| StefanPT | 06.06.2013 09:30 |
So nun endlich gehts weiter, der Online scan hat mich etwas aufgehalten (12h) :kaffee:
eset log Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=5e9465d040e214459e44465afc0bd8b8
# engine=14007
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-06-06 07:43:23
# local_time=2013-06-06 09:43:23 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 100 60111 235931493 52865 0
# compatibility_mode=5893 16776573 100 94 57572 122135794 0 0
# scanned=232010
# found=1
# cleaned=0
# scan_time=43903
sh=1F149B764335ADDCAB571FE8FD43B27757C76049 ft=0 fh=0000000000000000 vn="a variant of WMA/TrojanDownloader.GetCodec.gen trojan" ac=I fn="F:\Sicherung Tina\Hallo Sommer\koma lambada - best track ever.mp3"
security Check log - das ist bestimmt schiefgelaufen, oder sollte das rauskommen? Code:
UNSUPPORTED OPERATING SYSTEM! ABORTED!
OTL log Code:
OTL logfile created on: 06.06.2013 10:05:52 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Stefan Roth\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,75 Gb Total Physical Memory | 0,82 Gb Available Physical Memory | 46,94% Memory free
3,50 Gb Paging File | 2,10 Gb Available in Paging File | 59,92% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 60,00 Gb Total Space | 14,89 Gb Free Space | 24,82% Space Free | Partition Type: NTFS
Drive D: | 238,08 Gb Total Space | 141,00 Gb Free Space | 59,22% Space Free | Partition Type: NTFS
Drive F: | 298,09 Gb Total Space | 80,72 Gb Free Space | 27,08% Space Free | Partition Type: NTFS
Drive G: | 149,04 Gb Total Space | 95,59 Gb Free Space | 64,14% Space Free | Partition Type: NTFS
Computer Name: STEFANROTH-PC | User Name: Stefan Roth | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Stefan Roth\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
PRC - C:\Programme\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
PRC - C:\Programme\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
PRC - C:\Users\Stefan Roth\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Programme\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\ipmgui.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft IntelliType Pro\dpupdchk.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\Programme\Adobe\Acrobat 8.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
========== Modules (No Company Name) ==========
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Programme\FileZilla FTP Client\fzshellext.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\153143f74d840484b510d8cf5187796b\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\2f9e0112e10f9e70d3430d0be9863976\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\14850aef08b8af036fd6f1e5b38a3719\CustomMarshalers.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Programme\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL ()
MOD - C:\Programme\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll ()
MOD - C:\Programme\Microsoft Office\Office12\ADDINS\ColleagueImport.dll ()
MOD - C:\Programme\Adobe\Acrobat 8.0\PDFMaker\Common\AdobePDFMakerX.DEU ()
MOD - C:\Programme\Adobe\Acrobat 8.0\PDFMaker\Common\AdobePDFMakerX.dll ()
========== Services (SafeList) ==========
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (TeamViewer8) -- C:\Programme\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (nvUpdatusService) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (catchme) -- C:\Users\STEFAN~1\AppData\Local\Temp\catchme.sys File not found
DRV - (CBUL32) -- C:\Windows\System32\drivers\CBUL32.sys ()
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (dc3d) -- C:\Windows\System32\drivers\dc3d.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (TsUsbGD) -- C:\Windows\System32\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV - (NVNET) -- C:\Windows\System32\drivers\nvmf6232.sys (NVIDIA Corporation)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm62x32.sys (NVIDIA Corporation)
DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 05 EF EC 18 2D 20 CE 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.05.27 12:14:38 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.05.27 12:14:38 | 000,000,000 | ---D | M]
[2012.06.21 20:55:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Stefan Roth\AppData\Roaming\mozilla\Extensions
[2012.10.23 09:46:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Stefan Roth\AppData\Roaming\mozilla\Firefox\Profiles\n46xgy0h.default\extensions
[2013.05.27 12:14:51 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions
[2013.05.27 12:14:51 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKCU..\Run: [ApplePhotoStreams] C:\Programme\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKCU..\Run: [iCloudServices] C:\Programme\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - Startup: C:\Users\Stefan Roth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Stefan Roth\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{54EB68A8-F786-4164-AB41-071FC0E5B6B9}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.06.05 21:28:45 | 002,347,384 | ---- | C] (ESET) -- C:\Users\Stefan Roth\Desktop\esetsmartinstaller_enu.exe
[2013.06.05 17:39:09 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.06.05 17:39:00 | 000,000,000 | ---D | C] -- C:\JRT
[2013.06.05 17:30:50 | 000,545,954 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Stefan Roth\Desktop\JRT.exe
[2013.06.05 16:03:17 | 000,000,000 | ---D | C] -- C:\FRST
[2013.06.05 16:02:16 | 001,357,013 | ---- | C] (Farbar) -- C:\Users\Stefan Roth\Desktop\FRST.exe
[2013.06.05 14:50:43 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.06.05 14:50:43 | 000,000,000 | ---D | C] -- C:\Users\Stefan Roth\AppData\Local\temp
[2013.06.05 14:46:32 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.06.05 14:23:13 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.06.05 14:23:13 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.06.05 14:23:13 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.06.05 14:23:01 | 000,000,000 | ---D | C] -- C:\ComboFix
[2013.06.05 14:22:46 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.06.05 14:22:23 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.06.05 14:20:30 | 005,077,996 | R--- | C] (Swearware) -- C:\Users\Stefan Roth\Desktop\ComboFix.exe
[2013.06.05 10:57:13 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Stefan Roth\Desktop\OTL.exe
[2013.06.03 17:37:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013.06.03 17:36:34 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013.06.03 17:36:33 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013.06.03 17:36:33 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013.06.03 17:30:18 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2013.05.27 12:14:36 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.05.16 19:45:12 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.05.16 19:45:11 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.05.16 19:45:11 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.05.16 19:45:11 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013.05.16 19:45:08 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.05.16 19:45:08 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.05.16 19:45:06 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013.05.16 19:37:33 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.05.16 15:48:03 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanprotdim.dll
[2013.05.16 15:48:00 | 002,347,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.05.16 15:47:49 | 000,218,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2013.05.16 15:47:40 | 000,101,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2013.05.16 15:47:39 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
========== Files - Modified Within 30 Days ==========
[2013.06.06 10:03:01 | 000,890,839 | ---- | M] () -- C:\Users\Stefan Roth\Desktop\SecurityCheck.exe
[2013.06.06 09:29:03 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.06.05 21:28:14 | 002,347,384 | ---- | M] (ESET) -- C:\Users\Stefan Roth\Desktop\esetsmartinstaller_enu.exe
[2013.06.05 21:27:21 | 000,657,438 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.06.05 21:27:21 | 000,618,714 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.06.05 21:27:21 | 000,130,810 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.06.05 21:27:21 | 000,107,034 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.06.05 17:41:38 | 000,021,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.05 17:41:38 | 000,021,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.06.05 17:33:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.06.05 17:33:29 | 1408,688,128 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.05 17:30:31 | 000,545,954 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Stefan Roth\Desktop\JRT.exe
[2013.06.05 17:29:56 | 000,632,031 | ---- | M] () -- C:\Users\Stefan Roth\Desktop\adwcleaner.exe
[2013.06.05 16:00:28 | 001,357,013 | ---- | M] (Farbar) -- C:\Users\Stefan Roth\Desktop\FRST.exe
[2013.06.05 13:59:03 | 005,077,996 | R--- | M] (Swearware) -- C:\Users\Stefan Roth\Desktop\ComboFix.exe
[2013.06.05 10:56:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Stefan Roth\Desktop\OTL.exe
[2013.05.17 15:53:04 | 001,794,488 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.05.16 16:29:14 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.05.16 16:29:14 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.05.08 15:05:57 | 001,767,105 | ---- | M] () -- C:\Users\Stefan Roth\Desktop\LBS_Kontoauszug2.jpg
[2013.05.08 15:05:23 | 003,116,186 | ---- | M] () -- C:\Users\Stefan Roth\Desktop\Wüstenrot_Kontoauszug.jpg
[2013.05.08 15:04:44 | 001,751,171 | ---- | M] () -- C:\Users\Stefan Roth\Desktop\LBS_Kontoauszug1.jpg
========== Files Created - No Company Name ==========
[2013.06.06 10:03:22 | 000,890,839 | ---- | C] () -- C:\Users\Stefan Roth\Desktop\SecurityCheck.exe
[2013.06.05 17:30:35 | 000,632,031 | ---- | C] () -- C:\Users\Stefan Roth\Desktop\adwcleaner.exe
[2013.06.05 14:23:13 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.06.05 14:23:13 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.06.05 14:23:13 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.06.05 14:23:13 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.06.05 14:23:13 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.05.08 15:05:56 | 001,767,105 | ---- | C] () -- C:\Users\Stefan Roth\Desktop\LBS_Kontoauszug2.jpg
[2013.05.08 15:05:22 | 003,116,186 | ---- | C] () -- C:\Users\Stefan Roth\Desktop\Wüstenrot_Kontoauszug.jpg
[2013.05.08 15:04:43 | 001,751,171 | ---- | C] () -- C:\Users\Stefan Roth\Desktop\LBS_Kontoauszug1.jpg
[2013.03.19 12:56:00 | 000,054,784 | ---- | C] () -- C:\Windows\System32\drivers\CBULWDM.sys
[2013.03.19 12:56:00 | 000,053,984 | ---- | C] () -- C:\Windows\System32\drivers\CBUL32.sys
[2012.11.02 15:08:13 | 000,038,435 | ---- | C] () -- C:\Users\Stefan Roth\AppData\Roaming\Kommagetrennte Werte (DOS).ADR
[2012.11.01 15:55:00 | 000,001,024 | ---- | C] () -- C:\Users\Stefan Roth\.rnd
[2012.10.03 15:02:02 | 000,001,040 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2012.10.03 15:02:02 | 000,000,166 | ---- | C] () -- C:\Windows\brpcfx.ini
[2012.10.03 15:01:16 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf08a.dat
[2012.10.03 15:01:13 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2012.10.03 15:01:13 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2012.10.03 15:00:35 | 000,106,496 | ---- | C] () -- C:\Windows\System32\BrMuSNMP.dll
[2012.10.03 15:00:35 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini
[2012.10.03 15:00:35 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat
[2012.09.28 14:56:28 | 000,000,034 | ---- | C] () -- C:\Windows\cdplayer.ini
[2012.07.14 10:51:57 | 000,007,680 | ---- | C] () -- C:\Users\Stefan Roth\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.06.22 18:24:07 | 002,463,976 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll
[2012.06.22 10:51:02 | 000,011,164 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
========== ZeroAccess Check ==========
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 23:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
< End of report >
Extra OTL log Code:
OTL Extras logfile created on: 06.06.2013 10:05:52 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Stefan Roth\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,75 Gb Total Physical Memory | 0,82 Gb Available Physical Memory | 46,94% Memory free
3,50 Gb Paging File | 2,10 Gb Available in Paging File | 59,92% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 60,00 Gb Total Space | 14,89 Gb Free Space | 24,82% Space Free | Partition Type: NTFS
Drive D: | 238,08 Gb Total Space | 141,00 Gb Free Space | 59,22% Space Free | Partition Type: NTFS
Drive F: | 298,09 Gb Total Space | 80,72 Gb Free Space | 27,08% Space Free | Partition Type: NTFS
Drive G: | 149,04 Gb Total Space | 95,59 Gb Free Space | 64,14% Space Free | Partition Type: NTFS
Computer Name: STEFANROTH-PC | User Name: Stefan Roth | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{19316D21-91FA-4578-B931-1CD269B0D8BA}" = rport=137 | protocol=17 | dir=out | app=system |
"{1D6F35E3-E6BE-46CE-8E00-15CF856697AD}" = lport=138 | protocol=17 | dir=in | app=system |
"{2D15DAB5-328D-469B-AF41-D1EAEA64C1E3}" = rport=10243 | protocol=6 | dir=out | app=system |
"{3A01797D-9DB5-431E-801A-6E8245A53FFE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{43DB0817-6616-4502-A20F-3C4511C4F4FE}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4AAD41E5-B619-40E4-A158-CBF8D8D474F2}" = rport=445 | protocol=6 | dir=out | app=system |
"{56C4E0B4-C44E-4F53-9B00-90077097EF4C}" = lport=139 | protocol=6 | dir=in | app=system |
"{5B75D1BD-7CE7-4F7A-B973-C9E7A90722B0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6F5431CD-C70E-461C-85B5-0EBF0238D35E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{730AF2D7-8CDF-46FA-AA33-5B7017166A30}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{752E0DA5-F9E0-4FD2-A194-7F865ADD7838}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{805872A9-A59D-4CC7-B363-5F81F35FC2C8}" = lport=10243 | protocol=6 | dir=in | app=system |
"{825B2930-1E9E-4AE9-9510-16A69FBCAA31}" = lport=137 | protocol=17 | dir=in | app=system |
"{84ED2606-5850-41D3-A991-BC8E3C20CDB6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{97509E21-B80A-4F97-A43C-8D233C029C54}" = rport=139 | protocol=6 | dir=out | app=system |
"{AC01902F-9474-42AA-9687-8A0AD816A3F9}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AD0780A9-3544-472C-A1CD-C5D78E0BE4B8}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B1B8B1FB-F2FA-48BD-9FCD-E3D46FF6FA2C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B8E366A3-DD70-4D17-B794-F8B518E7C601}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{C41D25CC-90AE-4442-9E3E-35ECDAEC683E}" = rport=138 | protocol=17 | dir=out | app=system |
"{D0A24DC4-92B9-4685-88E5-C34891857C7B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E9A18A10-43A2-4E1A-B490-D7BDB1E2CF9E}" = lport=445 | protocol=6 | dir=in | app=system |
"{F5AC668D-DF9E-430E-9951-00B0564F9E4A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F822A9F5-259F-4375-8C36-766532995F37}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0847FB67-1E9E-4691-ACB3-2554CC05E8F9}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe |
"{0DA9C514-8731-4A73-BB5F-5EAEE05424A1}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{153CA06B-87C9-433F-B01D-4EB0C748ADEE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{21362896-484F-4288-AA49-E6A1059CEFE3}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe |
"{31FF19EF-E923-481A-853D-9F2C43AC9CA8}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{39D4B1FC-A059-4BCD-9F1F-1A952BE7CECB}" = protocol=6 | dir=in | app=c:\users\stefan roth\appdata\roaming\dropbox\bin\dropbox.exe |
"{3AD83F5F-C37C-43C5-905C-8F06CE56EBA9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4EB9FD71-24F8-4229-9E65-18F4837C63D9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{759EA5D3-EA92-4729-AFF4-C215251FC613}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{75CBA06C-E683-49EA-94D4-C89849534E37}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe |
"{891EE0AA-8085-49BE-B168-AAE2B5EC9B93}" = protocol=17 | dir=in | app=c:\users\stefan roth\appdata\roaming\dropbox\bin\dropbox.exe |
"{8EF53B52-2244-4402-90C7-FDD8B2698E4C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{96792FBC-08A4-4C02-9C8B-0182FA46FAC4}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe |
"{99EA8F84-EF6F-4708-A60D-AB1109E2D588}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe |
"{A46DD562-3348-473B-BA8E-95A7F3F8ABB0}" = protocol=6 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
"{A7DD7160-BB6C-4AAC-9C10-3C6C3D072B70}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A9E71DBE-3A0F-4B09-A212-8E69CF6B1042}" = protocol=17 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
"{B4C27B8C-F1D7-424B-AA5E-DEAB3FE1F52C}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{BBCEA311-7A6B-4D4B-B583-3D240C192BD4}" = protocol=6 | dir=out | app=system |
"{BD249211-FFD8-4C44-87B7-F5484D165A8B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{C001B5F1-829A-4432-80D7-5B405EA9976B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CD6C1C0D-5965-472D-9F81-2A0D3BE926E4}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe |
"{CDCDB02E-4E49-4E44-B98E-CB80A22F3029}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CFA75803-B877-43EA-86E9-AD429A3E805C}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{D00874DD-3909-4E76-8268-4D622FBC255E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F079CD03-8282-4000-9930-80D1A3A43A13}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F4C9997C-2088-4FE0-AF21-CE26D6089584}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FAB822CA-B7F7-4350-9A26-8B79B719BCF8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FB9A90D7-A354-49D6-BBBB-7CB459AEF676}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FE45106A-3D58-432A-81A7-7E027E6A35EA}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{131667E7-BEA7-4820-9E12-37D952F594F0}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"TCP Query User{61512CC7-B2A8-4302-8B1C-B61D661AB0AE}D:\medo.check\medocheck.startup.exe" = protocol=6 | dir=in | app=d:\medo.check\medocheck.startup.exe |
"TCP Query User{A1AF15AC-D994-44EC-9E80-B87DA305EB51}C:\program files\miranda im\miranda32.exe" = protocol=6 | dir=in | app=c:\program files\miranda im\miranda32.exe |
"TCP Query User{CBF3D028-E20B-4201-A364-DDE9C34EB302}C:\program files\miranda im\miranda32.exe" = protocol=6 | dir=in | app=c:\program files\miranda im\miranda32.exe |
"TCP Query User{D0C5F31F-3D12-4B60-B172-A2662B40A70D}C:\mesics\winlactat40\updates\updater.exe" = protocol=6 | dir=in | app=c:\mesics\winlactat40\updates\updater.exe |
"TCP Query User{DDE10299-ACFA-46AF-B152-B904C10D32FE}C:\users\stefan roth\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\stefan roth\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{1CA98C6C-BCBE-49CF-BCBF-175800294877}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
"UDP Query User{26CA82F6-0CCF-4453-B724-B5CF35A318D9}C:\program files\miranda im\miranda32.exe" = protocol=17 | dir=in | app=c:\program files\miranda im\miranda32.exe |
"UDP Query User{47408275-B5AA-4E5F-9499-168279CA30B7}C:\program files\miranda im\miranda32.exe" = protocol=17 | dir=in | app=c:\program files\miranda im\miranda32.exe |
"UDP Query User{7EFAC2B0-574A-4D26-8E3A-76F8C11E4F8F}C:\mesics\winlactat40\updates\updater.exe" = protocol=17 | dir=in | app=c:\mesics\winlactat40\updates\updater.exe |
"UDP Query User{9CB69EAD-1EFA-4C32-BF9C-1903EE491F6F}C:\users\stefan roth\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\stefan roth\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{EC62B18D-E67C-4F4A-93F1-3D57DBADA6B8}D:\medo.check\medocheck.startup.exe" = protocol=17 | dir=in | app=d:\medo.check\medocheck.startup.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{11E568E0-3244-4BCB-875E-F334269DFDCB}" = iTunes
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}" = Adobe After Effects CS3 Presets
"{20E970DF-A7B2-4345-9DEB-72213A29645E}" = Brother MFL-Pro Suite MFC-5890CN
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{411E0CC3-587A-468C-B461-95FAFD05E4DE}" = Adobe InDesign CS3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA5B8A5-BEEF-4AD8-B11D-4443A042EA4F}" = Adobe Dreamweaver CS3
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7ACFB90E-8FD0-4397-AD3A-5195412623A3}" = Adobe Help Viewer CS3
"{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}" = Adobe Video Profiles
"{8815F011-43AF-4F50-BBD8-D78ED3D6F5B9}" = VR-NetWorld
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{925F1DB6-E86E-4378-9091-D1F68B0583C9}" = iCloud
"{942E5031-2BD6-4C1B-918C-C8A1CBAE7B8C}" = Microsoft IntelliPoint 8.2
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BD2DD45-8763-4F12-BDC6-958FCFEF0FCB}" = Microsoft IntelliType Pro 8.2
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-F400-7760-000000000003}" = Adobe Acrobat 8 Professional - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.7) - Deutsch
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 310.90
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 310.90
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 310.90
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}" = Adobe Flash Player 9 ActiveX
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C8D7A672-F697-4572-AC62-C856053A8DBC}" = Adobe Illustrator CS3
"{CDC5CB5F-07D4-4F0C-BA0D-CBAF7B712C7E}_is1" = winlactat 4.2.0.47
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D3C605D8-3A5E-4BAD-965D-2C61441BF2AC}" = Adobe Photoshop CS3
"{D5A31AB1-345D-47C7-A87B-036A669F6DF1}" = Adobe XMP Panels CS3
"{DA896917-C1DA-45B2-B4D2-68162F16C0DD}" = Adobe Creative Suite 3 Master Collection
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DFAA3D2B-7087-464E-823B-738A23C29C27}" = Microsoft Visual J# 2.0 Redistributable Package - SE
"{DFFDDCF5-CB32-4354-8823-1B9E68025953}" = Adobe Setup
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F296739D-AF5C-4426-972A-0DC916D11031}" = Nero 8
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_67a7fb1e97aa14ee9ef0950eb6fd757" = Adobe Creative Suite 3 Master Collection hinzufügen oder entfernen
"Allway Sync_is1" = Allway Sync version 11.7.0
"Audiograbber" = Audiograbber 1.83 SE
"Avira AntiVir Desktop" = Avira Free Antivirus
"DAEMON Tools Lite" = DAEMON Tools Lite
"ElsterFormular 12.4.1.7699u" = ElsterFormular
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FileZilla Client" = FileZilla Client 3.7.0.2
"IrfanView" = IrfanView (remove only)
"medo.check" = Name
"medo.check personal training & firmentfitness" = medo.check personal training & firmentfitness 2.9.2
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"Microsoft IntelliType Pro 8.2" = Microsoft IntelliType Pro 8.2
"Microsoft Visual J# 2.0 Redistributable Package - SE" = Microsoft Visual J# 2.0 Redistributable Package - SE
"Miranda IM" = Miranda IM 0.10.8
"Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"TeamViewer 8" = TeamViewer 8
"Video Converter Bundle by SweetPacks" = Video Converter Bundle by SweetPacks
"VLC media player" = VLC media player 2.0.3
"Winamp" = Winamp
"winlactat_is1" = winlactat 4.0.0.30
"WinRAR archiver" = WinRAR 4.10 (32-Bit)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
========== Last 20 Event Log Errors ==========
[ OSession Events ]
Error - 06.09.2012 07:17:30 | Computer Name = StefanRoth-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 7314
seconds with 2520 seconds of active time. This session ended with a crash.
Error - 05.05.2013 08:13:22 | Computer Name = StefanRoth-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1040
seconds with 300 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 05.06.2013 11:46:33 | Computer Name = StefanRoth-PC | Source = DCOM | ID = 10010
Description =
Error - 05.06.2013 13:37:25 | Computer Name = StefanRoth-PC | Source = volsnap | ID = 393252
Description = Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher
nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
< End of report >
|
AdwCleaner auf deinen Desktop.
SecurityCheck und:
