Trojaner-Board - Rechner soll nach Trojanerbefall vollständig sauber werden

Code:

# AdwCleaner v2.009 - Datei am 27/11/2012 um 22:13:20 erstellt

# Aktualisiert am 24/11/2012 von Xplode

# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)

# Benutzer : Administrator - EGAL

# Bootmodus : Normal

# Ausgeführt unter : C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Downloads\adwcleaner.exe

# Option [Löschen]
 
 

**** [Dienste] ****
 
 

***** [Dateien / Ordner] *****
 
 

***** [Registrierungsdatenbank] *****
 

Schlüssel Gelöscht : HKCU\Software\StartSearch
 

***** [Internet Browser] *****
 

-\\ Internet Explorer v6.0.2900.5512
 

[OK] Die Registrierungsdatenbank ist sauber.
 

*************************
 

AdwCleaner[S1].txt - [662 octets] - [27/11/2012 22:13:20]
 

########## EOF - C:\AdwCleaner[S1].txt - [721 octets] ##########

OTL Logfile:

Code:

OTL logfile created on: 27.11.2012 22:18:05 - Run 5

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\Administrator\Desktop

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.5512)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

1015,23 Mb Total Physical Memory | 568,98 Mb Available Physical Memory | 56,04% Memory free

2,36 Gb Paging File | 1,91 Gb Available in Paging File | 80,96% Paging File free

Paging file location(s): S:\pagefile.sys 1500 1500 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme

Drive C: | 40,00 Gb Total Space | 20,41 Gb Free Space | 51,01% Space Free | Partition Type: NTFS

Drive S: | 1,95 Gb Total Space | 0,48 Gb Free Space | 24,37% Space Free | Partition Type: NTFS

 

Computer Name: EGAL | User Name: Administrator | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation)

PRC - C:\Dokumente und Einstellungen\Administrator\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Programme\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D)

PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Programme\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)

PRC - C:\WINDOWS\system32\vmnetdhcp.exe (VMware, Inc.)

PRC - C:\WINDOWS\system32\vmnat.exe (VMware, Inc.)

PRC - C:\Programme\VMware\VMware Player\vmware-authd.exe (VMware, Inc.)

PRC - C:\Programme\Common Files\VMware\USB\vmware-usbarbitrator.exe (VMware, Inc.)

PRC - C:\Programme\PostgreSQL\8.4\bin\pg_ctl.exe (PostgreSQL Global Development Group)

PRC - C:\Programme\PostgreSQL\8.4\bin\postgres.exe (PostgreSQL Global Development Group)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\WINDOWS\system32\agrsmsvc.exe (Agere Systems)

 

 
 ========== Modules (No Company Name) ==========

 

MOD - C:\Programme\Avira\AntiVir Desktop\sqlite3.dll ()

MOD - C:\Programme\Avira\AntiVir Desktop\libxml2.dll ()

MOD - C:\Programme\Avira\AntiVir Desktop\cares.dll ()

MOD - C:\Programme\VMware\VMware Player\zlib1.dll ()

MOD - C:\Programme\VMware\VMware Player\libxml2.dll ()

 

 
 ========== Services (SafeList) ==========

 

SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found

SRV - (JavaQuickStarterService) -- C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation)

SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)

SRV - (SbieSvc) -- C:\Programme\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D)

SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)

SRV - (AntiVirWebService) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)

SRV - (AntiVirMailService) -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG)

SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)

SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)

SRV - (VMnetDHCP) -- C:\WINDOWS\system32\vmnetdhcp.exe (VMware, Inc.)

SRV - (VMware NAT Service) -- C:\WINDOWS\system32\vmnat.exe (VMware, Inc.)

SRV - (VMAuthdService) -- C:\Programme\VMware\VMware Player\vmware-authd.exe (VMware, Inc.)

SRV - (VMUSBArbService) -- C:\Programme\Common Files\VMware\USB\vmware-usbarbitrator.exe (VMware, Inc.)

SRV - (ufad-ws60) -- C:\Programme\VMware\VMware Player\vmware-ufad.exe (VMware, Inc.)

SRV - (postgresql-8.4) -- C:\Programme\PostgreSQL\8.4\bin\pg_ctl.exe (PostgreSQL Global Development Group)

SRV - (AgereModemAudio) -- C:\WINDOWS\system32\agrsmsvc.exe (Agere Systems)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - (WDICA) --  File not found

DRV - (PDRFRAME) --  File not found

DRV - (PDRELI) --  File not found

DRV - (PDFRAME) --  File not found

DRV - (PDCOMP) --  File not found

DRV - (PCIDump) --  File not found

DRV - (lbrtfdc) --  File not found

DRV - (i2omgmt) --  File not found

DRV - (hwdatacard) -- system32\DRIVERS\ewusbmdm.sys File not found

DRV - (huawei_enumerator) -- system32\DRIVERS\ew_jubusenum.sys File not found

DRV - (ewusbnet) -- system32\DRIVERS\ewusbnet.sys File not found

DRV - (Changer) --  File not found

DRV - (catchme) -- C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\catchme.sys File not found

DRV - (SbieDrv) -- C:\Programme\Sandboxie\SbieDrv.sys (SANDBOXIE L.T.D)

DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)

DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)

DRV - (avkmgr) -- C:\WINDOWS\system32\drivers\avkmgr.sys (Avira GmbH)

DRV - (vmci) -- C:\WINDOWS\system32\drivers\vmci.sys (VMware, Inc.)

DRV - (vmx86) -- C:\WINDOWS\system32\drivers\vmx86.sys (VMware, Inc.)

DRV - (VMparport) -- C:\WINDOWS\system32\drivers\vmparport.sys (VMware, Inc.)

DRV - (vmkbd) -- C:\WINDOWS\system32\drivers\VMkbd.sys (VMware, Inc.)

DRV - (VMnetBridge) -- C:\WINDOWS\system32\drivers\vmnetbridge.sys (VMware, Inc.)

DRV - (VMnetuserif) -- C:\WINDOWS\system32\drivers\vmnetuserif.sys (VMware, Inc.)

DRV - (hcmon) -- C:\WINDOWS\system32\drivers\hcmon.sys (VMware, Inc.)

DRV - (VMnetAdapter) -- C:\WINDOWS\system32\drivers\vmnetadapter.sys (VMware, Inc.)

DRV - (avmeject) -- C:\WINDOWS\system32\drivers\avmeject.sys (AVM Berlin)

DRV - (vstor2-ws60) -- C:\Programme\VMware\VMware Player\vstor2-ws60.sys (VMware, Inc.)

DRV - (truecrypt) -- C:\WINDOWS\system32\drivers\truecrypt.sys (TrueCrypt Foundation)

DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)

DRV - (HBtnKey) -- C:\WINDOWS\system32\drivers\CPQBttn.sys (Hewlett-Packard Development Company, L.P.)

DRV - (IFXTPM) -- C:\WINDOWS\system32\drivers\ifxtpm.sys (Infineon Technologies AG)

DRV - (MPE) -- C:\WINDOWS\system32\drivers\MPE.sys (Microsoft Corporation)

DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems)

DRV - (Ser2pl) -- C:\WINDOWS\system32\drivers\ser2pl.sys (Prolific Technology Inc.)

DRV - (ATSWPDRV) -- C:\WINDOWS\system32\drivers\atswpdrv.sys (AuthenTec, Inc.)

DRV - (HP24X) -- C:\WINDOWS\system32\drivers\HP24X.sys (Hewlett Packard)

DRV - (HpqKbFiltr) -- C:\WINDOWS\system32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)

DRV - (b57w2k) -- C:\WINDOWS\system32\drivers\b57xp32.sys (Broadcom Corporation)

DRV - (BDA_Loader_220) -- C:\WINDOWS\system32\drivers\BDA_Loader_220.sys (WideView Technology Inc.)

DRV - (BDA_Capture_220) -- C:\WINDOWS\system32\drivers\BDA_Capture_220.sys (WideViewer Electronics CO., LTD)

DRV - (DTV_Loader_2X1) -- C:\WINDOWS\system32\drivers\DTV_Loader_2X1.sys (WideView Technology Inc.)

DRV - (DTV_Capture_2X0) -- C:\WINDOWS\system32\drivers\DTV_Capture_2X0.sys (Computer & Entertainment, Inc.)

DRV - (d347prt) -- C:\WINDOWS\system32\drivers\d347prt.sys ( )

DRV - (d347bus) -- C:\WINDOWS\system32\drivers\d347bus.sys ( )

DRV - (sonyhcs) -- C:\WINDOWS\system32\drivers\sonyhcs.sys (Sony Corporation)

DRV - (sonyhcb) -- C:\WINDOWS\system32\drivers\sonyhcb.sys (Sony Corporation)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com

IE - HKLM\..\SearchScopes,DefaultScope = 

 

 

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 

 

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 

 

IE - HKU\S-1-5-21-515967899-1788223648-1417001333-1004\..\SearchScopes,DefaultScope = 

 

IE - HKU\S-1-5-21-515967899-1788223648-1417001333-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKU\S-1-5-21-515967899-1788223648-1417001333-500\..\SearchScopes,DefaultScope = 

IE - HKU\S-1-5-21-515967899-1788223648-1417001333-500\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\S-1-5-21-515967899-1788223648-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

FF - prefs.js..extensions.enabledAddons: maps@ovi.com:5.9.2.0

FF - user.js - File not found

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npdeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.11.19 21:51:40 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.11.25 12:20:54 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2012.11.25 12:12:58 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins

 

[2012.01.11 16:59:17 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Extensions

[2012.11.22 22:17:41 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\hamgehrx.default\extensions

[2012.07.28 12:22:39 | 000,000,000 | ---D | M] (Nokia Maps 3D browser plugin) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\hamgehrx.default\extensions\maps@ovi.com

[2012.11.22 22:17:41 | 000,530,519 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\hamgehrx.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi

[2012.03.05 15:40:50 | 000,000,003 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\hamgehrx.default\extensions\maps@ovi.com\plugins\package.XPI

[2012.11.25 12:17:03 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions

[2012.11.25 12:17:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

[2012.10.27 20:40:48 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\䍻䙁䕅䅆ⵃ〰㜱〭〰ⴰ〰㔰䄭䍂䕄䙆䑅䉃絁

[2012.10.24 18:50:04 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll

[2012.06.20 17:14:20 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Programme\mozilla firefox\plugins\npwachk.dll

[2012.10.24 23:03:12 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml

[2012.10.24 23:03:11 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml

[2012.10.24 23:03:12 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml

[2012.10.24 23:03:12 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml

[2012.10.24 23:03:12 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml

[2012.10.24 23:03:11 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2012.11.26 22:57:19 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] c:\Programme\Gemeinsame Dateien\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)

O4 - HKU\S-1-5-18..\Run: [DWQueuedReporting] c:\Programme\Gemeinsame Dateien\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)

O4 - HKU\S-1-5-21-515967899-1788223648-1417001333-500..\Run: [SandboxieControl] C:\Programme\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)

O4 - Startup: C:\Dokumente und Einstellungen\jens\Startmenü\Programme\Autostart\OpenOffice.org 3.2.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-515967899-1788223648-1417001333-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-515967899-1788223648-1417001333-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-515967899-1788223648-1417001333-500\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-515967899-1788223648-1417001333-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\S-1-5-21-515967899-1788223648-1417001333-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-21-515967899-1788223648-1417001333-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - Z:\games\PokerStars\PokerStarsUpdate.exe File not found

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Programme\VMware\VMware Player\vsocklib.dll (VMware, Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Programme\VMware\VMware Player\vsocklib.dll (VMware, Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)

O15 - HKU\S-1-5-21-515967899-1788223648-1417001333-500\..Trusted Ranges: Range1 ([*] in Lokales Intranet)

O15 - HKU\S-1-5-21-515967899-1788223648-1417001333-500\..Trusted Ranges: Range2 ([*] in Lokales Intranet)

O15 - HKU\S-1-5-21-515967899-1788223648-1417001333-500\..Trusted Ranges: Range3 ([*] in Lokales Intranet)

O15 - HKU\S-1-5-21-515967899-1788223648-1417001333-500\..Trusted Ranges: Range4 ([*] in Lokales Intranet)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1279617201375 (WUWebControl Class)

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1279628346296 (MUWebControl Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 1.7.0_09)

O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)

O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 1.7.0_09)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.7.0_09)

O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://192.168.178.210:2000/activex/RACtrl.cab (Performance Viewer Activex Control)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{900CA7C7-783C-429E-BC86-C39D87DB9847}: NameServer = 192.168.178.1

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home

O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp

O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2010.07.20 09:25:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012.11.26 22:47:39 | 000,000,000 | RHSD | C] -- C:\cmdcons

[2012.11.26 22:45:28 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe

[2012.11.26 22:45:28 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe

[2012.11.26 22:45:28 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe

[2012.11.26 22:45:28 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe

[2012.11.26 22:45:16 | 000,000,000 | ---D | C] -- C:\Qoobox

[2012.11.26 22:45:12 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Verwaltung

[2012.11.26 22:45:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt

[2012.11.25 21:00:29 | 000,000,000 | ---D | C] -- C:\avminftmp

[2012.11.25 18:56:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVM

[2012.11.25 12:20:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Winamp Detector Plug-in

[2012.11.25 12:20:55 | 000,000,000 | ---D | C] -- C:\Programme\Winamp Detect

[2012.11.25 12:17:01 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe

[2012.11.25 12:17:01 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe

[2012.11.25 12:17:01 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe

[2012.11.25 12:13:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mozilla

[2012.11.25 12:12:59 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Maintenance Service

[2012.11.25 10:13:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\vlc

[2012.11.25 10:11:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VideoLAN

[2012.11.24 20:42:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss

[2012.11.24 15:21:25 | 000,000,000 | ---D | C] -- C:\My Pictures

[2012.11.23 22:23:22 | 000,000,000 | ---D | C] -- C:\DivX Movies

[2012.11.22 22:38:13 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java

[2012.11.22 22:37:47 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll

[2012.11.21 21:18:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\desktoplinks

[2012.11.21 21:14:45 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Administrator\Desktop\OTL.exe

[2012.11.21 21:07:11 | 000,000,000 | R--D | C] -- C:\Sandbox

[2012.11.21 21:04:14 | 000,000,000 | ---D | C] -- C:\Programme\Sandboxie

[2012.11.21 21:04:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Sandboxie

[2012.11.19 22:55:40 | 000,000,000 | ---D | C] -- C:\Programme\hjackthis

[2012.11.19 22:35:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Malwarebytes

[2012.11.19 22:34:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes

[2012.11.10 18:34:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\TV-Browser

[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2012.11.27 22:15:51 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2012.11.27 22:15:50 | 000,001,100 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2012.11.27 22:14:42 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2012.11.27 22:08:51 | 000,001,740 | -H-- | M] () -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Default.rdp

[2012.11.27 21:53:00 | 000,001,104 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2012.11.27 21:32:30 | 000,001,408 | ---- | M] () -- C:\WINDOWS\Sandboxie.ini

[2012.11.26 22:57:19 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts

[2012.11.26 22:47:47 | 000,000,327 | RHS- | M] () -- C:\boot.ini

[2012.11.25 12:14:49 | 000,404,920 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl

[2012.11.25 10:42:41 | 000,008,192 | ---- | M] () -- C:\dvb4.GRF

[2012.11.25 10:41:18 | 000,013,824 | ---- | M] () -- C:\dvb.GRF

[2012.11.25 09:45:01 | 000,015,360 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012.11.24 21:17:25 | 000,000,512 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\MBR.dat

[2012.11.24 21:05:07 | 000,003,240 | ---- | M] () -- C:\WINDOWS\WINCMD.INI

[2012.11.24 20:47:27 | 000,000,211 | ---- | M] () -- C:\Boot.bak

[2012.11.24 20:24:50 | 000,000,052 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\defogger_reenable

[2012.11.24 15:27:05 | 000,000,974 | ---- | M] () -- C:\WINDOWS\wininit.ini

[2012.11.22 22:46:01 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe

[2012.11.22 22:40:49 | 000,453,104 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat

[2012.11.22 22:40:49 | 000,436,544 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2012.11.22 22:40:49 | 000,082,742 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat

[2012.11.22 22:40:49 | 000,069,834 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2012.11.22 22:37:29 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll

[2012.11.22 22:37:26 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe

[2012.11.22 22:37:26 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe

[2012.11.22 22:37:26 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe

[2012.11.22 22:37:26 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl

[2012.11.22 22:37:25 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll

[2012.11.22 22:37:25 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll

[2012.11.21 21:37:15 | 000,302,592 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\plohe3bf.exe

[2012.11.21 21:14:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Administrator\Desktop\OTL.exe

[2012.11.21 21:04:14 | 000,000,764 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\Sandboxed Web Browser.lnk

[2012.11.21 20:59:25 | 000,000,206 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\cc_20121121_205923.reg

[2012.11.21 20:59:13 | 000,000,206 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\cc_20121121_205911.reg

[2012.11.21 20:58:59 | 000,000,288 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\cc_20121121_205856.reg

[2012.11.21 20:58:29 | 000,000,882 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\cc_20121121_205826.reg

[2012.11.21 20:58:01 | 000,100,660 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\cc_20121121_205756.reg

[2012.11.19 21:51:42 | 000,000,696 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\Mozilla Firefox.lnk

[2012.11.16 22:14:22 | 000,138,848 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2012.11.16 18:48:24 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2012.11.14 20:54:11 | 000,112,584 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avfwot.sys

[2012.11.14 20:54:11 | 000,092,008 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avfwim.sys

[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2012.11.26 22:47:47 | 000,000,211 | ---- | C] () -- C:\Boot.bak

[2012.11.26 22:47:41 | 000,262,448 | RHS- | C] () -- C:\cmldr

[2012.11.26 22:45:28 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe

[2012.11.26 22:45:28 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe

[2012.11.26 22:45:28 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe

[2012.11.26 22:45:28 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe

[2012.11.26 22:45:28 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe

[2012.11.24 20:24:36 | 000,000,052 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\defogger_reenable

[2012.11.23 21:16:20 | 000,000,512 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\MBR.dat

[2012.11.22 22:40:59 | 000,002,299 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Reader XI.lnk

[2012.11.21 21:37:14 | 000,302,592 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\plohe3bf.exe

[2012.11.21 21:04:37 | 000,000,764 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\Sandboxed Web Browser.lnk

[2012.11.21 21:04:34 | 000,001,408 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini

[2012.11.21 20:59:24 | 000,000,206 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\cc_20121121_205923.reg

[2012.11.21 20:59:12 | 000,000,206 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\cc_20121121_205911.reg

[2012.11.21 20:58:57 | 000,000,288 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\cc_20121121_205856.reg

[2012.11.21 20:58:28 | 000,000,882 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\cc_20121121_205826.reg

[2012.11.21 20:57:58 | 000,100,660 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\cc_20121121_205756.reg

[2012.11.19 21:51:42 | 000,000,702 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Mozilla Firefox.lnk

[2012.11.19 21:51:42 | 000,000,696 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\Mozilla Firefox.lnk

[2012.08.21 21:04:49 | 000,728,384 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat

[2012.08.18 12:34:29 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2012.06.24 18:12:50 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll

[2012.05.07 17:38:08 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll

[2012.02.15 17:35:10 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

[2011.04.23 12:13:26 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\$_hpcst$.hpc

[2011.02.19 12:28:43 | 001,174,000 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll

[2011.02.19 12:28:43 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4873.dll

[2011.02.19 12:28:43 | 000,104,636 | ---- | C] () -- C:\WINDOWS\System32\igmedcompkrn.dll

[2011.01.05 20:38:38 | 000,061,254 | ---- | C] () -- C:\Programme\EULA.deu

[2010.08.16 19:36:56 | 000,000,045 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\machpro.dat

[2010.08.08 10:13:28 | 000,015,360 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2005.05.26 02:17:16 | 000,110,657 | ---- | C] () -- C:\Programme\Gemeinsame Dateien\UninstallDrv.exe

 
 ========== ZeroAccess Check ==========

 

[2010.07.20 11:11:22 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shdocvw.dll -- [2012.08.30 21:28:07 | 001,510,400 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 11:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 13:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both
 

< End of report >

--- --- ---

OTL Logfile:

Code:

OTL Extras logfile created on: 27.11.2012 22:18:05 - Run 5

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\Administrator\Desktop

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.5512)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

1015,23 Mb Total Physical Memory | 568,98 Mb Available Physical Memory | 56,04% Memory free

2,36 Gb Paging File | 1,91 Gb Available in Paging File | 80,96% Paging File free

Paging file location(s): S:\pagefile.sys 1500 1500 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme

Drive C: | 40,00 Gb Total Space | 20,41 Gb Free Space | 51,01% Space Free | Partition Type: NTFS

Drive S: | 1,95 Gb Total Space | 0,48 Gb Free Space | 24,37% Space Free | Partition Type: NTFS

 

Computer Name: EGAL | User Name: Administrator | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

 

[HKEY_USERS\S-1-5-21-515967899-1788223648-1417001333-500\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 
 ========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

htmlfile [edit] -- Reg Error: Key error.

InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [ACDBrowse] -- C:\Programme\ACDSee32\ACDSee32.exe "%1" (ACD Systems, Ltd.)

Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

 
 ========== System Restore Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

 
 ========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

"C:\Programme\VMware\VMware Player\vmware-authd.exe" = C:\Programme\VMware\VMware Player\vmware-authd.exe:*:Enabled:VMware Authd -- (VMware, Inc.)

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

"C:\Programme\VideoLAN\VLC\vlc.exe" = C:\Programme\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- (VideoLAN)

"C:\Programme\wincmd\WINCMD32.EXE" = C:\Programme\wincmd\WINCMD32.EXE:*:Disabled:Windows Commander 32 bit international version, file manager replacement for Windows -- (C. Ghisler & Co.)

"C:\Programme\VMware\VMware Player\vmware-authd.exe" = C:\Programme\VMware\VMware Player\vmware-authd.exe:*:Enabled:VMware Authd -- (VMware, Inc.)

"C:\Programme\Google\Google Earth\plugin\geplugin.exe" = C:\Programme\Google\Google Earth\plugin\geplugin.exe:*:Disabled:Google Earth -- (Google)

"C:\Programme\Skype\Phone\Skype.exe" = C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)

"C:\Programme\Xming\Xming.exe" = C:\Programme\Xming\Xming.exe:*:Disabled:Xming X Server -- ()

"C:\Programme\Winamp\winamp.exe" = C:\Programme\Winamp\winamp.exe:*:Enabled:Winamp -- (Nullsoft, Inc.)

 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{00000407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 SR-1 Premium

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu

"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1

"{2222706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0 SDK

"{26A24AE4-039D-4CA4-87B4-2F83216037FF}" = Java(TM) 6 Update 37

"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9

"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in

"{32A3A4F4-B792-11D6-A78A-00B0D0170040}" = Java SE Development Kit 7 Update 4

"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons

"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{3DED3A72-61A8-4B87-98A5-EF0BC8038AA0}" = DAEMON Tools

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}" = Sony USB Driver

"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053

"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM

"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{7F362F06-A9A3-440F-8B19-6A01A72723C4}" = AuthenTec Fingerprint Sensor Minimum Install

"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9A6F0720-739C-408B-966F-93091631A918}" = 

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A53A11EA-0095-493F-86FA-A15E8A86A405}" = VMware Player

"{A654A805-41D9-40C7-AA46-4AF04F044D61}" = Adobe® Photoshop® Album Starter Edition 3.2

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5

"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI - Deutsch

"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU

"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU

"{CDA1ADA3-BBB4-4250-B272-AC21C78C3968}" = HP PCMCIA Smart Card Reader

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{D102611A-6466-4101-A51D-51069303AC65}" = tools-linux

"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom NetXtreme Ethernet Controller

"{DBBE5C26-72B7-4E01-950D-86BDE35918ED}" = Embedded Security for HP ProtectTools Driver

"{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}" = OpenOffice.org 3.2

"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial

"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10

"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"7-Zip" = 7-Zip 4.65

"ACDSee 32" = ACDSee 32

"Adobe AIR" = Adobe AIR

"Adobe Digital Editions 2.0" = Adobe Digital Editions 2.0

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"Adobe Shockwave Player" = Adobe Shockwave Player 11.6

"Adobe® Photoshop® Album Starter Edition 3.2" = Adobe® Photoshop® Album Starter Edition 3.2

"Agere Systems Soft Modem" = Agere Systems HDA Modem

"Avira AntiVir Desktop" = Avira Internet Security 2012

"Broadcom 802.11b Network Adapter" = Broadcom 802.11-WLAN-Adapter

"DivX Setup.divx.com" = DivX-Setup

"EasyGPS_is1" = EasyGPS 4.29

"Free Video Flip and Rotate_is1" = Free Video Flip and Rotate version 1.8

"HDMI" = Intel(R) Graphics Media Accelerator Driver

"ImgBurn" = ImgBurn

"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Mozilla Firefox 16.0.2 (x86 de)" = Mozilla Firefox 16.0.2 (x86 de)

"Mozilla Thunderbird 17.0 (x86 en-US)" = Mozilla Thunderbird 17.0 (x86 en-US)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP

"PostgreSQL 8.4" = PostgreSQL 8.4

"Sandboxie" = Sandboxie 3.74 (32-bit)

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"Totalcmd" = Total Commander (Remove or Repair)

"TrueCrypt" = TrueCrypt

"tvbrowser" = TV-Browser 2.7.5

"VLC media player" = VLC media player 2.0.4

"VMware_Player" = VMware Player

"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5

"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7

"Winamp" = Winamp

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Windows Media Player 11

"WMFDist11" = Windows Media Format 11 runtime

"wmp11" = Windows Media Player 11

"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

"YTdetect" = Yahoo! Detect

 
 ========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-21-515967899-1788223648-1417001333-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Winamp Detect" = Winamp Detector Plug-in

 
 ========== Last 20 Event Log Errors ==========

 

[ Application Events ]

Error - 23.11.2012 16:20:25 | Computer Name = NB6710B | Source = crypt32 | ID = 131080

Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer

 von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

 ist fehlgeschlagen mit dem Fehler: Der angegebene Server kann den angeforderten

 Vorgang nicht ausführen.  .

 

Error - 23.11.2012 16:20:25 | Computer Name = NB6710B | Source = crypt32 | ID = 131080

Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer

 von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

 ist fehlgeschlagen mit dem Fehler: Der angegebene Server kann den angeforderten

 Vorgang nicht ausführen.  .

 

Error - 23.11.2012 16:20:25 | Computer Name = NB6710B | Source = crypt32 | ID = 131080

Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer

 von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

 ist fehlgeschlagen mit dem Fehler: Der angegebene Server kann den angeforderten

 Vorgang nicht ausführen.  .

 

Error - 23.11.2012 16:20:25 | Computer Name = NB6710B | Source = crypt32 | ID = 131080

Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer

 von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

 ist fehlgeschlagen mit dem Fehler: Der angegebene Server kann den angeforderten

 Vorgang nicht ausführen.  .

 

Error - 23.11.2012 16:20:25 | Computer Name = NB6710B | Source = crypt32 | ID = 131080

Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer

 von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

 ist fehlgeschlagen mit dem Fehler: Der angegebene Server kann den angeforderten

 Vorgang nicht ausführen.  .

 

Error - 23.11.2012 16:20:25 | Computer Name = NB6710B | Source = crypt32 | ID = 131080

Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer

 von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

 ist fehlgeschlagen mit dem Fehler: Der angegebene Server kann den angeforderten

 Vorgang nicht ausführen.  .

 

Error - 23.11.2012 16:20:25 | Computer Name = NB6710B | Source = crypt32 | ID = 131080

Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer

 von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

 ist fehlgeschlagen mit dem Fehler: Der angegebene Server kann den angeforderten

 Vorgang nicht ausführen.  .

 

Error - 23.11.2012 16:20:25 | Computer Name = NB6710B | Source = crypt32 | ID = 131080

Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer

 von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

 ist fehlgeschlagen mit dem Fehler: Der angegebene Server kann den angeforderten

 Vorgang nicht ausführen.  .

 

Error - 23.11.2012 16:20:25 | Computer Name = NB6710B | Source = crypt32 | ID = 131080

Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer

 von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

 ist fehlgeschlagen mit dem Fehler: Der angegebene Server kann den angeforderten

 Vorgang nicht ausführen.  .

 

Error - 23.11.2012 16:20:26 | Computer Name = NB6710B | Source = crypt32 | ID = 131080

Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer

 von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

 ist fehlgeschlagen mit dem Fehler: Der angegebene Server kann den angeforderten

 Vorgang nicht ausführen.  .

 

[ System Events ]

Error - 24.11.2012 06:57:48 | Computer Name = NB6710B | Source = Service Control Manager | ID = 7023

Description = Der Dienst "IPSEC-Dienste" wurde mit folgendem Fehler beendet:   %%10048

 

Error - 24.11.2012 07:18:35 | Computer Name = NB6710B | Source = Service Control Manager | ID = 7009

Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Mobile

 Partner. OUC.

 

Error - 24.11.2012 07:18:35 | Computer Name = NB6710B | Source = Service Control Manager | ID = 7000

Description = Der Dienst "Mobile Partner. OUC" wurde aufgrund folgenden Fehlers 

nicht gestartet:   %%1053

 

Error - 24.11.2012 07:18:35 | Computer Name = NB6710B | Source = Service Control Manager | ID = 7023

Description = Der Dienst "IPSEC-Dienste" wurde mit folgendem Fehler beendet:   %%10048

 

Error - 24.11.2012 10:12:35 | Computer Name = NB6710B | Source = Service Control Manager | ID = 7009

Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Mobile

 Partner. OUC.

 

Error - 24.11.2012 10:12:35 | Computer Name = NB6710B | Source = Service Control Manager | ID = 7000

Description = Der Dienst "Mobile Partner. OUC" wurde aufgrund folgenden Fehlers 

nicht gestartet:   %%1053

 

Error - 24.11.2012 10:12:35 | Computer Name = NB6710B | Source = Service Control Manager | ID = 7023

Description = Der Dienst "IPSEC-Dienste" wurde mit folgendem Fehler beendet:   %%10048

 

Error - 25.11.2012 08:35:49 | Computer Name = EGAL | Source = Print | ID = 6161

Description = Das Dokument eventim.de, im Besitz von jens, konnte nicht auf dem 

Drucker Canon MP510 Printer gedruckt werden. Datentyp: NT EMF 1.008. Größe der Warteschlangendatei

 in Bytes: 24272. Anzahl der gedruckten Bytes: 0. Gesamtanzahl der Seiten des Dokuments:

 1. Anzahl der gedruckten Seiten: 0. Clientcomputer: \\EGAL. Vom Druckprozessor 

zurückgelieferter Win32-Fehlercode: 2 (0x2). 

 

Error - 25.11.2012 08:36:43 | Computer Name = EGAL | Source = Print | ID = 6161

Description = Das Dokument eventim.de, im Besitz von jens, konnte nicht auf dem 

Drucker Canon MP510 Printer gedruckt werden. Datentyp: NT EMF 1.008. Größe der Warteschlangendatei

 in Bytes: 65536. Anzahl der gedruckten Bytes: 0. Gesamtanzahl der Seiten des Dokuments:

 1. Anzahl der gedruckten Seiten: 0. Clientcomputer: \\EGAL. Vom Druckprozessor 

zurückgelieferter Win32-Fehlercode: 2 (0x2). 

 

Error - 25.11.2012 14:16:32 | Computer Name = EGAL | Source = Service Control Manager | ID = 7023

Description = Der Dienst "IPSEC-Dienste" wurde mit folgendem Fehler beendet:   %%10048

 

 

< End of report >

--- --- ---