| |
| |||||||
Log-Analyse und Auswertung: Mailer-Daemon Flut bei gmx-accountWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
29.01.2013, 21:21
| #5 |
| |  Mailer-Daemon Flut bei gmx-account Ich gelobe Besserung, was die Service-Packs angeht ;-) Hier zunächst mal das OTL-Log: Code:
ATTFilter OTL logfile created on: 29.01.2013 20:17:42 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = H:\Dokumente und Einstellungen\***\Desktop Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,34 Gb Available Physical Memory | 78,20% Memory free 4,84 Gb Paging File | 4,39 Gb Available in Paging File | 90,70% Paging File free Paging file location(s): H:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = H: | %SystemRoot% = H:\WINDOWS | %ProgramFiles% = H:\Programme Drive H: | 596,16 Gb Total Space | 396,31 Gb Free Space | 66,48% Space Free | Partition Type: NTFS Computer Name: DUALCOREPOWER | User Name: *** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - H:\Dokumente und Einstellungen\***\Desktop\OTL.exe (OldTimer Tools) PRC - H:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - H:\Dokumente und Einstellungen\***\Anwendungsdaten\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) PRC - H:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software) PRC - H:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software) PRC - H:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) PRC - H:\WINDOWS\system32\drivers\CDAC11BA.EXE (Macrovision) PRC - H:\Programme\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.) PRC - H:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Hewlett-Packard Company) PRC - H:\WINDOWS\system32\FsUsbExService.Exe (Teruten) PRC - H:\Programme\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe () PRC - H:\Programme\avmwlanstick\WLanGUI.exe (AVM Berlin) PRC - H:\Programme\avmwlanstick\WLanNetService.exe (AVM Berlin) PRC - H:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) PRC - H:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) PRC - H:\WINDOWS\system32\CTXFIHLP.EXE (Creative Technology Ltd) PRC - H:\WINDOWS\CTHELPER.EXE (Creative Technology Ltd) PRC - H:\WINDOWS\system32\CTXFISPI.EXE (Creative Technology Ltd) PRC - H:\WINDOWS\explorer.exe (Microsoft Corporation) ========== Modules (No Company Name) ========== MOD - H:\Programme\Alwil Software\Avast5\defs\13012901\algo.dll () MOD - H:\Programme\Mozilla Firefox\mozjs.dll () MOD - H:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll () MOD - H:\WINDOWS\system32\mkunicode.dll () MOD - H:\WINDOWS\system32\mmfinfo.dll () MOD - H:\Programme\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe () MOD - H:\WINDOWS\system32\sbe.dll () MOD - H:\WINDOWS\CTXFIGER.DLL () MOD - H:\Programme\WinRAR\RarExt.dll () MOD - H:\WINDOWS\system32\msdmo.dll () MOD - H:\Programme\Adobe\Acrobat 6.0\Distillr\AdistRes.DEU () ========== Services (SafeList) ========== SRV - (RichVideo) -- H:\Programme\CyberLink\Shared files\RichVideo.exe File not found SRV - (MozillaMaintenance) -- H:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (avast! Antivirus) -- H:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software) SRV - (C-DillaCdaC11BA) -- H:\WINDOWS\system32\drivers\CDAC11BA.EXE (Macrovision) SRV - (LightScribeService) -- H:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Hewlett-Packard Company) SRV - (FsUsbExService) -- H:\WINDOWS\system32\FsUsbExService.Exe (Teruten) SRV - (AAV UpdateService) -- H:\Programme\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe () SRV - (AVM WLAN Connection Service) -- H:\Programme\avmwlanstick\WLanNetService.exe (AVM Berlin) SRV - (ServiceLayer) -- H:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia.) SRV - (odserv) -- H:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation) SRV - (ose) -- H:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (IAANTMON) -- H:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) SRV - (IDriverT) -- H:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation) ========== Driver Services (SafeList) ========== DRV - (WDICA) -- File not found DRV - (PDRFRAME) -- File not found DRV - (PDRELI) -- File not found DRV - (PDFRAME) -- File not found DRV - (PDCOMP) -- File not found DRV - (PCIDump) -- File not found DRV - (NVHDA) -- system32\drivers\nvhda32.sys File not found DRV - (lbrtfdc) -- File not found DRV - (i2omgmt) -- File not found DRV - (Changer) -- File not found DRV - (PCTSD) -- H:\WINDOWS\system32\drivers\PCTSD.sys (PC Tools) DRV - (aswSnx) -- H:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software) DRV - (aswSP) -- H:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software) DRV - (aswTdi) -- H:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software) DRV - (aswRdr) -- H:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software) DRV - (aswMon2) -- H:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software) DRV - (Aavmker4) -- H:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software) DRV - (aswFsBlk) -- H:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software) DRV - (PCTCore) -- H:\WINDOWS\system32\drivers\PCTCore.sys (PC Tools) DRV - (tbhsd) -- H:\WINDOWS\system32\drivers\tbhsd.sys (RapidSolution Software AG) DRV - (pctEFA) -- H:\WINDOWS\system32\drivers\pctEFA.sys (PC Tools) DRV - (pctDS) -- H:\WINDOWS\system32\drivers\pctDS.sys (PC Tools) DRV - (CdaC15BA) -- H:\WINDOWS\system32\drivers\CDAC15BA.SYS (Macrovision Europe Ltd) DRV - (FsUsbExDisk) -- H:\WINDOWS\system32\FsUsbExDisk.Sys () DRV - (ss_bmdm) -- H:\WINDOWS\system32\drivers\ss_bmdm.sys (MCCI Corporation) DRV - (ss_bbus) -- H:\WINDOWS\system32\drivers\ss_bbus.sys (MCCI) DRV - (ss_bmdfl) -- H:\WINDOWS\system32\drivers\ss_bmdfl.sys (MCCI Corporation) DRV - (FWLANUSB) -- H:\WINDOWS\system32\drivers\fwlanusb.sys (AVM GmbH) DRV - (AnyDVD) -- H:\WINDOWS\system32\drivers\AnyDVD.sys (SlySoft, Inc.) DRV - (sscdmdm) -- H:\WINDOWS\system32\drivers\sscdmdm.sys (MCCI Corporation) DRV - (sscdmdfl) -- H:\WINDOWS\system32\drivers\sscdmdfl.sys (MCCI Corporation) DRV - (sscdbus) -- H:\WINDOWS\system32\drivers\sscdbus.sys (MCCI Corporation) DRV - (ctaud2k) -- H:\WINDOWS\system32\drivers\ctaud2k.sys (Creative Technology Ltd) DRV - (ctprxy2k) -- H:\WINDOWS\system32\drivers\ctprxy2k.sys (Creative Technology Ltd) DRV - (ha20x2k) -- H:\WINDOWS\system32\drivers\ha20x2k.sys (Creative Technology Ltd) DRV - (ossrv) -- H:\WINDOWS\system32\drivers\ctoss2k.sys (Creative Technology Ltd.) DRV - (ctsfm2k) -- H:\WINDOWS\system32\drivers\ctsfm2k.sys (Creative Technology Ltd) DRV - (emupia) -- H:\WINDOWS\system32\drivers\emupia2k.sys (Creative Technology Ltd) DRV - (ctac32k) -- H:\WINDOWS\system32\drivers\ctac32k.sys (Creative Technology Ltd) DRV - (ctdvda2k) -- H:\WINDOWS\system32\drivers\ctdvda2k.sys (Creative Technology Ltd) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-220523388-1035525444-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?affID=109958&tt=280612_8_&babsrc=HP_ss&mntrId=0000000000000000000000040ec43314 IE - HKU\S-1-5-21-220523388-1035525444-725345543-1003\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-220523388-1035525444-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)" FF - prefs.js..browser.search.order.1: "Search the web (Babylon)" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de" FF - prefs.js..extensions.enabledAddons: DivXWebPlayer%40divx.com:2.0.2.039 FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:7.0.1474 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1 FF - prefs.js..keyword.URL: "hxxp://search.babylon.com/?affID=109958&tt=280612_8_&babsrc=KW_ss&mntrId=0000000000000000000000040ec43314&q=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: H:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll () FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: H:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: H:\Programme\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: H:\Programme\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: H:\Programme\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: H:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: H:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011.10.14 21:52:51 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: H:\Programme\Alwil Software\Avast5\WebRep\FF [2012.12.01 18:23:44 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: H:\Programme\Mozilla Firefox\components [2013.01.21 07:28:17 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: H:\Programme\Mozilla Firefox\plugins [2013.01.21 07:28:12 | 000,000,000 | ---D | M] [2010.06.20 10:27:35 | 000,000,000 | ---D | M] (No name found) -- H:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Extensions [2012.06.30 13:31:12 | 000,000,000 | ---D | M] (No name found) -- H:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\pdfdbpb6.default\extensions [2011.10.29 16:21:38 | 000,550,833 | ---- | M] () (No name found) -- H:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\pdfdbpb6.default\extensions\DivXWebPlayer@divx.com.xpi [2013.01.21 07:28:11 | 000,000,000 | ---D | M] (No name found) -- H:\Programme\Mozilla Firefox\extensions [2012.12.01 18:23:44 | 000,000,000 | ---D | M] (avast! WebRep) -- H:\PROGRAMME\ALWIL SOFTWARE\AVAST5\WEBREP\FF [2013.01.21 07:28:17 | 000,262,552 | ---- | M] (Mozilla Foundation) -- H:\Programme\mozilla firefox\components\browsercomps.dll [2012.07.30 08:36:16 | 000,001,392 | ---- | M] () -- H:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.06.30 10:19:54 | 000,002,352 | ---- | M] () -- H:\Programme\mozilla firefox\searchplugins\babylon.xml [2012.09.08 19:01:08 | 000,002,465 | ---- | M] () -- H:\Programme\mozilla firefox\searchplugins\bing.xml [2012.07.30 08:36:16 | 000,001,153 | ---- | M] () -- H:\Programme\mozilla firefox\searchplugins\eBay-de.xml [2012.07.30 08:36:16 | 000,006,805 | ---- | M] () -- H:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml [2012.07.30 08:36:16 | 000,001,178 | ---- | M] () -- H:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml [2012.07.30 08:36:16 | 000,001,105 | ---- | M] () -- H:\Programme\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2004.08.10 13:00:00 | 000,000,820 | ---- | M]) - H:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - H:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Programme\Java\jre1.5.0_06\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - H:\Programme\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll () O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - H:\Programme\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll () O3 - HKU\S-1-5-21-220523388-1035525444-725345543-1003\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - H:\Programme\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll () O4 - HKLM..\Run: [Adobe ARM] H:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avast5] H:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software) O4 - HKLM..\Run: [AVMWlanClient] H:\Programme\avmwlanstick\WLanGUI.exe (AVM Berlin) O4 - HKLM..\Run: [CTHelper] H:\WINDOWS\CTHELPER.EXE (Creative Technology Ltd) O4 - HKLM..\Run: [CTxfiHlp] H:\WINDOWS\System32\CTXFIHLP.EXE (Creative Technology Ltd) O4 - HKLM..\Run: [IAAnotif] H:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found O4 - HKLM..\Run: [NeroFilterCheck] H:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [NPSStartup] File not found O4 - HKLM..\Run: [NvCplDaemon] H:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] H:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [TkBellExe] H:\Programme\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [TrojanScanner] H:\Programme\Trojan Remover\Trjscan.exe (Simply Super Software) O4 - HKLM..\Run: [UIUCU] H:\Dokumente und Einstellungen\***\Lokale Einstellungen\Temp\UIUCU.EXE (Conexant Systems, Inc.) O4 - HKLM..\Run: [UpdReg] H:\WINDOWS\Updreg.EXE (Creative Technology Ltd.) O4 - HKU\S-1-5-21-220523388-1035525444-725345543-1003..\Run: [Spotify] H:\Dokumente und Einstellungen\***\Anwendungsdaten\Spotify\spotify.exe (Spotify Ltd) O4 - HKU\S-1-5-21-220523388-1035525444-725345543-1003..\Run: [Spotify Web Helper] H:\Dokumente und Einstellungen\***\Anwendungsdaten\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = H:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = H:\WINDOWS\Resources\Themes\Royale.theme () O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-220523388-1035525444-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://H:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 File not found O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Programme\Java\jre1.5.0_06\bin\NPJPI150_06.dll (Sun Microsystems, Inc.) O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A8A4D14E-52DA-4096-B9EC-EA8A90A9753E}: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - H:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - H:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - H:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - H:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (H:\WINDOWS\system32\userinit.exe) - H:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013.01.29 20:17:01 | 000,602,112 | ---- | C] (OldTimer Tools) -- H:\Dokumente und Einstellungen\***\Desktop\OTL.exe [2013.01.28 21:34:41 | 000,000,000 | RH-D | C] -- H:\Dokumente und Einstellungen\***\Recent [2013.01.26 20:01:00 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\***\Desktop\MalwareRemover [2013.01.26 19:58:51 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\***\Anwendungsdaten\PCTools [2013.01.26 19:52:55 | 000,909,728 | ---- | C] (PC Tools) -- H:\WINDOWS\System32\drivers\pctEFA.sys [2013.01.26 19:52:55 | 000,342,168 | ---- | C] (PC Tools) -- H:\WINDOWS\System32\drivers\pctDS.sys [2013.01.26 19:52:53 | 000,368,616 | ---- | C] (PC Tools) -- H:\WINDOWS\System32\drivers\PCTCore.sys [2013.01.26 19:52:53 | 000,163,288 | ---- | C] (PC Tools) -- H:\WINDOWS\System32\drivers\PCTAppEvent.sys [2013.01.26 19:52:51 | 000,202,280 | ---- | C] (PC Tools) -- H:\WINDOWS\System32\drivers\PCTSD.sys [2013.01.26 19:52:51 | 000,000,000 | ---D | C] -- H:\Programme\Gemeinsame Dateien\PC Tools [2013.01.26 19:51:49 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Tools [2013.01.26 19:51:48 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\***\Anwendungsdaten\TestApp [2013.01.26 18:37:06 | 000,000,000 | ---D | C] -- H:\TDSSKiller_Quarantine [2013.01.26 18:03:05 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\***\Anwendungsdaten\Malwarebytes [2013.01.26 18:02:49 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware [2013.01.26 18:02:48 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes [2013.01.26 18:02:47 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- H:\WINDOWS\System32\drivers\mbam.sys [2013.01.26 18:02:47 | 000,000,000 | ---D | C] -- H:\Programme\Malwarebytes' Anti-Malware [2013.01.25 21:37:26 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sophos [2013.01.25 21:37:21 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\***\Startmenü\Programme\Sophos [2013.01.25 21:37:11 | 000,000,000 | ---D | C] -- H:\Programme\Sophos [2013.01.25 21:29:45 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\***\Eigene Dateien\Simply Super Software [2013.01.25 21:29:45 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\***\Anwendungsdaten\Simply Super Software [2013.01.25 21:29:36 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Trojan Remover [2013.01.25 21:29:35 | 000,605,968 | ---- | C] (Igor Pavlov) -- H:\WINDOWS\System32\ztv7z.dll [2013.01.25 21:29:35 | 000,077,072 | ---- | C] (Microsoft Corporation) -- H:\WINDOWS\System32\ztvcabinet.dll [2013.01.25 21:29:31 | 000,000,000 | ---D | C] -- H:\Programme\Trojan Remover [2013.01.25 21:29:31 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Simply Super Software [2013.01.21 07:28:10 | 000,000,000 | ---D | C] -- H:\Programme\Mozilla Firefox [2013.01.04 16:07:20 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\***\Anwendungsdaten\Rovio [2013.01.04 16:07:03 | 000,000,000 | ---D | C] -- H:\Programme\Rovio [2013.01.04 16:07:03 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Rovio [2013.01.04 14:48:14 | 000,000,000 | ---D | C] -- H:\Rambo3 [7 H:\WINDOWS\*.tmp files -> H:\WINDOWS\*.tmp -> ] [1 H:\Dokumente und Einstellungen\Luciano\Desktop\*.tmp files -> H:\Dokumente und Einstellungen\***\Desktop\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.01.29 20:17:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- H:\Dokumente und Einstellungen\***\Desktop\OTL.exe [2013.01.29 20:04:41 | 000,002,048 | --S- | M] () -- H:\WINDOWS\bootstat.dat [2013.01.29 20:04:37 | 3219,046,400 | -HS- | M] () -- H:\hiberfil.sys [2013.01.28 21:34:44 | 000,064,984 | ---- | M] () -- H:\WINDOWS\System32\DVCState-{00000004-00000000-00000004-00001102-00000005-10031102}.rfx [2013.01.28 21:34:44 | 000,054,320 | ---- | M] () -- H:\WINDOWS\System32\BMXStateBkp-{00000004-00000000-00000004-00001102-00000005-10031102}.rfx [2013.01.28 21:34:44 | 000,054,320 | ---- | M] () -- H:\WINDOWS\System32\BMXState-{00000004-00000000-00000004-00001102-00000005-10031102}.rfx [2013.01.28 21:34:44 | 000,001,080 | ---- | M] () -- H:\WINDOWS\System32\settingsbkup.sfm [2013.01.28 21:34:44 | 000,001,080 | ---- | M] () -- H:\WINDOWS\System32\settings.sfm [2013.01.28 20:21:08 | 000,002,206 | ---- | M] () -- H:\WINDOWS\System32\wpa.dbl [2013.01.27 21:19:39 | 013,462,931 | ---- | M] () -- H:\Dokumente und Einstellungen\***\Desktop\mbar-1.01.0.1016.zip [2013.01.27 12:46:50 | 000,275,901 | ---- | M] () -- H:\Dokumente und Einstellungen\***\Desktop\vergabeerlass-konsolidierte-fassung-2012-11.pdf [2013.01.26 23:51:15 | 000,000,000 | ---- | M] () -- H:\Dokumente und Einstellungen\***\defogger_reenable [2013.01.26 21:10:06 | 000,000,095 | ---- | M] () -- H:\WINDOWS\winamp.ini [2013.01.26 19:52:59 | 000,496,381 | ---- | M] () -- H:\WINDOWS\System32\drivers\Cat.DB [2013.01.26 18:24:53 | 000,000,282 | ---- | M] () -- H:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-220523388-1035525444-725345543-1003.job [2013.01.26 18:24:53 | 000,000,274 | ---- | M] () -- H:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-220523388-1035525444-725345543-1003.job [2013.01.26 18:22:24 | 000,221,696 | ---- | M] () -- H:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013.01.26 17:32:36 | 000,000,040 | -HS- | M] () -- H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\.zreglib [2013.01.23 07:48:48 | 000,271,360 | ---- | M] () -- H:\Dokumente und Einstellungen\***\Eigene Dateien\Outlook.pst [2013.01.21 16:03:58 | 000,053,972 | ---- | M] () -- H:\Dokumente und Einstellungen\***\Desktop\Gmail - Termin bei Herrn Dr.pdf [2013.01.20 11:43:40 | 000,001,934 | ---- | M] () -- H:\Dokumente und Einstellungen\All Users\Desktop\Steuer-Spar- Erklärung 2013.lnk [7 H:\WINDOWS\*.tmp files -> H:\WINDOWS\*.tmp -> ] [1 H:\Dokumente und Einstellungen\***\Desktop\*.tmp files -> H:\Dokumente und Einstellungen\***\Desktop\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.01.27 21:18:35 | 013,462,931 | ---- | C] () -- H:\Dokumente und Einstellungen\***\Desktop\mbar-1.01.0.1016.zip [2013.01.27 12:46:50 | 000,275,901 | ---- | C] () -- H:\Dokumente und Einstellungen\***\Desktop\vergabeerlass-konsolidierte-fassung-2012-11.pdf [2013.01.26 23:51:15 | 000,000,000 | ---- | C] () -- H:\Dokumente und Einstellungen\***\defogger_reenable [2013.01.26 19:52:56 | 000,496,381 | ---- | C] () -- H:\WINDOWS\System32\drivers\Cat.DB [2013.01.25 21:29:35 | 000,185,616 | ---- | C] () -- H:\WINDOWS\System32\ztvunrar39.dll [2013.01.25 21:29:35 | 000,169,744 | ---- | C] () -- H:\WINDOWS\System32\ztvunrar36.dll [2013.01.25 21:29:35 | 000,153,088 | ---- | C] () -- H:\WINDOWS\System32\UNRAR3.dll [2013.01.25 21:29:35 | 000,077,312 | ---- | C] () -- H:\WINDOWS\System32\ztvunace26.dll [2013.01.21 16:03:49 | 000,053,972 | ---- | C] () -- H:\Dokumente und Einstellungen\***\Desktop\Gmail - Termin bei Herrn Dr.pdf [2013.01.20 11:41:02 | 000,001,934 | ---- | C] () -- H:\Dokumente und Einstellungen\All Users\Desktop\Steuer-Spar- Erklärung 2013.lnk [2013.01.06 10:52:46 | 000,001,804 | ---- | C] () -- H:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Reader XI.lnk [2012.05.18 23:36:32 | 000,130,672 | ---- | C] () -- H:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat [2012.02.08 03:46:54 | 000,039,880 | ---- | C] () -- H:\WINDOWS\System32\dischandler.exe [2012.02.06 00:22:10 | 004,423,168 | ---- | C] () -- H:\WINDOWS\System32\ffmpeg.dll [2012.01.28 20:11:16 | 000,172,032 | ---- | C] () -- H:\WINDOWS\System32\libbluray.dll [2012.01.28 20:11:10 | 006,414,616 | ---- | C] () -- H:\WINDOWS\System32\avcodec-lav-53.dll [2012.01.28 20:11:10 | 001,009,392 | ---- | C] () -- H:\WINDOWS\System32\avformat-lav-53.dll [2012.01.28 20:11:10 | 000,360,729 | ---- | C] () -- H:\WINDOWS\System32\swscale-lav-2.dll [2012.01.28 20:11:10 | 000,203,818 | ---- | C] () -- H:\WINDOWS\System32\avutil-lav-51.dll [2012.01.28 20:11:10 | 000,138,774 | ---- | C] () -- H:\WINDOWS\System32\avfilter-lav-2.dll [2012.01.28 00:54:44 | 000,079,360 | ---- | C] () -- H:\WINDOWS\System32\ff_vfw.dll [2012.01.28 00:53:00 | 000,260,608 | ---- | C] () -- H:\WINDOWS\System32\TomsMoComp_ff.dll [2012.01.28 00:52:46 | 000,158,720 | ---- | C] () -- H:\WINDOWS\System32\ff_unrar.dll [2012.01.28 00:52:44 | 000,099,840 | ---- | C] () -- H:\WINDOWS\System32\ff_wmv9.dll [2012.01.28 00:52:42 | 001,525,248 | ---- | C] () -- H:\WINDOWS\System32\ff_samplerate.dll [2012.01.28 00:52:42 | 000,328,704 | ---- | C] () -- H:\WINDOWS\System32\ff_libfaad2.dll [2012.01.28 00:52:42 | 000,146,944 | ---- | C] () -- H:\WINDOWS\System32\ff_libmad.dll [2012.01.28 00:52:40 | 000,212,480 | ---- | C] () -- H:\WINDOWS\System32\ff_libdts.dll [2012.01.28 00:52:40 | 000,115,200 | ---- | C] () -- H:\WINDOWS\System32\ff_liba52.dll [2012.01.28 00:52:38 | 000,137,728 | ---- | C] () -- H:\WINDOWS\System32\libmpeg2_ff.dll [2012.01.05 19:58:44 | 000,257,280 | ---- | C] () -- H:\WINDOWS\System32\nvdrsdb1.bin [2012.01.05 19:58:44 | 000,257,280 | ---- | C] () -- H:\WINDOWS\System32\nvdrsdb0.bin [2012.01.05 19:58:44 | 000,000,001 | ---- | C] () -- H:\WINDOWS\System32\nvdrssel.bin [2012.01.05 19:46:44 | 002,294,198 | ---- | C] () -- H:\WINDOWS\System32\nvdata.bin [2011.12.07 20:32:24 | 000,216,064 | ---- | C] ( ) -- H:\WINDOWS\System32\Lagarith.dll [2011.09.08 15:00:52 | 000,150,528 | ---- | C] () -- H:\WINDOWS\System32\mkx.dll [2011.09.08 15:00:48 | 000,142,336 | ---- | C] () -- H:\WINDOWS\System32\mp4.dll [2011.09.08 15:00:42 | 000,123,392 | ---- | C] () -- H:\WINDOWS\System32\ogm.dll [2011.09.08 15:00:38 | 000,249,856 | ---- | C] () -- H:\WINDOWS\System32\dxr.dll [2011.09.08 15:00:34 | 000,113,152 | ---- | C] () -- H:\WINDOWS\System32\dsmux.exe [2011.09.08 15:00:24 | 000,154,624 | ---- | C] () -- H:\WINDOWS\System32\ts.dll [2011.09.08 15:00:10 | 000,137,728 | ---- | C] () -- H:\WINDOWS\System32\mkv2vfr.exe [2011.09.08 15:00:06 | 000,358,400 | ---- | C] () -- H:\WINDOWS\System32\gdsmux.exe [2011.09.08 14:59:54 | 000,080,384 | ---- | C] () -- H:\WINDOWS\System32\mkzlib.dll [2011.08.14 14:27:25 | 000,000,040 | -HS- | C] () -- H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\.zreglib [2011.05.30 14:42:50 | 000,240,640 | ---- | C] () -- H:\WINDOWS\System32\xvidvfw.dll [2011.05.23 08:46:30 | 000,645,632 | ---- | C] () -- H:\WINDOWS\System32\xvidcore.dll [2011.05.11 15:52:08 | 000,110,592 | ---- | C] () -- H:\WINDOWS\System32\FsUsbExDevice.Dll [2011.05.11 15:52:08 | 000,036,608 | ---- | C] () -- H:\WINDOWS\System32\FsUsbExDisk.Sys [2011.05.11 15:51:57 | 000,002,528 | ---- | C] () -- H:\Dokumente und Einstellungen\***\Anwendungsdaten\$_hpcst$.hpc [2011.04.01 17:00:08 | 000,022,328 | ---- | C] () -- H:\Dokumente und Einstellungen\***\Anwendungsdaten\PnkBstrK.sys [2011.03.03 12:39:56 | 000,109,568 | ---- | C] () -- H:\WINDOWS\System32\avi.dll [2011.03.03 12:38:10 | 000,097,792 | ---- | C] () -- H:\WINDOWS\System32\avs.dll [2011.03.03 12:37:50 | 000,093,184 | ---- | C] () -- H:\WINDOWS\System32\avss.dll [2010.11.06 14:54:30 | 000,000,078 | ---- | C] () -- H:\Dokumente und Einstellungen\***\default.pls [2010.06.24 22:11:23 | 000,221,696 | ---- | C] () -- H:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.06.20 00:31:54 | 000,000,140 | ---- | C] () -- H:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat ========== ZeroAccess Check ========== [2010.06.20 00:08:00 | 000,000,227 | RHS- | M] () -- H:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2006.03.30 10:27:18 | 001,495,040 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = H:\WINDOWS\system32\wbem\fastprox.dll -- [2004.08.10 13:00:00 | 000,472,064 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = H:\WINDOWS\system32\wbem\wbemess.dll -- [2004.08.10 13:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== Alternate Data Streams ========== @Alternate Data Stream - 24 bytes -> H:\WINDOWS:3E13E1F66C11EDA7 @Alternate Data Stream - 140 bytes -> H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Temp:CB0AACC9 @Alternate Data Stream - 103 bytes -> H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Temp:DFC5A2B2 < End of report > Code:
ATTFilter OTL Extras logfile created on: 29.01.2013 20:17:42 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = H:\Dokumente und Einstellungen\***\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,34 Gb Available Physical Memory | 78,20% Memory free
4,84 Gb Paging File | 4,39 Gb Available in Paging File | 90,70% Paging File free
Paging file location(s): H:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = H: | %SystemRoot% = H:\WINDOWS | %ProgramFiles% = H:\Programme
Drive H: | 596,16 Gb Total Space | 396,31 Gb Free Space | 66,48% Space Free | Partition Type: NTFS
Computer Name: DUALCOREPOWER | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-220523388-1035525444-725345543-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- H:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "H:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "H:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "H:\Programme\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "H:\Programme\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "H:\Programme\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"H:\WINDOWS\system32\PnkBstrA.exe" = H:\WINDOWS\system32\PnkBstrA.exe:*:Disabled:PnkBstrA
"H:\WINDOWS\system32\PnkBstrB.exe" = H:\WINDOWS\system32\PnkBstrB.exe:*:Disabled:PnkBstrB
"H:\WINDOWS\system32\sessmgr.exe" = H:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"H:\Programme\Messenger\msmsgs.exe" = H:\Programme\Messenger\msmsgs.exe:*:Disabled:Windows Messenger
"H:\Programme\Samsung\Samsung New PC Studio\npsasvr.exe" = H:\Programme\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server -- (PeeringPortal)
"H:\Programme\Samsung\Samsung New PC Studio\npsvsvr.exe" = H:\Programme\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server -- (PeeringPortal)
"H:\Programme\2K Games\Gearbox Software\Borderlands\Binaries\Borderlands.exe" = H:\Programme\2K Games\Gearbox Software\Borderlands\Binaries\Borderlands.exe:*:Enabled:Borderlands -- (Take-Two Interactive Software, Inc.)
"H:\Programme\Atari\Test Drive Unlimited\TestDriveUnlimited.exe" = H:\Programme\Atari\Test Drive Unlimited\TestDriveUnlimited.exe:*:Enabled:Test Drive Unlimited
"H:\Programme\iTunes\iTunes.exe" = H:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Computer, Inc.)
"H:\Dokumente und Einstellungen\***\Anwendungsdaten\Spotify\spotify.exe" = H:\Dokumente und Einstellungen\***\Anwendungsdaten\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify Ltd)
"H:\Programme\Microsoft Office\Office12\OUTLOOK.EXE" = H:\Programme\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"H:\Programme\Microsoft Office\Office12\GROOVE.EXE" = H:\Programme\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"H:\Programme\Microsoft Office\Office12\ONENOTE.EXE" = H:\Programme\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"H:\WINDOWS\system32\dpnsvr.exe" = H:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8-Server -- (Microsoft Corporation)
"H:\WINDOWS\system32\dxdiag.exe" = H:\WINDOWS\system32\dxdiag.exe:*:Enabled:Microsoft DirectX-Diagnoseprogramm -- (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP3500_series" = Canon iP3500 series
"{18F11181-EA1A-42AE-AF89-4867C7F7A6FA}" = Sound Blaster X-Fi
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}" = Creative MediaSource
"{2E1A71D5-7897-4F3F-B0E3-B412C86A646D}" = Need for Speed™ ProStreet
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{370CA4B0-A1D8-4863-A3C5-6879AEE1663A}" = Angry Birds
"{3B30DCE4-E478-447F-BB90-F469DB134A51}" = PureSync
"{3BCDCC6A-3A47-4883-8A0C-55AC061316CB}" = Steuer-Spar-Erklärung Plus 2012
"{3CB41017-F5CA-4C56-934C-ED02156251E6}" = iTunes
"{415030B8-3E8B-462A-8C03-41D95AA3AB3B}" = Medal of Honor (TM)
"{5058B085-AA79-41E5-A726-681B4C4B846E}" = ACDSee 5.0 PowerPack
"{52B65911-1559-4ED5-9461-46957FDD48CD}" = Borderlands
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{5545EEE4-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2701.01)
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{8EA79DBF-D637-448A-89D6-410A087A4493}" = Samsung_MonSetup
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 12
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{35355EBA-4636-40B2-A995-FEB4CDBD92B3}" =
"{90120000-003B-0000-0000-0000000FF1CE}" = Microsoft Office Project Professional 2007
"{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{BEFDE94E-B9FB-423A-85AE-F58BB56F3CFC}" =
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00B4-0407-0000-0000000FF1CE}" = Microsoft Office Project MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F5FD796-86F0-4360-85F8-D54C0F5411EB}" = Steuer-Spar-Erklärung 2011
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-1033-F400-7760-000000000001}" = Adobe Acrobat 6.0 Professional - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI - Deutsch
"{AEB61F7A-4BBA-4292-A096-7893E09034A4}" = Steuer-Spar-Erklärung 2013
"{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}" = AAVUpdateManager
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Display Control Panel
"{B829E117-D072-41EA-9606-9826A38D34C1}" = Sophos Virus Removal Tool
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{EEFEBB48-329E-46F6-AEB8-929A5BAFDB2F}" = Intel® Viiv™ Software
"{F11A403B-0DE9-4953-B790-7A2F014FBB2B}" = PhotoStitch
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{FCD9CD52-7222-4672-94A0-A722BA702FD0}" = Dell Resource CD
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"3B18191663CDFABAA2A93D4267E54D683153FF60" = Windows-Treiberpaket - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
"6194C28A8F62DD817EA1B918E6E46E806A21B452" = Windows-Treiberpaket - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0)
"65B6FE5418CE28F4D72543FB2D964C3CEC83F161" = Windows-Treiberpaket - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"Agfa ScanWise 2.00" = Agfa ScanWise 2.00
"AnyDVD" = AnyDVD
"Ashampoo WinOptimizer 2008" = Ashampoo WinOptimizer 2008
"avast" = avast! Free Antivirus
"AVMWLANCLI" = AVM FRITZ!WLAN
"CdaC13Ba" = SafeCast Shared Components
"DVD Shrink DE_is1" = DVD Shrink 3.2 deutsch
"ENTERPRISE" = Microsoft Office Enterprise 2007
"InstallShield_{3CB41017-F5CA-4C56-934C-ED02156251E6}" = iTunes
"InstallShield_{F11A403B-0DE9-4953-B790-7A2F014FBB2B}" = Canon Utilities PhotoStitch 3.1
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Media Player - Codec Pack" = Media Player Codec Pack 4.1.5
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 18.0.1 (x86 de)" = Mozilla Firefox 18.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NeroVision!UninstallKey" = NeroVision Express 2
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"PRJPRO" = Microsoft Office Project Professional 2007
"PROSet" = Intel(R) PRO Network Connections Drivers
"PureSync" = PureSync 2.6.3
"RealPlayer 12.0" = RealPlayer
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"TippKönigin_is1" = TippKönigin 5.5
"Trojan Remover_is1" = Trojan Remover 6.8.5
"VLC media player" = VLC media player 2.0.1
"WIC" = Windows Imaging Component
"Winamp" = Winamp (remove only)
"Windows Media Format Runtime" = Windows Media Format Runtime
"WinRAR archiver" = WinRAR Archivierer
"WinZip" = WinZip
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-220523388-1035525444-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 09.09.2011 15:35:06 | Computer Name = DUALCOREPOWER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung ehshell.exe, Version 5.1.2710.2732, fehlgeschlagenes
Modul nvcpl.dll, Version 6.14.11.9045, Fehleradresse 0x0003acc4.
Error - 10.09.2011 15:46:19 | Computer Name = DUALCOREPOWER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung wmplayer.exe, Version 10.0.0.3646, fehlgeschlagenes
Modul nvcpl.dll, Version 6.14.11.9045, Fehleradresse 0x0003acc4.
Error - 24.09.2011 15:44:37 | Computer Name = DUALCOREPOWER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung wmplayer.exe, Version 10.0.0.3646, fehlgeschlagenes
Modul nvcpl.dll, Version 6.14.11.9045, Fehleradresse 0x0003acc4.
Error - 02.10.2011 14:57:31 | Computer Name = DUALCOREPOWER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung wmplayer.exe, Version 10.0.0.3646, fehlgeschlagenes
Modul nvcpl.dll, Version 6.14.11.9045, Fehleradresse 0x0003acc4.
Error - 22.10.2011 07:58:59 | Computer Name = DUALCOREPOWER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung acrobat.exe, Version 6.0.0.878, fehlgeschlagenes
Modul acrobat.exe, Version 6.0.0.878, Fehleradresse 0x0063b0e8.
Error - 22.10.2011 16:29:36 | Computer Name = DUALCOREPOWER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung wmplayer.exe, Version 10.0.0.3646, fehlgeschlagenes
Modul nvcpl.dll, Version 6.14.11.9045, Fehleradresse 0x0003acc4.
Error - 22.10.2011 16:30:57 | Computer Name = DUALCOREPOWER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung wmplayer.exe, Version 10.0.0.3646, fehlgeschlagenes
Modul nvcpl.dll, Version 6.14.11.9045, Fehleradresse 0x0003acc4.
Error - 05.11.2011 06:44:38 | Computer Name = DUALCOREPOWER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung showtime.exe, Version 1.5.0.37, fehlgeschlagenes
Modul ff_wmv9.dll, Version 0.0.0.0, Fehleradresse 0x0000561d.
Error - 06.11.2011 12:54:41 | Computer Name = DUALCOREPOWER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung showtime.exe, Version 1.5.0.37, fehlgeschlagenes
Modul neaudioconv.ax, Version 1.1.0.8, Fehleradresse 0x00001acc.
Error - 06.11.2011 12:56:20 | Computer Name = DUALCOREPOWER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung showtime.exe, Version 1.5.0.37, fehlgeschlagenes
Modul neaudioconv.ax, Version 1.1.0.8, Fehleradresse 0x00001acc.
[ OSession Events ]
Error - 07.10.2012 07:05:04 | Computer Name = DUALCOREPOWER | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6021.5000. This session
lasted 2864 seconds with 1740 seconds of active time. This session ended with a
crash.
Error - 13.01.2013 09:11:25 | Computer Name = DUALCOREPOWER | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.6021.5000. This session lasted 8321
seconds with 3180 seconds of active time. This session ended with a crash.
Error - 13.01.2013 09:19:53 | Computer Name = DUALCOREPOWER | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.6021.5000. This session lasted 410
seconds with 360 seconds of active time. This session ended with a crash.
Error - 21.01.2013 15:46:27 | Computer Name = DUALCOREPOWER | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.6021.5000. This session lasted 162
seconds with 60 seconds of active time. This session ended with a crash.
Error - 21.01.2013 15:55:37 | Computer Name = DUALCOREPOWER | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.6021.5000. This session lasted 370
seconds with 240 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 26.01.2013 04:41:31 | Computer Name = DUALCOREPOWER | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Cyberlink RichVideo Service(CRVS)" wurde aufgrund folgenden
Fehlers nicht gestartet: %%2
Error - 26.01.2013 12:29:56 | Computer Name = DUALCOREPOWER | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Cyberlink RichVideo Service(CRVS)" wurde aufgrund folgenden
Fehlers nicht gestartet: %%2
Error - 26.01.2013 13:34:03 | Computer Name = DUALCOREPOWER | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Cyberlink RichVideo Service(CRVS)" wurde aufgrund folgenden
Fehlers nicht gestartet: %%2
Error - 26.01.2013 14:33:30 | Computer Name = DUALCOREPOWER | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Cyberlink RichVideo Service(CRVS)" wurde aufgrund folgenden
Fehlers nicht gestartet: %%2
Error - 26.01.2013 16:44:19 | Computer Name = DUALCOREPOWER | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Cyberlink RichVideo Service(CRVS)" wurde aufgrund folgenden
Fehlers nicht gestartet: %%2
Error - 26.01.2013 18:32:36 | Computer Name = DUALCOREPOWER | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Cyberlink RichVideo Service(CRVS)" wurde aufgrund folgenden
Fehlers nicht gestartet: %%2
Error - 27.01.2013 06:13:25 | Computer Name = DUALCOREPOWER | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Cyberlink RichVideo Service(CRVS)" wurde aufgrund folgenden
Fehlers nicht gestartet: %%2
Error - 27.01.2013 06:31:37 | Computer Name = DUALCOREPOWER | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Cyberlink RichVideo Service(CRVS)" wurde aufgrund folgenden
Fehlers nicht gestartet: %%2
Error - 28.01.2013 15:22:34 | Computer Name = DUALCOREPOWER | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Cyberlink RichVideo Service(CRVS)" wurde aufgrund folgenden
Fehlers nicht gestartet: %%2
Error - 29.01.2013 15:06:10 | Computer Name = DUALCOREPOWER | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Cyberlink RichVideo Service(CRVS)" wurde aufgrund folgenden
Fehlers nicht gestartet: %%2
< End of report >
|
| Themen zu Mailer-Daemon Flut bei gmx-account |
| administrator, anti-malware, antimalware, antivirus, autostart, avast, beste grüße, black, dateien, e-mail, email, explorer, festplatte, folge, frage, gelöscht, gmx.de, mail delivery, mailer-daemon, malwarebytes, microsoft, nemesis, problem, qmail, rechner, remote, server, trojaner-board, win32/packed.themida.aag, windows, windows xp |
Baum-Darstellung