WARNING: not all files found by this scanner are bad. Consult with a knowledgable person before proceeding. If you see a message in the titlebar saying "Not responding..." you can ignore it. Windows sometimes displays this message due to the high volume of disk I/O. As long as the hard disk light is flashing, the program is still working properly. »»»»»»»»»»»»»»»»» Windows OS and Versions »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Logfile created on: 06.12.2006 15:34:52 WinPFind v1.5.0 Folder = C:\Dokumente und Einstellungen\Tower\Desktop\WinPFind\WinPFind\ Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) Internet Explorer (Version = 7.0.5730.11) »»»»»»»»»»»»»»»»» Checking Selected Standard Folders »»»»»»»»»»»»»»»»»»»» Checking %SystemDrive% folder... KavSvc 06.12.2006 11:01:06 98846 C:\system32.txt () Checking %ProgramFilesDir% folder... Checking %WinDir% folder... Checking %System% folder... aspack 18.03.2005 16:19:58 2337488 C:\WINDOWS\SYSTEM32\d3dx9_25.dll (Microsoft Corporation) aspack 26.05.2005 14:34:52 2297552 C:\WINDOWS\SYSTEM32\d3dx9_26.dll (Microsoft Corporation) aspack 22.07.2005 18:59:04 2319568 C:\WINDOWS\SYSTEM32\d3dx9_27.dll (Microsoft Corporation) aspack 05.12.2005 17:09:18 2323664 C:\WINDOWS\SYSTEM32\d3dx9_28.dll (Microsoft Corporation) aspack 03.02.2006 07:43:16 2332368 C:\WINDOWS\SYSTEM32\d3dx9_29.dll (Microsoft Corporation) aspack 31.03.2006 11:40:58 2388176 C:\WINDOWS\SYSTEM32\d3dx9_30.dll (Microsoft Corporation) PEC2 04.08.2004 13:00:00 41118 C:\WINDOWS\SYSTEM32\dfrg.msc () Umonitor 28.04.1999 14:01:12 331776 C:\WINDOWS\SYSTEM32\ipebase12.dll (Hewlett-Packard Company) KavSvc 13.12.2005 21:42:50 244 C:\WINDOWS\SYSTEM32\kavsvc.exception.log () PTech 19.06.2006 15:19:42 571184 C:\WINDOWS\SYSTEM32\LegitCheckControl.dll (Microsoft Corporation) PECompact2 16.11.2006 06:20:40 10474920 C:\WINDOWS\SYSTEM32\MRT.exe (Microsoft Corporation) aspack 16.11.2006 06:20:40 10474920 C:\WINDOWS\SYSTEM32\MRT.exe (Microsoft Corporation) aspack 04.08.2004 13:00:00 733696 C:\WINDOWS\SYSTEM32\ntdll.dll (Microsoft Corporation) WSUD 04.08.2004 13:00:00 260096 C:\WINDOWS\SYSTEM32\nusrmgr.cpl (Microsoft Corporation) Umonitor 04.08.2004 13:00:00 686592 C:\WINDOWS\SYSTEM32\rasdlg.dll (Microsoft Corporation) winsync 04.08.2004 13:00:00 1309184 C:\WINDOWS\SYSTEM32\wbdbase.deu () PTech 19.06.2006 15:19:26 304944 C:\WINDOWS\SYSTEM32\WgaTray.exe (Microsoft Corporation) Checking %System%\Drivers folder and sub-folders... Items found in C:\WINDOWS\SYSTEM32\drivers\etc\hosts Checking the Windows folder and sub-folders for system and hidden files within the last 60 days... 06.12.2006 13:29:10 S 2048 C:\WINDOWS\bootstat.dat () 02.12.2006 10:56:58 H 54156 C:\WINDOWS\QTFont.qfn () 29.10.2006 18:18:04 HS 7680 C:\WINDOWS\Thumbs.db () 02.12.2006 13:08:32 H 25194 C:\WINDOWS\Help\mplayer2.GID () 27.10.2006 14:44:00 HS 10240 C:\WINDOWS\rnapxs\rnapxs.dat () 17.11.2006 18:57:16 S 42920 C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ie7.cat () 11.10.2006 07:28:14 S 9200 C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB914440.cat () 16.10.2006 16:35:26 S 10965 C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB920213.cat () 13.10.2006 13:55:34 S 10965 C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB923980.cat () 13.10.2006 14:32:52 S 10259 C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB924270.cat () 06.12.2006 14:03:30 H 1024 C:\WINDOWS\system32\config\default.LOG () 06.12.2006 13:29:12 H 1024 C:\WINDOWS\system32\config\SAM.LOG () 06.12.2006 13:29:56 H 1024 C:\WINDOWS\system32\config\SECURITY.LOG () 06.12.2006 15:37:16 H 1024 C:\WINDOWS\system32\config\software.LOG () 06.12.2006 13:40:20 H 1024 C:\WINDOWS\system32\config\system.LOG () 28.11.2006 14:46:00 H 1024 C:\WINDOWS\system32\config\systemprofile\ntuser.dat.LOG () 18.11.2006 09:12:56 HS 388 C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\6864850f-f5f3-4617-9fd1-02205693b3dc () 18.11.2006 09:12:56 HS 24 C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\Preferred () 20.11.2006 10:05:26 HS 388 C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\06123859-73ff-4818-aa79-6fa17569120b () 20.11.2006 10:05:26 HS 24 C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\Preferred () 06.12.2006 13:29:12 H 6 C:\WINDOWS\Tasks\SA.DAT () Checking for CPL files... 04.08.2004 13:00:00 70656 C:\WINDOWS\SYSTEM32\access.cpl (Microsoft Corporation) 04.08.2004 13:00:00 555008 C:\WINDOWS\SYSTEM32\appwiz.cpl (Microsoft Corporation) 04.08.2004 13:00:00 110592 C:\WINDOWS\SYSTEM32\bthprops.cpl (Microsoft Corporation) 14.01.1999 10:48:54 26624 C:\WINDOWS\SYSTEM32\CAMCPL.CPL (FotoNation inc.) 04.08.2004 13:00:00 138240 C:\WINDOWS\SYSTEM32\desk.cpl (Microsoft Corporation) 04.08.2004 13:00:00 80384 C:\WINDOWS\SYSTEM32\firewall.cpl (Microsoft Corporation) 04.08.2004 13:00:00 157184 C:\WINDOWS\SYSTEM32\hdwwiz.cpl (Microsoft Corporation) 17.10.2006 12:05:48 1817088 C:\WINDOWS\SYSTEM32\inetcpl.cpl (Microsoft Corporation) 04.08.2004 13:00:00 133120 C:\WINDOWS\SYSTEM32\intl.cpl (Microsoft Corporation) 04.08.2004 13:00:00 381440 C:\WINDOWS\SYSTEM32\irprops.cpl (Microsoft Corporation) 04.08.2004 13:00:00 69632 C:\WINDOWS\SYSTEM32\joy.cpl (Microsoft Corporation) 10.11.2005 13:03:50 49265 C:\WINDOWS\SYSTEM32\jpicpl32.cpl (Sun Microsystems, Inc.) 04.08.2004 13:00:00 189440 C:\WINDOWS\SYSTEM32\main.cpl (Microsoft Corporation) 04.08.2004 13:00:00 625152 C:\WINDOWS\SYSTEM32\mmsys.cpl (Microsoft Corporation) 04.08.2004 13:00:00 35840 C:\WINDOWS\SYSTEM32\ncpa.cpl (Microsoft Corporation) 04.08.2004 13:00:00 25600 C:\WINDOWS\SYSTEM32\netsetup.cpl (Microsoft Corporation) 04.08.2004 13:00:00 260096 C:\WINDOWS\SYSTEM32\nusrmgr.cpl (Microsoft Corporation) 04.08.2004 13:00:00 32768 C:\WINDOWS\SYSTEM32\odbccp32.cpl (Microsoft Corporation) 04.08.2004 13:00:00 117248 C:\WINDOWS\SYSTEM32\powercfg.cpl (Microsoft Corporation) 04.08.2004 13:00:00 303104 C:\WINDOWS\SYSTEM32\sysdm.cpl (Microsoft Corporation) 04.08.2004 13:00:00 28160 C:\WINDOWS\SYSTEM32\telephon.cpl (Microsoft Corporation) 04.08.2004 13:00:00 94208 C:\WINDOWS\SYSTEM32\timedate.cpl (Microsoft Corporation) 04.08.2004 13:00:00 148480 C:\WINDOWS\SYSTEM32\wscui.cpl (Microsoft Corporation) 26.05.2005 03:16:22 174872 C:\WINDOWS\SYSTEM32\wuaucpl.cpl (Microsoft Corporation) 04.08.2004 13:00:00 70656 C:\WINDOWS\SYSTEM32\dllcache\access.cpl (Microsoft Corporation) 04.08.2004 13:00:00 555008 C:\WINDOWS\SYSTEM32\dllcache\appwiz.cpl (Microsoft Corporation) 04.08.2004 13:00:00 138240 C:\WINDOWS\SYSTEM32\dllcache\desk.cpl (Microsoft Corporation) 04.08.2004 13:00:00 80384 C:\WINDOWS\SYSTEM32\dllcache\firewall.cpl (Microsoft Corporation) 04.08.2004 13:00:00 157184 C:\WINDOWS\SYSTEM32\dllcache\hdwwiz.cpl (Microsoft Corporation) 17.10.2006 12:05:48 1817088 C:\WINDOWS\SYSTEM32\dllcache\inetcpl.cpl (Microsoft Corporation) 04.08.2004 13:00:00 133120 C:\WINDOWS\SYSTEM32\dllcache\intl.cpl (Microsoft Corporation) 04.08.2004 13:00:00 69632 C:\WINDOWS\SYSTEM32\dllcache\joy.cpl (Microsoft Corporation) 04.08.2004 13:00:00 189440 C:\WINDOWS\SYSTEM32\dllcache\main.cpl (Microsoft Corporation) 04.08.2004 13:00:00 625152 C:\WINDOWS\SYSTEM32\dllcache\mmsys.cpl (Microsoft Corporation) 04.08.2004 13:00:00 35840 C:\WINDOWS\SYSTEM32\dllcache\ncpa.cpl (Microsoft Corporation) 04.08.2004 13:00:00 25600 C:\WINDOWS\SYSTEM32\dllcache\netsetup.cpl (Microsoft Corporation) 04.08.2004 13:00:00 260096 C:\WINDOWS\SYSTEM32\dllcache\nusrmgr.cpl (Microsoft Corporation) 04.08.2004 13:00:00 32768 C:\WINDOWS\SYSTEM32\dllcache\odbccp32.cpl (Microsoft Corporation) 04.08.2004 13:00:00 117248 C:\WINDOWS\SYSTEM32\dllcache\powercfg.cpl (Microsoft Corporation) 04.08.2004 13:00:00 159744 C:\WINDOWS\SYSTEM32\dllcache\sapi.cpl (Microsoft Corporation) 04.08.2004 13:00:00 303104 C:\WINDOWS\SYSTEM32\dllcache\sysdm.cpl (Microsoft Corporation) 04.08.2004 13:00:00 28160 C:\WINDOWS\SYSTEM32\dllcache\telephon.cpl (Microsoft Corporation) 04.08.2004 13:00:00 94208 C:\WINDOWS\SYSTEM32\dllcache\timedate.cpl (Microsoft Corporation) 04.08.2004 13:00:00 148480 C:\WINDOWS\SYSTEM32\dllcache\wscui.cpl (Microsoft Corporation) 26.05.2005 03:16:22 174872 C:\WINDOWS\SYSTEM32\dllcache\wuaucpl.cpl (Microsoft Corporation) Checking for Downloaded Program Files... {0000000A-0000-0010-8000-00AA00389B71} - - CodeBase = http://download.microsoft.com/download/d/4/4/d446e8a9-3a86-4b59-bb19-f5bd11b40367/wmavax.CAB {00000161-0000-0010-8000-00AA00389B71} - - CodeBase = http://codecs.microsoft.com/codecs/i386/msaudio.cab {0D41B8C5-2599-4893-8183-00195EC8D5F9} - asusTek_sysctrl Class - CodeBase = http://support.asus.com/common/asusTek_sys_ctrl.cab {17492023-C23A-453E-A040-C7C580BBF700} - Windows Genuine Advantage Validation Tool - CodeBase = http://go.microsoft.com/fwlink/?linkid=39204 {33564D57-0000-0010-8000-00AA00389B71} - - CodeBase = http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - Office Update Installation Engine - CodeBase = http://office.microsoft.com/officeupdate/content/opuc3.cab {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - MUWebControl Class - CodeBase = http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1133200086796 {8AD9C840-044E-11D1-B3E9-00805F499D93} - Java Plug-in 1.5.0_06 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} - Get_ActiveX Control - CodeBase = https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - Java Plug-in 1.5.0_06 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - Java Plug-in 1.5.0_06 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab {D27CDB6E-AE6D-11CF-96B8-444553540000} - Shockwave Flash Object - CodeBase = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab »»»»»»»»»»»»»»»»» Checking Selected Startup Folders »»»»»»»»»»»»»»»»»»»»» Checking files in %ALLUSERSPROFILE%\Startup folder... 06.06.2006 18:10:58 1737 C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Reader Speed Launch.lnk () 25.05.2005 14:32:02 HS 84 C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini () 06.12.2006 13:29:12 991 C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\F-Secure 2006.lnk () 29.10.2005 12:59:20 1709 C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Microsoft Office.lnk () 25.05.2005 14:46:56 735 C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\VIA RAID TOOL.lnk () 12.12.2005 20:54:46 1498 C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\WinZip Quick Pick.lnk () Checking files in %ALLUSERSPROFILE%\Application Data folder... 25.05.2005 21:21:00 HS 62 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\desktop.ini () 24.09.2006 11:12:00 1755 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache () Checking files in %USERPROFILE%\Startup folder... 25.05.2005 14:32:02 HS 84 C:\Dokumente und Einstellungen\Tower\Startmenü\Programme\Autostart\desktop.ini () Checking files in %USERPROFILE%\Application Data folder... 28.05.2006 09:42:00 869 C:\Dokumente und Einstellungen\Tower\Anwendungsdaten\AdobeDLM.log () 25.05.2005 21:21:00 HS 62 C:\Dokumente und Einstellungen\Tower\Anwendungsdaten\desktop.ini () 28.05.2006 09:42:00 0 C:\Dokumente und Einstellungen\Tower\Anwendungsdaten\dm.ini () »»»»»»»»»»»»»»»»» Checking Selected Registry Keys »»»»»»»»»»»»»»»»»»»»»»» >>> Internet Explorer Settings <<< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main] \\Start Page - http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home \\Search Page - http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch \\Default_Page_URL - http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome \\Default_Search_URL - http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch \\Local Page - %SystemRoot%\system32\blank.htm [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main] \\Start Page - http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome \\Search Page - http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch \\Local Page - C:\WINDOWS\system32\blank.htm [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search] \\CustomizeSearch - http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm \\SearchAssistant - http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] \\{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Microsoft Url Search Hook = C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) >>> BHO's <<< [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] \{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - AcroIEHlprObj Class = C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) \{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - SSVHelper Class = C:\Programme\Java\jre1.5.0_06\bin\ssv.dll (Sun Microsystems, Inc.) >>> Internet Explorer Bars, Toolbars and Extensions <<< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars] \{4D5C8C25-D075-11d0-B416-00C04FB90376} - &Tipps und Tricks = %SystemRoot%\system32\shdocvw.dll (Microsoft Corporation) [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars] \{21569614-B795-46B1-85F4-E737A8DC09AD} - Shell Search Band = %SystemRoot%\system32\browseui.dll (Microsoft Corporation) \{30D02401-6A81-11D0-8274-00C04FD5AE38} - IE Search Band = C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) \{EFA24E61-B078-11D0-89E4-00C04FC9E26E} - Favorites Band = %SystemRoot%\system32\shdocvw.dll (Microsoft Corporation) \{EFA24E62-B078-11D0-89E4-00C04FC9E26E} - History Band = %SystemRoot%\system32\shdocvw.dll (Microsoft Corporation) \{EFA24E64-B078-11D0-89E4-00C04FC9E26E} - Explorer-Band = %SystemRoot%\system32\shdocvw.dll (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar] \WebBrowser\\{01E04581-4EEE-11D0-BFE9-00AA005B4383} - &Adresse = %SystemRoot%\system32\browseui.dll (Microsoft Corporation) \WebBrowser\\{0E5CBF21-D15F-11D0-8301-00AA005B4383} - &Links = %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\CmdMapping] \\{FB5F1910-F110-11d2-BB9E-00C04F795683} - 8192 = Windows Messenger \\NEXTID - 8197 \\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - 8193 = Sun Java Konsole \\{200DB664-75B5-47c0-8B45-A44ACCF73C00} - 8194 = \\{200DB664-75B5-47c0-8B45-A44ACCF73F01} - 8195 = Webfilter \\{300DB664-75B5-47c0-8B45-A44ACCF73C00} - 8196 = IE-Schutzschild... [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions] \{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - MenuText: Sun Java Konsole = C:\Programme\Java\jre1.5.0_06\bin\npjpi150_06.dll (Sun Microsystems, Inc.) \{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - MenuText: Sun Java Konsole = C:\Programme\Java\jre1.5.0_06\bin\ssv.dll (Sun Microsystems, Inc.)(HKCU CLSID) \{200DB664-75B5-47c0-8B45-A44ACCF73C00} - ButtonText: Webfilter = \{200DB664-75B5-47c0-8B45-A44ACCF73F01} - MenuText: Webfilter = C:\Programme\F-Secure Internet Security\FSPC\fspcmsie.dll (F-Secure Corporation) \{300DB664-75B5-47c0-8B45-A44ACCF73C00} - ButtonText: IE-Schutzschild = \{e2e2dd38-d088-4134-82b7-f2ba38496583} - MenuText: @xpsp3res.dll,-20001 = () \{FB5F1910-F110-11d2-BB9E-00C04F795683} - ButtonText: Messenger = C:\Programme\Messenger\msmsgs.exe (Microsoft Corporation) >>> Approved Shell Extensions (Non-Microsoft Only) <<< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved] \\{42071714-76d4-11d1-8b24-00a0c9068ff3} - CPL-Erweiterung für Anzeigeverschiebung = deskpan.dll () \\{764BF0E1-F219-11ce-972D-00AA00A14F56} - Shellerweiterungen für die Dateikomprimierung = () \\{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} - Kontextmenü für die Verschlüsselung = () \\{88895560-9AA2-1069-930E-00AA0030EBC8} - Erweiterung für HyperTerminal-Icons = C:\WINDOWS\system32\hticons.dll (Hilgraeve, Inc.) \\{0DF44EAA-FF21-4412-828E-260A8728E7F1} - Taskleiste und Startmenü = () \\{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} - Autoplay for SlideShow = () \\{7A9D77BD-5403-11d2-8785-2E0420524153} - Benutzerkonten = () \\{E0D79304-84BE-11CE-9641-444553540000} - WinZip = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL (WinZip Computing, Inc.) \\{E0D79305-84BE-11CE-9641-444553540000} - WinZip = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL (WinZip Computing, Inc.) \\{E0D79306-84BE-11CE-9641-444553540000} - WinZip = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL (WinZip Computing, Inc.) \\{E0D79307-84BE-11CE-9641-444553540000} - WinZip = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL (WinZip Computing, Inc.) \\{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} - iTunes = C:\Programme\iTunes\iTunesMiniPlayer.dll (Apple Computer, Inc.) \\{C56C4E21-706D-11d0-AFC5-444553540002} - Meine Digitalkamera = C:\Programme\PhotoDeluxe HE 3.1\FotoNation Explorer\camview.dll (FotoNation Inc.) [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved] \\{BDEADF00-C265-11d0-BCED-00A0C90AB50F} - = C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL () >>> Context Menu Handlers (Non-Microsoft Only) <<< [HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers] \WinZip - {E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL (WinZip Computing, Inc.) \{23814B80-52A2-11d0-BC1A-004095606CB9} - F-Secure = C:\Programme\F-Secure Internet Security\Common\fpshx.dll (F-Secure Corporation) [HKEY_LOCAL_MACHINE\Software\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers] [HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\ContextMenuHandlers] \WinZip - {E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL (WinZip Computing, Inc.) [HKEY_LOCAL_MACHINE\Software\Classes\Directory\BackGround\shellex\ContextMenuHandlers] [HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ContextMenuHandlers] \WinZip - {E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL (WinZip Computing, Inc.) \{23814B80-52A2-11d0-BC1A-004095606CB9} - F-Secure = C:\Programme\F-Secure Internet Security\Common\fpshx.dll (F-Secure Corporation) >>> Column Handlers (Non-Microsoft Only) <<< [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers] \{F9DB5320-233E-11D1-9F84-707F02C10627} - PDF Column Info = C:\Programme\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll (Adobe Systems, Inc.) >>> Registry Run Keys <<< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] NeroFilterCheck - C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) WinFast Schedule - C:\Programme\WinFast\WFTVFM\WFWIZ.exe (Leadtek Research Inc.) FLMOFFICE4DMOUSE - C:\Programme\Office Mouse\moffice.exe () Smapp - C:\Programme\Analog Devices\SoundMAX\SMTray.exe (Analog Devices, Inc.) WMC_AutoUpdate - Reg Data missing or invalid () SunJavaUpdateSched - C:\Programme\Java\jre1.5.0_06\bin\jusched.exe (Sun Microsystems, Inc.) HPDJ Taskbar Utility - C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe (HP) TrueImageMonitor.exe - C:\Programme\Acronis\TrueImage\TrueImageMonitor.exe (Acronis) Acronis Scheduler2 Service - C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe (Acronis) iTunesHelper - C:\Programme\iTunes\iTunesHelper.exe (Apple Computer, Inc.) QuickTime Task - C:\Programme\QuickTime\qttask.exe (Apple Computer, Inc.) F-Secure Manager - C:\Programme\F-Secure Internet Security\Common\FSM32.EXE (F-Secure Corporation) F-Secure TNB - C:\Programme\F-Secure Internet Security\TNB\TNBUtil.exe (F-Secure Corporation) F-Secure Startup Wizard - C:\Programme\F-Secure Internet Security\FSGUI\FSSW.EXE (F-Secure Corporation) News Service - C:\Programme\F-Secure Internet Security\FSGUI\ispnews.exe (F-Secure Corporation) MMTray - C:\Programme\Musicmatch\Musicmatch Jukebox\mm_tray.exe (Musicmatch, Inc.) mmtask - C:\Programme\Musicmatch\Musicmatch Jukebox\mmtask.exe (Musicmatch Inc.) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents] IMAIL Installed = 1 MAPI Installed = 1 MSFS Installed = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] CTFMON.EXE - C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation) PowerBar - Reg Data missing or invalid () PhonostarAgent - C:\Programme\phonostar\ps_agent.exe (phonostar) PhonostarTimer - C:\Programme\phonostar\ps_timer.exe (phonostar) [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\load] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\run] >>> Startup Links <<< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\\Common Startup] C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Reader Speed Launch.lnk - C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated) C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\F-Secure 2006.lnk - C:\Programme\F-Secure Internet Security\backweb\4476822\Program\fspex.exe (F-Secure Internet Security 2005) C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Microsoft Office.lnk - C:\Programme\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation) C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\VIA RAID TOOL.lnk - C:\Programme\VIA\RAID\raid_tool.exe (VIA Technologies) C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\WinZip Quick Pick.lnk - C:\Programme\WinZip\WZQKPICK.EXE (WinZip Computing, Inc.) [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\\Startup] C:\Dokumente und Einstellungen\Tower\Startmenü\Programme\Autostart\desktop.ini () >>> MSConfig Disabled Items <<< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig] [All Users Startup Folder Disabled Items] [Current User Startup Folder Disabled Items] >>> User Agent Post Platform <<< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform] >>> AppInit Dll's <<< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs] >>> Image File Execution Options <<< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] \Your Image File Name Here without a path - Debugger = ntsd -d >>> Shell Service Object Delay Load <<< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] \\PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} = %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation) \\CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} = %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation) \\WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} = C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) \\SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} = C:\WINDOWS\system32\stobject.dll (Microsoft Corporation) \\UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} = C:\WINDOWS\system32\upnpui.dll (Microsoft Corporation) >>> Shell Execute Hooks <<< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] \\{AEB6717E-7E19-11d0-97EE-00C04FD91972} - URL Exec Hook = shell32.dll (Microsoft Corporation) >>> Shared Task Scheduler <<< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] \\{438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader = %SystemRoot%\system32\browseui.dll (Microsoft Corporation) \\{8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon = %SystemRoot%\system32\browseui.dll (Microsoft Corporation) >>> Winlogon <<< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] \\UserInit = C:\WINDOWS\system32\userinit.exe, \\Shell = Explorer.exe \\System = [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify] \crypt32chain - crypt32.dll = (Microsoft Corporation) \cryptnet - cryptnet.dll = (Microsoft Corporation) \cscdll - cscdll.dll = (Microsoft Corporation) \ScCertProp - wlnotify.dll = (Microsoft Corporation) \Schedule - wlnotify.dll = (Microsoft Corporation) \sclgntfy - sclgntfy.dll = (Microsoft Corporation) \SensLogn - WlNotify.dll = (Microsoft Corporation) \termsrv - wlnotify.dll = (Microsoft Corporation) \WgaLogon - WgaLogon.dll = (Microsoft Corporation) \wlballoon - wlnotify.dll = (Microsoft Corporation) >>> DNS Name Servers <<< {6AD4983D-EE03-401A-954F-852C2FDDA07A} - (802.11g USB 2.0 WLAN Dongle) >>> All Winsock2 Catalogs <<< [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries] \000000000001\\LibraryPath - %SystemRoot%\System32\mswsock.dll (Microsoft Corporation) \000000000002\\LibraryPath - %SystemRoot%\System32\winrnr.dll (Microsoft Corporation) \000000000003\\LibraryPath - %SystemRoot%\System32\mswsock.dll (Microsoft Corporation) \000000000004\\LibraryPath - C:\WINDOWS\system32\pnrpnsp.dll (Microsoft Corporation) \000000000005\\LibraryPath - C:\WINDOWS\system32\pnrpnsp.dll (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries] \000000000001\\PackedCatalogItem - wwinsflt.dll () \000000000002\\PackedCatalogItem - wwinsflt.dll () \000000000003\\PackedCatalogItem - wwinsflt.dll () \000000000004\\PackedCatalogItem - wwinsflt.dll () \000000000005\\PackedCatalogItem - wwinsflt.dll () \000000000006\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation) \000000000007\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation) \000000000008\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation) \000000000009\\PackedCatalogItem - %SystemRoot%\system32\rsvpsp.dll (Microsoft Corporation) \000000000010\\PackedCatalogItem - %SystemRoot%\system32\rsvpsp.dll (Microsoft Corporation) \000000000011\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation) \000000000012\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation) \000000000013\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation) \000000000014\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation) \000000000015\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation) \000000000016\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation) \000000000017\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation) \000000000018\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation) \000000000019\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation) \000000000020\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation) \000000000021\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation) \000000000022\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation) \000000000023\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation) \000000000024\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation) \000000000025\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation) \000000000026\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation) \000000000027\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation) \000000000028\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation) \000000000029\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation) \000000000030\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation) \000000000031\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation) \000000000032\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation) \000000000033\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation) \000000000034\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation) \000000000035\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation) \000000000036\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation) \000000000037\\PackedCatalogItem - %SystemRoot%\system32\mswsock.dll (Microsoft Corporation) \000000000038\\PackedCatalogItem - wwinsflt.dll () >>> Protocol Handlers (Non-Microsoft Only) <<< [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler] \ipp - () \msdaipp - () >>> Protocol Filters (Non-Microsoft Only) <<< [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter] >>> Selected AddOn's <<< »»»»»»»»»»»»»»»»»»»»»»»» Scan Complete »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»