| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Obskures verhalten alá nur ein Nutzer-Konto benutzbar usw.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
15.04.2011, 23:02
| #1 |
 |  Obskures verhalten alá nur ein Nutzer-Konto benutzbar usw. Servus, seit einiger Zeit häufen sich auf meinem Laptop merkwürdige Ereignisse. Zwichendurch kommt die Meldung das ich einen kompilierungsfehler in Microsoft JScript habe (nach dem hochfahren bevor ich einen browser geöffnet habe) und jüngst lässt sich TinyUmbrella nicht starten. Ein Lösungsversuch dazu sollte sein das man es doch mal mit einem alternativen benutzer-Account versuchen könnte. Gesagt getan, Anderer Account Erstellt und ich bekam beim Anmelden die Meldung "Die Anmeldung des Dienstes "Benutzerprofildienst" ist fehlgeschlagen. " Ich werde wieder abgemeldet und zur Konten-Auswahl geführt. Davon abgesehen kann ich ein paar Windows Updates (KB982726, KB2289078, KB2289161, KB22012188, KB2494150, KB2467175, KB2467173, KB2467174) nicht installieren und iTunes findet keine Verbindung zum Update-Server. Als AV-Programm habe ich das eigensinnige Norton 360 4.0. Eine erste Automatische HJT-Log-Auswertung hat leider nichts sonderlich auffälliges zutage gebracht, aber trotzdem vermute ich das da ein Programm sein unwesen treibt das da so nicht sein sollte... |
|
16.04.2011, 14:21
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Obskures verhalten alá nur ein Nutzer-Konto benutzbar usw. Hallo und
__________________ Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten! Danach OTL: Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
__________________ |
|
19.04.2011, 21:39
| #3 |
| | Obskures verhalten alá nur ein Nutzer-Konto benutzbar usw. In Skype lassen sich keine Kontakte hinzufügen weil ich keine Verbindung zum INternet habe, mit anderen teln, schreiben usw. kann ich trotzdem. Ich kann von Steam aus keine Steam-Updates lesen und über Steam nicht die Community anzeigen, ich habe keine Verbindung ins Netz. Mit anderen schreiben und Spielen geht immernoch.
__________________Nochwas: Letztens hat explorer.exe merkwürdigerweise eine 80%ige Auslastung gehabt obwohl nichtmals ein Kopiervorgang oder sonst irgendwas lief. Ausserdem ist mein Internet manchmal selbst für meine verhältnisse langsam und bleibt gerne mal konstant unter 5 - 10 kb/s. Sobald ich dem Laptop das Lan-Kabel ziehe wird das restliche Internet wieder "normal". Code:
ATTFilter Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Datenbank Version: 6399
Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514
19.04.2011 22:20:36
mbam-log-2011-04-19 (22-20-36).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 590500
Laufzeit: 2 Stunde(n), 14 Minute(n), 39 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
c:\program files (x86)\beat hazard\uninstall.exe (Malware.Packer.Krunchy) -> Quarantined and deleted successfully.
Code:
ATTFilter OTL logfile created on: 19.04.2011 22:24:06 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Megalomon\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 28,00% Memory free 8,00 Gb Paging File | 5,00 Gb Available in Paging File | 58,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 285,13 Gb Total Space | 60,04 Gb Free Space | 21,06% Space Free | Partition Type: NTFS Drive D: | 12,76 Gb Total Space | 2,18 Gb Free Space | 17,08% Space Free | Partition Type: NTFS Drive E: | 4,15 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive F: | 2,17 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: OSEL | User Name: Megalomon | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Megalomon\Desktop\OTL.exe (OldTimer Tools) PRC - C:\ProgramData\Norton\NUA.exe (Symantec Corporation) PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Trillian\trillian.exe (Cerulean Studios) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Programme\Luxand\Blink!\LuxandBlinkTray.exe (Luxand, Inc.) PRC - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company) PRC - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) PRC - C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\ccsvchst.exe (Symantec Corporation) PRC - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG) PRC - C:\Windows\SysWOW64\SatSrv.exe () PRC - C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis) PRC - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis) PRC - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis) ========== Modules (SafeList) ========== MOD - C:\Users\Megalomon\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV:64bit: - (NetBalancer Windows Service) -- C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe (Microsoft) SRV:64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe (IDT, Inc.) SRV:64bit: - (AESTFilters) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe (Andrea Electronics Corporation) SRV:64bit: - (msvsmon90) -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe (Microsoft Corporation) SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (Desura Install Service) -- C:\Program Files (x86)\Desura\desura_service.exe (Desura Pty Ltd) SRV - (TeamViewer6) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (HPDrvMntSvc.exe) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company) SRV - (DokanMounter) -- C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe () SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files (x86)\WinPcap\rpcapd.exe (CACE Technologies, Inc.) SRV - (DBService) -- C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe (DATA BECKER GmbH & Co KG) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (N360) -- C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\ccSvcHst.exe (Symantec Corporation) SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) SRV - (DAUpdaterSvc) -- C:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe (BioWare) SRV - (WindowBlinds) -- C:\Program Files (x86)\Stardock\MyColors\VistaSrv.exe (Stardock Corporation) SRV - (Fabs) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (ezSharedSvc) -- C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS) SRV - (SatSrv) -- C:\Windows\SysWow64\\SatSrv.exe () SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®) SRV - (TryAndDecideService) -- C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe () SRV - (AcrSch2Svc) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis) SRV - (PortReporter) -- C:\Program Files (x86)\PortReporter\PortReporter.exe () ========== Driver Services (SafeList) ========== DRV:64bit: - (timounter) -- C:\Windows\SysNative\drivers\timntr.sys (Acronis) DRV:64bit: - (tifsfilter) -- C:\Windows\SysNative\drivers\tifsfilt.sys (Acronis) DRV:64bit: - (snapman) -- C:\Windows\SysNative\drivers\snapman.sys (Acronis) DRV:64bit: - (tdrpman) -- C:\Windows\SysNative\drivers\tdrpman.sys (Acronis) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (vpcvmm) -- C:\Windows\SysNative\drivers\vpcvmm.sys (Microsoft Corporation) DRV:64bit: - (vpcbus) -- C:\Windows\SysNative\drivers\vpchbus.sys (Microsoft Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (vpcusb) -- C:\Windows\SysNative\drivers\vpcusb.sys (Microsoft Corporation) DRV:64bit: - (vpcnfltr) -- C:\Windows\SysNative\drivers\vpcnfltr.sys (Microsoft Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys () DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation) DRV:64bit: - (Dokan) -- C:\Windows\SysNative\drivers\dokan.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (NPF) -- C:\Windows\SysNative\drivers\npf.sys (CACE Technologies, Inc.) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (Nbdrv) -- C:\Windows\SysNative\drivers\nbdrv.sys (SeriousBit) DRV:64bit: - (SCL01164) -- C:\Windows\SysNative\drivers\SCL01164.sys (SCM Microsystems Inc.) DRV:64bit: - (SYMTDIv) -- C:\Windows\SysNative\drivers\N360x64\0403000.005\symtdiv.sys (Symantec Corporation) DRV:64bit: - (SymIRON) -- C:\Windows\SysNative\drivers\N360x64\0403000.005\ironx64.sys (Symantec Corporation) DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\N360x64\0403000.005\symefa64.sys (Symantec Corporation) DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\N360x64\0403000.005\srtsp64.sys (Symantec Corporation) DRV:64bit: - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\SysNative\drivers\N360x64\0403000.005\srtspx64.sys (Symantec Corporation) DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.) DRV:64bit: - (ccHP) -- C:\Windows\SysNative\drivers\N360x64\0403000.005\cchpx64.sys (Symantec Corporation) DRV:64bit: - (acedrv11) -- C:\Windows\SysNative\drivers\acedrv11.sys (Protect Software GmbH) DRV:64bit: - (NETw5s64) Intel(R) -- C:\Windows\SysNative\drivers\NETw5s64.sys (Intel Corporation) DRV:64bit: - (SymDS) -- C:\Windows\SysNative\drivers\N360x64\0403000.005\symds64.sys (Symantec Corporation) DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.) DRV:64bit: - (NETw1v64) Intel(R) -- C:\Windows\SysNative\drivers\NETw1v64.sys (Intel Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.) DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.) DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.) DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\drivers\agrsm64.sys (LSI Corp) DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof () DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell) DRV:64bit: - (netw5v64) Intel(R) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (HpqKbFiltr) -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.) DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation) DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation ) DRV:64bit: - (vcd10bus) -- C:\Windows\SysNative\drivers\vcd10bus.sys (H+H Software GmbH) DRV - (BHDrvx64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20110415.001\BHDrvx64.sys (Symantec Corporation) DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20110419.003\EX64.SYS (Symantec Corporation) DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20110419.003\ENG64.SYS (Symantec Corporation) DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20110419.001\IDSviA64.sys (Symantec Corporation) DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation) DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation) DRV - (LWMouCon) -- C:\Windows\SysWow64\drivers\lwmoucon.ram () DRV - (RSUSBSTOR) -- C:\Windows\SysWOW64\drivers\RtsUStor.sys (Realtek Semiconductor Corp.) DRV - (speedfan) -- C:\Windows\SysWOW64\speedfan.sys (Windows (R) Server 2003 DDK provider) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/CQNOT/4 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/CQNOT/4 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/CQNOT/4 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/CQNOT/4 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/CQNOT/4 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/CQNOT/4 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 127.0.0.1:4179 ========== FireFox ========== FF - prefs.js..extensions.enabledItems: calendar-timezones@mozilla.org:0.1.2008d FF - prefs.js..extensions.enabledItems: default-palette@celtx.com:1.0 FF - prefs.js..extensions.enabledItems: emoticons-msn-smileys@m513901.de:0.1 FF - prefs.js..extensions.enabledItems: inspector@mozilla.org:2.0.0 FF - prefs.js..extensions.enabledItems: messagestyle-blackened@addons.instantbird.org:0.9 FF - prefs.js..extensions.enabledItems: messagestyle-depth@addons.instantbird.org:1.1 FF - prefs.js..extensions.enabledItems: messagestyle-minimal20@addons.instantbird.org:1.5 FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\ [2010.11.08 15:58:26 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn\ [2010.11.06 21:47:34 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2011.04.13 05:53:28 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.03.24 17:43:05 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.03.24 17:43:05 | 000,000,000 | ---D | M] [2010.12.01 22:03:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Megalomon\AppData\Roaming\Mozilla\Extensions [2010.12.01 22:03:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Megalomon\AppData\Roaming\Mozilla\Extensions\celtx@celtx.com [2011.04.08 21:58:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Megalomon\AppData\Roaming\Mozilla\Firefox\Profiles\mj88vb53.default\extensions [2011.03.12 23:55:39 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Megalomon\AppData\Roaming\Mozilla\Firefox\Profiles\mj88vb53.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2011.03.12 23:55:39 | 000,000,000 | ---D | M] (IE Tab 2 (FF 3.6+)) -- C:\Users\Megalomon\AppData\Roaming\Mozilla\Firefox\Profiles\mj88vb53.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB} [2010.11.06 18:03:15 | 000,000,000 | ---D | M] (GodofWar) -- C:\Users\Megalomon\AppData\Roaming\Mozilla\Firefox\Profiles\mj88vb53.default\extensions\{3A9F26B5-7451-4922-9E2F-CD83E7F454EF} [2010.12.04 21:42:15 | 000,000,000 | ---D | M] (Live HTTP Headers) -- C:\Users\Megalomon\AppData\Roaming\Mozilla\Firefox\Profiles\mj88vb53.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} [2010.11.18 19:27:03 | 000,000,000 | ---D | M] (HP Detect) -- C:\Users\Megalomon\AppData\Roaming\Mozilla\Firefox\Profiles\mj88vb53.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2} [2011.03.12 23:55:39 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\Megalomon\AppData\Roaming\Mozilla\Firefox\Profiles\mj88vb53.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8} [2011.02.20 10:37:10 | 000,000,000 | ---D | M] (User Agent Switcher) -- C:\Users\Megalomon\AppData\Roaming\Mozilla\Firefox\Profiles\mj88vb53.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1} [2011.03.12 23:55:39 | 000,000,000 | ---D | M] (Autofill Forms) -- C:\Users\Megalomon\AppData\Roaming\Mozilla\Firefox\Profiles\mj88vb53.default\extensions\autofillForms@blueimp.net [2010.12.17 21:36:18 | 000,000,000 | ---D | M] (OWOK) -- C:\Users\Megalomon\AppData\Roaming\Mozilla\Firefox\Profiles\mj88vb53.default\extensions\chipcard_plugin_20@siz.de [2011.03.12 23:55:38 | 000,000,000 | ---D | M] (Element Hiding Helper for Adblock Plus) -- C:\Users\Megalomon\AppData\Roaming\Mozilla\Firefox\Profiles\mj88vb53.default\extensions\elemhidehelper@adblockplus.org [2010.11.16 13:10:28 | 000,000,000 | ---D | M] (Firesheep) -- C:\Users\Megalomon\AppData\Roaming\Mozilla\Firefox\Profiles\mj88vb53.default\extensions\firesheep@codebutler.com [2011.03.15 20:39:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2011.03.03 21:27:25 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010.11.06 17:35:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011.03.15 20:39:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2010.12.01 22:02:34 | 000,000,000 | ---D | M] (Timezone Definitions for Mozilla Calendar) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\CALENDAR-TIMEZONES@MOZILLA.ORG [2010.12.01 22:02:34 | 000,000,000 | ---D | M] (Default Shot Palette) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\DEFAULT-PALETTE@CELTX.COM [2010.12.01 22:02:34 | 000,000,000 | ---D | M] (MSN-Smileys) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\EMOTICONS-MSN-SMILEYS@M513901.DE [2010.12.01 22:02:34 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\INSPECTOR@MOZILLA.ORG [2010.12.01 22:02:34 | 000,000,000 | ---D | M] (Blackened) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\MESSAGESTYLE-BLACKENED@ADDONS.INSTANTBIRD.ORG [2010.12.01 22:02:34 | 000,000,000 | ---D | M] (Depth) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\MESSAGESTYLE-DEPTH@ADDONS.INSTANTBIRD.ORG [2010.12.01 22:02:34 | 000,000,000 | ---D | M] (Minimal) -- C:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\MESSAGESTYLE-MINIMAL20@ADDONS.INSTANTBIRD.ORG [2011.03.24 17:42:59 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll [2011.03.15 20:38:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll [2010.11.13 13:32:01 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll [2011.03.24 17:43:01 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2011.03.24 17:43:01 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\bing.xml [2011.03.24 17:43:01 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-de.xml [2011.03.24 17:43:01 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\leo_ende_de.xml [2011.03.24 17:43:01 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-de.xml [2011.03.24 17:43:01 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2011.04.15 23:41:25 | 000,000,854 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 activate.adobe.com O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.) O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation) O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\ipsbho.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation) O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis) O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [Luxand Blink!] C:\Program Files\Luxand\Blink!\LuxandBlinkTray.exe (Luxand, Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis) O4 - HKCU..\Run: [NetBalancer] C:\Programme\NetBalancer\SeriousBit.NetBalancer.Tray.exe (SeriousBit) O4 - HKCU..\Run: [NortonUpdateAgent] C:\ProgramData\Norton\NUA.exe (Symantec Corporation) O4 - HKCU..\Run: [SAT2008 Agent] C:\Program Files (x86)\Steganos AntiTheft\AntiTheft.exe () O4 - HKCU..\Run: [SE-DesktopConstructor] File not found O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation) O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - Startup: C:\Users\Megalomon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Trillian.lnk = C:\Program Files (x86)\Trillian\trillian.exe (Cerulean Studios) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - File not found O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000012 - File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\PrxerNsp.dll (Initex Software) O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex Software) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex Software) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\ScCertProp: DllName - Reg Error: Key error. - File not found O20:64bit: - Winlogon\Notify\WB: DllName - Reg Error: Key error. - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O30:64bit: - LSA: Authentication Packages - (relog_ap) - C:\Windows\SysNative\relog_ap.dll (Acronis) O30 - LSA: Authentication Packages - (relog_ap) - C:\Windows\SysWow64\relog_ap.dll (Acronis) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011.03.14 11:38:12 | 000,000,461 | R--- | M] () - E:\autorun.inf -- [ UDF ] O32 - AutoRun File - [2011.03.14 11:38:12 | 000,000,011 | R--- | M] () - E:\autorun.tag -- [ UDF ] O32 - AutoRun File - [2011.03.14 11:38:12 | 000,935,768 | R--- | M] (mirabyte GmbH & Co. KG) - E:\autostart.exe -- [ UDF ] O32 - AutoRun File - [2009.07.17 00:13:07 | 001,246,440 | R--- | M] (BioWare) - F:\autorun.exe -- [ CDFS ] O32 - AutoRun File - [2010.01.26 23:22:17 | 000,000,052 | R--- | M] () - F:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{706069fd-e9a3-11df-be00-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{706069fd-e9a3-11df-be00-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autostart.exe -- [2011.03.14 11:38:12 | 000,935,768 | R--- | M] (mirabyte GmbH & Co. KG) O33 - MountPoints2\{acec9633-eae0-11df-97e7-00269ebefa45}\Shell - "" = AutoRun O33 - MountPoints2\{acec9633-eae0-11df-97e7-00269ebefa45}\Shell\AutoRun\command - "" = F:\autorun.exe -- [2009.07.17 00:13:07 | 001,246,440 | R--- | M] (BioWare) O33 - MountPoints2\H\Shell - "" = AutoRun O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.04.19 20:13:19 | 000,000,000 | ---D | C] -- C:\Users\Megalomon\AppData\Local\{4586206E-57F5-46D1-8F08-2B1401DD598F} [2011.04.19 19:54:06 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Megalomon\Desktop\OTL.exe [2011.04.19 19:46:32 | 000,000,000 | ---D | C] -- C:\Users\Megalomon\AppData\Roaming\Malwarebytes [2011.04.19 19:46:22 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011.04.19 19:46:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.04.19 19:46:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.04.19 19:46:19 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011.04.19 19:46:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011.04.19 19:43:05 | 007,734,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Megalomon\Desktop\mbam-setup.exe [2011.04.16 21:30:38 | 000,000,000 | ---D | C] -- C:\suffering [2011.04.16 20:54:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The Suffering [2011.04.16 20:39:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Midway Home Entertainment [2011.04.15 21:29:15 | 000,000,000 | --SD | C] -- C:\Users\Megalomon\Documents\Meine Shapes [2011.04.15 00:47:16 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2011.04.15 00:47:16 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2011.04.15 00:34:52 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2011.04.15 00:34:52 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2011.04.15 00:34:48 | 000,919,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2011.04.15 00:34:48 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2011.04.15 00:34:48 | 000,613,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2011.04.15 00:29:36 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll [2011.04.15 00:29:36 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll [2011.04.15 00:29:36 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll [2011.04.15 00:29:36 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll [2011.04.15 00:29:05 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2011.04.15 00:29:05 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2011.04.15 00:29:05 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2011.04.15 00:29:05 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2011.04.15 00:29:02 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll [2011.04.15 00:29:02 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe [2011.04.15 00:29:02 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe [2011.04.14 23:28:56 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe [2011.04.14 23:28:56 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi [2011.04.14 23:28:55 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi [2011.04.14 23:28:55 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe [2011.04.14 23:28:55 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll [2011.04.14 23:28:55 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll [2011.04.14 23:28:55 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll [2011.04.14 23:20:23 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe [2011.04.14 20:52:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Plugin Site [2011.04.14 20:52:44 | 000,000,000 | ---D | C] -- C:\Users\Megalomon\AppData\Roaming\ThePluginSite [2011.04.14 20:52:44 | 000,000,000 | ---D | C] -- C:\Programme\ThePluginSite [2011.04.14 07:17:45 | 000,000,000 | ---D | C] -- C:\Users\Megalomon\AppData\Local\2DBoy [2011.04.14 07:17:45 | 000,000,000 | ---D | C] -- C:\ProgramData\2DBoy [2011.04.13 15:04:10 | 000,000,000 | ---D | C] -- C:\Users\Megalomon\gefundener usb stick [2011.04.13 08:43:27 | 000,000,000 | ---D | C] -- C:\Users\Megalomon\Documents\Schule [2011.04.13 07:56:11 | 000,000,000 | ---D | C] -- C:\Users\Megalomon\AppData\Local\MatheAss [2011.04.13 07:55:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MatheAss 8.2 [2011.04.13 07:55:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MatheAss [2011.04.13 05:53:36 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe [2011.04.12 17:54:09 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM [2011.04.12 17:40:16 | 000,000,000 | ---D | C] -- C:\Users\Megalomon\Adobe Flash Builder 4 [2011.04.12 17:35:53 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Adobe [2011.04.12 17:26:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Media Player [2011.04.12 17:26:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe [2011.04.12 17:26:18 | 000,000,000 | ---D | C] -- C:\Users\Megalomon\AppData\Roaming\Tific [2011.04.12 17:26:14 | 000,000,000 | ---D | C] -- C:\Users\Megalomon\AppData\Local\Symantec [2011.04.12 17:25:56 | 000,055,280 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\PxHlpa64.sys [2011.04.12 17:25:56 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdralw2k.sys [2011.04.12 17:25:56 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdr4_xp.sys [2011.04.12 17:25:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared [2011.04.12 17:25:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\My Company Name [2011.04.12 17:22:18 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Adobe [2011.04.12 17:22:17 | 000,000,000 | ---D | C] -- C:\Programme\Adobe [2011.04.12 17:20:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS5 [2011.04.12 14:16:10 | 000,000,000 | ---D | C] -- C:\Users\Megalomon\Desktop\CS5 [2011.04.12 11:27:48 | 000,000,000 | ---D | C] -- C:\Users\Megalomon\AppData\Local\Temporary Projects [2011.04.11 05:56:07 | 000,000,000 | ---D | C] -- C:\Users\Megalomon\Documents\TurboFLOORPLAN Garten- & Terrassenplaner [2011.04.11 05:55:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IMSIDesign TurboFLOORPLAN [2011.04.11 05:54:44 | 000,000,000 | ---D | C] -- C:\Users\Megalomon\AppData\Roaming\IMSIDesign [2011.04.11 05:54:44 | 000,000,000 | ---D | C] -- C:\ProgramData\IMSIDesign [2011.04.11 05:54:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IMSIDesign [2011.04.10 21:48:33 | 000,290,816 | ---- | C] (Cygnicon GmbH) -- C:\Windows\SysWow64\cyviewer.ocx [2011.04.07 16:30:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam [2011.04.06 19:53:45 | 000,000,000 | ---D | C] -- C:\Users\Megalomon\Desktop\Musik ^^ [2011.04.06 18:54:35 | 000,000,000 | ---D | C] -- C:\Users\Megalomon\Desktop\Final Fantasy VIII Fithos Lusec Wecos Vinosec [2011.03.31 16:35:34 | 000,000,000 | ---D | C] -- C:\Users\Megalomon\AppData\Roaming\.minecraft [2011.03.30 19:57:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup [2011.03.30 19:57:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MozBackup [2011.03.30 19:34:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Acronis [2011.03.30 19:34:32 | 000,711,712 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\timntr.sys [2011.03.30 19:34:32 | 000,081,952 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\tifsfilt.sys [2011.03.30 19:34:30 | 000,011,264 | ---- | C] (Acronis) -- C:\Windows\SysNative\relog_ap.dll [2011.03.30 19:34:27 | 000,229,408 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\snapman.sys [2011.03.30 19:34:11 | 000,593,952 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\tdrpman.sys [2011.03.30 19:34:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis [2011.03.30 19:33:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Acronis [2011.03.30 19:33:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acronis [2011.03.30 19:25:18 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\hamachi.sys [2011.03.30 19:25:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi [2011.03.30 19:25:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi [2011.03.30 18:36:07 | 000,000,000 | ---D | C] -- C:\Users\Megalomon\Backup [2011.03.26 22:25:53 | 000,000,000 | ---D | C] -- C:\Users\Megalomon\AppData\Roaming\sc68 [2011.03.26 22:25:13 | 000,000,000 | ---D | C] -- C:\Users\Megalomon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chipamp [2011.03.26 22:25:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chipamp [2011.03.26 22:22:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine [2011.03.26 22:22:36 | 000,000,000 | ---D | C] -- C:\Users\Megalomon\AppData\Roaming\Winamp [2011.03.26 22:22:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp [2011.03.26 19:51:01 | 000,000,000 | ---D | C] -- C:\Users\Megalomon\AppData\Local\Ubisoft Game Launcher [2011.03.26 19:25:34 | 000,000,000 | ---D | C] -- C:\Users\Megalomon\AppData\Roaming\Ubisoft [2011.03.26 19:25:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft [2011.03.26 18:13:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft [2011.03.25 20:02:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon Age II [2011.03.25 19:53:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dragon Age 2 [2011.03.25 13:01:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Serena Software Inc [2011.03.25 13:01:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenProj [2011.03.24 09:16:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sun [2011.03.21 02:23:05 | 000,000,000 | ---D | C] -- C:\ProgramData\DATA BECKER Downloads [2011.03.21 02:23:01 | 000,000,000 | ---D | C] -- C:\Users\Megalomon\AppData\Roaming\ProtectDisc [2011.03.21 02:23:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ProtectDisc Driver Installer [2011.03.21 02:22:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DATA BECKER [2011.03.21 02:22:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DATA BECKER Shared [2011.03.21 02:18:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DATA BECKER [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Users\Megalomon\*.tmp files -> C:\Users\Megalomon\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.04.19 21:42:54 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.04.19 21:42:54 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.04.19 21:00:54 | 000,001,474 | ---- | M] () -- C:\Users\Megalomon\.recently-used.xbel [2011.04.19 19:54:12 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Megalomon\Desktop\OTL.exe [2011.04.19 19:46:24 | 000,001,065 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.04.19 19:45:43 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Megalomon\Desktop\mbam-setup.exe [2011.04.19 12:13:46 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForMegalomon.job [2011.04.19 00:05:40 | 000,000,600 | ---- | M] () -- C:\Users\Megalomon\AppData\Roaming\winscp.rnd [2011.04.18 22:47:55 | 004,559,002 | ---- | M] () -- C:\Users\Megalomon\Desktop\Vectoria-v1.0.2-sharmanhall.ipa [2011.04.18 22:47:53 | 030,356,565 | ---- | M] () -- C:\Users\Megalomon\Desktop\Duden-v2.32-FourZeroTwo.ipa [2011.04.18 22:47:48 | 001,692,886 | ---- | M] () -- C:\Users\Megalomon\Desktop\Stundenplan 10.0.2-creatzs.ipa [2011.04.18 22:47:20 | 008,629,257 | ---- | M] () -- C:\Users\Megalomon\Desktop\BaldBooth-v1.0.1-Pho3nX.ipa [2011.04.18 21:26:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.04.17 17:04:28 | 016,881,978 | ---- | M] () -- C:\Users\Megalomon\Desktop\20_brokenwin_wallpaper.zip [2011.04.17 13:44:40 | 000,030,387 | ---- | M] () -- C:\Users\Megalomon\Desktop\db-logo.jpg [2011.04.16 21:06:11 | 000,000,000 | -H-- | M] () -- C:\Windows\SwSys2.bmp [2011.04.16 21:06:11 | 000,000,000 | -H-- | M] () -- C:\Windows\SwSys1.bmp [2011.04.16 20:53:07 | 020,171,481 | ---- | M] () -- C:\Users\Megalomon\Desktop\The_Suffering_-_German_Subtitel_Patch.rar [2011.04.16 20:35:24 | 001,646,190 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011.04.16 20:35:24 | 000,713,010 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2011.04.16 20:35:24 | 000,663,254 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011.04.16 20:35:24 | 000,154,286 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2011.04.16 20:35:24 | 000,124,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011.04.15 23:41:25 | 000,000,854 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2011.04.15 23:31:33 | 000,001,940 | ---- | M] () -- C:\Users\Megalomon\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini [2011.04.15 23:24:59 | 3195,211,776 | -HS- | M] () -- C:\hiberfil.sys [2011.04.15 22:13:44 | 698,304,690 | ---- | M] () -- C:\Users\Megalomon\Desktop\iPhone3,1_4.3.1_8G4_Restore.ipsw [2011.04.15 18:54:12 | 000,290,945 | ---- | M] () -- C:\Users\Megalomon\Desktop\LinksClickBot.exe [2011.04.15 16:18:50 | 005,119,704 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011.04.12 11:25:32 | 000,606,208 | ---- | M] () -- C:\Users\Megalomon\Desktop\pm_garten.bld [2011.04.11 17:14:17 | 000,102,065 | ---- | M] () -- C:\Users\Megalomon\Desktop\garten.JPG [2011.04.11 16:13:34 | 000,011,776 | ---- | M] () -- C:\Users\Megalomon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.04.10 21:51:01 | 000,034,308 | ---- | M] () -- C:\ProgramData\mazuki.dll [2011.04.10 20:58:03 | 000,016,375 | ---- | M] () -- C:\Users\Megalomon\Desktop\meg.JPG [2011.04.08 13:40:27 | 000,001,854 | ---- | M] () -- C:\Users\Megalomon\AppData\Roaming\GhostObjGAFix.xml [2011.04.07 17:06:57 | 000,000,264 | ---- | M] () -- C:\Users\Megalomon\AppData\Roaming\Current.prx [2011.04.06 18:09:59 | 707,324,823 | ---- | M] () -- C:\Windows\MEMORY.DMP [2011.03.30 19:34:32 | 000,711,712 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\timntr.sys [2011.03.30 19:34:32 | 000,081,952 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\tifsfilt.sys [2011.03.30 19:34:27 | 000,229,408 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\snapman.sys [2011.03.30 19:34:11 | 000,593,952 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\tdrpman.sys [2011.03.24 19:18:50 | 017,049,330 | ---- | M] () -- C:\Users\Megalomon\Documents\Pratchett__Terry1.rar [2011.03.21 03:47:51 | 000,004,096 | ---- | M] () -- C:\Users\Public\Documents\000019B2.LCS [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Users\Megalomon\*.tmp files -> C:\Users\Megalomon\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.04.19 21:00:54 | 000,001,474 | ---- | C] () -- C:\Users\Megalomon\.recently-used.xbel [2011.04.19 19:46:23 | 000,001,065 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.04.18 22:47:54 | 004,559,002 | ---- | C] () -- C:\Users\Megalomon\Desktop\Vectoria-v1.0.2-sharmanhall.ipa [2011.04.18 22:47:49 | 001,692,886 | ---- | C] () -- C:\Users\Megalomon\Desktop\Stundenplan 10.0.2-creatzs.ipa [2011.04.18 22:47:37 | 030,356,565 | ---- | C] () -- C:\Users\Megalomon\Desktop\Duden-v2.32-FourZeroTwo.ipa [2011.04.18 22:47:21 | 008,629,257 | ---- | C] () -- C:\Users\Megalomon\Desktop\BaldBooth-v1.0.1-Pho3nX.ipa [2011.04.17 16:58:32 | 016,881,978 | ---- | C] () -- C:\Users\Megalomon\Desktop\20_brokenwin_wallpaper.zip [2011.04.17 13:44:39 | 000,030,387 | ---- | C] () -- C:\Users\Megalomon\Desktop\db-logo.jpg [2011.04.16 21:06:11 | 000,000,000 | -H-- | C] () -- C:\Windows\SwSys2.bmp [2011.04.16 21:06:11 | 000,000,000 | -H-- | C] () -- C:\Windows\SwSys1.bmp [2011.04.16 20:45:27 | 020,171,481 | ---- | C] () -- C:\Users\Megalomon\Desktop\The_Suffering_-_German_Subtitel_Patch.rar [2011.04.15 18:54:02 | 000,290,945 | ---- | C] () -- C:\Users\Megalomon\Desktop\LinksClickBot.exe [2011.04.15 17:16:51 | 698,304,690 | ---- | C] () -- C:\Users\Megalomon\Desktop\iPhone3,1_4.3.1_8G4_Restore.ipsw [2011.04.12 17:20:03 | 000,000,957 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk [2011.04.11 19:43:35 | 000,001,940 | ---- | C] () -- C:\Users\Megalomon\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini [2011.04.11 17:19:07 | 000,606,208 | ---- | C] () -- C:\Users\Megalomon\Desktop\pm_garten.bld [2011.04.11 17:14:17 | 000,102,065 | ---- | C] () -- C:\Users\Megalomon\Desktop\garten.JPG [2011.04.10 21:47:14 | 000,034,308 | ---- | C] () -- C:\ProgramData\mazuki.dll [2011.04.10 20:55:09 | 000,016,375 | ---- | C] () -- C:\Users\Megalomon\Desktop\meg.JPG [2011.04.06 20:35:24 | 000,004,096 | ---- | C] () -- C:\Users\Megalomon\Desktop\Hashgen.exe [2011.04.06 18:28:56 | 000,001,854 | ---- | C] () -- C:\Users\Megalomon\AppData\Roaming\GhostObjGAFix.xml [2011.04.06 18:09:59 | 707,324,823 | ---- | C] () -- C:\Windows\MEMORY.DMP [2011.03.27 13:06:54 | 000,000,348 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForMegalomon.job [2011.03.24 19:11:56 | 017,049,330 | ---- | C] () -- C:\Users\Megalomon\Documents\Pratchett__Terry1.rar [2011.03.24 17:43:27 | 000,001,102 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2011.03.21 03:47:51 | 000,004,096 | ---- | C] () -- C:\Users\Public\Documents\000019B2.LCS [2011.03.07 17:48:37 | 003,176,992 | ---- | C] () -- C:\Users\Megalomon\AppData\Roaming\.minecraft.rar [2011.02.20 07:09:14 | 000,004,096 | -H-- | C] () -- C:\Users\Megalomon\AppData\Local\keyfile3.drm [2011.02.12 23:03:09 | 000,000,028 | ---- | C] () -- C:\Windows\Robota.INI [2011.01.16 01:02:06 | 001,589,248 | ---- | C] () -- C:\Windows\SysWow64\libmysql_d.dll [2010.12.30 08:48:02 | 000,057,904 | ---- | C] () -- C:\Windows\SysWow64\wbload.dll [2010.12.22 16:39:32 | 000,011,776 | ---- | C] () -- C:\Users\Megalomon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.12.14 21:09:14 | 000,000,264 | ---- | C] () -- C:\Users\Megalomon\AppData\Roaming\Current.prx [2010.12.06 19:03:18 | 000,000,021 | ---- | C] () -- C:\Windows\progman.ini [2010.12.05 02:52:08 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\mgxasio2.dll [2010.12.05 02:51:30 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll [2010.12.05 02:51:16 | 000,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini [2010.12.02 19:16:09 | 000,819,200 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2010.12.02 19:16:09 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2010.11.29 00:16:37 | 000,000,600 | ---- | C] () -- C:\Users\Megalomon\AppData\Roaming\winscp.rnd [2010.11.15 12:38:22 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat [2010.11.15 06:36:01 | 000,087,040 | ---- | C] () -- C:\Windows\UnGins.exe [2010.11.15 06:35:34 | 000,473,600 | ---- | C] () -- C:\Windows\SysWow64\Harmony.dll [2010.11.15 06:35:34 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\Unlha32.dll [2010.11.09 12:30:23 | 000,000,000 | ---- | C] () -- C:\Users\Megalomon\AppData\Roaming\wklnhst.dat [2010.11.07 15:18:13 | 001,530,612 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010.09.06 11:08:36 | 000,033,792 | ---- | C] () -- C:\Windows\SysWow64\rgbacodec.dll [2010.07.05 14:37:06 | 000,033,792 | ---- | C] () -- C:\Windows\SysWow64\dokan.dll [2010.06.25 19:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll [2009.11.07 22:54:26 | 000,009,868 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat [2009.10.15 02:25:42 | 000,000,289 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini [2009.10.15 02:25:42 | 000,000,230 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini [2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 23:59:36 | 001,498,564 | ---- | C] () -- C:\Windows\SysWow64\igkrng400.bin [2009.07.13 23:59:36 | 000,982,196 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin [2009.07.13 23:59:36 | 000,139,824 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin [2009.07.13 23:59:36 | 000,097,448 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin [2009.07.13 23:59:35 | 000,417,344 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin [2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2008.10.07 10:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll [2008.10.07 10:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll [2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll [2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll [2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll [2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll [2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll [2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll [2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll [2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll [2008.10.01 15:29:02 | 000,184,320 | ---- | C] () -- C:\Windows\SysWow64\SatSrv.exe < End of report > Code:
ATTFilter OTL Extras logfile created on: 19.04.2011 22:24:06 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Megalomon\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 28,00% Memory free
8,00 Gb Paging File | 5,00 Gb Available in Paging File | 58,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285,13 Gb Total Space | 60,04 Gb Free Space | 21,06% Space Free | Partition Type: NTFS
Drive D: | 12,76 Gb Total Space | 2,18 Gb Free Space | 17,08% Space Free | Partition Type: NTFS
Drive E: | 4,15 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive F: | 2,17 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: OSEL | User Name: Megalomon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [SpaceMonger] -- "C:\Program Files (x86)\SpaceMonger\SpaceMonger.exe" ; show-free-space false ; show-system-space false ; set-root "%l" (Sixty-Five Software, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [SpaceMonger] -- "C:\Program Files (x86)\SpaceMonger\SpaceMonger.exe" ; show-free-space false ; show-system-space false ; set-root "%l" (Sixty-Five Software, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{11EB1163-5761-4BC6-8F48-98DCF6A46BBF}" = Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{1FBEA8BA-D40B-48BC-85BC-EE2D5575F27C}" = Microsoft SQL Server VSS Writer
"{26A24AE4-039D-4CA4-87B4-2F86416024FF}" = Java(TM) 6 Update 24 (64-bit)
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{36A415C2-7181-421D-92C9-8255766E0FF3}" = TortoiseSVN 1.6.10.19898 (64 bit)
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{53C900F7-0CB1-3EDE-B9F3-76EDE6F0C253}" = Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework
"{56F26668-13DA-497A-883F-61434A10CBAB}" = MobileMe Control Panel
"{5DE154DF-A55E-4FA5-BE59-32E78FCACF3E}" = Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{639673E9-D53F-44F4-A046-485C8A6ADA16}" = Paint.NET v3.5.6
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7C39E0D1-E138-42B1-B083-213EC2CF7692}" = Microsoft SQL Server Native Client
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9545E9DB-6F4C-4404-BF25-E221BE8B44C5}" = iTunes
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{B93EE825-4E62-3FA7-9017-E42946F2AD6A}" = Microsoft Windows SDK for Visual Studio 2008 Express Tools for Web
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}" = Bonjour
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F75FFCEC-4807-319D-A186-5117EDFE8115}" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU
"Harrys Filters 4.0 (Plugin)_is1" = Harrys Filters 4.0 (Plugin)
"LuxandBlink_is1" = Luxand Blink! v2.2
"Matrox VFW Software Codecs" = Matrox VFW Software Codecs, build 28
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU
"NetBalancer_is1" = NetBalancer
"NVIDIA Drivers" = NVIDIA Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0166E190-92D7-482A-A220-DE8B7354383A}" = Demigod
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AABF6D-55C5-4779-ABF9-992016E913A2}" = Micrografx Picture Publisher 10
"{0749E1E5-BD6B-474C-BD21-48891526113E}" = MAGIX Music Maker 17 Download-Version
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{08DB3902-2CE0-474D-BCE3-0177766CE9F1}" = HP Support Assistant
"{09605008-2341-481C-A572-513E7AC9F466}" = Windows 7 iPad Theme
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0E0D6F70-16CC-46CB-B391-ABEF8C148086}" = TurboFLOORPLAN Garten- & Terrassenplaner
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{101A21B2-E102-4F64-A7FA-CEF7182D0E2D}" = SCL011 Contactless Reader
"{13702021-43FB-480C-912F-D9B74A538288}" = OpenProj
"{159098AF-4EB8-4C10-B0C6-24CDA32B45F9}" = Microsoft SQL Server Compact 3.5 DEU
"{17B4760F-334B-475D-829F-1A3E94A6A4E6}" = HP Setup
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}" = Adobe Creative Suite 5 Master Collection
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{245F6C7A-0C22-4DE0-8202-2AAA620A1D3A}" = Microsoft XNA Framework Redistributable 2.0
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{4422D20B-F530-4E65-8504-31396C9BC066}" = Google SketchUp 8
"{442BEA8A-2EF6-4000-94E4-3F71CB34E8DE}_is1" = Vampires Dawn I: Reign of Blood
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{46552BC3-52B6-404c-9B42-CE536AB719FD}_is1" = Ashampoo Home Designer1.0.0
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{491DFBAA-77EF-4B06-8676-2FC66EEE049A}" = LogMeIn Hamachi
"{49253DE2-FC99-4BE3-99A4-DAB01A8E6088}" = Camtasia Studio 6
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{52061908-F94F-3D78-AA50-B956039C845D}" = Microsoft Visual C# 2008 Express Edition - DEU
"{54CC7901-804D-4155-B353-21F0CC9112AB}" = HP Wireless Assistant
"{56403FFF-145E-35C5-A090-96598BE57FB8}" = Microsoft Visual Basic 2008 Express Edition - DEU
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{58344DA3-BE43-4B4F-8BF7-7DE69A9CBB77}" = DisSharp
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6E9EF98E-259E-416D-B5F8-0ABDB99942CE}" = Adobe Flash Player 10 ActiveX
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7430B12A-3B67-4191-B0C5-59E57344CB1F}" = iClone v4.3 SE
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{7679AFF5-D552-4527-8210-684BE1C52484}" = Minutor
"{767C4C31-E01D-38F3-B940-593CECB9EC68}" = Microsoft Visual Web Developer 2008 Express Edition - DEU
"{76CE5B47-F5A4-4E5C-99A0-CEFF6146EA4A}" = System Requirements Lab for Intel
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A1BB101-38A4-4110-A24D-1315B56F2BE3}" = Steganos AntiTheft 2008
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1" = Hex-Editor MX
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-0021-0000-0000-0000000FF1CE}" = Microsoft Office Visual Web Developer 2007
"{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0021-0407-0000-0000000FF1CE}" = Microsoft Office Visual Web Developer MUI (German) 2007
"{90120000-0021-0407-0000-0000000FF1CE}_VisualWebDeveloper_{0B9EAEAC-F271-45DC-BDCB-06ABEEF19825}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}_VisualWebDeveloper_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0054-0407-0000-0000000FF1CE}" = Microsoft Office Visio MUI (German) 2010
"{90140000-0057-0000-0000-0000000FF1CE}" = Microsoft Office Visio 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99AE7207-8612-4DBA-A8F8-BAE5C633390D}" = Star Wars Empire at War
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A33B83D-FFC4-44CF-BEEF-632DECEF2FCD}" = Microsoft SQL Server Database Publishing Wizard 1.2
"{9D1D6545-B912-4C58-A444-1E879BCD7453}" = 3D Canvas
"{9D3318E1-5A9F-4A95-A7A1-7E045403AE34}" = HP User Guides 0148
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E48FF52-082C-4CC2-BB67-6E10D09C0431}" = Windows Live UX Platform Language Pack
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Deutsch
"{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}" = Adobe Shockwave Player
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins
"{B0975D89-8D51-445C-BB71-95826A96780C}" = MAGIX Speed burnR (MSI)
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B21E2646-3AC8-47F6-B3B9-77CCDC499C45}" = ACDSee 7.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B571B309-5E65-3DCE-8DE7-205DE2D366C3}" = Microsoft Visual C++ 2008 Express Edition - DEU
"{B5A79A5F-7E2B-49F6-9C01-A0BBBF807395}" = Dummy File Creator
"{B81EB1DB-8F56-4852-BCEB-B598DF3F63E6}_is1" = Mustrum 2.1.2
"{BB565180-FA52-40DA-A65E-651537008C34}" = MAGIX Screenshare
"{BBAAAD82-6242-420F-86D4-BD72BB5E6C86}" = Tools für Microsoft SQL Server 2005 Express Edition
"{BC41C09D-FAA9-4346-9FE6-1E0017BC551A}" = Adobe Flash Player 10 Plugin
"{BD136CE7-6666-4273-A056-8D92F8625AAB}" = Sun ODF Plugin for Microsoft Office 3.2
"{C00F32AF-E350-43CC-80EB-F0D961A5C9BD}" = calibre
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update
"{D922EF97-6657-3075-BC93-A6CF59444E84}" = MSDN Library for Microsoft Visual Studio 2008 Express Editions
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E32260E7-0B10-43C7-9B77-AB9F4184676D}" = Microsoft SQL Server Compact 3.5 Design Tools DEU
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E5343B27-55DF-40BD-9FCF-A643C1331E8A}" = Acronis*True*Image*Home
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}" = Lightworks
"{EA450D5D-95EA-4FD0-B8B0-6D8E68FBE2C7}" = Impulse
"{ECCA8FE7-767A-4C8A-9DAA-BAB60F877C41}" = Sins of a Solar Empire
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F2E23139-3404-4E3C-9855-7724415D62A5}" = Dragon Age II
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FF29527A-44CD-3422-945E-981A13584000}" = VC Runtimes MSI
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Algodoo_is1" = Algodoo v1.8.0
"Ashampoo MyAutoplay Menu_is1" = Ashampoo MyAutoplay Menu 1.0.3
"AstrumNival Allods" = Allods Online 1.1.04.44
"Audacity_is1" = Audacity 1.2.6
"BewerbungsGenie 7_is1" = DATA BECKER BewerbungsGenie 7
"Celtx (2.7)" = Celtx (2.7)
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Cheat Engine 6.0_is1" = Cheat Engine 6.0
"Chipamp" = Chipamp
"CINEMA 4D Release 11" = CINEMA 4D Release 11
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Coral Reef 3D Screensaver_is1" = Coral Reef 3D Screensaver 1.0
"Credit Card Check Tool" = Credit Card Check Tool
"DB Fahrplaninformation 2011" = DB Fahrplaninformation 2011
"Demigod" = Demigod
"Desura" = Desura
"DokanLibrary" = Dokan Library 0.5.3
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"DROPCLOCK_is1" = DROPCLOCK 1.0.1
"DSGPlayer" = DEUTSCHLAND SPIELT GAME CENTER
"Dungeon Keeper II" = Dungeon Keeper 2
"EADM" = EA Download Manager
"Engine of War_is1" = Engine of War 1.6
"FE5AE7DC-7B01-4263-A94C-B4526C276549_is1" = iPhone Explorer
"Foxit Reader" = Foxit Reader
"Game Maker 8.0" = Game Maker 8.0
"GeoGebra" = GeoGebra
"Gish" = Gish
"GML Matting_is1" = GML Matting 0.3
"Greed Corp_is1" = Greed Corp
"HaCKeR" = HaCKeR v2.0.0
"HandBrake" = HandBrake 0.9.5
"HDD-Booster_is1" = HDD-Booster v1.1
"Hitman: Contracts" = Hitman: Contracts
"Impulse" = Impulse
"InstallShield_{0E0D6F70-16CC-46CB-B391-ABEF8C148086}" = TurboFLOORPLAN Garten- & Terrassenplaner
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"JDownloader" = JDownloader
"LogMeIn Hamachi" = LogMeIn Hamachi
"MAGIX Music Maker for MySpace D" = MAGIX Music Maker for MySpace 15.0.1.8 (D)
"MAGIX Xtreme Web Designer 5 Download-Version D" = MAGIX Xtreme Web Designer 5 Download-Version 5.0.1.8462 (D)
"MAGIX_MSI_mm17" = MAGIX Music Maker 17 Download-Version
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MatheAss_is1" = MatheAss 8.2
"Mein Gartenparadies (VOLLVERSION)" = Mein Gartenparadies (VOLLVERSION)
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Microsoft Visual Basic 2008 Express Edition - DEU" = Microsoft Visual Basic 2008 Express Edition - DEU
"Microsoft Visual C# 2008 Express Edition - DEU" = Microsoft Visual C# 2008 Express Edition - DEU
"Microsoft Visual C++ 2008 Express Edition - DEU" = Microsoft Visual C++ 2008 Express Edition - DEU
"Microsoft Visual Web Developer 2008 Express Edition - DEU" = Microsoft Visual Web Developer 2008 Express Edition - DEU
"Mirador" = Mirador
"MozBackup" = MozBackup 1.5.1
"Mozilla Firefox 4.0 (x86 de)" = Mozilla Firefox 4.0 (x86 de)
"MSDN Library for Microsoft Visual Studio 2008 Express Editions" = MSDN Library für Microsoft Visual Studio 2008 Express Editions
"MyColors" = MyColors
"MyColors Demigod Desktop" = MyColors Demigod Desktop
"N360" = Norton 360
"Neffy" = Neffy 1,3,29,0
"NET Render Release 11" = NET Render Release 11
"New LEGO Digital Designer" = LEGO Digital Designer
"Notepad++" = Notepad++
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Office14.VISIO" = Microsoft Visio Premium 2010
"OpenAL" = OpenAL
"Patch Update RPG Maker 20031.05e" = Patch Update RPG Maker 2003
"Pflanzen gegen Zombies" = Pflanzen gegen Zombies
"plist Editor Pro" = plist Editor Pro 2.0.0
"POV-Ray for Windows v3.6" = POV-Ray for Windows v3.6.0
"PremiumSoft Navicat Premium_is1" = PremiumSoft Navicat Premium 9.1
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"Proxifier_is1" = Proxifier version 2.91
"RevengeOfTheTitansHIB" = Revenge of the Titans HIB (remove only)
"ROM CHECK FAIL_is1" = ROM CHECK FAIL 1.0
"RPG Maker 2000 1.05" = RPG Maker 2000 1.05
"RPGAdvocates_RTP_1.0" = Common RTP 1.0
"RTP 1.32 Add-On for RM2k" = RTP 1.32 Add-On for RM2k
"RTP for RM2K (Png, Wav, Midi, Fonts)" = RTP for RM2K (Png, Wav, Midi, Fonts)
"Sins of a Solar Empire" = Sins of a Solar Empire
"SpaceMonger" = SpaceMonger 2.1.1
"SpeedFan" = SpeedFan (remove only)
"ST6UNST #1" = BEWERBUNGS-MASTER
"Steam App 2100" = Dark Messiah Might and Magic Single Player
"Steam App 2130" = Dark Messiah Might and Magic Multi-Player
"Steam App 22000" = World of Goo
"Steam App 22180" = Penumbra: Overture
"Steam App 24420" = Aquaria
"Steam App 26800" = Braid
"Steam App 29180" = Osmos
"Steam App 630" = Alien Swarm
"Steam App 70300" = VVVVVV
"Steam App 9500" = Gish
"Surfer_is1" = Surfer 0.1
"TeamViewer 6" = TeamViewer 6
"Trillian" = Trillian
"UnityWebPlayer" = Unity Web Player (All users)
"uTorrent" = µTorrent
"VisualWebDeveloper" = Microsoft Visual Studio Web Authoring Component
"VLC media player" = VLC media player 1.1.5
"Warcraft III" = Warcraft III
"WebClicker" = HeadStrong WebClicker v2.56
"Winamp" = Winamp
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"winscp3_is1" = WinSCP 4.2.9
"World of Warcraft" = World of Warcraft
"XMedia Recode" = XMedia Recode 2.2.8.9
"Xvid_is1" = Xvid 1.2.2 final uninstall
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"7400507575E924278546A5A9A0332678396A2068" = Excel Image Inserter
"CreepSmash.com" = CreepSmash.com
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"Protect Disc License Helper" = Protect Disc License Helper 1.0.125 (IE)
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"UnityWebPlayer" = Unity Web Player
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
|
|
20.04.2011, 17:03
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Obskures verhalten alá nur ein Nutzer-Konto benutzbar usw. Gibt es noch weitere Logs von Malwarebytes? Wenn ja bitte alle posten, die in Malwarebytes im Reiter Logdateien sichtbar sind.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
20.04.2011, 19:00
| #5 |
| | Obskures verhalten alá nur ein Nutzer-Konto benutzbar usw. Bei Malwarebytes ist in dem Fenster nur eine Log welche identisch mit der oben geposteten ist. Was wohl daran liegen könnte das ich MW das erste mal auf diesem System installiert hatte. |
|
20.04.2011, 19:03
| #6 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Obskures verhalten alá nur ein Nutzer-Konto benutzbar usw.Zitat:
__________________ --> Obskures verhalten alá nur ein Nutzer-Konto benutzbar usw. |
|
20.04.2011, 20:58
| #7 |
| | Obskures verhalten alá nur ein Nutzer-Konto benutzbar usw. vermutlich wars mein test damals ob sich davon die photoshop demo beeindrucken lässt, was sich aber als "fail" herrausgestellt hat. Habs dann mal eben entfernt den Eintrag. |
|
21.04.2011, 14:46
| #8 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Obskures verhalten alá nur ein Nutzer-Konto benutzbar usw.Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.04.2011, 15:29
| #9 |
| | Obskures verhalten alá nur ein Nutzer-Konto benutzbar usw. die trial version? |
|
21.04.2011, 15:54
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Obskures verhalten alá nur ein Nutzer-Konto benutzbar usw. Sry aber das glaub ich nicht. Eine Trial muss weder aktiviert, noch daran gehindert werden, den Aktivierungsserver zu erreichen. Typischerweise unterbindet man nur gecrackten Versionen den Zugang zu den Adobeseiten... 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.04.2011, 16:47
| #11 |
| | Obskures verhalten alá nur ein Nutzer-Konto benutzbar usw. und ich hatte eben ausprobiert ob sich gerade diese trial von dem eintrag beeindrucken lässt. Bzw. ob es eine verlängerung des Zeitraums bedeuten könnte. |
|
| Themen zu Obskures verhalten alá nur ein Nutzer-Konto benutzbar usw. |
| adobe, alternative, benutzerprofildienst, bho, bonjour, browser, desktop, explorer, firefox, hijack, hijackthis, internet, internet explorer, logfile, lsass.exe, microsoft, mozilla, neu, nvidia, senden, software, symantec, updates, windows, windows updates, wmp |
Linear-Darstellung
