LSkywalker | 29.01.2013 21:21 | Ich gelobe Besserung, was die Service-Packs angeht ;-)
Hier zunächst mal das OTL-Log: Code:
OTL logfile created on: 29.01.2013 20:17:42 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = H:\Dokumente und Einstellungen\***\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,34 Gb Available Physical Memory | 78,20% Memory free
4,84 Gb Paging File | 4,39 Gb Available in Paging File | 90,70% Paging File free
Paging file location(s): H:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = H: | %SystemRoot% = H:\WINDOWS | %ProgramFiles% = H:\Programme
Drive H: | 596,16 Gb Total Space | 396,31 Gb Free Space | 66,48% Space Free | Partition Type: NTFS
Computer Name: DUALCOREPOWER | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - H:\Dokumente und Einstellungen\***\Desktop\OTL.exe (OldTimer Tools)
PRC - H:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - H:\Dokumente und Einstellungen\***\Anwendungsdaten\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
PRC - H:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - H:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - H:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
PRC - H:\WINDOWS\system32\drivers\CDAC11BA.EXE (Macrovision)
PRC - H:\Programme\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
PRC - H:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
PRC - H:\WINDOWS\system32\FsUsbExService.Exe (Teruten)
PRC - H:\Programme\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe ()
PRC - H:\Programme\avmwlanstick\WLanGUI.exe (AVM Berlin)
PRC - H:\Programme\avmwlanstick\WLanNetService.exe (AVM Berlin)
PRC - H:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - H:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - H:\WINDOWS\system32\CTXFIHLP.EXE (Creative Technology Ltd)
PRC - H:\WINDOWS\CTHELPER.EXE (Creative Technology Ltd)
PRC - H:\WINDOWS\system32\CTXFISPI.EXE (Creative Technology Ltd)
PRC - H:\WINDOWS\explorer.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - H:\Programme\Alwil Software\Avast5\defs\13012901\algo.dll ()
MOD - H:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - H:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
MOD - H:\WINDOWS\system32\mkunicode.dll ()
MOD - H:\WINDOWS\system32\mmfinfo.dll ()
MOD - H:\Programme\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe ()
MOD - H:\WINDOWS\system32\sbe.dll ()
MOD - H:\WINDOWS\CTXFIGER.DLL ()
MOD - H:\Programme\WinRAR\RarExt.dll ()
MOD - H:\WINDOWS\system32\msdmo.dll ()
MOD - H:\Programme\Adobe\Acrobat 6.0\Distillr\AdistRes.DEU ()
========== Services (SafeList) ==========
SRV - (RichVideo) -- H:\Programme\CyberLink\Shared files\RichVideo.exe File not found
SRV - (MozillaMaintenance) -- H:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (avast! Antivirus) -- H:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (C-DillaCdaC11BA) -- H:\WINDOWS\system32\drivers\CDAC11BA.EXE (Macrovision)
SRV - (LightScribeService) -- H:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
SRV - (FsUsbExService) -- H:\WINDOWS\system32\FsUsbExService.Exe (Teruten)
SRV - (AAV UpdateService) -- H:\Programme\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe ()
SRV - (AVM WLAN Connection Service) -- H:\Programme\avmwlanstick\WLanNetService.exe (AVM Berlin)
SRV - (ServiceLayer) -- H:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (odserv) -- H:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose) -- H:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (IAANTMON) -- H:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (IDriverT) -- H:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
========== Driver Services (SafeList) ==========
DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (NVHDA) -- system32\drivers\nvhda32.sys File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (PCTSD) -- H:\WINDOWS\system32\drivers\PCTSD.sys (PC Tools)
DRV - (aswSnx) -- H:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- H:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- H:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswRdr) -- H:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMon2) -- H:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (Aavmker4) -- H:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (aswFsBlk) -- H:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (PCTCore) -- H:\WINDOWS\system32\drivers\PCTCore.sys (PC Tools)
DRV - (tbhsd) -- H:\WINDOWS\system32\drivers\tbhsd.sys (RapidSolution Software AG)
DRV - (pctEFA) -- H:\WINDOWS\system32\drivers\pctEFA.sys (PC Tools)
DRV - (pctDS) -- H:\WINDOWS\system32\drivers\pctDS.sys (PC Tools)
DRV - (CdaC15BA) -- H:\WINDOWS\system32\drivers\CDAC15BA.SYS (Macrovision Europe Ltd)
DRV - (FsUsbExDisk) -- H:\WINDOWS\system32\FsUsbExDisk.Sys ()
DRV - (ss_bmdm) -- H:\WINDOWS\system32\drivers\ss_bmdm.sys (MCCI Corporation)
DRV - (ss_bbus) -- H:\WINDOWS\system32\drivers\ss_bbus.sys (MCCI)
DRV - (ss_bmdfl) -- H:\WINDOWS\system32\drivers\ss_bmdfl.sys (MCCI Corporation)
DRV - (FWLANUSB) -- H:\WINDOWS\system32\drivers\fwlanusb.sys (AVM GmbH)
DRV - (AnyDVD) -- H:\WINDOWS\system32\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV - (sscdmdm) -- H:\WINDOWS\system32\drivers\sscdmdm.sys (MCCI Corporation)
DRV - (sscdmdfl) -- H:\WINDOWS\system32\drivers\sscdmdfl.sys (MCCI Corporation)
DRV - (sscdbus) -- H:\WINDOWS\system32\drivers\sscdbus.sys (MCCI Corporation)
DRV - (ctaud2k) -- H:\WINDOWS\system32\drivers\ctaud2k.sys (Creative Technology Ltd)
DRV - (ctprxy2k) -- H:\WINDOWS\system32\drivers\ctprxy2k.sys (Creative Technology Ltd)
DRV - (ha20x2k) -- H:\WINDOWS\system32\drivers\ha20x2k.sys (Creative Technology Ltd)
DRV - (ossrv) -- H:\WINDOWS\system32\drivers\ctoss2k.sys (Creative Technology Ltd.)
DRV - (ctsfm2k) -- H:\WINDOWS\system32\drivers\ctsfm2k.sys (Creative Technology Ltd)
DRV - (emupia) -- H:\WINDOWS\system32\drivers\emupia2k.sys (Creative Technology Ltd)
DRV - (ctac32k) -- H:\WINDOWS\system32\drivers\ctac32k.sys (Creative Technology Ltd)
DRV - (ctdvda2k) -- H:\WINDOWS\system32\drivers\ctdvda2k.sys (Creative Technology Ltd)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-220523388-1035525444-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?affID=109958&tt=280612_8_&babsrc=HP_ss&mntrId=0000000000000000000000040ec43314
IE - HKU\S-1-5-21-220523388-1035525444-725345543-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-220523388-1035525444-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de"
FF - prefs.js..extensions.enabledAddons: DivXWebPlayer%40divx.com:2.0.2.039
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:7.0.1474
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - prefs.js..keyword.URL: "hxxp://search.babylon.com/?affID=109958&tt=280612_8_&babsrc=KW_ss&mntrId=0000000000000000000000040ec43314&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: H:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: H:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: H:\Programme\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: H:\Programme\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: H:\Programme\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: H:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: H:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011.10.14 21:52:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: H:\Programme\Alwil Software\Avast5\WebRep\FF [2012.12.01 18:23:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: H:\Programme\Mozilla Firefox\components [2013.01.21 07:28:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: H:\Programme\Mozilla Firefox\plugins [2013.01.21 07:28:12 | 000,000,000 | ---D | M]
[2010.06.20 10:27:35 | 000,000,000 | ---D | M] (No name found) -- H:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Extensions
[2012.06.30 13:31:12 | 000,000,000 | ---D | M] (No name found) -- H:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\pdfdbpb6.default\extensions
[2011.10.29 16:21:38 | 000,550,833 | ---- | M] () (No name found) -- H:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\pdfdbpb6.default\extensions\DivXWebPlayer@divx.com.xpi
[2013.01.21 07:28:11 | 000,000,000 | ---D | M] (No name found) -- H:\Programme\Mozilla Firefox\extensions
[2012.12.01 18:23:44 | 000,000,000 | ---D | M] (avast! WebRep) -- H:\PROGRAMME\ALWIL SOFTWARE\AVAST5\WEBREP\FF
[2013.01.21 07:28:17 | 000,262,552 | ---- | M] (Mozilla Foundation) -- H:\Programme\mozilla firefox\components\browsercomps.dll
[2012.07.30 08:36:16 | 000,001,392 | ---- | M] () -- H:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.06.30 10:19:54 | 000,002,352 | ---- | M] () -- H:\Programme\mozilla firefox\searchplugins\babylon.xml
[2012.09.08 19:01:08 | 000,002,465 | ---- | M] () -- H:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.07.30 08:36:16 | 000,001,153 | ---- | M] () -- H:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.30 08:36:16 | 000,006,805 | ---- | M] () -- H:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.30 08:36:16 | 000,001,178 | ---- | M] () -- H:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.30 08:36:16 | 000,001,105 | ---- | M] () -- H:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2004.08.10 13:00:00 | 000,000,820 | ---- | M]) - H:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - H:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Programme\Java\jre1.5.0_06\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - H:\Programme\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - H:\Programme\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKU\S-1-5-21-220523388-1035525444-725345543-1003\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - H:\Programme\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O4 - HKLM..\Run: [Adobe ARM] H:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast5] H:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [AVMWlanClient] H:\Programme\avmwlanstick\WLanGUI.exe (AVM Berlin)
O4 - HKLM..\Run: [CTHelper] H:\WINDOWS\CTHELPER.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [CTxfiHlp] H:\WINDOWS\System32\CTXFIHLP.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [IAAnotif] H:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [NeroFilterCheck] H:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [NvCplDaemon] H:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] H:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [TkBellExe] H:\Programme\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TrojanScanner] H:\Programme\Trojan Remover\Trjscan.exe (Simply Super Software)
O4 - HKLM..\Run: [UIUCU] H:\Dokumente und Einstellungen\***\Lokale Einstellungen\Temp\UIUCU.EXE (Conexant Systems, Inc.)
O4 - HKLM..\Run: [UpdReg] H:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKU\S-1-5-21-220523388-1035525444-725345543-1003..\Run: [Spotify] H:\Dokumente und Einstellungen\***\Anwendungsdaten\Spotify\spotify.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-220523388-1035525444-725345543-1003..\Run: [Spotify Web Helper] H:\Dokumente und Einstellungen\***\Anwendungsdaten\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = H:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = H:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-220523388-1035525444-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://H:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 File not found
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Programme\Java\jre1.5.0_06\bin\NPJPI150_06.dll (Sun Microsystems, Inc.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A8A4D14E-52DA-4096-B9EC-EA8A90A9753E}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - H:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - H:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - H:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - H:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (H:\WINDOWS\system32\userinit.exe) - H:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013.01.29 20:17:01 | 000,602,112 | ---- | C] (OldTimer Tools) -- H:\Dokumente und Einstellungen\***\Desktop\OTL.exe
[2013.01.28 21:34:41 | 000,000,000 | RH-D | C] -- H:\Dokumente und Einstellungen\***\Recent
[2013.01.26 20:01:00 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\***\Desktop\MalwareRemover
[2013.01.26 19:58:51 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\***\Anwendungsdaten\PCTools
[2013.01.26 19:52:55 | 000,909,728 | ---- | C] (PC Tools) -- H:\WINDOWS\System32\drivers\pctEFA.sys
[2013.01.26 19:52:55 | 000,342,168 | ---- | C] (PC Tools) -- H:\WINDOWS\System32\drivers\pctDS.sys
[2013.01.26 19:52:53 | 000,368,616 | ---- | C] (PC Tools) -- H:\WINDOWS\System32\drivers\PCTCore.sys
[2013.01.26 19:52:53 | 000,163,288 | ---- | C] (PC Tools) -- H:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2013.01.26 19:52:51 | 000,202,280 | ---- | C] (PC Tools) -- H:\WINDOWS\System32\drivers\PCTSD.sys
[2013.01.26 19:52:51 | 000,000,000 | ---D | C] -- H:\Programme\Gemeinsame Dateien\PC Tools
[2013.01.26 19:51:49 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Tools
[2013.01.26 19:51:48 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\***\Anwendungsdaten\TestApp
[2013.01.26 18:37:06 | 000,000,000 | ---D | C] -- H:\TDSSKiller_Quarantine
[2013.01.26 18:03:05 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\***\Anwendungsdaten\Malwarebytes
[2013.01.26 18:02:49 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2013.01.26 18:02:48 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2013.01.26 18:02:47 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- H:\WINDOWS\System32\drivers\mbam.sys
[2013.01.26 18:02:47 | 000,000,000 | ---D | C] -- H:\Programme\Malwarebytes' Anti-Malware
[2013.01.25 21:37:26 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sophos
[2013.01.25 21:37:21 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\***\Startmenü\Programme\Sophos
[2013.01.25 21:37:11 | 000,000,000 | ---D | C] -- H:\Programme\Sophos
[2013.01.25 21:29:45 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\***\Eigene Dateien\Simply Super Software
[2013.01.25 21:29:45 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\***\Anwendungsdaten\Simply Super Software
[2013.01.25 21:29:36 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Trojan Remover
[2013.01.25 21:29:35 | 000,605,968 | ---- | C] (Igor Pavlov) -- H:\WINDOWS\System32\ztv7z.dll
[2013.01.25 21:29:35 | 000,077,072 | ---- | C] (Microsoft Corporation) -- H:\WINDOWS\System32\ztvcabinet.dll
[2013.01.25 21:29:31 | 000,000,000 | ---D | C] -- H:\Programme\Trojan Remover
[2013.01.25 21:29:31 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Simply Super Software
[2013.01.21 07:28:10 | 000,000,000 | ---D | C] -- H:\Programme\Mozilla Firefox
[2013.01.04 16:07:20 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\***\Anwendungsdaten\Rovio
[2013.01.04 16:07:03 | 000,000,000 | ---D | C] -- H:\Programme\Rovio
[2013.01.04 16:07:03 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Rovio
[2013.01.04 14:48:14 | 000,000,000 | ---D | C] -- H:\Rambo3
[7 H:\WINDOWS\*.tmp files -> H:\WINDOWS\*.tmp -> ]
[1 H:\Dokumente und Einstellungen\Luciano\Desktop\*.tmp files -> H:\Dokumente und Einstellungen\***\Desktop\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.01.29 20:17:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- H:\Dokumente und Einstellungen\***\Desktop\OTL.exe
[2013.01.29 20:04:41 | 000,002,048 | --S- | M] () -- H:\WINDOWS\bootstat.dat
[2013.01.29 20:04:37 | 3219,046,400 | -HS- | M] () -- H:\hiberfil.sys
[2013.01.28 21:34:44 | 000,064,984 | ---- | M] () -- H:\WINDOWS\System32\DVCState-{00000004-00000000-00000004-00001102-00000005-10031102}.rfx
[2013.01.28 21:34:44 | 000,054,320 | ---- | M] () -- H:\WINDOWS\System32\BMXStateBkp-{00000004-00000000-00000004-00001102-00000005-10031102}.rfx
[2013.01.28 21:34:44 | 000,054,320 | ---- | M] () -- H:\WINDOWS\System32\BMXState-{00000004-00000000-00000004-00001102-00000005-10031102}.rfx
[2013.01.28 21:34:44 | 000,001,080 | ---- | M] () -- H:\WINDOWS\System32\settingsbkup.sfm
[2013.01.28 21:34:44 | 000,001,080 | ---- | M] () -- H:\WINDOWS\System32\settings.sfm
[2013.01.28 20:21:08 | 000,002,206 | ---- | M] () -- H:\WINDOWS\System32\wpa.dbl
[2013.01.27 21:19:39 | 013,462,931 | ---- | M] () -- H:\Dokumente und Einstellungen\***\Desktop\mbar-1.01.0.1016.zip
[2013.01.27 12:46:50 | 000,275,901 | ---- | M] () -- H:\Dokumente und Einstellungen\***\Desktop\vergabeerlass-konsolidierte-fassung-2012-11.pdf
[2013.01.26 23:51:15 | 000,000,000 | ---- | M] () -- H:\Dokumente und Einstellungen\***\defogger_reenable
[2013.01.26 21:10:06 | 000,000,095 | ---- | M] () -- H:\WINDOWS\winamp.ini
[2013.01.26 19:52:59 | 000,496,381 | ---- | M] () -- H:\WINDOWS\System32\drivers\Cat.DB
[2013.01.26 18:24:53 | 000,000,282 | ---- | M] () -- H:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-220523388-1035525444-725345543-1003.job
[2013.01.26 18:24:53 | 000,000,274 | ---- | M] () -- H:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-220523388-1035525444-725345543-1003.job
[2013.01.26 18:22:24 | 000,221,696 | ---- | M] () -- H:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.01.26 17:32:36 | 000,000,040 | -HS- | M] () -- H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\.zreglib
[2013.01.23 07:48:48 | 000,271,360 | ---- | M] () -- H:\Dokumente und Einstellungen\***\Eigene Dateien\Outlook.pst
[2013.01.21 16:03:58 | 000,053,972 | ---- | M] () -- H:\Dokumente und Einstellungen\***\Desktop\Gmail - Termin bei Herrn Dr.pdf
[2013.01.20 11:43:40 | 000,001,934 | ---- | M] () -- H:\Dokumente und Einstellungen\All Users\Desktop\Steuer-Spar- Erklärung 2013.lnk
[7 H:\WINDOWS\*.tmp files -> H:\WINDOWS\*.tmp -> ]
[1 H:\Dokumente und Einstellungen\***\Desktop\*.tmp files -> H:\Dokumente und Einstellungen\***\Desktop\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.01.27 21:18:35 | 013,462,931 | ---- | C] () -- H:\Dokumente und Einstellungen\***\Desktop\mbar-1.01.0.1016.zip
[2013.01.27 12:46:50 | 000,275,901 | ---- | C] () -- H:\Dokumente und Einstellungen\***\Desktop\vergabeerlass-konsolidierte-fassung-2012-11.pdf
[2013.01.26 23:51:15 | 000,000,000 | ---- | C] () -- H:\Dokumente und Einstellungen\***\defogger_reenable
[2013.01.26 19:52:56 | 000,496,381 | ---- | C] () -- H:\WINDOWS\System32\drivers\Cat.DB
[2013.01.25 21:29:35 | 000,185,616 | ---- | C] () -- H:\WINDOWS\System32\ztvunrar39.dll
[2013.01.25 21:29:35 | 000,169,744 | ---- | C] () -- H:\WINDOWS\System32\ztvunrar36.dll
[2013.01.25 21:29:35 | 000,153,088 | ---- | C] () -- H:\WINDOWS\System32\UNRAR3.dll
[2013.01.25 21:29:35 | 000,077,312 | ---- | C] () -- H:\WINDOWS\System32\ztvunace26.dll
[2013.01.21 16:03:49 | 000,053,972 | ---- | C] () -- H:\Dokumente und Einstellungen\***\Desktop\Gmail - Termin bei Herrn Dr.pdf
[2013.01.20 11:41:02 | 000,001,934 | ---- | C] () -- H:\Dokumente und Einstellungen\All Users\Desktop\Steuer-Spar- Erklärung 2013.lnk
[2013.01.06 10:52:46 | 000,001,804 | ---- | C] () -- H:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Reader XI.lnk
[2012.05.18 23:36:32 | 000,130,672 | ---- | C] () -- H:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2012.02.08 03:46:54 | 000,039,880 | ---- | C] () -- H:\WINDOWS\System32\dischandler.exe
[2012.02.06 00:22:10 | 004,423,168 | ---- | C] () -- H:\WINDOWS\System32\ffmpeg.dll
[2012.01.28 20:11:16 | 000,172,032 | ---- | C] () -- H:\WINDOWS\System32\libbluray.dll
[2012.01.28 20:11:10 | 006,414,616 | ---- | C] () -- H:\WINDOWS\System32\avcodec-lav-53.dll
[2012.01.28 20:11:10 | 001,009,392 | ---- | C] () -- H:\WINDOWS\System32\avformat-lav-53.dll
[2012.01.28 20:11:10 | 000,360,729 | ---- | C] () -- H:\WINDOWS\System32\swscale-lav-2.dll
[2012.01.28 20:11:10 | 000,203,818 | ---- | C] () -- H:\WINDOWS\System32\avutil-lav-51.dll
[2012.01.28 20:11:10 | 000,138,774 | ---- | C] () -- H:\WINDOWS\System32\avfilter-lav-2.dll
[2012.01.28 00:54:44 | 000,079,360 | ---- | C] () -- H:\WINDOWS\System32\ff_vfw.dll
[2012.01.28 00:53:00 | 000,260,608 | ---- | C] () -- H:\WINDOWS\System32\TomsMoComp_ff.dll
[2012.01.28 00:52:46 | 000,158,720 | ---- | C] () -- H:\WINDOWS\System32\ff_unrar.dll
[2012.01.28 00:52:44 | 000,099,840 | ---- | C] () -- H:\WINDOWS\System32\ff_wmv9.dll
[2012.01.28 00:52:42 | 001,525,248 | ---- | C] () -- H:\WINDOWS\System32\ff_samplerate.dll
[2012.01.28 00:52:42 | 000,328,704 | ---- | C] () -- H:\WINDOWS\System32\ff_libfaad2.dll
[2012.01.28 00:52:42 | 000,146,944 | ---- | C] () -- H:\WINDOWS\System32\ff_libmad.dll
[2012.01.28 00:52:40 | 000,212,480 | ---- | C] () -- H:\WINDOWS\System32\ff_libdts.dll
[2012.01.28 00:52:40 | 000,115,200 | ---- | C] () -- H:\WINDOWS\System32\ff_liba52.dll
[2012.01.28 00:52:38 | 000,137,728 | ---- | C] () -- H:\WINDOWS\System32\libmpeg2_ff.dll
[2012.01.05 19:58:44 | 000,257,280 | ---- | C] () -- H:\WINDOWS\System32\nvdrsdb1.bin
[2012.01.05 19:58:44 | 000,257,280 | ---- | C] () -- H:\WINDOWS\System32\nvdrsdb0.bin
[2012.01.05 19:58:44 | 000,000,001 | ---- | C] () -- H:\WINDOWS\System32\nvdrssel.bin
[2012.01.05 19:46:44 | 002,294,198 | ---- | C] () -- H:\WINDOWS\System32\nvdata.bin
[2011.12.07 20:32:24 | 000,216,064 | ---- | C] ( ) -- H:\WINDOWS\System32\Lagarith.dll
[2011.09.08 15:00:52 | 000,150,528 | ---- | C] () -- H:\WINDOWS\System32\mkx.dll
[2011.09.08 15:00:48 | 000,142,336 | ---- | C] () -- H:\WINDOWS\System32\mp4.dll
[2011.09.08 15:00:42 | 000,123,392 | ---- | C] () -- H:\WINDOWS\System32\ogm.dll
[2011.09.08 15:00:38 | 000,249,856 | ---- | C] () -- H:\WINDOWS\System32\dxr.dll
[2011.09.08 15:00:34 | 000,113,152 | ---- | C] () -- H:\WINDOWS\System32\dsmux.exe
[2011.09.08 15:00:24 | 000,154,624 | ---- | C] () -- H:\WINDOWS\System32\ts.dll
[2011.09.08 15:00:10 | 000,137,728 | ---- | C] () -- H:\WINDOWS\System32\mkv2vfr.exe
[2011.09.08 15:00:06 | 000,358,400 | ---- | C] () -- H:\WINDOWS\System32\gdsmux.exe
[2011.09.08 14:59:54 | 000,080,384 | ---- | C] () -- H:\WINDOWS\System32\mkzlib.dll
[2011.08.14 14:27:25 | 000,000,040 | -HS- | C] () -- H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\.zreglib
[2011.05.30 14:42:50 | 000,240,640 | ---- | C] () -- H:\WINDOWS\System32\xvidvfw.dll
[2011.05.23 08:46:30 | 000,645,632 | ---- | C] () -- H:\WINDOWS\System32\xvidcore.dll
[2011.05.11 15:52:08 | 000,110,592 | ---- | C] () -- H:\WINDOWS\System32\FsUsbExDevice.Dll
[2011.05.11 15:52:08 | 000,036,608 | ---- | C] () -- H:\WINDOWS\System32\FsUsbExDisk.Sys
[2011.05.11 15:51:57 | 000,002,528 | ---- | C] () -- H:\Dokumente und Einstellungen\***\Anwendungsdaten\$_hpcst$.hpc
[2011.04.01 17:00:08 | 000,022,328 | ---- | C] () -- H:\Dokumente und Einstellungen\***\Anwendungsdaten\PnkBstrK.sys
[2011.03.03 12:39:56 | 000,109,568 | ---- | C] () -- H:\WINDOWS\System32\avi.dll
[2011.03.03 12:38:10 | 000,097,792 | ---- | C] () -- H:\WINDOWS\System32\avs.dll
[2011.03.03 12:37:50 | 000,093,184 | ---- | C] () -- H:\WINDOWS\System32\avss.dll
[2010.11.06 14:54:30 | 000,000,078 | ---- | C] () -- H:\Dokumente und Einstellungen\***\default.pls
[2010.06.24 22:11:23 | 000,221,696 | ---- | C] () -- H:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.20 00:31:54 | 000,000,140 | ---- | C] () -- H:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
========== ZeroAccess Check ==========
[2010.06.20 00:08:00 | 000,000,227 | RHS- | M] () -- H:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2006.03.30 10:27:18 | 001,495,040 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = H:\WINDOWS\system32\wbem\fastprox.dll -- [2004.08.10 13:00:00 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = H:\WINDOWS\system32\wbem\wbemess.dll -- [2004.08.10 13:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Alternate Data Streams ==========
@Alternate Data Stream - 24 bytes -> H:\WINDOWS:3E13E1F66C11EDA7
@Alternate Data Stream - 140 bytes -> H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Temp:CB0AACC9
@Alternate Data Stream - 103 bytes -> H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Temp:DFC5A2B2
< End of report > und das OTL-Extras-Log: Code:
OTL Extras logfile created on: 29.01.2013 20:17:42 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = H:\Dokumente und Einstellungen\***\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,34 Gb Available Physical Memory | 78,20% Memory free
4,84 Gb Paging File | 4,39 Gb Available in Paging File | 90,70% Paging File free
Paging file location(s): H:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = H: | %SystemRoot% = H:\WINDOWS | %ProgramFiles% = H:\Programme
Drive H: | 596,16 Gb Total Space | 396,31 Gb Free Space | 66,48% Space Free | Partition Type: NTFS
Computer Name: DUALCOREPOWER | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-220523388-1035525444-725345543-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- H:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "H:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "H:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "H:\Programme\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "H:\Programme\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "H:\Programme\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"H:\WINDOWS\system32\PnkBstrA.exe" = H:\WINDOWS\system32\PnkBstrA.exe:*:Disabled:PnkBstrA
"H:\WINDOWS\system32\PnkBstrB.exe" = H:\WINDOWS\system32\PnkBstrB.exe:*:Disabled:PnkBstrB
"H:\WINDOWS\system32\sessmgr.exe" = H:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"H:\Programme\Messenger\msmsgs.exe" = H:\Programme\Messenger\msmsgs.exe:*:Disabled:Windows Messenger
"H:\Programme\Samsung\Samsung New PC Studio\npsasvr.exe" = H:\Programme\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server -- (PeeringPortal)
"H:\Programme\Samsung\Samsung New PC Studio\npsvsvr.exe" = H:\Programme\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server -- (PeeringPortal)
"H:\Programme\2K Games\Gearbox Software\Borderlands\Binaries\Borderlands.exe" = H:\Programme\2K Games\Gearbox Software\Borderlands\Binaries\Borderlands.exe:*:Enabled:Borderlands -- (Take-Two Interactive Software, Inc.)
"H:\Programme\Atari\Test Drive Unlimited\TestDriveUnlimited.exe" = H:\Programme\Atari\Test Drive Unlimited\TestDriveUnlimited.exe:*:Enabled:Test Drive Unlimited
"H:\Programme\iTunes\iTunes.exe" = H:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Computer, Inc.)
"H:\Dokumente und Einstellungen\***\Anwendungsdaten\Spotify\spotify.exe" = H:\Dokumente und Einstellungen\***\Anwendungsdaten\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify Ltd)
"H:\Programme\Microsoft Office\Office12\OUTLOOK.EXE" = H:\Programme\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"H:\Programme\Microsoft Office\Office12\GROOVE.EXE" = H:\Programme\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"H:\Programme\Microsoft Office\Office12\ONENOTE.EXE" = H:\Programme\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"H:\WINDOWS\system32\dpnsvr.exe" = H:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8-Server -- (Microsoft Corporation)
"H:\WINDOWS\system32\dxdiag.exe" = H:\WINDOWS\system32\dxdiag.exe:*:Enabled:Microsoft DirectX-Diagnoseprogramm -- (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP3500_series" = Canon iP3500 series
"{18F11181-EA1A-42AE-AF89-4867C7F7A6FA}" = Sound Blaster X-Fi
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}" = Creative MediaSource
"{2E1A71D5-7897-4F3F-B0E3-B412C86A646D}" = Need for Speed™ ProStreet
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{370CA4B0-A1D8-4863-A3C5-6879AEE1663A}" = Angry Birds
"{3B30DCE4-E478-447F-BB90-F469DB134A51}" = PureSync
"{3BCDCC6A-3A47-4883-8A0C-55AC061316CB}" = Steuer-Spar-Erklärung Plus 2012
"{3CB41017-F5CA-4C56-934C-ED02156251E6}" = iTunes
"{415030B8-3E8B-462A-8C03-41D95AA3AB3B}" = Medal of Honor (TM)
"{5058B085-AA79-41E5-A726-681B4C4B846E}" = ACDSee 5.0 PowerPack
"{52B65911-1559-4ED5-9461-46957FDD48CD}" = Borderlands
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{5545EEE4-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2701.01)
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{8EA79DBF-D637-448A-89D6-410A087A4493}" = Samsung_MonSetup
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 12
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{35355EBA-4636-40B2-A995-FEB4CDBD92B3}" =
"{90120000-003B-0000-0000-0000000FF1CE}" = Microsoft Office Project Professional 2007
"{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{BEFDE94E-B9FB-423A-85AE-F58BB56F3CFC}" =
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00B4-0407-0000-0000000FF1CE}" = Microsoft Office Project MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F5FD796-86F0-4360-85F8-D54C0F5411EB}" = Steuer-Spar-Erklärung 2011
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-1033-F400-7760-000000000001}" = Adobe Acrobat 6.0 Professional - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI - Deutsch
"{AEB61F7A-4BBA-4292-A096-7893E09034A4}" = Steuer-Spar-Erklärung 2013
"{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}" = AAVUpdateManager
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Display Control Panel
"{B829E117-D072-41EA-9606-9826A38D34C1}" = Sophos Virus Removal Tool
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{EEFEBB48-329E-46F6-AEB8-929A5BAFDB2F}" = Intel® Viiv™ Software
"{F11A403B-0DE9-4953-B790-7A2F014FBB2B}" = PhotoStitch
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{FCD9CD52-7222-4672-94A0-A722BA702FD0}" = Dell Resource CD
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"3B18191663CDFABAA2A93D4267E54D683153FF60" = Windows-Treiberpaket - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
"6194C28A8F62DD817EA1B918E6E46E806A21B452" = Windows-Treiberpaket - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0)
"65B6FE5418CE28F4D72543FB2D964C3CEC83F161" = Windows-Treiberpaket - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"Agfa ScanWise 2.00" = Agfa ScanWise 2.00
"AnyDVD" = AnyDVD
"Ashampoo WinOptimizer 2008" = Ashampoo WinOptimizer 2008
"avast" = avast! Free Antivirus
"AVMWLANCLI" = AVM FRITZ!WLAN
"CdaC13Ba" = SafeCast Shared Components
"DVD Shrink DE_is1" = DVD Shrink 3.2 deutsch
"ENTERPRISE" = Microsoft Office Enterprise 2007
"InstallShield_{3CB41017-F5CA-4C56-934C-ED02156251E6}" = iTunes
"InstallShield_{F11A403B-0DE9-4953-B790-7A2F014FBB2B}" = Canon Utilities PhotoStitch 3.1
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Media Player - Codec Pack" = Media Player Codec Pack 4.1.5
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 18.0.1 (x86 de)" = Mozilla Firefox 18.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NeroVision!UninstallKey" = NeroVision Express 2
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"PRJPRO" = Microsoft Office Project Professional 2007
"PROSet" = Intel(R) PRO Network Connections Drivers
"PureSync" = PureSync 2.6.3
"RealPlayer 12.0" = RealPlayer
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"TippKönigin_is1" = TippKönigin 5.5
"Trojan Remover_is1" = Trojan Remover 6.8.5
"VLC media player" = VLC media player 2.0.1
"WIC" = Windows Imaging Component
"Winamp" = Winamp (remove only)
"Windows Media Format Runtime" = Windows Media Format Runtime
"WinRAR archiver" = WinRAR Archivierer
"WinZip" = WinZip
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-220523388-1035525444-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 09.09.2011 15:35:06 | Computer Name = DUALCOREPOWER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung ehshell.exe, Version 5.1.2710.2732, fehlgeschlagenes
Modul nvcpl.dll, Version 6.14.11.9045, Fehleradresse 0x0003acc4.
Error - 10.09.2011 15:46:19 | Computer Name = DUALCOREPOWER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung wmplayer.exe, Version 10.0.0.3646, fehlgeschlagenes
Modul nvcpl.dll, Version 6.14.11.9045, Fehleradresse 0x0003acc4.
Error - 24.09.2011 15:44:37 | Computer Name = DUALCOREPOWER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung wmplayer.exe, Version 10.0.0.3646, fehlgeschlagenes
Modul nvcpl.dll, Version 6.14.11.9045, Fehleradresse 0x0003acc4.
Error - 02.10.2011 14:57:31 | Computer Name = DUALCOREPOWER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung wmplayer.exe, Version 10.0.0.3646, fehlgeschlagenes
Modul nvcpl.dll, Version 6.14.11.9045, Fehleradresse 0x0003acc4.
Error - 22.10.2011 07:58:59 | Computer Name = DUALCOREPOWER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung acrobat.exe, Version 6.0.0.878, fehlgeschlagenes
Modul acrobat.exe, Version 6.0.0.878, Fehleradresse 0x0063b0e8.
Error - 22.10.2011 16:29:36 | Computer Name = DUALCOREPOWER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung wmplayer.exe, Version 10.0.0.3646, fehlgeschlagenes
Modul nvcpl.dll, Version 6.14.11.9045, Fehleradresse 0x0003acc4.
Error - 22.10.2011 16:30:57 | Computer Name = DUALCOREPOWER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung wmplayer.exe, Version 10.0.0.3646, fehlgeschlagenes
Modul nvcpl.dll, Version 6.14.11.9045, Fehleradresse 0x0003acc4.
Error - 05.11.2011 06:44:38 | Computer Name = DUALCOREPOWER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung showtime.exe, Version 1.5.0.37, fehlgeschlagenes
Modul ff_wmv9.dll, Version 0.0.0.0, Fehleradresse 0x0000561d.
Error - 06.11.2011 12:54:41 | Computer Name = DUALCOREPOWER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung showtime.exe, Version 1.5.0.37, fehlgeschlagenes
Modul neaudioconv.ax, Version 1.1.0.8, Fehleradresse 0x00001acc.
Error - 06.11.2011 12:56:20 | Computer Name = DUALCOREPOWER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung showtime.exe, Version 1.5.0.37, fehlgeschlagenes
Modul neaudioconv.ax, Version 1.1.0.8, Fehleradresse 0x00001acc.
[ OSession Events ]
Error - 07.10.2012 07:05:04 | Computer Name = DUALCOREPOWER | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6021.5000. This session
lasted 2864 seconds with 1740 seconds of active time. This session ended with a
crash.
Error - 13.01.2013 09:11:25 | Computer Name = DUALCOREPOWER | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.6021.5000. This session lasted 8321
seconds with 3180 seconds of active time. This session ended with a crash.
Error - 13.01.2013 09:19:53 | Computer Name = DUALCOREPOWER | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.6021.5000. This session lasted 410
seconds with 360 seconds of active time. This session ended with a crash.
Error - 21.01.2013 15:46:27 | Computer Name = DUALCOREPOWER | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.6021.5000. This session lasted 162
seconds with 60 seconds of active time. This session ended with a crash.
Error - 21.01.2013 15:55:37 | Computer Name = DUALCOREPOWER | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.6021.5000. This session lasted 370
seconds with 240 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 26.01.2013 04:41:31 | Computer Name = DUALCOREPOWER | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Cyberlink RichVideo Service(CRVS)" wurde aufgrund folgenden
Fehlers nicht gestartet: %%2
Error - 26.01.2013 12:29:56 | Computer Name = DUALCOREPOWER | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Cyberlink RichVideo Service(CRVS)" wurde aufgrund folgenden
Fehlers nicht gestartet: %%2
Error - 26.01.2013 13:34:03 | Computer Name = DUALCOREPOWER | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Cyberlink RichVideo Service(CRVS)" wurde aufgrund folgenden
Fehlers nicht gestartet: %%2
Error - 26.01.2013 14:33:30 | Computer Name = DUALCOREPOWER | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Cyberlink RichVideo Service(CRVS)" wurde aufgrund folgenden
Fehlers nicht gestartet: %%2
Error - 26.01.2013 16:44:19 | Computer Name = DUALCOREPOWER | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Cyberlink RichVideo Service(CRVS)" wurde aufgrund folgenden
Fehlers nicht gestartet: %%2
Error - 26.01.2013 18:32:36 | Computer Name = DUALCOREPOWER | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Cyberlink RichVideo Service(CRVS)" wurde aufgrund folgenden
Fehlers nicht gestartet: %%2
Error - 27.01.2013 06:13:25 | Computer Name = DUALCOREPOWER | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Cyberlink RichVideo Service(CRVS)" wurde aufgrund folgenden
Fehlers nicht gestartet: %%2
Error - 27.01.2013 06:31:37 | Computer Name = DUALCOREPOWER | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Cyberlink RichVideo Service(CRVS)" wurde aufgrund folgenden
Fehlers nicht gestartet: %%2
Error - 28.01.2013 15:22:34 | Computer Name = DUALCOREPOWER | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Cyberlink RichVideo Service(CRVS)" wurde aufgrund folgenden
Fehlers nicht gestartet: %%2
Error - 29.01.2013 15:06:10 | Computer Name = DUALCOREPOWER | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Cyberlink RichVideo Service(CRVS)" wurde aufgrund folgenden
Fehlers nicht gestartet: %%2
< End of report > In der Fehlermeldung der Mailer-Daemon-Mail war die IP 36.237.230.236 vermerkt... und weiter oben ein Hinweis: "IP adress is black listed". Kann sich das Problem daher auch außerhalb meines PC's befinden? Vielen Dank nochmal für Eure Bemühungen! |