We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Windows XP fails to install updates - help!
johnchocolate
Posts: 9 Forumite
in Techie Stuff
Hi there.
I am running Windows XP home edition 2002 (in German, just to complicate matters...) and recently it has been failing to install the downloaded updates. These now number about ten, and are mostly security fixes, so I am a bit concerned.
I read that SP3 can cause this problem, so have uninstalled it, but to no avail.
I have recently done a thorough virus scan (Avast) and found a trojan in an email folder. However, this has had no effect on the problem.
I have carried out the recommended actions on the Microsoft support page (#943144) but again with no luck.
If anyone can help me with this then I'll be extremely grateful!
I am running Windows XP home edition 2002 (in German, just to complicate matters...) and recently it has been failing to install the downloaded updates. These now number about ten, and are mostly security fixes, so I am a bit concerned.
I read that SP3 can cause this problem, so have uninstalled it, but to no avail.
I have recently done a thorough virus scan (Avast) and found a trojan in an email folder. However, this has had no effect on the problem.
I have carried out the recommended actions on the Microsoft support page (#943144) but again with no luck.
If anyone can help me with this then I'll be extremely grateful!
0
Comments
-
The fact youve found a trojan concerns me
Download MALWAREBYTES (Click 'DOWNLOAD NOW')
http://www.download.com/Malwarebytes-Anti-Malware/3000-18510_4-10804572.html?cdlPid=10997763
UPDATE and FULL scan
Post the log here after its deleted everything
Download HIJACK THIS (Click 'DOWNLOAD LATEST VERSION')
http://www.filehippo.com/download_hijackthis/
reboot
SCAN and post the log so we can see whats running
:idea:0 -
Hi again.
Many thanks for the quick reply. I have now done those two things. However, this page won't let me post the results because they have hyperlinks in!
I tried using the "remove links" button but they reappear after I press submit!
Hmmm...0 -
Hi again.
I've tried taking out the "htpp://"s to see if that will get rid of the links, and hopefully allow me to post here.
Scan results below:
Malwarebytes' Anti-Malware 1.36
Database version: 2075
Windows 5.1.2600 Service Pack 2
05/05/09 07:42:40
mbam-log-2009-05-05 (07-42-35).txt
Scan type: Full Scan (C:\|)
Objects scanned: 158669
Time elapsed: 1 hour(s), 50 minute(s), 12 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
Inline Attachment Follows
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:51:38, on 05/05/09
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Avast Antivirus\Avast4\aswUpdSv.exe
C:\Programme\Avast Antivirus\Avast4\ashServ.exe
C:\WINDOWS\V0470Mon.exe
C:\PROGRA~1\AVASTA~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\IrCOMM2k\irmon2k.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\FolderSize\FolderSizeSvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Programme\Avast Antivirus\Avast4\ashMaiSv.exe
C:\Programme\Avast Antivirus\Avast4\ashWebSv.exe
C:\Programme\Trend Micro\HijackThis\HijackThis.exe
C:\Programme\Avast Antivirus\Avast4\setup\avast.setup
C:\Programme\Mozilla Thunderbird\thunderbird.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = .tiscali.co.uk/search/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = .google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Tiscali
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [V0470Mon.exe] C:\WINDOWS\V0470Mon.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\AVASTA~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: AutorunsDisabled
O4 - Global Startup: IrDA Monitor.lnk = C:\Programme\IrCOMM2k\irmon2k.exe
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Programme\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL= .tiscali.co.uk
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} -
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1241379109984
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programme\Avast Antivirus\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programme\Avast Antivirus\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programme\Avast Antivirus\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programme\Avast Antivirus\Avast4\ashWebSv.exe
O23 - Service: BCA2000 Control Panel Service (bca2ksrvc) - Unknown owner - C:\WINDOWS\system32\bca2ksrvc.exe (file missing)
O23 - Service: Folder Size (FolderSize) - Brio - C:\Programme\FolderSize\FolderSizeSvc.exe
O23 - Service: Virtueller Infrarot-Kommunikationsanschluß, Dienstprogramm (IrCOMM2kSvc) - Jan Kiszka - (no file)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
--
End of file - 5534 bytes0 -
TICK these in hijack then FIX them ~
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} -
O23 - Service: BCA2000 Control Panel Service (bca2ksrvc) - Unknown owner - C:\WINDOWS\system32\bca2ksrvc.exe (file missing)
O23 - Service: Virtueller Infrarot-Kommunikationsanschluß, Dienstprogramm (IrCOMM2kSvc) - Jan Kiszka - (no file)
Please run COMBOFIX
Follow the simple instructions it gives
Post the COMPLETE log it creates here (Split into sections if need be)
If it comes up with a RENAMING error then RIGHT click the exe file and RENAME and call it QWERTY (Making the complete file name 'QWERTY.exe')
The logs going to have quite a lot of links in im afraid but I could really do with seeing it (Or post all that you can):idea:0 -
Hi there.
I had the same problem with posting ("no links allowed") so I have uploaded the log file to here:
www. brentfoe. com / combofix%20log.txt
(NB I had to insert spaces in the address to get this posted)
Thanks again.0 -
Here ya go.. Just to make life easier. :money:
PsiComboFix 09-05-04.A3 - ************* 05/05/09 19:42.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.49.1031.18.509.299 [GMT 1:00]
ausgeführt von:: c:\dokumente und einstellungen\******\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090505-0] *On-access scanning disabled* (Updated)
.
((((((((((((((((((((((( Dateien erstellt von 2009-04-05 bis 2009-05-05 ))))))))))))))))))))))))))))))
.
2009-04-27 15:04 . 2009-04-27 16:57
d
w c:\windows\SxsCaPendDel
2009-04-25 14:25 . 2009-04-25 14:25
d
w c:\windows\Cookies
2009-04-23 08:42 . 2009-04-23 08:42
d
w c:\dokumente und einstellungen\All Users\Anwendungsdaten\Apple Computer
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-05 18:22 . 2008-03-09 13:53
d
w c:\programme\Mozilla Thunderbird
2009-05-04 21:46 . 2009-05-04 21:46
d
w c:\programme\Trend Micro
2009-05-04 21:46 . 2009-05-04 21:45
d
w c:\programme\Malwarebytes' Anti-Malware
2009-04-28 11:48 . 2003-04-02 19:00 72526 ----a-w c:\windows\system32\perfc007.dat
2009-04-28 11:48 . 2003-04-02 19:00 411392 ----a-w c:\windows\system32\perfh007.dat
2009-04-28 11:20 . 2004-04-16 16:01 76487 ----a-w c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat
2009-04-26 17:41 . 2008-02-02 15:48
d
w c:\programme\WYSIWYG Web Builder 5
2009-04-23 08:44 . 2005-04-02 15:20
d
w c:\programme\QuickTime
2009-04-06 14:32 . 2009-05-04 21:45 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-06 14:32 . 2009-05-04 21:46 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-03-11 11:12 . 2009-03-11 11:12 10838016 ----a-w c:\windows\system32\SET3D.tmp
2008-12-20 13:19 . 2007-12-27 22:12 67688 ----a-w c:\programme\mozilla firefox\components\jar50.dll
2008-12-20 13:19 . 2007-12-27 22:12 54368 -c--a-w c:\programme\mozilla firefox\components\jsd3250.dll
2008-12-20 13:19 . 2007-12-27 22:12 34944 ----a-w c:\programme\mozilla firefox\components\myspell.dll
2008-12-20 13:19 . 2007-12-27 22:12 46712 ----a-w c:\programme\mozilla firefox\components\spellchk.dll
2008-12-20 13:19 . 2007-12-27 22:12 172136 -c--a-w c:\programme\mozilla firefox\components\xpinstal.dll
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"V0470Mon.exe"="c:\windows\V0470Mon.exe" [2007-04-11 32768]
"avast!"="c:\progra~1\AVASTA~1\Avast4\ashDisp.exe" [2009-02-05 81000]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-03 15360]
c:\dokumente und einstellungen\All Users\Startmen\Programme\Autostart\
Adobe Gamma Loader.exe.lnk - c:\programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe [2006-2-24 108544]
IrDA Monitor.lnk - c:\programme\IrCOMM2k\irmon2k.exe [2004-12-12 40960]
c:\dokumente und einstellungen\All Users\Startmen\Programme\Autostart\AutorunsDisabled
Microsoft Office.lnk - c:\programme\Microsoft Office\Office\OSA9.EXE [1999-2-18 65588]
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32
"Midi1"= rddv1009.dll
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Gamma Loader.exe.lnk]
backup=c:\windows\pss\Adobe Gamma Loader.exe.lnkCommon Startup
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^IrDA Monitor.lnk]
backup=c:\windows\pss\IrDA Monitor.lnkCommon Startup
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^PsiWin 2.3 Connection Server.lnk]
backup=c:\windows\pss\PsiWin 2.3 Connection Server.lnkCommon Startup
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^RtlWake.lnk]
backup=c:\windows\pss\RtlWake.lnkCommon Startup
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^*******^Startmenü^Programme^Autostart^Watch.lnk]
backup=c:\windows\pss\Watch.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programme\\Skype\\Phone\\Skype.exe"=
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [05/06/08 09:56 114768]
R1 cdrblock;cdrblock;c:\windows\system32\drivers\cdrblock.sys [03/09/06 20:14 10368]
R1 cdrport;cdrport;c:\windows\system32\drivers\cdrport.sys [03/09/06 20:14 4608]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [05/06/08 09:56 20560]
R2 IrDA2k;IrDA2k Protocol;c:\windows\system32\drivers\irda2k.sys [12/12/04 20:35 246272]
R3 EKBfltr;ENE Keyboard KB-3886;c:\windows\system32\drivers\EKBfltr.sys [16/04/04 17:18 5376]
R3 IrCOMM2k;Virtual IR COM Port;c:\windows\system32\drivers\ircomm2k.sys [12/12/04 20:34 30336]
R3 IrDAFw2k;IrDA Forward Adapter;c:\windows\system32\drivers\irdafw2k.sys [12/12/04 20:36 8576]
R3 VF0470Vid;Live! Cam Notebook (VF0470);c:\windows\system32\drivers\V0470Vid.sys [11/05/08 17:53 146368]
S2 bca2ksrvc;BCA2000 Control Panel Service;c:\windows\system32\bca2ksrvc.exe --> c:\windows\system32\bca2ksrvc.exe [?]
S2 IrCOMM2kSvc;Virtueller Infrarot-Kommunikationsanschluß, Dienstprogramm; [x]
S2 NULOAD;Behringer BCA2000 Bootloader;c:\windows\system32\Drivers\bca2000ldr.sys --> c:\windows\system32\Drivers\bca2000ldr.sys [?]
S3 BCA2000;Behringer BCA-2000;c:\windows\system32\Drivers\bca2000.sys --> c:\windows\system32\Drivers\bca2000.sys [?]
S3 RDID1003;EDIROL UM-2;c:\windows\system32\drivers\Rdwm1003.sys [14/01/07 16:27 66530]
S3 RDID1009;EDIROL UM-1 USB Driver;c:\windows\system32\drivers\rdwm1009.sys [24/05/06 19:49 60730]
S3 rtl8180;Realtek RTL8180 Wireless LAN (Mini-)PCI NIC NT Driver;c:\windows\system32\drivers\RTL8180.sys [16/04/04 17:19 171392]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{72b5c5de-02ef-11dd-b351-0040cac7f8f4}]
\Shell\AutoRun\command - h:\truecrypt\TrueCrypt.exe /q background /lP /e /m rm /v "trousers"
\Shell\dismount\command - h:\truecrypt\TrueCrypt.exe /q /d
\Shell\start\command - h:\truecrypt\TrueCrypt.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a02ec234-3cb0-11dd-b404-0040cac7f8f4}]
\Shell\AutoRun\command - h:\wd_windows_tools\Setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a02ec235-3cb0-11dd-b404-0040cac7f8f4}]
\Shell\AutoRun\command - h:\truecrypt\TrueCrypt.exe /q background /lS /e /m rm /v "Secure"
\Shell\dismount\command - h:\truecrypt\TrueCrypt.exe /q /d
\Shell\start\command - h:\truecrypt\TrueCrypt.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ba7cb1ee-197f-11de-b65b-0040cac7f8f4}]
\Shell\AutoRun\command - h:\truecrypt\TrueCrypt.exe /q background /e /m rm /v "Robert"
\Shell\dismount\command - h:\truecrypt\TrueCrypt.exe /q /d
\Shell\start\command - h:\truecrypt\TrueCrypt.exe
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
Notify-dimsntfy - (no file)
.
Zusätzlicher Suchlauf
.
uStart Page = hxxp://www.google.co.uk/
uInternet Settings,ProxyOverride = 127.0.0.1
IE: Download all with Free Download Manager
IE: Download selected with Free Download Manager
IE: Download web site with Free Download Manager
IE: Download with Free Download Manager
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\dokumente und einstellungen\*******\Anwendungsdaten\Mozilla\Firefox\Profiles\iukxpqph.default\
FF - prefs.js: browser.search.selectedEngine - Scroogle en-UK
FF - prefs.js: browser.startup.homepage - hxxp://www.scroogle.org/cgi-bin/scraper.htm
FF - component: c:\programme\Mozilla Firefox\components\xpinstal.dll
FF - component: c:\programme\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-05 19:49
Windows 5.1.2600 Service Pack 2 NTFS
Scanne versteckte Prozesse...
Scanne versteckte Autostarteinträge...
Scanne versteckte Dateien...
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
**************************************************************************
.
Durch laufende Prozesse gestartete DLLs
- - - - - - - > 'explorer.exe'(3932)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Weitere laufende Prozesse
.
c:\programme\Avast Antivirus\Avast4\aswUpdSv.exe
c:\programme\Avast Antivirus\Avast4\ashServ.exe
c:\programme\FolderSize\FolderSizeSvc.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\MsPMSPSv.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2009-05-05 19:57 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2009-05-05 18:56
Vor Suchlauf: 25 Verzeichnis(se), 21,827,489,792 Bytes frei
Nach Suchlauf: 24 Verzeichnis(se), 22,224,187,392 Bytes frei
WindowsXP-KB310994-SP2-Home-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
152 --- E O F --- 2009-05-04 19:49Near a tree by a river, there's a hole in the ground.
Where an old man of Aran goes around and around....0 -
Thanks very much!0
-
Someone might want to edit out the full name at the start of the log, or not.Move along, nothing to see.0
-
Crikey
Id better brush up on my german
Ill browse the log later tonight:idea:0 -
Oooooops! edited out.Near a tree by a river, there's a hole in the ground.
Where an old man of Aran goes around and around....0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 352.1K Banking & Borrowing
- 253.5K Reduce Debt & Boost Income
- 454.2K Spending & Discounts
- 245.1K Work, Benefits & Business
- 600.7K Mortgages, Homes & Bills
- 177.4K Life & Family
- 258.9K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.2K Discuss & Feedback
- 37.6K Read-Only Boards