| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: probleme beim booten von rescue cd's (bitdefender und kaspersky) mittels usb stick,Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
27.03.2013, 18:05
| #11 |
 |  probleme beim booten von rescue cd's (bitdefender und kaspersky) mittels usb stick, ah ja ok ich poste die lofiles gleich nochmal. Welche Rescue CD nutzt du denn?? Keine?? Warum nicht?? OTL Logfile: Code:
ATTFilter OTL logfile created on: 27.03.2013 21:32:26 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = F:\Kesemeckesch\Programme\Programm setups Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1,50 Gb Total Physical Memory | 1,02 Gb Available Physical Memory | 68,09% Memory free 3,35 Gb Paging File | 2,90 Gb Available in Paging File | 86,40% Paging File free Paging file location(s): C:\pagefile.sys 2046 4004 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINXP | %ProgramFiles% = C:\Programme Drive C: | 15,03 Gb Total Space | 6,34 Gb Free Space | 42,20% Space Free | Partition Type: NTFS Drive D: | 22,23 Gb Total Space | 20,21 Gb Free Space | 90,94% Space Free | Partition Type: NTFS Drive F: | 232,83 Gb Total Space | 16,07 Gb Free Space | 6,90% Space Free | Partition Type: FAT32 Drive G: | 3,75 Gb Total Space | 3,49 Gb Free Space | 93,09% Space Free | Partition Type: FAT32 Computer Name: X-061AEDDB178F4 | User Name: 1 | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - F:\Jessie\Programme\Programm setups\OTL.exe (OldTimer Tools) PRC - D:\Programme\Firefox\firefox.exe (Mozilla Corporation) PRC - D:\Programme\Avira\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - D:\Programme\Avira\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) PRC - D:\Programme\Avira\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - D:\Programme\Avira\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG) PRC - D:\Programme\Avira\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\avmwlanstick\WLanGUI.exe (AVM Berlin) PRC - C:\Programme\avmwlanstick\WLanNetService.exe (AVM Berlin) PRC - C:\Dokumente und Einstellungen\1\Desktop\Netzwerk\ULB Münster\Neuer Ordner\cvpnd.exe (Cisco Systems, Inc.) PRC - C:\WINXP\explorer.exe (Microsoft Corporation) ========== Modules (No Company Name) ========== MOD - D:\Programme\Firefox\mozjs.dll () MOD - D:\Programme\Avira\Avira\AntiVir Desktop\sqlite3.dll () MOD - C:\WINXP\system32\vpnapi.dll () MOD - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\pdfshell.DEU () MOD - C:\WINXP\system32\msdmo.dll () MOD - C:\WINXP\system32\bcm1xsup.dll () ========== Services (SafeList) ========== SRV - (JavaQuickStarterService) -- D:\Programme\Java\bin\jqs.exe File not found SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AntiVirSchedulerService) -- D:\Programme\Avira\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirWebService) -- D:\Programme\Avira\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- D:\Programme\Avira\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies) SRV - (AVM WLAN Connection Service) -- C:\Programme\avmwlanstick\WLanNetService.exe (AVM Berlin) SRV - (CVPND) -- C:\Dokumente und Einstellungen\1\Desktop\Netzwerk\ULB Münster\Neuer Ordner\cvpnd.exe (Cisco Systems, Inc.) ========== Driver Services (SafeList) ========== DRV - (WDICA) -- File not found DRV - (UIUSys) -- system32\drivers\UIUSys.sys File not found DRV - (PDRFRAME) -- File not found DRV - (PDRELI) -- File not found DRV - (PDFRAME) -- File not found DRV - (PDCOMP) -- File not found DRV - (PCIDump) -- File not found DRV - (lbrtfdc) -- File not found DRV - (i2omgmt) -- File not found DRV - (Changer) -- File not found DRV - (catchme) -- C:\DOKUME~1\1\LOKALE~1\Temp\catchme.sys File not found DRV - (avkmgr) -- C:\WINXP\system32\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG) DRV - (avipbb) -- C:\WINXP\system32\drivers\avipbb.sys (Avira Operations GmbH & Co. KG) DRV - (avgntflt) -- C:\WINXP\system32\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG) DRV - (ssmdrv) -- C:\WINXP\system32\drivers\ssmdrv.sys (Avira GmbH) DRV - (FWLANUSB) -- C:\WINXP\system32\drivers\fwlanusb.sys (AVM GmbH) DRV - (avmeject) -- C:\WINXP\system32\drivers\avmeject.sys (AVM Berlin) DRV - (CVPNDRVA) -- C:\WINXP\system32\drivers\CVPNDRVA.sys (Cisco Systems, Inc.) DRV - (DNE) -- C:\WINXP\system32\drivers\dne2000.sys (Deterministic Networks, Inc.) DRV - (vsdatant) -- C:\WINXP\system32\vsdatant.sys (Zone Labs, LLC) DRV - (CVirtA) -- C:\WINXP\system32\drivers\CVirtA.sys (Cisco Systems, Inc.) DRV - (b57w2k) -- C:\WINXP\system32\drivers\b57xp32.sys (Broadcom Corporation) DRV - (ati2mtag) -- C:\WINXP\system32\drivers\ati2mtag.sys (ATI Technologies Inc.) DRV - (HSF_DPV) -- C:\WINXP\system32\drivers\HSF_DPV.SYS (Conexant Systems, Inc.) DRV - (HSFHWICH) -- C:\WINXP\system32\drivers\HSFHWICH.sys (Conexant Systems, Inc.) DRV - (winachsf) -- C:\WINXP\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.) DRV - (STAC97) -- C:\WINXP\system32\drivers\stac97.sys (SigmaTel, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2052111302-1935655697-1060284298-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINXP\system32\blank.htm IE - HKU\S-1-5-21-2052111302-1935655697-1060284298-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKU\S-1-5-21-2052111302-1935655697-1060284298-1003\..\SearchScopes,DefaultScope = {F8D12DDA-AE73-425D-B983-2CFD1BC01D53} IE - HKU\S-1-5-21-2052111302-1935655697-1060284298-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKU\S-1-5-21-2052111302-1935655697-1060284298-1003\..\SearchScopes\{F8D12DDA-AE73-425D-B983-2CFD1BC01D53}: "URL" = hxxp://www.google.de/search?q={searchTerms} IE - HKU\S-1-5-21-2052111302-1935655697-1060284298-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledAddons: keyconfig%40petricek.net:0.3.1 FF - prefs.js..extensions.enabledAddons: %7Bdc572301-7619-498c-a57d-39143191b318%7D:0.4.0.5 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2 FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINXP\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll () FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: D:\Programme\Pdf_xchanger\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: D:\Programme\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: D:\Programme\Pdf_xchanger\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: D:\Programme\Pdf_xchanger\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\jqs@sun.com: D:\Programme\lib\deploy\jqs\ff [2011.12.24 08:44:24 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: D:\Programme\Firefox\components [2013.03.19 19:10:01 | 000,000,000 | ---D | M] [2012.06.09 20:21:51 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\1\Anwendungsdaten\Mozilla\Extensions [2013.03.19 16:40:06 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\1\Anwendungsdaten\Mozilla\Firefox\Profiles\t8eblrfg.default\extensions [2012.06.30 23:08:26 | 000,011,621 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\1\Anwendungsdaten\Mozilla\Firefox\Profiles\t8eblrfg.default\extensions\keyconfig@petricek.net.xpi [2013.03.19 16:40:06 | 000,754,446 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\1\Anwendungsdaten\Mozilla\Firefox\Profiles\t8eblrfg.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi O1 HOSTS File: ([2001.08.23 13:30:00 | 000,000,820 | ---- | M]) - C:\WINXP\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Programme\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Babylon IE plugin) - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - D:\Programme\Babylon\Utils\BabylonIEPI.dll (Babylon Ltd.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Programme\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Programme\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) O4 - HKLM..\Run: [avgnt] D:\Programme\Avira\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [AVMWlanClient] C:\Programme\avmwlanstick\WLanGUI.exe (AVM Berlin) O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\VPN Client.lnk = C:\WINXP\Installer\{1CE60928-8325-49A8-8B06-633E48DD2B67}\Icon3E5562ED7.ico () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-2052111302-1935655697-1060284298-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2052111302-1935655697-1060284298-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-2052111302-1935655697-1060284298-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-2052111302-1935655697-1060284298-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Translate this web page with Babylon - D:\Programme\Babylon\Utils\BabylonIEPI.dll (Babylon Ltd.) O8 - Extra context menu item: Translate with Babylon - D:\Programme\Babylon\Utils\BabylonIEPI.dll (Babylon Ltd.) O9 - Extra Button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - D:\Programme\Babylon\Utils\BabylonIEPI.dll (Babylon Ltd.) O9 - Extra 'Tools' menuitem : Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - D:\Programme\Babylon\Utils\BabylonIEPI.dll (Babylon Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - D:\Programme\Avira\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - D:\Programme\Avira\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - D:\Programme\Avira\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {DE22A7AB-A739-4C58-AD52-21F9CD6306B7} hxxp://download.microsoft.com/download/7/E/6/7E6A8567-DFE4-4624-87C3-163549BE2704/clearadj.cab (CTAdjust Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9206402B-693E-4FFB-AD25-F21F584614F6}: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINXP\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINXP\system32\userinit.exe) - C:\WINXP\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINXP\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011.12.23 23:38:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013.03.27 16:23:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\1\Anwendungsdaten\LibreOffice [2013.03.27 16:22:25 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\LibreOffice 4.0 [2013.03.27 16:22:25 | 000,000,000 | ---D | C] -- C:\WINXP\System64 [2013.03.27 12:48:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Google Earth [2013.03.25 15:01:06 | 000,000,000 | ---D | C] -- C:\Programme\ESET [2013.03.25 14:37:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\1\Anwendungsdaten\Malwarebytes [2013.03.25 14:36:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware [2013.03.25 14:36:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes [2013.03.25 14:36:51 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\WINXP\System32\drivers\mbam.sys [2013.03.25 14:36:51 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2013.03.25 14:31:58 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2013.03.25 14:24:53 | 000,000,000 | ---D | C] -- C:\WINXP\temp [2013.03.25 14:17:10 | 000,000,000 | RHSD | C] -- C:\cmdcons [2013.03.25 10:07:50 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINXP\SWREG.exe [2013.03.25 10:07:50 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINXP\SWSC.exe [2013.03.25 10:07:50 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINXP\SWXCACLS.exe [2013.03.25 10:07:50 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINXP\NIRCMD.exe [2013.03.22 22:21:13 | 000,228,600 | ---- | C] (AVAST Software) -- C:\WINXP\System32\aswBoot.exe [2013.03.22 22:17:55 | 000,000,000 | ---D | C] -- C:\Programme\AVAST Software [2013.03.22 22:08:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVAST Software [2013.03.19 21:18:56 | 000,000,000 | ---D | C] -- C:\WINXP\System32\SoftwareDistribution [4 C:\WINXP\*.tmp files -> C:\WINXP\*.tmp -> ] [1 C:\WINXP\System32\*.tmp files -> C:\WINXP\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.03.27 20:47:00 | 000,001,080 | ---- | M] () -- C:\WINXP\tasks\GoogleUpdateTaskMachineUA.job [2013.03.27 17:30:33 | 000,002,458 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\VPN Client.lnk [2013.03.27 17:30:24 | 000,001,076 | ---- | M] () -- C:\WINXP\tasks\GoogleUpdateTaskMachineCore.job [2013.03.27 17:29:28 | 000,002,048 | --S- | M] () -- C:\WINXP\bootstat.dat [2013.03.27 17:29:23 | 000,146,808 | ---- | M] () -- C:\WINXP\System32\FNTCACHE.DAT [2013.03.27 16:22:25 | 000,000,693 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\LibreOffice 4.0.lnk [2013.03.27 12:48:48 | 000,001,883 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk [2013.03.27 00:20:51 | 005,292,054 | ---- | M] () -- C:\Dokumente und Einstellungen\1\Desktop\hab nix.bmp [2013.03.26 16:17:02 | 000,000,365 | ---- | M] () -- C:\Dokumente und Einstellungen\1\Desktop\Verknüpfung mit Bewerbungen.lnk [2013.03.25 21:46:47 | 000,002,239 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk [2013.03.25 17:57:10 | 000,002,206 | ---- | M] () -- C:\WINXP\System32\wpa.dbl [2013.03.25 14:17:14 | 000,000,323 | RHS- | M] () -- C:\boot.ini [2013.03.22 22:21:13 | 000,002,951 | ---- | M] () -- C:\WINXP\System32\CONFIG.NT [2013.03.22 17:08:34 | 000,017,322 | ---- | M] () -- C:\Dokumente und Einstellungen\1\Desktop\Neu OpenDocument Text.odt [2013.03.22 03:00:47 | 004,718,592 | -H-- | M] () -- C:\Dokumente und Einstellungen\1\NTUSER.bak [2013.03.21 21:49:44 | 000,012,822 | ---- | M] () -- C:\Dokumente und Einstellungen\1\Desktop\Unbenannt 1.odt [2013.03.21 21:49:41 | 000,008,219 | ---- | M] () -- C:\Dokumente und Einstellungen\1\Desktop\Neu OpenDocument Tabellendokument.ods [2013.03.20 21:35:32 | 000,009,026 | ---- | M] () -- C:\Dokumente und Einstellungen\1\Desktop\Neu OpenDocument Präsentation.odp [2013.03.07 04:02:42 | 000,228,600 | ---- | M] (AVAST Software) -- C:\WINXP\System32\aswBoot.exe [2013.03.06 15:13:37 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINXP\System32\drivers\avkmgr.sys [2013.02.27 12:22:36 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINXP\System32\drivers\avipbb.sys [2013.02.27 12:22:36 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINXP\System32\drivers\avgntflt.sys [4 C:\WINXP\*.tmp files -> C:\WINXP\*.tmp -> ] [1 C:\WINXP\System32\*.tmp files -> C:\WINXP\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.03.27 16:22:25 | 000,000,693 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\LibreOffice 4.0.lnk [2013.03.27 12:48:48 | 000,001,883 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk [2013.03.27 00:20:50 | 005,292,054 | ---- | C] () -- C:\Dokumente und Einstellungen\1\Desktop\hab nix.bmp [2013.03.26 16:17:00 | 000,000,365 | ---- | C] () -- C:\Dokumente und Einstellungen\1\Desktop\Verknüpfung mit Bewerbungen.lnk [2013.03.25 14:17:14 | 000,000,207 | ---- | C] () -- C:\Boot.bak [2013.03.25 14:17:12 | 000,262,448 | RHS- | C] () -- C:\cmldr [2013.03.25 10:07:50 | 000,256,000 | ---- | C] () -- C:\WINXP\PEV.exe [2013.03.25 10:07:50 | 000,208,896 | ---- | C] () -- C:\WINXP\MBR.exe [2013.03.25 10:07:50 | 000,098,816 | ---- | C] () -- C:\WINXP\sed.exe [2013.03.25 10:07:50 | 000,080,412 | ---- | C] () -- C:\WINXP\grep.exe [2013.03.25 10:07:50 | 000,068,096 | ---- | C] () -- C:\WINXP\zip.exe [2013.03.21 21:49:31 | 000,012,822 | ---- | C] () -- C:\Dokumente und Einstellungen\1\Desktop\Unbenannt 1.odt [2013.03.21 19:26:26 | 000,017,322 | ---- | C] () -- C:\Dokumente und Einstellungen\1\Desktop\Neu OpenDocument Text.odt [2013.03.20 21:35:32 | 000,009,026 | ---- | C] () -- C:\Dokumente und Einstellungen\1\Desktop\Neu OpenDocument Präsentation.odp [2013.03.20 19:41:39 | 000,008,219 | ---- | C] () -- C:\Dokumente und Einstellungen\1\Desktop\Neu OpenDocument Tabellendokument.ods [2012.06.26 17:16:56 | 000,000,236 | ---- | C] () -- C:\WINXP\Brpfx04a.ini [2012.06.26 17:16:56 | 000,000,093 | ---- | C] () -- C:\WINXP\brpcfx.ini [2012.06.26 17:16:33 | 000,000,425 | ---- | C] () -- C:\WINXP\BRWMARK.INI [2012.06.26 17:16:33 | 000,000,027 | ---- | C] () -- C:\WINXP\BRPP2KA.INI [2012.06.26 17:15:47 | 000,000,050 | ---- | C] () -- C:\WINXP\System32\bridf08a.dat [2012.06.26 17:15:38 | 000,106,496 | ---- | C] () -- C:\WINXP\System32\BrMuSNMP.dll [2012.06.26 17:15:38 | 000,000,091 | ---- | C] () -- C:\WINXP\Brfaxrx.ini [2012.06.26 17:15:38 | 000,000,000 | ---- | C] () -- C:\WINXP\brdfxspd.dat [2012.06.23 00:04:33 | 000,017,408 | ---- | C] () -- C:\Dokumente und Einstellungen\1\Lokale Einstellungen\Anwendungsdaten\WebpageIcons.db [2012.02.07 22:59:44 | 000,015,873 | ---- | C] () -- C:\WINXP\System32\Inetde.dll [2012.01.12 00:37:00 | 000,000,664 | ---- | C] () -- C:\WINXP\System32\d3d9caps.dat [2011.12.28 17:40:06 | 000,022,528 | ---- | C] () -- C:\Dokumente und Einstellungen\1\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.12.24 19:14:36 | 000,000,056 | -H-- | C] () -- C:\WINXP\System32\ezsidmv.dat [2011.12.24 01:50:30 | 000,086,016 | ---- | C] () -- C:\WINXP\System32\preflib.dll [2011.12.24 01:50:29 | 000,757,760 | ---- | C] () -- C:\WINXP\System32\bcm1xsup.dll [2011.12.24 01:50:29 | 000,018,944 | ---- | C] () -- C:\WINXP\System32\WLTRYSVC.EXE [2011.12.24 01:37:30 | 000,104,376 | ---- | C] () -- C:\WINXP\System32\atiicdxx.dat [2011.12.23 23:49:39 | 004,718,592 | -H-- | C] () -- C:\Dokumente und Einstellungen\1\NTUSER.bak [2011.12.23 23:40:14 | 000,002,048 | --S- | C] () -- C:\WINXP\bootstat.dat [2011.12.23 23:33:27 | 000,021,740 | ---- | C] () -- C:\WINXP\System32\emptyregdb.dat [2011.12.23 23:10:45 | 000,004,073 | ---- | C] () -- C:\WINXP\ODBCINST.INI [2011.12.23 23:06:38 | 000,146,808 | ---- | C] () -- C:\WINXP\System32\FNTCACHE.DAT ========== ZeroAccess Check ========== [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 07:52:26 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2008.04.14 07:52:12 | 000,472,064 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 07:52:34 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report > OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 27.03.2013 21:32:26 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = F:\Jessy\Programme\Programm setups
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,50 Gb Total Physical Memory | 1,02 Gb Available Physical Memory | 68,09% Memory free
3,35 Gb Paging File | 2,90 Gb Available in Paging File | 86,40% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4004 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINXP | %ProgramFiles% = C:\Programme
Drive C: | 15,03 Gb Total Space | 6,34 Gb Free Space | 42,20% Space Free | Partition Type: NTFS
Drive D: | 22,23 Gb Total Space | 20,21 Gb Free Space | 90,94% Space Free | Partition Type: NTFS
Drive F: | 232,83 Gb Total Space | 16,07 Gb Free Space | 6,90% Space Free | Partition Type: FAT32
Drive G: | 3,75 Gb Total Space | 3,49 Gb Free Space | 93,09% Space Free | Partition Type: FAT32
Computer Name: X-061AEDDB178F4 | User Name: 1 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Programme\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Programme\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"D:\Programme\Azureus\Azureus.exe" = D:\Programme\Azureus\Azureus.exe:*:Enabled:Azureus -- (Aelitis)
"C:\Programme\Skype\Phone\Skype.exe" = C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Systemsteuerung
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{1CE60928-8325-49A8-8B06-633E48DD2B67}" = Cisco Systems VPN Client 5.0.07.0410
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2217B0B4-35CB-48C6-B640-864DF2F30F99}" = OpenOffice.org 3.2
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{604B2A5C-B1CE-45B2-ADCC-6B7C721AC3AC}" = LibreOffice 4.0.1.2
"{6E315D6D-0F1C-4C27-920B-807B4F57C8B2}" = Brother MFL-Pro Suite MFC-5890CN
"{7E369B27-13E2-41A5-9879-358EE1C8B5AD}" = Broadcom Gigabit Integrated Controller
"{81A34902-9D0B-4920-A25C-4CDC5D14B328}" = Jasc Paint Shop Pro 8
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1" = PDF-Viewer
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = C-Major Audio
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3 - Deutsch
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"All ATI Software" = ATI - Dienstprogramm zur Deinstallation der Software
"ATI Display Driver" = ATI Display Driver
"Avira AntiVir Desktop" = Avira Free Antivirus
"AVMWLANCLI" = AVM FRITZ!WLAN
"Azureus" = Azureus
"Babylon" = Babylon
"Biet-O-Matic v2.14.8" = Biet-O-Matic v2.14.8
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"CNXT_MODEM_PCI_VEN_8086&DEV_24x6&SUBSYS_542214F1" = Conexant D480 MDC V.92 Modem
"ESET Online Scanner" = ESET Online Scanner v3
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Mozilla Firefox 19.0.2 (x86 de)" = Mozilla Firefox 19.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PokerStars" = PokerStars
"VLC media player" = VLC media player 1.1.11
"Windows XP Service Pack" = Windows XP Service Pack 3
"XP Codec Pack" = XP Codec Pack
"Zattoo4" = Zattoo4 4.0.5
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 19.06.2012 05:22:39 | Computer Name = X-061AEDDB178F4 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung skype.exe, Version 4.0.0.226, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x001f0d50.
[ System Events ]
Error - 25.03.2013 16:02:30 | Computer Name = X-061AEDDB178F4 | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 25.03.2013 16:02:42 | Computer Name = X-061AEDDB178F4 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "DHCP-Client" ist vom Dienst "NetBios über TCP/IP" abhängig,
der aufgrund folgenden Fehlers nicht gestartet wurde: %%31
Error - 25.03.2013 16:02:42 | Computer Name = X-061AEDDB178F4 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "DNS-Client" ist vom Dienst "TCP/IP-Protokolltreiber" abhängig,
der aufgrund folgenden Fehlers nicht gestartet wurde: %%31
Error - 25.03.2013 16:02:42 | Computer Name = X-061AEDDB178F4 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "TCP/IP-NetBIOS-Hilfsprogramm" ist vom Dienst "AFD" abhängig,
der aufgrund folgenden Fehlers nicht gestartet wurde: %%31
Error - 25.03.2013 16:02:42 | Computer Name = X-061AEDDB178F4 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "IPSEC-Dienste" ist vom Dienst "IPSEC-Treiber" abhängig,
der aufgrund folgenden Fehlers nicht gestartet wurde: %%31
Error - 25.03.2013 16:02:42 | Computer Name = X-061AEDDB178F4 | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
AFD avipbb avkmgr Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss ssmdrv Tcpip WS2IFSL
Error - 25.03.2013 16:04:04 | Computer Name = X-061AEDDB178F4 | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 26.03.2013 04:17:11 | Computer Name = X-061AEDDB178F4 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Java Quick Starter" wurde aufgrund folgenden Fehlers nicht
gestartet: %%3
Error - 27.03.2013 03:56:37 | Computer Name = X-061AEDDB178F4 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Java Quick Starter" wurde aufgrund folgenden Fehlers nicht
gestartet: %%3
Error - 27.03.2013 09:00:40 | Computer Name = X-061AEDDB178F4 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Java Quick Starter" wurde aufgrund folgenden Fehlers nicht
gestartet: %%3
< End of report >
uni nein. Privat ja >>>> war halt ne geckrackte cd die grad zur hand war. Professional kann ja nicht verkehrt sein dachte ich.... Servus Jerry Geändert von Järald (27.03.2013 um 18:14 Uhr) |
| Themen zu probleme beim booten von rescue cd's (bitdefender und kaspersky) mittels usb stick, |
| arbeitsspeicher, bitdefender, booten, defender, desktop, fat32, folge, folgende, kaputt, kaspersky, laptop, laufwerk, melde, meldet, passwort, probleme, rechner, rescue, scan, stick, usb, usb stick, vermutliche, versuche, virus |
Baum-Darstellung