01:12:00 | 000,004,442 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TPPWRIF.SYS -- (TPPWRIF)
DRV - [2005.12.01 01:09:00 | 000,005,120 | ---- | M] (Lenovo Group Limited) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PROCDD.SYS -- (PROCDD)
DRV - [2005.11.30 01:51:00 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SMAPINT.SYS -- (Smapint)
DRV - [2005.11.30 01:51:00 | 000,009,343 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TDSMAPI.SYS -- (TDSMAPI)
DRV - [2005.11.28 12:09:26 | 000,013,568 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2005.11.27 07:36:08 | 001,427,968 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel(R)
DRV - [2005.11.21 02:41:00 | 000,007,168 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TSMAPIP.SYS -- (TSMAPIP)
DRV - [2005.11.15 13:11:28 | 000,046,142 | R--- | M] (Utimaco Safeware AG) [Kernel | Auto | Running] -- C:\Programme\IBM ThinkVantage\SafeGuard PrivateDisk\privatediskm.sys -- (PrivateDisk)
DRV - [2005.11.08 09:27:20 | 000,011,520 | ---- | M] (IBM Corp.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ANC.sys -- (ANC)
DRV - [2005.11.01 14:53:14 | 001,342,122 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2005.11.01 14:51:06 | 000,056,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2005.08.01 05:10:00 | 000,092,700 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2005.08.01 05:10:00 | 000,087,004 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2005.08.01 05:10:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2005.08.01 05:10:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2005.08.01 05:10:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2005.08.01 05:10:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2005.08.01 05:10:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005.07.07 09:03:34 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005.07.07 09:02:56 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.lenovo.com/de/de
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.lenovo.com/de/de
IE - HKCU\..\SearchScopes,DefaultScope = Google
IE - HKCU\..\SearchScopes\Google: "URL" = hxxp://www.google.com/search?sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8&q=%s
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "hxxp://www.lemonde.fr/"
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Programme\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.01.04 11:41:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011.03.24 22:09:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.01.04 11:41:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.2\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2011.09.14 23:09:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.2\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins
[2010.11.19 01:24:28 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\toff\Anwendungsdaten\Mozilla\Extensions
[2012.03.03 21:27:42 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\toff\Anwendungsdaten\Mozilla\Firefox\Profiles\xpd9hs47.default\extensions
[2011.03.24 22:09:55 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\TOFF\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\XPD9HS47.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012.01.04 11:41:56 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video> -- C:\PROGRAMME\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2011.03.18 18:56:37 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2010.01.01 09:00:00 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 09:00:00 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2010.01.01 09:00:00 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.01 09:00:00 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.01 09:00:00 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 09:00:00 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2010.11.24 23:00:39 | 000,001,017 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 im.adtech.de
O1 - Hosts: 127.0.0.1 adserver.adtech.de
O1 - Hosts: 127.0.0.1 adtech.de
O1 - Hosts: 127.0.0.1 ar.atwola.com
O1 - Hosts: 127.0.0.1 atwola.com
O1 - Hosts: 127.0.0.1 adserver.71i.de
O1 - Hosts: 127.0.0.1 adicqserver.71i.de
O1 - Hosts: 127.0.0.1 71i.de
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [ACTray] C:\Programme\ThinkPad\ConnectUtilities\ACTray.exe (Lenovo)
O4 - HKLM..\Run: [ACWLIcon] C:\Programme\ThinkPad\ConnectUtilities\ACWLIcon.exe (Lenovo)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BLOG] C:\Programme\ThinkPad\Utilities\BATLOGEX.DLL ()
O4 - HKLM..\Run: [cssauth] C:\Programme\IBM ThinkVantage\Client Security Solution\cssauth.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [DiskeeperSystray] C:\Programme\Diskeeper Corporation\Diskeeper\DkIcon.exe (Diskeeper Corporation)
O4 - HKLM..\Run: [DivXUpdate] C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [ISUSPM Startup] c:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] c:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [PCDrProfiler] File not found
O4 - HKLM..\Run: [PDService.exe] C:\Programme\IBM ThinkVantage\SafeGuard PrivateDisk\pdservice.exe (Utimaco Safeware AG)
O4 - HKLM..\Run: [Picasa Media Detector] C:\Programme\Picasa2\PicasaMediaDetector.exe (Google Inc.)
O4 - HKLM..\Run: [PWRMGRTR] C:\Programme\ThinkPad\Utilities\PWRMGRTR.DLL (Lenovo Group Limited)
O4 - HKLM..\Run: [suScheduler] C:\Programme\ThinkVantage\SystemUpdate\UCLauncher.exe ()
O4 - HKLM..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TP4EX] C:\WINDOWS\System32\TP4EX.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [TPKMAPHELPER] C:\Programme\ThinkPad\Utilities\TpKmapAp.exe (Lenovo)
O4 - HKCU..\Run: [SkypeM] C:\Dokumente und Einstellungen\toff\Lokale Einstellungen\Anwendungsdaten\Skype\Skype.exe (Activision Blizzard, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\VPN Client.lnk = C:\WINDOWS\Installer\{1CE60928-8325-49A8-8B06-633E48DD2B67}\Icon3E5562ED7.ico ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Senden an &Bluetooth - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra 'Tools' menuitem : IBM Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: ThinkPad-Software - Aktualisierung - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Programme\Lenovo\PkgMgr\\PkgMgr.exe ()
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/products/plugin/1.4.2/jinstall-142-win.cab (Java Plug-in 1.4.2)
O16 - DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/1.4.2/jinstall-142-win.cab (Java Plug-in 1.4.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Programme\TXJLkIgyXCÁ½Ëucjxaunp.exe\ucjxaunp.exe) - File not found
O20 - Winlogon\Notify\ACNotify: DllName - (ACNotify.dll) - C:\Programme\ThinkPad\ConnectUtilities\ACNotify.dll (Lenovo)
O20 - Winlogon\Notify\NavLogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O20 - Winlogon\Notify\tpfnf2: DllName - (notifyf2.dll) - C:\WINDOWS\System32\notifyf2.dll ()
O20 - Winlogon\Notify\tphotkey: DllName - (tphklock.dll) - C:\WINDOWS\System32\tphklock.dll ()
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.11.13 23:46:27 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012.03.08 21:37:29 | 000,594,432 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\toff\Desktop\OTL.exe
[2012.03.04 20:44:30 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Skype
[2012.03.03 21:04:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Skype
[2012.03.03 21:04:35 | 000,000,000 | R--D | C] -- C:\Programme\Skype
[2012.03.03 15:10:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PCDr
[2012.03.03 09:46:58 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\toff\Recent
[2012.03.02 23:32:08 | 000,057,344 | ---- | C] (Activision Blizzard, Inc.) -- C:\WINDOWS\System32\a.exe
[2012.02.22 12:04:49 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\toff\Startmenü\Programme\Verwaltung
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.03.08 21:40:59 | 000,000,316 | ---- | M] () -- C:\WINDOWS\tasks\PMTask.job
[2012.03.08 21:37:34 | 000,594,432 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\toff\Desktop\OTL.exe
[2012.03.08 21:32:10 | 000,002,423 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\VPN Client.lnk
[2012.03.08 21:32:07 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.03.08 21:20:27 | 000,000,122 | -H-- | M] () -- C:\Dokumente und Einstellungen\toff\Desktop\.~lock.Antrag Prüfungsausschuss.odt#
[2012.03.08 18:35:53 | 000,013,386 | ---- | M] () -- C:\Dokumente und Einstellungen\toff\Desktop\2012 Ermäßigungsantrag.pdf
[2012.03.08 18:22:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.03.04 18:22:01 | 000,011,244 | ---- | M] () -- C:\Dokumente und Einstellungen\toff\Eigene Dateien\FTSV.odt
[2012.03.03 18:00:13 | 000,009,570 | ---- | M] () -- C:\Dokumente und Einstellungen\toff\Desktop\Vorlage Exzerpt.odt
[2012.03.02 23:32:09 | 000,057,344 | ---- | M] (Activision Blizzard, Inc.) -- C:\WINDOWS\System32\a.exe
[2012.03.01 17:01:07 | 000,012,427 | ---- | M] () -- C:\Dokumente und Einstellungen\toff\Desktop\Antrag Prüfungsausschuss.odt
[2012.02.16 14:35:40 | 000,008,839 | ---- | M] () -- C:\Dokumente und Einstellungen\toff\Desktop\Semesterplan.ods
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.03.08 21:20:27 | 000,000,122 | -H-- | C] () -- C:\Dokumente und Einstellungen\toff\Desktop\.~lock.Antrag Prüfungsausschuss.odt#
[2012.03.08 18:35:52 | 000,013,386 | ---- | C] () -- C:\Dokumente und Einstellungen\toff\Desktop\2012 Ermäßigungsantrag.pdf
[2012.03.03 17:04:40 | 000,011,244 | ---- | C] () -- C:\Dokumente und Einstellungen\toff\Eigene Dateien\FTSV.odt
[2012.02.24 17:33:07 | 000,012,427 | ---- | C] () -- C:\Dokumente und Einstellungen\toff\Desktop\Antrag Prüfungsausschuss.odt
[2011.09.24 19:57:26 | 000,000,044 | ---- | C] () -- C:\WINDOWS\SMWizard.INI
[2010.12.25 14:31:24 | 000,006,144 | ---- | C] () -- C:\Dokumente und Einstellungen\toff\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.12.11 23:35:16 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010.12.11 23:35:15 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010.12.11 23:35:11 | 000,790,528 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.12.11 23:35:11 | 000,134,144 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.12.11 23:35:10 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010.12.09 19:25:48 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2010.11.14 00:06:48 | 000,002,458 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2010.11.14 00:03:14 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\notifyf2.dll
[2010.11.14 00:03:14 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\tphklock.dll
[2010.11.14 00:01:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\vpc32.INI
[2010.11.14 00:01:05 | 000,000,487 | ---- | C] () -- C:\WINDOWS\System32\IPSCTRL.INI
[2010.11.13 23:46:21 | 000,000,137 | ---- | C] () -- C:\Dokumente und Einstellungen\toff\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2010.11.13 23:38:46 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2010.11.13 23:38:26 | 000,016,384 | ---- | C] () -- C:\WINDOWS\PWMBTHLP.EXE
[2010.11.13 23:38:25 | 000,004,442 | ---- | C] () -- C:\WINDOWS\System32\drivers\TPPWRIF.SYS
[2010.11.13 23:38:10 | 000,006,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\IBMBLDID.sys
[2010.11.13 23:36:19 | 000,032,256 | ---- | C] () -- C:\WINDOWS\System32\drivers\psasrv.exe
[2010.11.13 23:32:10 | 000,000,040 | ---- | C] () -- C:\WINDOWS\System32\profile.dat
[2010.11.13 23:30:40 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2010.11.13 23:30:40 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2010.11.13 23:30:40 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2010.11.13 23:30:40 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2010.11.13 23:30:40 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2010.11.13 23:30:40 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2010.11.13 23:29:37 | 000,028,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBkey.sys
[2010.11.13 23:29:18 | 000,000,148 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010.11.13 23:20:03 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\FPCALL.dll
[2010.11.13 23:19:42 | 000,009,343 | ---- | C] () -- C:\WINDOWS\System32\drivers\TDSMAPI.SYS
[2010.11.13 23:18:34 | 000,147,520 | ---- | C] () -- C:\WINDOWS\_tpiu000.exe
[2010.11.13 23:18:18 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\TpKmpSvc.exe
[2010.09.27 11:03:08 | 000,201,512 | ---- | C] () -- C:\WINDOWS\System32\vpnapi.dll
[2010.09.27 10:57:26 | 000,197,416 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
< End of report >
| Zitat:
OTL Extras logfile created on: 08.03.2012 21:38:04 - Run 1
OTL by OldTimer - Version 3.2.36.1 Folder = C:\Dokumente und Einstellungen\toff\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,99 Gb Total Physical Memory | 1,40 Gb Available Physical Memory | 70,45% Memory free
3,84 Gb Paging File | 3,30 Gb Available in Paging File | 85,77% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 51,98 Gb Total Space | 18,24 Gb Free Space | 35,09% Space Free | Partition Type: NTFS
Computer Name: APFELMUS | User Name: toff | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Programme\Opera\opera.exe" "%1"
https [open] -- "C:\Programme\Opera\opera.exe" "%1"
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\ThinkVantage\SystemUpdate\jre\bin\javaw.exe" = C:\Programme\ThinkVantage\SystemUpdate\jre\bin\javaw.exe:*:Enabled:ThinkVantage System Update -- (IBM)
"C:\Programme\ICQ7.5\ICQ.exe" = C:\Programme\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\ThinkVantage\SystemUpdate\jre\bin\javaw.exe" = C:\Programme\ThinkVantage\SystemUpdate\jre\bin\javaw.exe:*:Enabled:ThinkVantage System Update -- (IBM)
"C:\Programme\Opera\opera.exe" = C:\Programme\Opera\opera.exe:*:Enabled:Opera Internet Browser
"C:\Programme\ICQ7.5\ICQ.exe" = C:\Programme\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{075473F5-846A-448B-BCB3-104AA1760205}" = RecordNow Data
"{1007F41F-7D69-468E-8017-3849A5A973C2}" = ThinkVantage Technologies Welcome Message
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{1297C681-92D7-40EF-93BF-03F66EC5105C}" = ThinkPad-Dienstprogramm 'EasyEject'
"{1CE60928-8325-49A8-8B06-633E48DD2B67}" = Cisco Systems VPN Client 5.0.07.0410
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2111B23F-7FDA-4A41-8309-E5A1663CA296}" = Dienstprogramm 'ThinkPad-Tastaturanpassung'
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{2A43FF29-0D97-4445-B82D-9324F176AED5}" = ThinkVantage System Update
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = ThinkPad Bluetooth with Enhanced Data Rate Software
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{72806716-7088-41B2-8FA6-717A2A164DAB}" = ThinkVantage System für aktiven Festplattenschutz
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{7EB114D8-207F-45AE-BABD-1669715F2630}" = ThinkVantage Access Connections
"{82512BC9-BD5D-4C50-BE4D-B98E7DF78687}" = ThinkPad-UltraNav-Assistent
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{986F64DC-FF15-449D-998F-EE3BCEC6666A}" = Help Center
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{A0E64EBA-8BF0-49FB-90C0-BB3D781A2016}" = ThinkPad Energie-Manager
"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = RecordNow Audio
"{AC76BA86-7AD7-1031-7B44-A70000000000}" = Adobe Reader 7.0 - Deutsch
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = RecordNow Copy
"{BF90215F-2D7B-4C84-8A24-A03BC41B95DD}" = Rescue and Recovery - Client Security Solution
"{C54ED2B6-1AF2-416F-BBA8-5E2B8CDCB5C4}" = XP Themes
"{C6FA39A7-26B1-480A-BC74-6D17531AC222}" = Access Help
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CF5737AF-8550-4546-A69B-0EA9EF5A9B55}" = ThinkVantage Productivity Center
"{D728E945-256D-4477-B377-6BBA693714AC}" = Ergänzung zu Productivity Center für ThinkPad
"{E5072660-B723-422B-BB74-EAA300BF716B}" = System Migration Assistant
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{E7E836B8-4BDD-454F-82E6-5FEA17C83AD4}" = Message Center
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{E922961C-6DB6-41DE-9FEA-426DF3E9F81C}" = IBM 32-bit Runtime Environment for Java 2, v1.4.2
"{EA664480-3844-11D5-8C25-444553540000}" = Funktion "TrackPoint-Eingabehilfen"
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F386C340-DF4B-4BBA-9503-420FB7EDB395}" = Wallpapers
"{F6869CD2-3DB4-476D-A4C7-B3AE7C3ACF7B}" = Windows Media Connect
"{F6A04D96-C6D7-498C-9099-BCAD0D99778D}" = Diskeeper Lite
"{FC081D4D-DF1B-4CF1-B530-027E4118D846}" = ThinkPad-Konfiguration
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AwayTask" = ThinkVantage Away Manager
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_10140588" = ThinkPad Modem
"DivX Setup" = DivX-Setup
"InstallShield_{E922961C-6DB6-41DE-9FEA-426DF3E9F81C}" = IBM 32-bit Runtime Environment for Java 2, v1.4.2
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.6.0
"LiveReg" = LiveReg (Symantec Corporation)
"LiveUpdate" = LiveUpdate 2.6 (Symantec Corporation)
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox 4.0 (x86 de)" = Mozilla Firefox 4.0 (x86 de)
"Mozilla Thunderbird 10.0.2 (x86 de)" = Mozilla Thunderbird 10.0.2 (x86 de)
"PC-Doctor 5 for Windows" = PC-Doctor 5 for Windows
"PCMCIAPW" = ThinkPad PC Card Power Policy
"Picasa2" = Picasa 2
"Power Management Driver" = ThinkPad Power Management Driver
"Presentation Director" = ThinkPad-Präsentationsdirektor
"ProInst" = Intel(R) PROSet/Wireless Software
"PROSet" = Intel(R) PRO Network Connections Drivers
"Remove Multimedia Center" = Remove Multimedia Center
"SynTPDeinstKey" = ThinkPad UltraNav Driver
"ThinkPad FullScreen Magnifier" = ThinkPad FullScreen Magnifier
"ThinkPadSoftwareInstaller" = Software Installer
"Windows Media Connect" = Windows Media Connect
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 03.03.2012 05:55:38 | Computer Name = APFELMUS | Source = COM+ | ID = 135761
Description = In der Laufzeitumgebung wurde ein inkonsistenter interner Status erkannt.
Dies deutet auf eine potenzielle Instabilität des Prozesses hin. Diese Instabilität
wird durch die in der COM+-Anwendung ausgeführten benutzerdefinierten Komponenten,
die von ihnen verwendeten Komponenten oder durch andere Faktoren verursacht. Fehler
in d:\qxp_slp\com\com1x\src\comsvcs\package\cpackage.cpp(1184), hr = 80080005:
InitEventCollector fail
Error - 03.03.2012 05:55:38 | Computer Name = APFELMUS | Source = VSS | ID = 12292
Description = Volumeschattenkopie-Dienstfehler: Beim Erstellen der Schattenkopieanbieter-COM-Klasse
mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80080005] ist ein Fehler aufgetreten.
Error - 03.03.2012 05:55:40 | Computer Name = APFELMUS | Source = COM+ | ID = 135894
Description = Ein aufgetretener Zustand zeigt an, dass die COM+-Anwendung einen
instabilen Status hat oder nicht ordnungsgemäß funktioniert. Assertionsfehler: SUCCEEDED(hr)
Serveranwendungs-ID:
{02D4B3F1-FD88-11D1-960D-00805FC79235} Serveranwendungsinstanz-ID: {66CDB13A-CCAE-42FE-B6DC-9B6E46740F59}
Serveranwendungsname:
System Application Da ein schwerwiegender Fehler vorliegt, wurde der Prozess beendet.
Fehlercode
= 0x8000ffff: Schwerwiegender Fehler COM+-Dienste - interne Informationen: Datei:
d:\qxp_slp\com\com1x\src\comsvcs\tracker\trksvr\trksvrimpl.cpp, Zeile: 3000 Dateiversion
von 'Comsvcs.dll': ENU 2001.12.4414.308 s
Error - 03.03.2012 05:55:45 | Computer Name = APFELMUS | Source = COM+ | ID = 135894
Description = Ein aufgetretener Zustand zeigt an, dass die COM+-Anwendung einen
instabilen Status hat oder nicht ordnungsgemäß funktioniert. Assertionsfehler: SUCCEEDED(hr)
Serveranwendungs-ID:
{02D4B3F1-FD88-11D1-960D-00805FC79235} Serveranwendungsinstanz-ID: {7F81C6A6-C308-4160-B3B0-53EE3BA75EDA}
Serveranwendungsname:
System Application Da ein schwerwiegender Fehler vorliegt, wurde der Prozess beendet.
Fehlercode
= 0x8000ffff: Schwerwiegender Fehler COM+-Dienste - interne Informationen: Datei:
d:\qxp_slp\com\com1x\src\comsvcs\tracker\trksvr\trksvrimpl.cpp, Zeile: 3000 Dateiversion
von 'Comsvcs.dll': ENU 2001.12.4414.308 s
Error - 03.03.2012 06:04:13 | Computer Name = APFELMUS | Source = COM+ | ID = 135894
Description = Ein aufgetretener Zustand zeigt an, dass die COM+-Anwendung einen
instabilen Status hat oder nicht ordnungsgemäß funktioniert. Assertionsfehler: SUCCEEDED(hr)
Serveranwendungs-ID:
{02D4B3F1-FD88-11D1-960D-00805FC79235} Serveranwendungsinstanz-ID: {60C3BB8D-993D-4A73-821B-7396CDB9514E}
Serveranwendungsname:
System Application Da ein schwerwiegender Fehler vorliegt, wurde der Prozess beendet.
Fehlercode
= 0x8000ffff: Schwerwiegender Fehler COM+-Dienste - interne Informationen: Datei:
d:\qxp_slp\com\com1x\src\comsvcs\tracker\trksvr\trksvrimpl.cpp, Zeile: 3000 Dateiversion
von 'Comsvcs.dll': ENU 2001.12.4414.308 s
Error - 03.03.2012 06:04:13 | Computer Name = APFELMUS | Source = COM+ | ID = 135761
Description = In der Laufzeitumgebung wurde ein inkonsistenter interner Status erkannt.
Dies deutet auf eine potenzielle Instabilität des Prozesses hin. Diese Instabilität
wird durch die in der COM+-Anwendung ausgeführten benutzerdefinierten Komponenten,
die von ihnen verwendeten Komponenten oder durch andere Faktoren verursacht. Fehler
in d:\qxp_slp\com\com1x\src\comsvcs\package\cpackage.cpp(1184), hr = 80080005:
InitEventCollector fail
Error - 03.03.2012 06:04:13 | Computer Name = APFELMUS | Source = VSS | ID = 12292
Description = Volumeschattenkopie-Dienstfehler: Beim Erstellen der Schattenkopieanbieter-COM-Klasse
mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80080005] ist ein Fehler aufgetreten.
Error - 03.03.2012 06:04:16 | Computer Name = APFELMUS | Source = COM+ | ID = 135894
Description = Ein aufgetretener Zustand zeigt an, dass die COM+-Anwendung einen
instabilen Status hat oder nicht ordnungsgemäß funktioniert. Assertionsfehler: SUCCEEDED(hr)
Serveranwendungs-ID:
{02D4B3F1-FD88-11D1-960D-00805FC79235} Serveranwendungsinstanz-ID: {F728A96B-E037-48CB-8934-515602961601}
Serveranwendungsname:
System Application Da ein schwerwiegender Fehler vorliegt, wurde der Prozess beendet.
Fehlercode
= 0x8000ffff: Schwerwiegender Fehler COM+-Dienste - interne Informationen: Datei:
d:\qxp_slp\com\com1x\src\comsvcs\tracker\trksvr\trksvrimpl.cpp, Zeile: 3000 Dateiversion
von 'Comsvcs.dll': ENU 2001.12.4414.308 s
Error - 03.03.2012 06:04:22 | Computer Name = APFELMUS | Source = COM+ | ID = 135894
Description = Ein aufgetretener Zustand zeigt an, dass die COM+-Anwendung einen
instabilen Status hat oder nicht ordnungsgemäß funktioniert. Assertionsfehler: SUCCEEDED(hr)
Serveranwendungs-ID:
{02D4B3F1-FD88-11D1-960D-00805FC79235} Serveranwendungsinstanz-ID: {0F46B27C-8392-4F39-A91A-262B53D8D32B}
Serveranwendungsname:
System Application Da ein schwerwiegender Fehler vorliegt, wurde der Prozess beendet.
Fehlercode
= 0x8000ffff: Schwerwiegender Fehler COM+-Dienste - interne Informationen: Datei:
d:\qxp_slp\com\com1x\src\comsvcs\tracker\trksvr\trksvrimpl.cpp, Zeile: 3000 Dateiversion
von 'Comsvcs.dll': ENU 2001.12.4414.308 s
Error - 07.03.2012 04:49:20 | Computer Name = APFELMUS | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung tvtsched.exe, Version 3.0.9.0, fehlgeschlagenes
Modul tvtsched.exe, Version 3.0.9.0, Fehleradresse 0x00001ffa.
[ System Events ]
Error - 05.03.2012 07:59:56 | Computer Name = APFELMUS | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.1.2 für die Netzwerkkarte mit der Netzwerkadresse
0013029A488B wurde durch den DHCP-Server 132.230.201.1 abgelehnt (der DHCP-Server
hat eine DHCPNACK-Meldung gesendet).
Error - 06.03.2012 06:39:23 | Computer Name = APFELMUS | Source = PlugPlayManager | ID = 12
Description = Das Gerät "Intel(R) PRO/1000 PL Network Connection" (PCI\VEN_8086&DEV_109A&SUBSYS_200117AA&REV_00\4&192ac53f&0&00E0)
wurde ohne vorbereitende Maßnahmen vom System entfernt.
Error - 06.03.2012 15:08:07 | Computer Name = APFELMUS | Source = PlugPlayManager | ID = 12
Description = Das Gerät "Intel(R) PRO/1000 PL Network Connection" (PCI\VEN_8086&DEV_109A&SUBSYS_200117AA&REV_00\4&192ac53f&0&00E0)
wurde ohne vorbereitende Maßnahmen vom System entfernt.
Error - 06.03.2012 17:33:00 | Computer Name = APFELMUS | Source = PlugPlayManager | ID = 12
Description = Das Gerät "Intel(R) PRO/1000 PL Network Connection" (PCI\VEN_8086&DEV_109A&SUBSYS_200117AA&REV_00\4&192ac53f&0&00E0)
wurde ohne vorbereitende Maßnahmen vom System entfernt.
Error - 07.03.2012 04:49:09 | Computer Name = APFELMUS | Source = DCOM | ID = 10010
Description = Der Server "{8BC3F05E-D86B-11D0-A075-00C04FB68820}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error - 07.03.2012 04:50:55 | Computer Name = APFELMUS | Source = Service Control Manager | ID = 7034
Description = Dienst "TVT Scheduler" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 07.03.2012 12:51:42 | Computer Name = APFELMUS | Source = PlugPlayManager | ID = 12
Description = Das Gerät "Intel(R) PRO/1000 PL Network Connection" (PCI\VEN_8086&DEV_109A&SUBSYS_200117AA&REV_00\4&192ac53f&0&00E0)
wurde ohne vorbereitende Maßnahmen vom System entfernt.
Error - 07.03.2012 15:00:45 | Computer Name = APFELMUS | Source = PlugPlayManager | ID = 12
Description = Das Gerät "Intel(R) PRO/1000 PL Network Connection" (PCI\VEN_8086&DEV_109A&SUBSYS_200117AA&REV_00\4&192ac53f&0&00E0)
wurde ohne vorbereitende Maßnahmen vom System entfernt.
Error - 07.03.2012 18:44:29 | Computer Name = APFELMUS | Source = PlugPlayManager | ID = 12
Description = Das Gerät "Intel(R) PRO/1000 PL Network Connection" (PCI\VEN_8086&DEV_109A&SUBSYS_200117AA&REV_00\4&192ac53f&0&00E0)
wurde ohne vorbereitende Maßnahmen vom System entfernt.
Error - 08.03.2012 16:20:11 | Computer Name = APFELMUS | Source = PlugPlayManager | ID = 12
Description = Das Gerät "Intel(R) PRO/1000 PL Network Connection" (PCI\VEN_8086&DEV_109A&SUBSYS_200117AA&REV_00\4&192ac53f&0&00E0)
wurde ohne vorbereitende Maßnahmen vom System entfernt.
< End of report >
| Schonmal vielen Dank im Voraus für eure Antwort!
VG Toff
|
08.03.2012, 22:03
Baum-Darstellung