Verzeichnis von C:\WINDOWS\system32 19.11.2006 11:32 8.280 ikhcore.log 19.11.2006 11:18 0 tmp.txt 19.11.2006 11:18 2.454 tmp.reg 19.11.2006 10:48 610.086 dccdd.ini2 19.11.2006 00:21 587.439 dccdd.bak2 18.11.2006 15:36 1.158 wpa.dbl 16.11.2006 06:20 10.474.920 MRT.exe 07.11.2006 20:25 607.571 dccdd.tmp 05.11.2006 14:39 100 LuResult.txt 05.11.2006 12:51 43.520 CmdLineExt03.dll 04.11.2006 21:07 601.208 dccdd.ini 04.11.2006 21:07 601.208 dccdd.bak1 04.11.2006 14:14 1.245.696 msxml4.dll 01.11.2006 15:53 53.098 perfc009.dat 01.11.2006 15:53 391.574 perfh007.dat 01.11.2006 15:53 380.684 perfh009.dat 01.11.2006 15:53 63.976 perfc007.dat 01.11.2006 15:53 897.778 PerfStringBackup.INI 30.10.2006 11:25 1.488.688 LegitCheckControl.DLL 16.10.2006 12:19 270.336 xpsp3res.dll 13.10.2006 13:35 146.432 nwprovau.dll 14.09.2006 09:36 3.079.680 mshtml.dll 14.09.2006 09:36 670.208 wininet.dll 14.09.2006 09:36 474.624 shlwapi.dll 14.09.2006 09:36 617.984 urlmon.dll 14.09.2006 09:36 448.512 mshtmled.dll 14.09.2006 09:36 532.480 mstime.dll 14.09.2006 09:36 146.432 msrating.dll 14.09.2006 09:36 39.424 pngfilt.dll 14.09.2006 09:36 357.888 dxtmsft.dll 14.09.2006 09:36 205.312 dxtrans.dll 14.09.2006 09:36 251.904 iepeers.dll 14.09.2006 09:36 55.808 extmgr.dll 14.09.2006 09:36 1.056.256 danim.dll 14.09.2006 09:36 15.872 jsproxy.dll 14.09.2006 09:36 96.768 inseng.dll 14.09.2006 09:36 1.022.976 browseui.dll 14.09.2006 09:36 152.064 cdfview.dll 13.09.2006 06:02 1.084.416 msxml3.dll 04.09.2006 07:13 1.497.088 shdocvw.dll 29.08.2006 18:43 135.168 swreg.exe 25.08.2006 16:46 617.472 comctl32.dll 21.08.2006 13:26 16.896 fltlib.dll 21.08.2006 10:14 23.040 fltmc.exe 17.08.2006 13:28 332.288 netapi32.dll 17.08.2006 13:28 132.096 wkssvc.dll 17.08.2006 13:28 729.600 lsasrv.dll 16.08.2006 12:58 100.352 6to4svc.dll Verzeichnis von C:\DOKUME~1\Emanuel\LOKALE~1\Temp 19.11.2006 11:36 16.384 Perflib_Perfdata_60c.dat 1 Datei(en) 16.384 Bytes 0 Verzeichnis(se), 23.774.621.696 Bytes frei Verzeichnis von C:\WINDOWS 19.11.2006 11:41 1.859.944 WindowsUpdate.log 19.11.2006 11:33 0 0.log 19.11.2006 11:33 2.048 bootstat.dat 19.11.2006 11:32 32.638 SchedLgU.Txt 19.11.2006 11:18 218.766 setupact.log 19.11.2006 10:52 766.407 setupapi.log 19.11.2006 03:22 91.739 iis6.log 19.11.2006 03:22 199.803 comsetup.log 19.11.2006 03:22 119.595 ntdtcsetup.log 19.11.2006 03:22 224.505 tsoc.log 19.11.2006 03:22 1.393 imsins.log 19.11.2006 03:22 31.665 ocmsn.log 19.11.2006 03:22 18.057 KB923980.log 19.11.2006 03:22 277.125 ocgen.log 19.11.2006 03:22 28.681 msgsocm.log 19.11.2006 03:22 568.013 FaxSetup.log 19.11.2006 03:21 1.393 imsins.BAK 19.11.2006 03:21 18.188 KB924270.log 19.11.2006 03:20 36.624 updspapi.log 19.11.2006 03:14 20.030 KB920213.log 19.11.2006 03:13 34.382 KB922760.log 17.11.2006 20:22 216 wiadebug.log 17.11.2006 18:56 50 wiaservc.log 09.11.2006 13:44 8.449 WGA.log 05.11.2006 19:42 8.338 ModemLog_TOSHIBA Software Modem.txt 04.11.2006 20:45 179.680 DirectX.log 12.10.2006 22:31 13.911 KB924191.log 12.10.2006 22:31 13.726 KB922819.log 12.10.2006 22:31 12.902 KB923414.log 12.10.2006 22:31 15.735 KB924496.log 12.10.2006 22:31 10.149 KB923191.log 07.10.2006 13:08 15.163 KB920685.log 07.10.2006 13:08 16.965 KB920872.log 07.10.2006 13:08 15.304 KB919007.log 07.10.2006 13:08 10.043 KB922582.log 07.10.2006 13:07 14.848 KB925486.log 23.09.2006 19:09 58.183 wmsetup.log 23.09.2006 15:07 21.930 UnWSetup.log 15.08.2006 15:09 23 BlendSettings.ini Verzeichnis von C:\WINDOWS\Temp Verzeichnis von C:\WINDOWS\Downloaded Program Files 24.10.2006 17:15 367 LegitCheckControl.inf 11.07.2006 09:41 345.656 ewidoOnlineScan.dll 12.09.2005 12:06 65 desktop.ini 26.05.2005 04:19 293 muweb.inf 4 Datei(en) 346.381 Bytes 0 Verzeichnis(se), 23.774.609.408 Bytes frei Verzeichnis von C:\ 19.11.2006 11:45 0 sys.txt 19.11.2006 11:44 459 down.txt 19.11.2006 11:44 117 tmp.txt 19.11.2006 11:43 10.908 system.txt 19.11.2006 11:42 307 systemtemp.txt 19.11.2006 11:41 98.980 system32.txt 19.11.2006 11:39 5.659 ComboFix.txt 19.11.2006 11:32 1.072.156.672 hiberfil.sys 19.11.2006 11:32 1.610.612.736 pagefile.sys 19.11.2006 11:19 860 rapport.txt 19.11.2006 10:20 553.687 RegCleaner.exe 19.11.2006 10:19 17.253 vm404.log 19.11.2006 09:44 215.214 RootkitRevealer.zip 19.11.2006 00:47 6.469.352 avgas-setup-7.5.0.50.exe 17.11.2006 18:26 533.574 pllangs.exe 17.11.2006 18:24 2.855.080 aawsepersonal.exe 17.11.2006 17:32 8.604.464 sdsetup.exe 05.11.2006 14:09 11.795.448 antivir_workstation_win7u_de_h.exe 03.11.2006 21:36 1.021.681 1Schattenherz.zip 27.10.2006 12:21 660.131 Titan Quest v1[1].20 NO-CD Crack - No Intro Crack - TRH Release.rar 27.09.2006 10:56 3.768.889 asx-tq_v1[1].15.rar 27.09.2006 10:55 5.693.546 patchstandalone_108_to_115.exe 27.09.2006 10:51 5.093.202 patchstandalone_101_to_108.zip 27.09.2006 10:49 4.374.618 rld-tqu8.rar 27.09.2006 10:46 329.349 TQ_120_Fixed.rar 27.08.2006 16:11 381 overall_network.csv Logfile of HijackThis v1.99.1 Scan saved at 11:36:20, on 19.11.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programme\Intel\Wireless\Bin\EvtEng.exe C:\Programme\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Programme\Intel\Wireless\Bin\ZcfgSvc.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\ccProxy.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe C:\WINDOWS\system32\spoolsv.exe C:\Programme\AVG Anti-Spyware 7.5\guard.exe C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe C:\Programme\Intel\Wireless\Bin\OProtSvc.exe C:\Programme\Intel\Wireless\Bin\RegSrvc.exe C:\Programme\Spyware Doctor\sdhelp.exe C:\WINDOWS\system32\wdfmgr.exe C:\WINDOWS\system32\UAService7.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\AGRSMMSG.exe C:\WINDOWS\System32\svchost.exe C:\Programme\Apoint2K\Apoint.exe C:\WINDOWS\system32\TCtrlIOHook.exe C:\WINDOWS\system32\TPSMain.exe C:\Programme\TOSHIBA\TOSHIBA Controls\TFncKy.exe C:\Programme\TOSHIBA\Tvs\TvsTray.exe C:\Programme\TOSHIBA\ConfigFree\NDSTray.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\TPSBattM.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Programme\Apoint2K\Apntex.exe C:\Programme\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\ctfmon.exe C:\Programme\TOSHIBA\TOSCDSPD\toscdspd.exe C:\Programme\Spyware Doctor\swdoctor.exe C:\WINDOWS\system32\wuauclt.exe C:\Programme\Internet Explorer\iexplore.exe C:\antivir\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {31400A88-F005-4715-9391-4E67E550BF9C} - C:\WINDOWS\system32\ddccd.dll (file missing) O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll O2 - BHO: (no name) - {F18F04B0-9CF1-4b93-B004-77A288BEE28B} - C:\WINDOWS\system32\mchwaeqr.dll (file missing) O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [Apoint] C:\Programme\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [HWSetup] C:\Programme\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP O4 - HKLM\..\Run: [SVPWUTIL] C:\Programme\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe O4 - HKLM\..\Run: [TPSMain] TPSMain.exe O4 - HKLM\..\Run: [TFncKy] TFncKy.exe O4 - HKLM\..\Run: [Tvs] C:\Programme\TOSHIBA\Tvs\TvsTray.exe O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [ATIPTA] "C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Programme\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TOSCDSPD] C:\Programme\TOSHIBA\TOSCDSPD\toscdspd.exe O4 - HKCU\..\Run: [Sdso] "C:\PROGRA~1\SMBOLS~1\wuauboot.exe" -vt yazb O4 - HKCU\..\Run: [Spyware Doctor] "C:\Programme\Spyware Doctor\swdoctor.exe" /Q O4 - Startup: Microsoft Office OneNote 2003 Schnellstart.lnk = C:\Programme\Microsoft Office\OFFICE11\ONENOTEM.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_03\bin\npjpi150_03.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_03\bin\npjpi150_03.dll O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra button: eBay - {D7783732-69C6-4A28-BE53-618CC4609617} - C:\Programme\Internet Explorer\Signup\ToshibaGotoEbay.exe (HKCU) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1163075880453 O20 - Winlogon Notify: ddccd - C:\WINDOWS\system32\ddccd.dll (file missing) O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll O20 - Winlogon Notify: IntelWireless - C:\Programme\Intel\Wireless\Bin\LgNotify.dll O20 - Winlogon Notify: wincqt32 - wincqt32.dll (file missing) O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Programme\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: EvtEng - Intel Corporation - C:\Programme\Intel\Wireless\Bin\EvtEng.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Programme\Norton Internet Security\ISSVC.exe O23 - Service: OwnershipProtocol - Intel Corporation - C:\Programme\Intel\Wireless\Bin\OProtSvc.exe O23 - Service: RegSrvc - Intel Corporation - C:\Programme\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\GEMEIN~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Programme\Spyware Doctor\sdhelp.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe Emanuel - 19.11.2006 11:37:25,65 Service Pack 2 ComboFix 06.11.9 - Running from: "C:\antivir" (((((((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\Programme\Gemeinsame Dateien\Yazzle1162OinUninstaller.exe C:\WINDOWS\system32\components C:\Programme\Gemeinsame Dateien\{34B5F693-06C0-1031-0915-050915050031} C:\Programme\Gemeinsame Dateien\{F4B5F693-06C0-1031-0915-050915050031} ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Purity ~ ~ ~ ~ ~ ~ ~ ~~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Folders Quarantined: C:\QooBox\Purity\Programme\SMBOLS~1 C:\QooBox\Purity\Programme\SMBOLS~1\s?mbols C:\QooBox\Purity\Programme\SMBOLS~1\s?mbols\ctxad-501.0000 C:\QooBox\Purity\Programme\SMBOLS~1\s?mbols\ctxad-501.0001 C:\QooBox\Purity\Programme\SMBOLS~1\s?mbols\ctxad-501.0002 C:\QooBox\Purity\Programme\SMBOLS~1\s?mbols\ctxad-501.0003 C:\QooBox\Purity\Programme\SMBOLS~1\s?mbols\ctxad-501.0004 C:\QooBox\Purity\Programme\SMBOLS~1\s?mbols\ctxad-501.0005 ((((((((((((((((((((((((((((((( Files Created from 2019-10-06 to 2019.11.2006 )))))))))))))))))))))))))))))))))) No new files created in this timespan (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe" "TOSCDSPD"="C:\\Programme\\TOSHIBA\\TOSCDSPD\\toscdspd.exe" "Sdso"="\"C:\\PROGRA~1\\SMBOLS~1\\wuauboot.exe\" -vt yazb" "Spyware Doctor"="\"C:\\Programme\\Spyware Doctor\\swdoctor.exe\" /Q" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "AGRSMMSG"="AGRSMMSG.exe" "Apoint"="C:\\Programme\\Apoint2K\\Apoint.exe" "HWSetup"="C:\\Programme\\TOSHIBA\\TOSHIBA Applet\\HWSetup.exe hwSetUP" "SVPWUTIL"="C:\\Programme\\Toshiba\\Windows Utilities\\SVPWUTIL.exe SVPwUTIL" "TCtryIOHook"="TCtrlIOHook.exe" "TPSMain"="TPSMain.exe" "TFncKy"="TFncKy.exe" "Tvs"="C:\\Programme\\TOSHIBA\\Tvs\\TvsTray.exe" "NDSTray.exe"="NDSTray.exe" "dla"="C:\\WINDOWS\\system32\\dla\\tfswctrl.exe" "ATIPTA"="\"C:\\Programme\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe\"" "avgnt"="\"C:\\Programme\\AntiVir PersonalEdition Classic\\avgnt.exe\" /min" "!AVG Anti-Spyware"="\"C:\\Programme\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI] "Installed"="1" "NoChange"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS] "Installed"="1" [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000001 "GeneralFlags"=dword:00000004 [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE" "Spyware Doctor"="\"C:\\Programme\\Spyware Doctor\\swdoctor.exe\" /Q" [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE" "Spyware Doctor"="\"C:\\Programme\\Spyware Doctor\\swdoctor.exe\" /Q" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ddccd HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wincqt32 [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" Contents of the 'Scheduled Tasks' folder C:\WINDOWS\tasks\Registrierungserinnerung 1.job C:\WINDOWS\tasks\Symantec NetDetect.job Completion time: 19.11.2006 11:39:01,00 C:\ComboFix.txt ... 19.11.2006 11:39