|
Log-Analyse und Auswertung: Google leitet oftmals auf schädliche Seiten weiter ?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
21.12.2010, 14:52 | #1 |
Gast | Google leitet oftmals auf schädliche Seiten weiter ? Tag, nach langen hin und her, wende ich mich nun an euch. Ich hoffe ihr könnt mir helfen. Mein Problem: Ich gebe in Google z.B ABC ein > klicke auf ein Suchergebniss und werde dann auf "Attackierende Seiten geleitet". FireFox blockt zwar die Seiten, aber ich weiß nicht ob das vll. doch irgendwie "schädlich ist" Was habe ich bisher dagegen getan - Habe hier im Forum zahlreiche andere Themen darüber gelesen - Hijack ausgeführt Log Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:37:40, on 21.12.2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Programme\AVG\AVG9\avgchsvx.exe C:\Programme\AVG\AVG9\avgrsx.exe C:\Programme\AVG\AVG9\avgcsrvx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\Mixer.exe C:\PROGRA~1\AVG\AVG9\avgtray.exe C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe C:\Programme\Logitech\G-series Software\LGDCore.exe C:\Programme\Logitech\G-series Software\LCDMon.exe C:\Programme\HP\HP Software Update\HPWuSchd2.exe C:\Programme\Logitech\G-series Software\Applets\LCDPop3\LCDPOP3.exe C:\Programme\Logitech\G-series Software\Applets\LCDCountdown\LCDCountdown.exe C:\Programme\Logitech\G-series Software\Applets\LCDMedia.exe C:\Programme\Logitech\G-series Software\Applets\LCDClock.exe C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Programme\Gemeinsame Dateien\Nero\Lib\NMBgMonitor.exe C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Programme\Skype\Phone\Skype.exe C:\WINDOWS\system32\rundll32.exe C:\Programme\AVG\AVG9\avgwdsvc.exe C:\Programme\Bonjour\mDNSResponder.exe C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe C:\Programme\Windows Desktop Search\WindowsSearch.exe C:\Programme\Java\jre6\bin\jqs.exe C:\Programme\MySQL\MySQL Server 5.1\bin\mysqld.exe C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\system32\HPZipm12.exe C:\Programme\AVG\AVG9\avgnsx.exe C:\WINDOWS\system32\svchost.exe C:\Programme\AVG\AVG9\avgemc.exe C:\Programme\HP\Digital Imaging\bin\hpqimzone.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Programme\AVG\AVG9\avgcsrvx.exe C:\Programme\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Programme\HP\Digital Imaging\bin\hpqSTE08.exe C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe C:\Programme\Skype\Plugin Manager\skypePM.exe C:\Programme\Mozilla Firefox\firefox.exe C:\Programme\VideoLAN\VLC\vlc.exe C:\Programme\Mozilla Firefox\plugin-container.exe C:\WINDOWS\notepad.exe C:\WINDOWS\notepad.exe C:\WINDOWS\system32\msiexec.exe C:\Programme\Trend Micro\HijackThis\HiJackThis.exe C:\WINDOWS\system32\SearchProtocolHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R3 - URLSearchHook: (no name) - - (no file) F3 - REG:win.ini: run= F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programme\AVG\AVG9\avgssie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll O2 - BHO: kikin Plugin - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Programme\kikin\ie_kikin.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) O4 - HKLM\..\Run: [StartCCC] "C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [NBKeyScan] "C:\Programme\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Launch LGDCore] "C:\Programme\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE O4 - HKLM\..\Run: [Launch LCDMon] "C:\Programme\Logitech\G-series Software\LCDMon.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Programme\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programme\Gemeinsame Dateien\Nero\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [ICQ] "C:\Programme\ICQ7.2\ICQ.exe" silent loginmode=4 O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [Smartnetaudio] rundll32.exe "C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\smiWImon\Smartnetaudio.dll",BthEventdrm appnetOffice O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: HP Photosmart Premier – Schnellstart.lnk = C:\Programme\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: Windows Search.lnk = C:\Programme\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Dokumente und Einstellungen\***\Anwendungsdaten\DVDVideoSoftIEHelpers\youtubetomp3.htm O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Programme\kikin\ie_kikin.dll O9 - Extra 'Tools' menuitem: My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Programme\kikin\ie_kikin.dll O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - h**p://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programme\AVG\AVG9\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing) O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Programme\AVG\AVG9\avgemc.exe O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Programme\AVG\AVG9\avgwdsvc.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Programme\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe O23 - Service: MySQL - Unknown owner - C:\Programme\MySQL\MySQL.exe (file missing) O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: TuneUp Drive Defrag-Dienst (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe O24 - Desktop Component 0: (no name) - h**p://img-a5.pe.imagevz.net/photo17/35/b6/b9a84ecd1f00d4366b92beefa448/6-7e63dea657d0a6f5e094a153d4af2fc6.jpg -- End of file - 10997 bytes Anderes Habe auch bereits OTL ausgeführt, soll ich das am besten auch noch posten, oder reicht Hijack erstmal ? Sollte sonst noch irgendwas fehlen, bitte ich Sie mir das zu sagen. Mit freundlichen grüßen Pusher |
21.12.2010, 22:53 | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Google leitet oftmals auf schädliche Seiten weiter ? Hallo und
__________________Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten! Danach OTL: Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
__________________ |
22.12.2010, 12:38 | #3 |
Gast | Google leitet oftmals auf schädliche Seiten weiter ? Danke erstmal für die Hilfe.
__________________So hier die Malewarebytes Log Code:
ATTFilter Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Datenbank Version: 5375 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 22.12.2010 12:27:57 mbam-log-2010-12-22 (12-27-57).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Durchsuchte Objekte: 309797 Laufzeit: 52 Minute(n), 55 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 2 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 6 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_CURRENT_USER\SOFTWARE\Bifrost (Bifrose.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Bifrost (Bifrose.Trace) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: d:\programme 1\programme\programme 11\cd-dvd.lock.v2.4.444.winall.incl.keygen-brd\cd-dvd.lock.v2.4.444.winall.incl.keygen-brd\keygen\keygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully. d:\programme 1\programme\programme 11\progamme 1\ultraiso v8.6.3.2056\nfoviewer.exe (Trojan.Agent) -> Quarantined and deleted successfully. d:\programme 1\programme\programme 11\progamme 1\ultraiso v8.6.3.2056\c0re keygen\keygen.exe (Trojan.Dropper.PGen) -> Quarantined and deleted successfully. d:\programme 1\ultraiso v8.6.3.2056\nfoviewer.exe (Trojan.Agent) -> Quarantined and deleted successfully. d:\programme 1\ultraiso v8.6.3.2056\c0re keygen\keygen.exe (Trojan.Dropper.PGen) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\Name\anwendungsdaten\addons.dat (Bifrose.Trace) -> Quarantined and deleted successfully. OTL Log Code:
ATTFilter OTL logfile created on: 22.12.2010 12:31:06 - Run 2 OTL by OldTimer - Version 3.2.18.0 Folder = C:\Dokumente und Einstellungen\Name\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 64,00% Memory free 5,00 Gb Paging File | 4,00 Gb Available in Paging File | 75,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 146,50 Gb Total Space | 90,61 Gb Free Space | 61,85% Space Free | Partition Type: NTFS Drive D: | 449,67 Gb Total Space | 330,62 Gb Free Space | 73,52% Space Free | Partition Type: NTFS Computer Name: Name | User Name: Name | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Dokumente und Einstellungen\Name\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Programme\AVG\AVG9\avgcsrvx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Programme\AVG\AVG9\avgnsx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) PRC - C:\Programme\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Programme\AVG\AVG9\avgrsx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Programme\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Programme\AVG\AVG9\avgchsvx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) PRC - C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe (Nero AG) PRC - C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe (Nero AG) PRC - C:\Programme\Gemeinsame Dateien\Nero\Lib\NMBgMonitor.exe (Nero AG) PRC - C:\Programme\Logitech\G-series Software\LGDCore.exe (Logitech Inc.) PRC - C:\Programme\Logitech\G-series Software\Applets\LCDPop3\LCDPOP3.exe (Logitech Inc.) PRC - C:\Programme\Logitech\G-series Software\Applets\LCDCountdown\LCDCountdown.exe (Logitech Inc.) PRC - C:\Programme\Logitech\G-series Software\Applets\LCDClock.exe (Logitech Inc.) PRC - C:\Programme\Logitech\G-series Software\Applets\LCDMedia.exe (Logitech Inc.) PRC - C:\Programme\Logitech\G-series Software\LCDMon.exe (Logitech Inc.) PRC - C:\Programme\HP\Digital Imaging\bin\hpqimzone.exe (Hewlett-Packard Development Company, L.P.) PRC - C:\WINDOWS\mixer.exe (C-Media Electronic Inc. (www.cmedia.com.tw)) ========== Modules (SafeList) ========== MOD - C:\Dokumente und Einstellungen\Name\Desktop\OTL.exe (OldTimer Tools) MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (AppMgmt) -- C:\WINDOWS\System32\appmgmts.dll File not found SRV - (avg9emc) -- C:\Programme\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.) SRV - (avg9wd) -- C:\Programme\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) SRV - (aspnet_state) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe (Microsoft Corporation) SRV - (WPFFontCache_v0400) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (NetTcpPortSharing) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) SRV - (TuneUp.Defrag) -- C:\WINDOWS\system32\TuneUpDefragService.exe (TuneUp Software GmbH) SRV - (FLEXnet Licensing Service) -- C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.) SRV - (odserv) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation) SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software GmbH) SRV - (NMIndexingService) -- C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe (Nero AG) SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP) SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (ManyCam) -- C:\WINDOWS\System32\DRIVERS\ManyCam.sys File not found DRV - (cpuz132) -- C:\DOKUME~1\Name\LOKALE~1\Temp\cpuz132\cpuz132_x32.sys File not found DRV - (MBAMSwissArmy) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation) DRV - (AvgTdiX) -- C:\WINDOWS\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.) DRV - (AvgLdx86) -- C:\WINDOWS\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.) DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation ) DRV - (AvgMfx86) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.) DRV - (tap0901) -- C:\WINDOWS\system32\drivers\tap0901.sys (The OpenVPN Project) DRV - (Tcpip6) -- C:\WINDOWS\system32\drivers\tcpip6.sys (Microsoft Corporation) DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.) DRV - (AtiHdmiService) -- C:\WINDOWS\system32\drivers\AtiHdmi.sys (ATI Research Inc.) DRV - (s1018mdm) -- C:\WINDOWS\system32\drivers\s1018mdm.sys (MCCI Corporation) DRV - (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM) -- C:\WINDOWS\system32\drivers\s1018unic.sys (MCCI Corporation) DRV - (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\s1018mgmt.sys (MCCI Corporation) DRV - (s1018obex) -- C:\WINDOWS\system32\drivers\s1018obex.sys (MCCI Corporation) DRV - (s1018bus) Sony Ericsson Device 1018 driver (WDM) -- C:\WINDOWS\system32\drivers\s1018bus.sys (MCCI Corporation) DRV - (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS) -- C:\WINDOWS\system32\drivers\s1018nd5.sys (MCCI Corporation) DRV - (s1018mdfl) -- C:\WINDOWS\system32\drivers\s1018mdfl.sys (MCCI Corporation) DRV - (nm) -- C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation) DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation) DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider) DRV - (ISODrive) -- C:\Programme\UltraISO\drivers\ISODrive.sys (EZB Systems, Inc.) DRV - (cmpci) -- C:\WINDOWS\system32\drivers\cmaudio.sys (C-Media Inc) DRV - (PCLEPCI) -- C:\WINDOWS\system32\drivers\Pclepci.sys (Pinnacle Systems GmbH) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E4 A4 B3 BF 12 83 CB 01 [binary data] IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Bing" FF - prefs.js..browser.search.defaulturl: "hxxp://www.bing.com/search?FORM=IEFM1&q=" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "www.google.de" FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.872 FF - prefs.js..extensions.enabledItems: anycolor.pavlos256@gmail.com:0.3.2 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.2 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..keyword.URL: "hxxp://www.bing.com/search?FORM=IEFM1&q=" FF - prefs.js..network.proxy.http: "Gesperrt" FF - prefs.js..network.proxy.http_port: 80 FF - prefs.js..network.proxy.no_proxies_on: "de, com" FF - prefs.js..network.proxy.ssl: "Gesperrt" FF - prefs.js..network.proxy.ssl_port: 443 FF - HKLM\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Programme\AVG\AVG9\Firefox [2010.11.24 19:14:09 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.03.05 18:06:53 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.12.11 10:05:18 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.12.20 21:16:32 | 000,000,000 | ---D | M] [2010.05.07 13:51:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Name\Anwendungsdaten\Mozilla\Extensions [2010.12.21 21:53:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Name\Anwendungsdaten\Mozilla\Firefox\Profiles\n9r1k2dm.default\extensions [2010.05.07 13:54:12 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Name\Anwendungsdaten\Mozilla\Firefox\Profiles\n9r1k2dm.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.06.06 20:18:50 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Name\Anwendungsdaten\Mozilla\Firefox\Profiles\n9r1k2dm.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2010.12.18 14:43:51 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Dokumente und Einstellungen\Name\Anwendungsdaten\Mozilla\Firefox\Profiles\n9r1k2dm.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010.05.07 14:06:53 | 000,000,000 | ---D | M] (FoxTab) -- C:\Dokumente und Einstellungen\Name\Anwendungsdaten\Mozilla\Firefox\Profiles\n9r1k2dm.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} [2010.05.07 13:57:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Name\Anwendungsdaten\Mozilla\Firefox\Profiles\n9r1k2dm.default\extensions\anycolor.pavlos256@gmail.com [2010.05.15 14:03:02 | 000,001,819 | ---- | M] () -- C:\Dokumente und Einstellungen\Name\Anwendungsdaten\Mozilla\Firefox\Profiles\n9r1k2dm.default\searchplugins\bing.xml [2010.12.20 21:16:33 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions [2010.12.20 21:16:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2010.12.20 21:16:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2006.09.26 12:03:14 | 000,098,304 | ---- | M] (Zylom) -- C:\Programme\Mozilla Firefox\plugins\npzylomgamesplayer.dll [2010.08.03 17:58:40 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.08.03 17:58:41 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.08.03 17:58:41 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.08.03 17:58:41 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.08.03 17:58:41 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2004.08.04 13:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programme\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (kikin Plugin) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Programme\kikin\ie_kikin.dll (kikin) O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AVG9_TRAY] C:\Programme\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [C-Media Mixer] C:\WINDOWS\mixer.exe (C-Media Electronic Inc. (www.cmedia.com.tw)) O4 - HKLM..\Run: [Launch LCDMon] C:\Programme\Logitech\G-series Software\LCDMon.exe (Logitech Inc.) O4 - HKLM..\Run: [Launch LGDCore] C:\Programme\Logitech\G-series Software\LGDCore.exe (Logitech Inc.) O4 - HKLM..\Run: [NBKeyScan] C:\Programme\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG) O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Nero\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Programme\Gemeinsame Dateien\Nero\Lib\NMBgMonitor.exe (Nero AG) O4 - HKCU..\Run: [ICQ] C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O4 - HKCU..\Run: [Smartnetaudio] File not found O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\HP Photosmart Premier – Schnellstart.lnk = C:\Programme\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Dokumente und Einstellungen\Name\Anwendungsdaten\DVDVideoSoftIEHelpers\youtubetomp3.htm () O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Programme\kikin\ie_kikin.dll (kikin) O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_05) O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programme\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.) O24 - Desktop Components:0 () - hxxp://img-a5.pe.imagevz.net/photo17/35/b6/b9a84ecd1f00d4366b92beefa448/6-7e63dea657d0a6f5e094a153d4af2fc6.jpg O24 - Desktop Components:1 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Name\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Name\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.07.01 12:17:14 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{22fe4269-6f94-11de-9e56-00508d98e9fe}\Shell\AutoRun\command - "" = H:\WDSetup.exe -- File not found O33 - MountPoints2\{b64eb26a-6de0-11de-9e55-00508d98e9fe}\Shell\AutoRun\command - "" = wd_windows_tools\WDSetup.exe O33 - MountPoints2\{db6a1250-156b-11df-b903-00508d98e9fe}\Shell - "" = AutoRun O33 - MountPoints2\{db6a1250-156b-11df-b903-00508d98e9fe}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{db6a1250-156b-11df-b903-00508d98e9fe}\Shell\AutoRun\command - "" = G:\Startme.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.12.22 11:15:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Name\Anwendungsdaten\Malwarebytes [2010.12.22 11:15:35 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010.12.22 11:15:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes [2010.12.22 11:15:30 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010.12.22 11:15:30 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2010.12.22 11:14:25 | 007,622,112 | ---- | C] (Malwarebytes Corporation ) -- C:\Dokumente und Einstellungen\Name\Desktop\mbam-setup.exe [2010.12.21 14:06:34 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Name\Desktop\OTL.exe [2010.12.20 21:16:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sun [2010.12.20 21:16:32 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll [2010.12.16 21:22:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Name\Lokale Einstellungen\Anwendungsdaten\smiWImon [2010.12.15 19:33:00 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys [2010.12.11 15:06:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IsolatedStorage [2010.12.11 15:06:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Name\Eigene Dateien\FW-Sim [2010.12.11 15:06:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\FW-Sim [2010.12.11 09:36:05 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Skype [2010.12.04 16:36:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Name\Desktop\SpeedAutoClicker [2010.11.23 18:55:49 | 000,025,216 | ---- | C] (The OpenVPN Project) -- C:\WINDOWS\System32\drivers\tap0901.sys [2010.11.23 18:55:46 | 000,000,000 | ---D | C] -- C:\Programme\S.A.D [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.12.22 12:00:00 | 000,000,496 | ---- | M] () -- C:\WINDOWS\tasks\1-Klick-Wartung.job [2010.12.22 11:17:33 | 000,000,766 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2010.12.22 11:16:06 | 069,192,513 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm [2010.12.22 11:15:08 | 007,622,112 | ---- | M] (Malwarebytes Corporation ) -- C:\Dokumente und Einstellungen\Name\Desktop\mbam-setup.exe [2010.12.22 11:11:12 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1644491937-2000478354-682003330-1005.job [2010.12.22 11:11:08 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1644491937-2000478354-682003330-1005.job [2010.12.22 11:10:00 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010.12.22 11:09:54 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap [2010.12.21 14:40:50 | 000,002,435 | ---- | M] () -- C:\Dokumente und Einstellungen\Name\Desktop\HiJackThis.lnk [2010.12.21 14:34:14 | 001,402,880 | ---- | M] () -- C:\Dokumente und Einstellungen\Name\Desktop\HiJackThis.msi [2010.12.21 14:06:37 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Name\Desktop\OTL.exe [2010.12.21 12:19:31 | 000,008,853 | ---- | M] () -- C:\Dokumente und Einstellungen\Name\Desktop\WochenZettel Schule!!!!!!!!!!.xlsx [2010.12.20 21:16:24 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2010.12.20 21:16:24 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2010.12.20 21:16:24 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2010.12.20 21:16:24 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl [2010.12.20 21:16:23 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll [2010.12.20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010.12.20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010.12.20 12:23:28 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010.12.18 18:35:52 | 005,134,463 | ---- | M] () -- C:\Dokumente und Einstellungen\Name\Desktop\sa-mp-0.3b-R3-install.exe [2010.12.16 15:41:35 | 001,588,576 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010.12.16 02:00:47 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010.12.12 12:20:10 | 000,000,046 | ---- | M] () -- C:\Dokumente und Einstellungen\Name\jagex_runescape_preferences.dat [2010.12.12 12:19:39 | 000,000,117 | ---- | M] () -- C:\Dokumente und Einstellungen\Name\jagex_runescape_preferences2.dat [2010.12.11 15:05:53 | 034,855,435 | ---- | M] () -- C:\Dokumente und Einstellungen\Name\Desktop\fwsim.exe [2010.12.08 19:24:38 | 000,996,995 | ---- | M] () -- C:\Dokumente und Einstellungen\Name\Desktop\DSC_4696.JPG [2010.12.08 19:24:20 | 000,979,447 | ---- | M] () -- C:\Dokumente und Einstellungen\Name\Desktop\DSC_4697.JPG [2010.11.22 18:19:43 | 000,000,069 | ---- | M] () -- C:\Dokumente und Einstellungen\Name\default.pls [2010.11.22 18:19:23 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.12.22 11:15:35 | 000,000,766 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2010.12.21 14:34:53 | 000,002,435 | ---- | C] () -- C:\Dokumente und Einstellungen\Name\Desktop\HiJackThis.lnk [2010.12.21 14:34:07 | 001,402,880 | ---- | C] () -- C:\Dokumente und Einstellungen\Name\Desktop\HiJackThis.msi [2010.12.18 18:35:21 | 005,134,463 | ---- | C] () -- C:\Dokumente und Einstellungen\Name\Desktop\sa-mp-0.3b-R3-install.exe [2010.12.11 15:02:29 | 034,855,435 | ---- | C] () -- C:\Dokumente und Einstellungen\Name\Desktop\fwsim.exe [2010.12.08 19:22:41 | 000,996,995 | ---- | C] () -- C:\Dokumente und Einstellungen\Name\Desktop\DSC_4696.JPG [2010.12.08 19:22:41 | 000,979,447 | ---- | C] () -- C:\Dokumente und Einstellungen\Name\Desktop\DSC_4697.JPG [2010.12.06 20:32:34 | 000,008,853 | ---- | C] () -- C:\Dokumente und Einstellungen\Name\Desktop\WochenZettel Schule!!!!!!!!!!.xlsx [2010.01.12 05:35:44 | 000,080,416 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll [2009.12.12 19:38:09 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll [2009.09.22 13:06:54 | 000,000,600 | ---- | C] () -- C:\Dokumente und Einstellungen\Name\Lokale Einstellungen\Anwendungsdaten\PUTTY.RND [2009.09.20 19:13:37 | 000,000,600 | ---- | C] () -- C:\Dokumente und Einstellungen\Name\Anwendungsdaten\winscp.rnd [2009.09.06 10:45:34 | 000,001,233 | ---- | C] () -- C:\WINDOWS\banania.ini [2009.08.29 14:05:13 | 000,000,110 | ---- | C] () -- C:\WINDOWS\GMouse.ini [2009.08.23 10:53:44 | 000,000,101 | ---- | C] () -- C:\WINDOWS\CMMIXER.INI [2009.08.15 00:48:15 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll [2009.07.11 17:56:04 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009.07.11 17:56:03 | 000,090,112 | ---- | C] () -- C:\Dokumente und Einstellungen\Name\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.07.11 08:08:55 | 000,006,768 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini [2009.07.08 09:13:15 | 000,000,140 | ---- | C] () -- C:\Dokumente und Einstellungen\Name\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat [2009.07.08 07:50:29 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll [2009.07.08 07:46:54 | 000,012,317 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\hpzinstall.log [2009.07.01 13:53:56 | 000,000,025 | ---- | C] () -- C:\WINDOWS\mixerdef.ini [2009.07.01 13:48:16 | 000,006,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\ALLOW-IO.SYS [2009.07.01 13:09:59 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2009.07.01 12:18:59 | 000,001,082 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [2008.05.26 22:23:36 | 000,016,834 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini [2008.05.26 22:23:34 | 000,024,188 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini [2008.05.26 22:23:32 | 000,016,568 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini [2001.07.07 02:00:00 | 000,003,254 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI ========== Alternate Data Streams ========== @Alternate Data Stream - 508 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:05EE1EEF @Alternate Data Stream - 110 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:888AFB86 < End of report > Code:
ATTFilter OTL Extras logfile created on: 22.12.2010 12:31:06 - Run 2 OTL by OldTimer - Version 3.2.18.0 Folder = C:\Dokumente und Einstellungen\Name\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 64,00% Memory free 5,00 Gb Paging File | 4,00 Gb Available in Paging File | 75,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 146,50 Gb Total Space | 90,61 Gb Free Space | 61,85% Space Free | Partition Type: NTFS Drive D: | 449,67 Gb Total Space | 330,62 Gb Free Space | 73,52% Space Free | Partition Type: NTFS Computer Name: Name | User Name: Name | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "56286:TCP" = 56286:TCP:*:Enabled:Pando Media Booster "56286:UDP" = 56286:UDP:*:Enabled:Pando Media Booster [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009 "58862:TCP" = 58862:TCP:*:Enabled:Pando Media Booster "58862:UDP" = 58862:UDP:*:Enabled:Pando Media Booster "5985:TCP" = 5985:TCP:*:Disabled:Windows-Remoteverwaltung "80:TCP" = 80:TCP:*:Disabled:Windows-Remoteverwaltung - Kompatibilitätsmodus (h**p eingehend) "56286:TCP" = 56286:TCP:*:Enabled:Pando Media Booster "56286:UDP" = 56286:UDP:*:Enabled:Pando Media Booster ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Programme\ICQ7.2\ICQ.exe" = C:\Programme\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.) "C:\Programme\ICQ7.2\aolload.exe" = C:\Programme\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC) "C:\Programme\Pando Networks\Media Booster\PMB.exe" = C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- () [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Programme\AVG\AVG8\avgam.exe" = C:\Programme\AVG\AVG8\avgam.exe:*:Enabled:avgam.exe -- File not found "C:\Programme\AVG\AVG8\avgdiag.exe" = C:\Programme\AVG\AVG8\avgdiag.exe:*:Enabled:avgdiag.exe -- File not found "C:\Programme\AVG\AVG8\avgdiagex.exe" = C:\Programme\AVG\AVG8\avgdiagex.exe:*:Enabled:avgdiagex.exe -- File not found "C:\Programme\AVG\AVG8\avgemc.exe" = C:\Programme\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe -- File not found "C:\Programme\AVG\AVG8\avgupd.exe" = C:\Programme\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- File not found "C:\Programme\AVG\AVG8\avgnsx.exe" = C:\Programme\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- File not found "C:\Dokumente und Einstellungen\Name\Eigene Dateien\Downloads\samp02Xserver.win32\samp-server.exe" = C:\Dokumente und Einstellungen\Name\Eigene Dateien\Downloads\samp02Xserver.win32\samp-server.exe:*:Enabled:samp-server -- () "C:\Programme\mozilla.org\SeaMonkey\seamonkey.exe" = C:\Programme\mozilla.org\SeaMonkey\seamonkey.exe:*:Enabled:SeaMonkey -- File not found "C:\Programme\Mozilla Firefox\firefox.exe" = C:\Programme\Mozilla Firefox\firefox.exe:*:Enabled:Mozilla Firefox -- (Mozilla Corporation) "C:\Dokumente und Einstellungen\Name\Desktop\SAMP_GF_\SAMP_REAL!\SAMP\samp-server.exe" = C:\Dokumente und Einstellungen\Name\Desktop\SAMP_GF_\SAMP_REAL!\SAMP\samp-server.exe:*:Enabled:samp-server -- File not found "C:\Dokumente und Einstellungen\Name\Desktop\samp02Xserver.win32\samp-server.exe" = C:\Dokumente und Einstellungen\Name\Desktop\samp02Xserver.win32\samp-server.exe:*:Enabled:samp-server -- File not found "C:\Dokumente und Einstellungen\Name\Desktop\SAMP_GF_\SAMP_GF_\SAMP_REAL!\SAMP\samp-server.exe" = C:\Dokumente und Einstellungen\Name\Desktop\SAMP_GF_\SAMP_GF_\SAMP_REAL!\SAMP\samp-server.exe:*:Enabled:samp-server -- File not found "C:\Dokumente und Einstellungen\Name\Desktop\SAMP_GF_\samp02Xserver.win32\samp-server.exe" = C:\Dokumente und Einstellungen\Name\Desktop\SAMP_GF_\samp02Xserver.win32\samp-server.exe:*:Enabled:samp-server -- File not found "C:\Dokumente und Einstellungen\Name\Desktop\SA-MP_Script_King\SA-MP Script King.exe" = C:\Dokumente und Einstellungen\Name\Desktop\SA-MP_Script_King\SA-MP Script King.exe:*:Enabled:SA-MP Wiki King -- File not found "C:\Programme\MTA San Andreas\Multi Theft Auto.exe" = C:\Programme\MTA San Andreas\Multi Theft Auto.exe:*:Enabled:Play MTA San Andreas -- () "C:\Programme\MTA San Andreas\server\MTA Server.exe" = C:\Programme\MTA San Andreas\server\MTA Server.exe:*:Enabled:MTA Server -- () "C:\Dokumente und Einstellungen\Name\Desktop\Kopie von samp02Xserver.win32\samp-server.exe" = C:\Dokumente und Einstellungen\Name\Desktop\Kopie von samp02Xserver.win32\samp-server.exe:*:Enabled:samp-server -- File not found "C:\Dokumente und Einstellungen\Name\temp\TeamViewer\Version4\TeamViewer.exe" = C:\Dokumente und Einstellungen\Name\temp\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application -- (TeamViewer GmbH) "C:\Dokumente und Einstellungen\Name\Desktop\Meine FS.GM Sammlung\samp02Xserver.win32\samp-server.exe" = C:\Dokumente und Einstellungen\Name\Desktop\Meine FS.GM Sammlung\samp02Xserver.win32\samp-server.exe:*:Enabled:samp-server -- File not found "C:\Programme\Steam\SteamApps\deathxx666\counter-strike source\hl2.exe" = C:\Programme\Steam\SteamApps\deathxx666\counter-strike source\hl2.exe:*:Enabled:hl2 -- () "C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation) "C:\Programme\Java\jre6\bin\java.exe" = C:\Programme\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) "C:\Programme\VideoLAN\VLC\vlc.exe" = C:\Programme\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- () "C:\Dokumente und Einstellungen\Name\Desktop\Meine FS.GM Sammlung\l\samp-server.exe" = C:\Dokumente und Einstellungen\Name\Desktop\Meine FS.GM Sammlung\l\samp-server.exe:*:Enabled:samp-server -- File not found "C:\Dokumente und Einstellungen\Name\Desktop\samp02Xserver.win32\samp02Xserver.win32\samp-server.exe" = C:\Dokumente und Einstellungen\Name\Desktop\samp02Xserver.win32\samp02Xserver.win32\samp-server.exe:*:Enabled:samp-server -- File not found "C:\Dokumente und Einstellungen\Name\Desktop\Meine FS.GM Sammlung\SAMP_GF_\SAMP_REAL!\SAMP\samp-server.exe" = C:\Dokumente und Einstellungen\Name\Desktop\Meine FS.GM Sammlung\SAMP_GF_\SAMP_REAL!\SAMP\samp-server.exe:*:Disabled:samp-server -- File not found "C:\Dokumente und Einstellungen\Name\Desktop\Stunt\samp-server.exe" = C:\Dokumente und Einstellungen\Name\Desktop\Stunt\samp-server.exe:*:Enabled:samp-server -- File not found "C:\Dokumente und Einstellungen\Name\Desktop\[SeS]Stunt-EvER\samp-server.exe" = C:\Dokumente und Einstellungen\Name\Desktop\[SeS]Stunt-EvER\samp-server.exe:*:Enabled:samp-server -- File not found "C:\Dokumente und Einstellungen\Name\Desktop\freeroam\Stunt\samp-server.exe" = C:\Dokumente und Einstellungen\Name\Desktop\freeroam\Stunt\samp-server.exe:*:Disabled:samp-server -- File not found "C:\Dokumente und Einstellungen\Name\Desktop\freeroam\[SeS]Stunt-EvER\samp-server.exe" = C:\Dokumente und Einstellungen\Name\Desktop\freeroam\[SeS]Stunt-EvER\samp-server.exe:*:Enabled:samp-server.exe -- File not found "C:\Programme\Rockstar Games\Midnight Club II Demo\mc2_demo.exe" = C:\Programme\Rockstar Games\Midnight Club II Demo\mc2_demo.exe:*:Disabled:mc2_demo -- File not found "C:\Dokumente und Einstellungen\Name\Desktop\!!Server!!\TESTSERVER\[SeS]Stunt-EvER\samp-server.exe" = C:\Dokumente und Einstellungen\Name\Desktop\!!Server!!\TESTSERVER\[SeS]Stunt-EvER\samp-server.exe:*:Enabled:samp-server -- File not found "C:\Dokumente und Einstellungen\Name\Desktop\samp03svr_RC6-1_win32\samp-server.exe" = C:\Dokumente und Einstellungen\Name\Desktop\samp03svr_RC6-1_win32\samp-server.exe:*:Enabled:SA-MP dedicated server -- File not found "C:\Dokumente und Einstellungen\Name\Desktop\samp03svr_RC7-2_win32\samp-server.exe" = C:\Dokumente und Einstellungen\Name\Desktop\samp03svr_RC7-2_win32\samp-server.exe:*:Enabled:SA-MP dedicated server -- File not found "C:\Programme\WinSCP\WinSCP.exe" = C:\Programme\WinSCP\WinSCP.exe:*:Enabled:SFTP, FTP and SCP client -- File not found "C:\Dokumente und Einstellungen\Name\Desktop\samp03asvr_R2_win32\samp-server.exe" = C:\Dokumente und Einstellungen\Name\Desktop\samp03asvr_R2_win32\samp-server.exe:*:Enabled:SA-MP dedicated server -- File not found "C:\Dokumente und Einstellungen\Name\Desktop\samp03asvr_win32\samp-server.exe" = C:\Dokumente und Einstellungen\Name\Desktop\samp03asvr_win32\samp-server.exe:*:Enabled:SA-MP dedicated server -- File not found "C:\Dokumente und Einstellungen\Name\Desktop\Real-Life+Stunting+v6.3+Server+Pack+by+cmg4life\Real-Life Stunting v6.3 Server Pack by cmg4life\samp-server.exe" = C:\Dokumente und Einstellungen\Name\Desktop\Real-Life+Stunting+v6.3+Server+Pack+by+cmg4life\Real-Life Stunting v6.3 Server Pack by cmg4life\samp-server.exe:*:Enabled:samp-server -- File not found "C:\Programme\ICQ6.5\ICQ.exe" = C:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- File not found "C:\Programme\AVG\AVG9\avgemc.exe" = C:\Programme\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.) "C:\Programme\AVG\AVG9\avgupd.exe" = C:\Programme\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.) "C:\Programme\AVG\AVG9\avgnsx.exe" = C:\Programme\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.) "C:\Dokumente und Einstellungen\Name\Desktop\v342\v342\samp-server.exe" = C:\Dokumente und Einstellungen\Name\Desktop\v342\v342\samp-server.exe:*:Enabled:SA-MP dedicated server -- File not found "C:\Programme\Xfire\Xfire.exe" = C:\Programme\Xfire\Xfire.exe:*:Enabled:Xfire -- File not found "C:\Dokumente und Einstellungen\Name\Desktop\Stunt'n Fun - Basic Stunt Gamemode\Stunt Server\samp-server.exe" = C:\Dokumente und Einstellungen\Name\Desktop\Stunt'n Fun - Basic Stunt Gamemode\Stunt Server\samp-server.exe:*:Enabled:SA-MP dedicated server -- File not found "C:\Dokumente und Einstellungen\Name\temp\TeamViewer\Version5\TeamViewer.exe" = C:\Dokumente und Einstellungen\Name\temp\TeamViewer\Version5\TeamViewer.exe:*:Disabled:TeamViewer -- (TeamViewer GmbH) "C:\Dokumente und Einstellungen\Name\Desktop\teamspeak3-server_win32-3.0.0-beta1\teamspeak3-server_win32\ts3server_win32.exe" = C:\Dokumente und Einstellungen\Name\Desktop\teamspeak3-server_win32-3.0.0-beta1\teamspeak3-server_win32\ts3server_win32.exe:*:Enabled:TeamSpeak 3 Server -- File not found "C:\WINDOWS\system32\java.exe" = C:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) "C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Development Company, L.P.) "C:\Programme\HP\Digital Imaging\bin\hposfx08.exe" = C:\Programme\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Development Company, L.P.) "C:\Programme\HP\Digital Imaging\bin\hposid01.exe" = C:\Programme\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Development Company, L.P.) "C:\Programme\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Programme\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Development Company, L.P.) "C:\Programme\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Programme\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard) "C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Development Company, L.P.) "C:\Programme\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Programme\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- (Hewlett-Packard) "C:\Programme\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Programme\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( ) "C:\Programme\HP\Digital Imaging\bin\hpoews01.exe" = C:\Programme\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Development Company, L.P.) "K:\Spiele - Name\GTA-San Andreas\[SeS]Stunt-EvER\samp-server.exe" = K:\Spiele - Name\GTA-San Andreas\[SeS]Stunt-EvER\samp-server.exe:*:Enabled:samp-server -- File not found "C:\Dokumente und Einstellungen\Name\Desktop\Kopie von samp03asvr_win32\samp-server.exe" = C:\Dokumente und Einstellungen\Name\Desktop\Kopie von samp03asvr_win32\samp-server.exe:*:Enabled:SA-MP dedicated server -- File not found "C:\Dokumente und Einstellungen\Name\Desktop\Freeroam Script © by Name\samp-server.exe" = C:\Dokumente und Einstellungen\Name\Desktop\Freeroam Script © by Name\samp-server.exe:*:Enabled:SA-MP dedicated server -- File not found "C:\Dokumente und Einstellungen\Name\Desktop\GUI Styles for samp © by Name\Freeroam Script © by Name\samp-server.exe" = C:\Dokumente und Einstellungen\Name\Desktop\GUI Styles for samp © by Name\Freeroam Script © by Name\samp-server.exe:*:Enabled:SA-MP dedicated server -- File not found "C:\Dokumente und Einstellungen\Name\Desktop\samp03asvr_R5_win32\samp-server.exe" = C:\Dokumente und Einstellungen\Name\Desktop\samp03asvr_R5_win32\samp-server.exe:*:Enabled:SA-MP dedicated server -- File not found "C:\Dokumente und Einstellungen\Name\Desktop\Scripts © by Name\MiniYodaRockz-\MiniYodaRockz!\samp-server.exe" = C:\Dokumente und Einstellungen\Name\Desktop\Scripts © by Name\MiniYodaRockz-\MiniYodaRockz!\samp-server.exe:*:Enabled:SA-MP dedicated server -- File not found "C:\Dokumente und Einstellungen\Name\Desktop\xampp-win32-1.7.3\xampp\FileZillaFTP\FileZilla Server.exe" = C:\Dokumente und Einstellungen\Name\Desktop\xampp-win32-1.7.3\xampp\FileZillaFTP\FileZilla Server.exe:*:Enabled:FileZilla Server -- File not found "C:\Programme\Opera\opera.exe" = C:\Programme\Opera\opera.exe:*:Enabled:Opera Internet Browser -- File not found "C:\Programme\Metin2\metin2client.bin" = C:\Programme\Metin2\metin2client.bin:*:Enabled:metin2client -- File not found "C:\Dokumente und Einstellungen\Name\Desktop\GUI Styles for samp © by Name\Freeroam Script © by Name\samp03asvr_R5_win32\samp-server.exe" = C:\Dokumente und Einstellungen\Name\Desktop\GUI Styles for samp © by Name\Freeroam Script © by Name\samp03asvr_R5_win32\samp-server.exe:*:Enabled:SA-MP dedicated server -- File not found "C:\Programme\ICQ7.2\ICQ.exe" = C:\Programme\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.) "C:\Programme\ICQ7.2\aolload.exe" = C:\Programme\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC) "C:\Dokumente und Einstellungen\Name\Desktop\mcsharp-214\MCSharp CLI.exe" = C:\Dokumente und Einstellungen\Name\Desktop\mcsharp-214\MCSharp CLI.exe:*:Enabled:MCSharp Console -- File not found "C:\Dokumente und Einstellungen\Name\Desktop\mclawl_r44\MCLawl.exe" = C:\Dokumente und Einstellungen\Name\Desktop\mclawl_r44\MCLawl.exe:*:Enabled:MCLawl -- File not found "C:\Dokumente und Einstellungen\Name\Desktop\mclawl_r45.2\MCLawl.exe" = C:\Dokumente und Einstellungen\Name\Desktop\mclawl_r45.2\MCLawl.exe:*:Enabled:MCLawl -- File not found "C:\Dokumente und Einstellungen\Name\Desktop\Samp Server by Pusher Apparel\samp-server.exe" = C:\Dokumente und Einstellungen\Name\Desktop\Samp Server by Pusher Apparel\samp-server.exe:*:Enabled:SA-MP dedicated server -- File not found "C:\Dokumente und Einstellungen\Name\Desktop\samp03bsvr_R2_win32\samp-server.exe" = C:\Dokumente und Einstellungen\Name\Desktop\samp03bsvr_R2_win32\samp-server.exe:*:Enabled:SA-MP dedicated server -- File not found "C:\Dokumente und Einstellungen\Name\Desktop\10\samp-server.exe" = C:\Dokumente und Einstellungen\Name\Desktop\10\samp-server.exe:*:Enabled:SA-MP dedicated server -- File not found "C:\Programme\Pando Networks\Media Booster\PMB.exe" = C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- () "C:\Dokumente und Einstellungen\Name\Desktop\One Ordner\GTA\Samp Server by Pusher Apparel\samp-server.exe" = C:\Dokumente und Einstellungen\Name\Desktop\One Ordner\GTA\Samp Server by Pusher Apparel\samp-server.exe:*:Enabled:SA-MP dedicated server -- File not found "C:\Dokumente und Einstellungen\Name\Desktop\samp03csvr_RC1_win32\samp-server.exe" = C:\Dokumente und Einstellungen\Name\Desktop\samp03csvr_RC1_win32\samp-server.exe:*:Enabled:SA-MP dedicated server -- File not found "C:\Programme\Java\jre6\bin\javaw.exe" = C:\Programme\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{044F9133-B8D7-4d11-BF39-803FA20F5C8B}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32 "{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3 "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center "{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer(TM) Generäle "{086BADF8-9B1F-4E89-B207-2EDA520972D6}" = Grand Theft Auto San Andreas "{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting "{09298F26-A95C-31E2-9D95-2C60F586F075}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{0A65A3BD-54B5-4d0d-B084-7688507813F5}" = SlideShow "{0E3CCCDC-3BB2-B5D5-A547-5F157E1BADB8}" = Catalyst Control Center Core Implementation "{0E592C31-09EF-3CA1-A7DE-05D13DFCF791}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - deu "{131C976E-E991-40FA-163F-B29022346F01}" = CCC Help English "{15C0AF59-4877-49B6-B8C6-A61CE54515F5}" = cp_OnlineProjectsConfig "{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin "{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab "{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress "{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 23 "{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3 "{29F05234-DCBB-4FE0-88DC-5160C9250312}" = Adobe Photoshop CS3 "{2C82E097-694E-44ea-A947-2750679469CF}" = Die Sims™ 2 "{2F58D60D-2BFD-4467-9B4D-64E7355C329D}" = Sonic_PrimoSDK "{33BF0960-DBA3-4187-B6CC-C969FCFA2D25}" = SkinsHP1 "{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types "{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{363790D2-DA98-41DD-9C9F-69FA36B169DE}" = PanoStandAlone "{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{41E776A5-9B12-416D-9A12-B4F7B044EBED}" = CP_Package_Basic1 "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant "{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder "{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3 "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{57B2281D-A34A-4a48-8C68-169B8873659D}" = c4100_Help "{5888428E-699C-4E71-BF71-94EE06B497DA}" = TuneUp Utilities 2008 "{5A080213-5AEC-4BF2-BB32-796EB0E421EC}" = Logitech G-series Keyboard Software "{5A53992C-48D6-D4DB-75A7-5D13388DAB9A}" = ccc-core-static "{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg "{6696D9A4-28A8-4F5A-8E9A-2E8974C8C39C}" = RandMap "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI "{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3 "{7148F0A8-6813-11D6-A77B-00B0D0142050}" = Java 2 Runtime Environment, SE v1.4.2_05 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2 "{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme "{738B0934-6676-44F6-AB52-32F4E60DCA7F}" = Microsoft SQL Server Compact 3.5 SP1 Design Tools (Deutsch) "{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings "{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762 "{7AE858CD-7AD6-D9E6-627E-E452A71896E7}" = Catalyst Control Center Graphics Full Existing "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec "{7C03270C-4FAB-4F5C-B10D-52FEDA190790}" = DocumentViewerQFolder "{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI "{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3 "{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder "{8A4CE7FD-9657-4B06-9943-E1819F3D5D67}" = DocProc "{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player "{8BC8DA36-302D-14FA-55AE-5CAAF1CA4F25}" = Catalyst Control Center Graphics Light "{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload "{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3 "{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support "{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 12 "{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007 "{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007 "{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007 "{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007 "{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007 "{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007 "{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3 "{94C1A41C-2A2D-4AF0-858E-924288245621}" = SlimDX Redistributable (August 2009) "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3 "{A29800BA-0BF1-4E63-9F31-DF05A87F4104}" = InstantShareDevices "{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps "{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A44C8D37-B36B-D378-2201-97137494E339}" = ccc-utility "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings "{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.0 - Deutsch "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{B2157760-AA3C-4E2E-BFE6-D20BC52495D9}" = cp_PosterPrintConfig "{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0 "{B6286A44-7505-471A-A72B-04EC2DB2F442}" = CueTour "{B69CFE29-FD03-4E0A-87A7-6ED97F98E5B3}" = CP_Panorama1Config "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player "{B944FA21-81AF-4A77-8328-CE4F4CC51031}" = Nero 8 "{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3 "{BB37C263-9B7F-6A1C-A1B8-333C3FB80614}" = ccc-core-preinstall "{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}" = HP Software Update "{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C1C6767D-B395-43CB-BF99-051B58B86DA6}" = PhotoGallery "{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU "{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2 "{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU "{C54C7C1F-4015-4217-8F16-8CF993C59793}" = MySQL Server 5.1 "{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime "{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter "{C871525F-7116-4d26-BA6D-215F59B6F88B}" = C4100 "{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA "{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack "{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client "{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files "{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding "{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings "{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp "{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings "{DE5CD0E9-9296-788D-F082-54454791A65E}" = Catalyst Control Center Graphics Previews Common "{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch "{E4A71A41-BCC8-480a-9E69-0DA29CBA7ECA}" = kikin plugin 2.9 "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0 "{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3 "{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack "{EBB15EA8-B7CF-E90C-B977-18777AFC63F0}" = Catalyst Control Center HydraVision Full "{EC27630A-EAFB-AB2A-56CC-7F5189845D85}" = Catalyst Control Center Graphics Full New "{ECCA3728-2753-4C3A-8608-5A41C4AEBDB7}" = Sony Vegas Pro 8.0 "{ED2C557E-9C18-41FF-B58E-A05EEF0B3B5F}" = CP_CalendarTemplates1 "{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}" = Adobe Setup "{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC "{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan "{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0 "{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects "{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA "{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{FA440BE8-EC2F-4478-A01A-077DA0606501}" = Microsoft SQL Server Compact 3.5 SP1 (Deutsch) "{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations "{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA "{FE7E1DD7-EBCE-4696-ADE2-22BDBF2372DA}" = DocumentViewer "{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Adobe_5f143314a5d434c8511097393d17397" = Adobe Photoshop CS3 "All ATI Software" = ATI - Dienstprogramm zur Deinstallation der Software "ATI Display Driver" = ATI Display Driver "AVG9Uninstall" = AVG Free 9.0 "DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters "ENTERPRISE" = Microsoft Office Enterprise 2007 "Fraps" = Fraps (remove only) "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.7 "HP Document Viewer" = HP Document Viewer 7.0 "HP Imaging Device Functions" = HP Imaging Device Functions 7.0 "HP Photo & Imaging" = HP Photosmart Premier Software 6.5 "HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0 "HPExtendedCapabilities" = HP Customer Participation Program 7.0 "HPOCR" = OCR Software by I.R.I.S 7.0 "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie8" = Windows Internet Explorer 8 "InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer(TM) Generäle "kikin Plugin (Murb.com Edition)" = kikin Plugin (Murb.com Edition) 1.11 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack "Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13) "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "MTA: Race for San Andreas" = MTA: Race for San Andreas 1.1.1 "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "PCI Audio Driver" = PCI Audio Driver "RealPlayer 12.0" = RealPlayer "San Andreas Mod Installer1.1" = San Andreas Mod Installer "SystemRequirementsLab" = System Requirements Lab "Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2 "TeamSpeak 3 Client" = TeamSpeak 3 Client "TeamViewer" = TeamViewer "Total Video Converter 3.02_is1" = Total Video Converter 3.02 "UltraISO_is1" = UltraISO Premium V8.63 "VLC media player" = VLC media player 1.0.3 "WIC" = Windows Imaging Component "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinRAR archiver" = WinRAR "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 25.11.2010 06:18:40 | Computer Name = Name | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung gta_sa.exe, Version 0.0.0.0, fehlgeschlagenes Modul gta_sa.exe, Version 0.0.0.0, Fehleradresse 0x00327b45. Error - 28.11.2010 17:28:08 | Computer Name = Name | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung notepad.exe, Version 5.1.2600.5512, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 04.12.2010 11:56:38 | Computer Name = Name | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung java.exe, Version 6.0.170.4, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 04.12.2010 12:39:58 | Computer Name = Name | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung java.exe, Version 6.0.170.4, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 06.12.2010 13:21:53 | Computer Name = Name | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung med.exe, Version 0.0.0.0, fehlgeschlagenes Modul med.exe, Version 0.0.0.0, Fehleradresse 0x0023042f. Error - 06.12.2010 13:22:00 | Computer Name = Name | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung med.exe, Version 0.0.0.0, fehlgeschlagenes Modul med.exe, Version 0.0.0.0, Fehleradresse 0x0023042f. Error - 06.12.2010 13:22:05 | Computer Name = Name | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung med.exe, Version 0.0.0.0, fehlgeschlagenes Modul med.exe, Version 0.0.0.0, Fehleradresse 0x0023042f. Error - 20.12.2010 16:02:18 | Computer Name = Name | Source = MsiInstaller | ID = 11722 Description = Produkt: Java(TM) 6 Update 23 -- Fehler 1722. Es liegt ein dieses Windows Installer-Paket betreffendes Problem vor. Ein Programm, das im Rahmen der Installation ausgeführt wurde, wurde nicht erfolgreich abgeschlossen. Wenden Sie sich an das Supportpersonal oder den Hersteller des Pakets. Aktion: patchjre, Pfad: C:\Programme\Java\jre1.6.0_23\patchjre.exe, Befehl: -s "" Error - 21.12.2010 07:04:50 | Computer Name = Name | Source = Windows Search Service | ID = 3013 Description = Eintrag <C:\DOKUMENTE UND EINSTELLUNGEN\Name\DESKTOP\WOMCLIENT-1.5.9\LIB\MINECRAFT.JAR> in der Hash-Zuordnung kann nicht aktualisiert werden. Kontext: Anwendung, SystemIndex Katalog Details: Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f) Error - 21.12.2010 07:04:50 | Computer Name = Name | Source = Windows Search Service | ID = 3013 Description = Eintrag <C:\DOKUMENTE UND EINSTELLUNGEN\Name\DESKTOP\WOMCLIENT-1.5.9\LIB\MINECRAFT.JAR> in der Hash-Zuordnung kann nicht aktualisiert werden. Kontext: Anwendung, SystemIndex Katalog Details: Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f) < End of report > Achso, nachdem ich die Malewarebytes Funde gelöscht hatte, hatte gleich mein AVG angeschlagen das irgendnen Trojaner gefunden wurde ? Und was ist ein Keygen ? Da es irgendwie am meißten da oben steht ... MfG Pusher Geändert von Pusher (22.12.2010 um 12:56 Uhr) Grund: Rechtschreibung ;) |
22.12.2010, 13:00 | #4 | ||
/// Winkelfunktion /// TB-Süch-Tiger™ | Google leitet oftmals auf schädliche Seiten weiter ?Zitat:
Dateien, die crack.exe, keygen.exe oder patch.exe sind zu 99,9% gefährliche Schädlinge, mit denen man nicht Spaßen sollte. Ausserdem sind diese illegal und wir unterstützen die Verwendung von geklauter Software nicht. Somit beschränkt sich der Support auf Anleitung zum Neu aufsetzten Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
22.12.2010, 13:09 | #5 |
Gast | Google leitet oftmals auf schädliche Seiten weiter ? Was meinst du jetzt mit geklauter Software ? ... Das mit dem Doof stellen, finde ich ja jetzt eine Frechheit. Ich verbringe ebend nicht meine ganze Zeit vorm PC ... sonst würde ich ja hier wohl nicht fragen. Mfg Pusher EDIT: Das mit dem neu aufsetzen ist auch gut ... Wenn man wirklich 0 Ahnung hat. Geändert von Pusher (22.12.2010 um 13:13 Uhr) Grund: EDIT hinzugefügt. |
22.12.2010, 13:31 | #6 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Google leitet oftmals auf schädliche Seiten weiter ?Zitat:
Du kannst mir nicht erzählen, dass sowas ein Laie nicht verstehen kann, dass das nicht rechtens ist...
__________________ --> Google leitet oftmals auf schädliche Seiten weiter ? |
22.12.2010, 13:38 | #7 |
Gast | Google leitet oftmals auf schädliche Seiten weiter ? Nein, will ich dir auch nicht erzählen. Ich wollte ebend nur wissen, was du damit meintest... "Geklaute Software" kann ja auch anders gemeint sein. Egal, wenn du der Meinung bist, kann ich nix ändern. Aber Danke für deine Hilfe bis hier her. Werds mal mit der Anleitung fürs Aufsetzen probieren ... Mfg Pusher Ps. Kannst dann als Erledigt abhaken oder sowas eben. |
Themen zu Google leitet oftmals auf schädliche Seiten weiter ? |
attackierende, avg, bho, bonjour, computer, converter, desktop, down, e-mail, einstellungen, google, hijack, hijackthis, hkus\s-1-5-18, internet, internet explorer, launch, logfile, mozilla, mp3, plug-in, problem, rundll, senden, server, software, system, windows, windows xp |