Dennis - 06-12-05 20:47:03,98 Service Pack 2 ComboFix 06.11.27W - Running from: "C:\Dokumente und Einstellungen\Dennis\Desktop" ((((((((((((((((((((((((((((((( Files Created from 2006-11-05 to 2006-12-05 )))))))))))))))))))))))))))))))))) 2006-12-05 18:36 17,920 --a------ C:\WINDOWS\system32\vcehaeb.dll 2006-12-05 18:36 d-------- C:\Programme\Virus-Bursters 2006-12-05 18:35 d-------- C:\Programme\Video ActiveX Object 2006-12-05 18:15 d-------- C:\Programme\Limewire 2006-12-01 19:29 d-------- C:\Programme\Kaspersky Lab 2006-12-01 19:29 d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Lab 2006-12-01 19:08 d-------- C:\kaspersky 2006-11-26 19:17 332,800 --a------ C:\WINDOWS\mmfplay.exe 2006-11-26 19:17 d-------- C:\Programme\MobileMusic 2006-11-26 13:01 d-------- C:\Programme\AmazingMIDI 2006-11-23 21:07 87,040 --a------ C:\WINDOWS\UnGins.exe 2006-11-23 21:07 d-------- C:\Programme\Bubble Bobble Quest 2006-11-23 19:40 81,920 --------- C:\WINDOWS\system32\BrWebIns.dll 2006-11-23 19:40 65,536 --------- C:\WINDOWS\system32\BRWEBUP.EXE 2006-11-23 19:40 57,344 --a------ C:\WINDOWS\system32\brsvc01a.exe 2006-11-23 19:40 55,296 --------- C:\WINDOWS\system32\brinsstr.dll 2006-11-23 19:40 45,056 --a------ C:\WINDOWS\system32\brss01a.exe 2006-11-23 19:40 37,888 --a------ C:\WINDOWS\system32\BrUSi05a.dll 2006-11-23 19:40 258,048 --a------ C:\WINDOWS\system32\bsplmf01.dll 2006-11-23 19:40 188,416 --------- C:\WINDOWS\system32\PDRVINST.DLL 2006-11-23 19:40 15,295 --a------ C:\WINDOWS\system32\drivers\BrScnUsb.sys 2006-11-23 19:40 147,456 --------- C:\WINDOWS\brunin03.dll 2006-11-23 19:40 131,072 --a------ C:\WINDOWS\system32\bsplmf01.exe 2006-11-23 19:40 122,880 --------- C:\WINDOWS\system32\BrfxD05a.dll 2006-11-23 19:40 121,856 --a------ C:\WINDOWS\system32\BrWia05a.dll 2006-11-23 19:40 d-------- C:\Programme\Common Files 2006-11-23 19:40 d-------- C:\Programme\Brother 2006-11-23 19:40 d-------- C:\Brother 2006-11-23 19:36 d-------- C:\Programme\ScanSoft 2006-11-23 19:36 d-------- C:\Programme\Gemeinsame Dateien\ScanSoft Shared 2006-11-23 19:36 d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ScanSoft 2006-11-23 19:36 d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\InstallShield 2006-11-23 19:33 d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Brother 2006-11-20 23:37 d-------- C:\Programme\Opera 2006-11-20 23:37 d-------- C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\Opera 2006-11-20 23:31 44,163 --a------ C:\WINDOWS\system32\drivers\btwhid.sys 2006-11-20 23:31 17,516 --a------ C:\WINDOWS\system32\drivers\frmupgr.sys 2006-11-20 23:28 d-------- C:\Dokumente und Einstellungen\Dennis\Bluetooth Software 2006-11-20 23:23 d-------- C:\Programme\Bluetooth Software 2006-11-18 18:07 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll 2006-11-18 15:41 d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Yahoo! Companion 2006-11-18 07:01 d-------- C:\Programme\MSXML 4.0 2006-11-17 18:44 85,504 --a------ C:\WINDOWS\system32\HtmlWH.dll 2006-11-17 18:44 d-------- C:\Elcom 2006-11-12 14:07 167,936 --a------ C:\WINDOWS\system32\TTF16FR.DLL 2006-11-12 14:07 163,840 --a------ C:\WINDOWS\system32\TTF16DE.DLL 2006-11-12 14:06 d-------- C:\Hager 2006-11-10 16:01 d-------- C:\Programme\Apple Software Update (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2006-12-01 22:00 61072 --a------ C:\WINDOWS\system32\drivers\klick.sys 2006-12-01 22:00 59536 --a------ C:\WINDOWS\system32\drivers\klin.sys 2006-11-26 14:50 51278 --a------ C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\wklnhst.dat 2006-11-23 19:40 -------- d--h----- C:\Programme\InstallShield Installation Information 2006-11-23 19:40 -------- d-------- C:\Programme\Gemeinsame Dateien\InstallShield 2006-11-23 19:36 -------- d-------- C:\Programme\Gemeinsame Dateien 2006-11-20 23:37 -------- d---s---- C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\Microsoft 2006-11-18 15:40 -------- d-------- C:\Programme\Yahoo! 2006-11-18 07:00 -------- d-------- C:\Programme\Internet Explorer 2006-11-10 16:02 -------- d-------- C:\Programme\QuickTime 2006-11-10 15:48 -------- d-------- C:\Programme\Winamp 2006-11-05 22:49 -------- d-------- C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\Skype 2006-11-04 14:16 -------- d-------- C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\Media Player Classic 2006-11-04 14:14 1245696 --a------ C:\WINDOWS\system32\msxml4.dll 2006-10-15 13:18 85 ---hs---- C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\.zreglib 2006-10-15 13:18 -------- d-------- C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\Elaborate Bytes 2006-10-15 13:16 -------- d-------- C:\Programme\CloneDVD2 2006-10-15 13:02 -------- d-------- C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\SlySoft 2006-10-13 13:35 146432 --a------ C:\WINDOWS\system32\nwprovau.dll 2006-10-08 12:29 20096 --a------ C:\WINDOWS\system32\drivers\AnyDVD.sys 2006-09-13 06:02 1084416 --a------ C:\WINDOWS\system32\msxml3.dll (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "T-Online DSL-Manager"="\"C:\\Programme\\T-Online\\DSL-Manager\\TODslMgr.exe\"" "ISDN SpeedManager"="\"C:\\PROGRA~1\\T-Online\\ISDNSP~1\\Tomcat.exe\"" "NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe" "KernelFaultCheck"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,\ 65,6d,33,32,5c,64,75,6d,70,72,65,70,20,30,20,2d,6b,00 "LVCOMSX"="C:\\WINDOWS\\system32\\LVCOMSX.EXE" "ISDNStatus"="C:\\Programme\\Deutsche Telekom\\Teledat 220 PCI\\isdnsta.exe" "QuickTime Task"="\"C:\\Programme\\QuickTime\\qttask.exe\" -atboottime" "SSBkgdUpdate"="\"C:\\Programme\\Gemeinsame Dateien\\Scansoft Shared\\SSBkgdUpdate\\SSBkgdupdate.exe\" -Embedding -boot" "PaperPort PTD"="C:\\Programme\\ScanSoft\\PaperPort\\pptd40nt.exe" "IndexSearch"="C:\\Programme\\ScanSoft\\PaperPort\\IndexSearch.exe" "SetDefPrt"="C:\\Programme\\Brother\\Brmfl05a\\BrStDvPt.exe" "ControlCenter2.0"="C:\\Programme\\Brother\\ControlCenter2\\brctrcen.exe /autorun" "kav"="\"C:\\Programme\\Kaspersky Lab\\Kaspersky Anti-Virus 6.0\\avp.exe\"" @="" [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000001 "GeneralFlags"=dword:00000005 [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Die derzeitige Homepage" "Flags"=dword:00000002 "Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,de,03,00,00,00,\ 00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00 "CurrentState"=hex:04,00,00,40 "OriginalStateInfo"=hex:18,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,de,02,\ 00,00,04,00,00,40 "RestoredStateInfo"=hex:18,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,de,02,\ 00,00,01,00,00,00 [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE" "InfoCockpit"="C:\\Programme\\T-Online\\T-Online_Software_6\\Info-Cockpit\\INFOCOCKPIT.EXE /nosplash" "T-Online_Software_6\\WLAN-Access Finder"="C:\\Programme\\T-Online\\WLAN-Access Finder\\ToWLaAcF.exe /StartMinimized" [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE" "InfoCockpit"="C:\\Programme\\T-Online\\T-Online_Software_6\\Info-Cockpit\\INFOCOCKPIT.EXE /nosplash" "T-Online_Software_6\\WLAN-Access Finder"="C:\\Programme\\T-Online\\WLAN-Access Finder\\ToWLaAcF.exe /StartMinimized" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon" "{9d635a36-6b3c-4146-8625-f3aaf507bbf8}"="flammei" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\Run] "SystemManager"="C:\\WINDOWS\\system32\\msapp32.exe" [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" "flammei"="{9d635a36-6b3c-4146-8625-f3aaf507bbf8}" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "T-Online_Software_6\\WLAN-Access Finder"="C:\\Programme\\T-Online\\WLAN-Access Finder\\ToWLaAcF.exe /StartMinimized" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "ISDN SpeedManager"="\"C:\\PROGRA~1\\T-Online\\ISDNSP~1\\Tomcat.exe\"" "ISDNStatus"="C:\\Programme\\Deutsche Telekom\\Teledat 220 PCI\\isdnsta.exe" "iTunesHelper"="\"C:\\Programme\\iTunes\\iTunesHelper.exe\"" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CHotkey] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="mHotkey" "hkey"="HKLM" "command"="mHotkey.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dit] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Dit" "hkey"="HKLM" "command"="Dit.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="msmsgs" "hkey"="HKCU" "command"="\"C:\\Programme\\Messenger\\msmsgs.exe\" /background" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NeroCheck" "hkey"="HKLM" "command"="C:\\WINDOWS\\system32\\NeroCheck.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="qttask" "hkey"="HKLM" "command"="\"C:\\Programme\\QuickTime\\qttask.exe\" -atboottime" "inimapping"="0" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" Contents of the 'Scheduled Tasks' folder C:\WINDOWS\tasks\1-Klick-Wartung.job C:\WINDOWS\tasks\AppleSoftwareUpdate.job Completion time: 06-12-05 20:49:33.26 C:\ComboFix.txt ... 06-12-05 20:49 Logfile of HijackThis v1.99.1 Scan saved at 21:10:14, on 05.12.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\brsvc01a.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\brss01a.exe C:\WINDOWS\system32\netdde.exe C:\WINDOWS\Explorer.EXE C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe C:\Programme\Bluetooth Software\bin\btwdins.exe C:\DATEV\SYSTEM\PSNTSERV.EXE C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe C:\Programme\Microsoft SQL Server\MSSQL$DATEV_CL_DE01\Binn\sqlservr.exe C:\Programme\Gemeinsame Dateien\Marmiko Shared\MZCCntrl.exe C:\Programme\Deutsche Telekom\Teledat 220 PCI\rvscn.exe C:\Programme\Teledat\WCOM\SYSTEM\RVSINST.EXE C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\System32\svchost.exe C:\Programme\Teledat\WCOM\SYSTEM\RVSCC.EXE C:\Programme\T-Online\DSL-Manager\TODslMgr.exe C:\PROGRA~1\T-Online\ISDNSP~1\Tomcat.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Programme\Deutsche Telekom\Teledat 220 PCI\isdnsta.exe C:\Programme\QuickTime\qttask.exe C:\Programme\ScanSoft\PaperPort\pptd40nt.exe C:\Programme\Brother\ControlCenter2\brctrcen.exe C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe C:\WINDOWS\system32\ctfmon.exe C:\Programme\Brother\Brmfcmon\BrMfcWnd.exe C:\Programme\Brother\Brmfcmon\BrMfcmon.exe C:\Programme\T-Online\DSL-Manager\TODslSvc.exe C:\Programme\Internet Explorer\iexplore.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Programme\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe C:\Programme\Nero\Nero 7\Core\nero.exe C:\Programme\Gemeinsame Dateien\Ahead\lib\NMIndexStoreSvr.exe C:\Dokumente und Einstellungen\Dennis\Desktop\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.medion.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Hilfsobjekt für Encarta Web-Begleiter - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL O3 - Toolbar: Encarta Web-Begleiter - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Protection Bar - {96ebbe6a-2864-4345-b32b-26ee9be524b5} - C:\Programme\Video ActiveX Object\iesplugin.dll O4 - HKLM\..\Run: [T-Online DSL-Manager] "C:\Programme\T-Online\DSL-Manager\TODslMgr.exe" O4 - HKLM\..\Run: [ISDN SpeedManager] "C:\PROGRA~1\T-Online\ISDNSP~1\Tomcat.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [ISDNStatus] C:\Programme\Deutsche Telekom\Teledat 220 PCI\isdnsta.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [PaperPort PTD] C:\Programme\ScanSoft\PaperPort\pptd40nt.exe O4 - HKLM\..\Run: [IndexSearch] C:\Programme\ScanSoft\PaperPort\IndexSearch.exe O4 - HKLM\..\Run: [SetDefPrt] C:\Programme\Brother\Brmfl05a\BrStDvPt.exe O4 - HKLM\..\Run: [ControlCenter2.0] C:\Programme\Brother\ControlCenter2\brctrcen.exe /autorun O4 - HKLM\..\Run: [kav] "C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Status Monitor.lnk = C:\Programme\Brother\Brmfcmon\BrMfcWnd.exe O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Senden an &Bluetooth - C:\Programme\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_05\bin\npjpi150_05.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_05\bin\npjpi150_05.dll O9 - Extra button: Web-Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra button: MedionShop - {82DEF876-14E4-4CE5-9CA4-DE79A2EE46D2} - http://www.medionshop.de/ (file missing) (HKCU) O10 - Unknown file in Winsock LSP: c:\windows\system32\spacklsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\spacklsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\spacklsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\spacklsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\spacklsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\spacklsp.dll O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com O16 - DPF: {3DF6983D-D415-4AE5-8106-43987731DAA5} (AldiActiveFormX Element) - https://shop.aldi-fotoservice-druck.de/shop/activex/aldi_nord_express_upload.cab O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4881/mcfscan.cab O18 - Protocol: haufereader - {39198710-62F7-42CD-9458-069843FA5D32} - C:\Programme\Haufe\HaufeReader\HRInstmon.dll O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll O21 - SSODL: flammei - {9d635a36-6b3c-4146-8625-f3aaf507bbf8} - C:\WINDOWS\system32\vcehaeb.dll O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing) O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programme\Bluetooth Software\bin\btwdins.exe O23 - Service: CA-Lizenz-Client (CA_LIC_CLNT) - Computer Associates - C:\Programme\CA\SharedComponents\CA_LIC\lic98rmt.exe O23 - Service: CA-Lizenzserver (CA_LIC_SRVR) - Computer Associates - C:\Programme\CA\SharedComponents\CA_LIC\lic98rmtd.exe O23 - Service: DATEV Druckservice (DatevPrintService) - DATEV eG - C:\DATEV\SYSTEM\PSNTSERV.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe O23 - Service: Ereignisprotokoll-Überwachung (LogWatch) - Computer Associates - C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe O23 - Service: T-Online WLAN Adapter Steuerungsdienst (MZCCntrl) - T-Online International AG, Marmiko IT-Solutions GmbH - C:\Programme\Gemeinsame Dateien\Marmiko Shared\MZCCntrl.exe O23 - Service: RVS CommCenter (RvsCC) - Unknown owner - C:\Programme\Teledat\WCOM\SYSTEM\RVSCC.EXE O23 - Service: RVS Dialer Protection (rvscn) - Living Byte Software GmbH, München - C:\Programme\Deutsche Telekom\Teledat 220 PCI\rvscn.exe O23 - Service: RvscomSv - Living Byte Software GmbH, München - C:\Programme\Teledat\WCOM\SYSTEM\RVSCOMSV.EXE O23 - Service: RVS Installer (RVSINST) - Living Byte Software GmbH, München - C:\Programme\Teledat\WCOM\SYSTEM\RVSINST.EXE O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: T-Online DSL-Manager (TODslService) - T-Systems International GmbH - C:\Programme\T-Online\DSL-Manager\TODslSvc.exe O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Programme\TuneUp Utilities 2006\WinStylerThemeSvc.exe