HIJACKTHIS STARTUP ABGESICHERT

StartupList report, 20.02.2007, 19:06:07
StartupList version: 1.52.2
Started from : C:\Dokumente und Einstellungen\BP\Desktop\HijackThis.EXE
Detected: Windows XP SP2 (WinNT 5.01.2600)
Detected: Internet Explorer v6.00 SP2 (6.00.2900.2180)
* Using default options
* Including empty and uninteresting sections
* Showing rarely important sections
==================================================

Running processes:

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Dokumente und Einstellungen\BP\Desktop\HijackThis.exe

--------------------------------------------------

Listing of startup folders:

Shell folders Startup:
[C:\Dokumente und Einstellungen\BP\Startmenü\Programme\Autostart]
*No files*

Shell folders AltStartup:
*Folder not found*

User shell folders Startup:
*Folder not found*

User shell folders AltStartup:
*Folder not found*

Shell folders Common Startup:
[C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart]
Adobe Reader Speed Launch.lnk = C:\Programme\Adobe\Reader 8.0\Reader\reader_sl.exe
Adobe Reader Synchronizer.lnk = C:\Programme\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
Digital Line Detect.lnk = ?
G DATA Firewall Tray.lnk = ?
Post-it® Software Notes Lite.lnk = C:\Programme\PSNLite\PsnLite.exe
Program Neighborhood Agent.lnk = C:\Programme\Citrix\ICA Client\pnagent.exe
VPN Client.lnk = ?

Shell folders Common AltStartup:
*Folder not found*

User shell folders Common Startup:
*Folder not found*

User shell folders Alternate Common Startup:
*Folder not found*

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,

[HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon]
*Registry key not found*

[HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
*Registry value not found*

[HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon]
*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

ehTray = C:\WINDOWS\ehome\ehtray.exe
Apoint = C:\Programme\Apoint\Apoint.exe
SunJavaUpdateSched = C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
ATIPTA = "C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe"
(Default) = 
IntelWireless = C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
ISUSPM Startup = C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
ISUSScheduler = "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe" -start
NeroFilterCheck = C:\WINDOWS\system32\NeroCheck.exe
adiras = adiras.exe
AVKTray = "C:\Programme\AntiVirenKit InternetSecurity\AVKTray\AVKTray.exe"

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

MSMSGS = "C:\Programme\Messenger\msmsgs.exe" /background
DrvMon.exe = C:\WINDOWS\system32\DrvMon.exe

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce

ICQ Lite = C:\Programme\ICQLite\ICQLite.exe -trayboot

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run

*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

[OptionalComponents]
*No values found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*

--------------------------------------------------

File association entry for .EXE:
HKEY_CLASSES_ROOT\exefile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .COM:
HKEY_CLASSES_ROOT\comfile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .BAT:
HKEY_CLASSES_ROOT\batfile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .PIF:
HKEY_CLASSES_ROOT\piffile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .SCR:
HKEY_CLASSES_ROOT\scrfile\shell\open\command

(Default) = "%1" /S

--------------------------------------------------

File association entry for .HTA:
HKEY_CLASSES_ROOT\htafile\shell\open\command

(Default) = C:\WINDOWS\system32\mshta.exe "%1" %*

--------------------------------------------------

File association entry for .TXT:
HKEY_CLASSES_ROOT\txtfile\shell\open\command

(Default) = %SystemRoot%\system32\NOTEPAD.EXE %1

--------------------------------------------------

Enumerating Active Setup stub paths:
HKLM\Software\Microsoft\Active Setup\Installed Components
(* = disabled by HKCU twin)

[>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP

[>{26923b43-4d38-484f-9b9e-de460746276c}] *
StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE

[>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] *
StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

[>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

[KB910393] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\EasyCDBlock.inf,PerUserInstall

[{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] *
StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

[{407408d4-94ed-4d86-ab69-a7f649d112ee}] *
StubPath = %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection QuickLaunchShortcut 640 %systemroot%\inf\mcdftreg.inf

[{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] *
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

[{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT

[{5945c046-1e7d-11d1-bc44-00c04fd912be}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser

[{6BF52A52-394A-11d3-B153-00C04F79FAA6}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub

[{7790769C-0471-11d2-AF11-00C04FA35D02}] *
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

[{89820200-ECBD-11cf-8B85-00AA005B4340}] *
StubPath = regsvr32.exe /s /n /i:U shell32.dll

[{89820200-ECBD-11cf-8B85-00AA005B4383}] *
StubPath = %SystemRoot%\system32\ie4uinit.exe

[{89B4C1CD-B018-4511-B0A1-5476DBF70820}] *
StubPath = C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install

[{8b15971b-5355-4c82-8c07-7e181ea07608}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser

--------------------------------------------------

Enumerating ICQ Agent Autostart apps:
HKCU\Software\Mirabilis\ICQ\Agent\Apps

*Registry key not found*

--------------------------------------------------

Load/Run keys from C:\WINDOWS\WIN.INI:

load=*INI section not found*
run=*INI section not found*

Load/Run keys from Registry:

HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\Windows: load=
HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=

--------------------------------------------------

Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=Explorer.exe
SCRNSAVE.EXE=C:\WINDOWS\system32\logon.scr
drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry key not found*
HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------

Checking for EXPLORER.EXE instances:

C:\WINDOWS\Explorer.exe: PRESENT!

C:\Explorer.exe: not present
C:\WINDOWS\Explorer\Explorer.exe: not present
C:\WINDOWS\System\Explorer.exe: not present
C:\WINDOWS\System32\Explorer.exe: not present
C:\WINDOWS\Command\Explorer.exe: not present
C:\WINDOWS\Fonts\Explorer.exe: not present

--------------------------------------------------

Checking for superhidden extensions:

.lnk: HIDDEN! (arrow overlay: yes)
.pif: HIDDEN! (arrow overlay: yes)
.exe: not hidden
.com: not hidden
.bat: not hidden
.hta: not hidden
.scr: not hidden
.shs: HIDDEN!
.shb: HIDDEN!
.vbs: not hidden
.vbe: not hidden
.wsh: not hidden
.scf: HIDDEN! (arrow overlay: NO!)
.url: HIDDEN! (arrow overlay: yes)
.js: not hidden
.jse: not hidden

--------------------------------------------------

Verifying REGEDIT.EXE integrity:

- Regedit.exe found in C:\WINDOWS
- .reg open command is normal (regedit.exe %1)
- Company name OK: 'Microsoft Corporation'
- Original filename OK: 'REGEDIT.EXE'
- File description: 'Registrierungs-Editor'

Registry check passed

--------------------------------------------------

Enumerating Browser Helper Objects:

G DATA WebFilter Class - C:\Programme\AntiVirenKit InternetSecurity\Webfilter\AvkWebIE.dll - {0124123D-61B4-456f-AF86-78C53A0790C5}
(no name) - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
(no name) - C:\Programme\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll - {AE7CD045-E861-484f-8273-0445EE161910}

--------------------------------------------------

Enumerating Task Scheduler jobs:

ISP-Anmeldungserinnerung 1.job
Symantec NetDetect.job

--------------------------------------------------

Enumerating Download Program Files:

[QuickTime Object]
InProcServer32 = C:\Programme\QuickTime\QTPlugin.ocx
CODEBASE = http://www.apple.com/qtactivex/qtplugin.cab

[Windows Genuine Advantage Validation Tool]
InProcServer32 = C:\WINDOWS\system32\LegitCheckControl.DLL
CODEBASE = http://go.microsoft.com/fwlink/?linkid=39204

[Silverwire Image Uploader 3.0 Control]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\ImageUploader3.ocx
CODEBASE = http://www.fotowire.com/download/client/uploader/ImageUploader3.cab

[Java Plug-in]
InProcServer32 = C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
CODEBASE = http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

[Photo Uploader Control]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\PhotoUploader.ocx
CODEBASE = http://www.studivz.net/lib/photouploader/PhotoUploader.cab

[GetInfo.MainClass]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\GetInfo.dll
CODEBASE = https://www.bppassport.com/diligent/GetInfo.cab

[Java Plug-in]
InProcServer32 = C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
CODEBASE = http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab

[Java Plug-in]
InProcServer32 = C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
CODEBASE = http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

[Java Plug-in 1.5.0_06]
InProcServer32 = C:\Programme\Java\jre1.5.0_06\bin\npjpi150_06.dll
CODEBASE = http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

--------------------------------------------------

Enumerating Winsock LSP files:

NameSpace #1: C:\WINDOWS\System32\mswsock.dll
NameSpace #2: C:\WINDOWS\System32\winrnr.dll
NameSpace #3: C:\WINDOWS\System32\mswsock.dll
Protocol #1: C:\WINDOWS\system32\mswsock.dll
Protocol #2: C:\WINDOWS\system32\mswsock.dll
Protocol #3: C:\WINDOWS\system32\mswsock.dll
Protocol #4: C:\WINDOWS\system32\rsvpsp.dll
Protocol #5: C:\WINDOWS\system32\rsvpsp.dll
Protocol #6: C:\WINDOWS\system32\mswsock.dll
Protocol #7: C:\WINDOWS\system32\mswsock.dll
Protocol #8: C:\WINDOWS\system32\mswsock.dll
Protocol #9: C:\WINDOWS\system32\mswsock.dll
Protocol #10: C:\WINDOWS\system32\mswsock.dll
Protocol #11: C:\WINDOWS\system32\mswsock.dll
Protocol #12: C:\WINDOWS\system32\mswsock.dll
Protocol #13: C:\WINDOWS\system32\mswsock.dll
Protocol #14: C:\WINDOWS\system32\mswsock.dll
Protocol #15: C:\WINDOWS\system32\mswsock.dll
Protocol #16: C:\WINDOWS\system32\mswsock.dll
Protocol #17: C:\WINDOWS\system32\mswsock.dll
Protocol #18: C:\WINDOWS\system32\mswsock.dll
Protocol #19: C:\WINDOWS\system32\mswsock.dll
Protocol #20: C:\WINDOWS\system32\mswsock.dll
Protocol #21: C:\WINDOWS\system32\mswsock.dll
Protocol #22: C:\WINDOWS\system32\mswsock.dll
Protocol #23: C:\WINDOWS\system32\mswsock.dll

--------------------------------------------------

Enumerating Windows NT/2000/XP services

abp480n5: \SystemRoot\system32\DRIVERS\ABP480N5.SYS (disabled)
Microsoft ACPI-Treiber: system32\DRIVERS\ACPI.sys (system)
actser: system32\drivers\actser.sys (manual start)
General Purpose USB Driver (adildr.sys): System32\Drivers\adildr.sys (autostart)
AT-AR215 USB ADSL Modem: system32\DRIVERS\adiusbaw.sys (manual start)
Adobe LM Service: "C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe" (disabled)
adpu160m: \SystemRoot\system32\DRIVERS\adpu160m.sys (disabled)
Microsoft Kernel-Echounterdrückung: system32\drivers\aec.sys (manual start)
AEGIS Protocol (IEEE 802.1x) v3.1.0.1: system32\DRIVERS\AegisP.sys (autostart)
AFD: \SystemRoot\System32\drivers\afd.sys (system)
Intel AGP-Bus-Filter: \SystemRoot\system32\DRIVERS\agp440.sys (disabled)
Compaq AGP-Bus-Filter: \SystemRoot\system32\DRIVERS\agpCPQ.sys (disabled)
Aha154x: \SystemRoot\system32\DRIVERS\aha154x.sys (disabled)
aic78u2: \SystemRoot\system32\DRIVERS\aic78u2.sys (disabled)
aic78xx: \SystemRoot\system32\DRIVERS\aic78xx.sys (disabled)
Warndienst: %SystemRoot%\system32\svchost.exe -k LocalService (disabled)
Gatewaydienst auf Anwendungsebene: %SystemRoot%\System32\alg.exe (manual start)
AliIde: \SystemRoot\system32\DRIVERS\aliide.sys (disabled)
ALI AGP-Bus-Filter: \SystemRoot\system32\DRIVERS\alim1541.sys (disabled)
AMD AGP-Bus-Filtertreiber: \SystemRoot\system32\DRIVERS\amdagp.sys (disabled)
amsint: \SystemRoot\system32\DRIVERS\amsint.sys (disabled)
Alps Touch Pad Filter Driver for Windows 2000/XP: system32\DRIVERS\Apfiltr.sys (manual start)
APPDRV: \SystemRoot\SYSTEM32\DRIVERS\APPDRV.SYS (system)
Anwendungsverwaltung: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
1394-ARP-Clientprotokoll: system32\DRIVERS\arp1394.sys (manual start)
asc: \SystemRoot\system32\DRIVERS\asc.sys (disabled)
asc3350p: \SystemRoot\system32\DRIVERS\asc3350p.sys (disabled)
asc3550: \SystemRoot\system32\DRIVERS\asc3550.sys (disabled)
ASP.NET State Service: %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (manual start)
Asynchroner RAS -Medientreiber: system32\DRIVERS\asyncmac.sys (manual start)
Standard-IDE/ESDI-Festplattencontroller: system32\DRIVERS\atapi.sys (system)
Ati HotKey Poller: %SystemRoot%\system32\Ati2evxx.exe (autostart)
ati2mtag: system32\DRIVERS\ati2mtag.sys (manual start)
Protokoll für ATM ARP-Client: system32\DRIVERS\atmarpc.sys (manual start)
Windows Audio: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Audiostubtreiber: system32\DRIVERS\audstub.sys (manual start)
Automatisches LiveUpdate - Scheduler: "C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe" (autostart)
AVKProxy: "C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\AVKProxy.exe" (autostart)
AVK Service: "C:\Programme\AntiVirenKit InternetSecurity\AVK\AVKService.exe" (autostart)
AVK Wächter: "C:\Programme\AntiVirenKit InternetSecurity\AVK\AVKWCtl.exe" (autostart)
Broadcom 440x 10/100 Integrated Controller XP Driver: system32\DRIVERS\bcm4sbxp.sys (manual start)
Intelligenter Hintergrundübertragungsdienst: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
Computerbrowser: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
cbidf: \SystemRoot\system32\DRIVERS\cbidf2k.sys (disabled)
cd20xrnt: \SystemRoot\system32\DRIVERS\cd20xrnt.sys (disabled)
CD-ROM-Laufwerktreiber: system32\DRIVERS\cdrom.sys (system)
Indexing Service: %SystemRoot%\system32\cisvc.exe (manual start)
Ablagemappe: %SystemRoot%\system32\clipsrv.exe (disabled)
.NET Runtime Optimization Service v2.0.50727_X86: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (manual start)
Symantec Lic NetConnect service: "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe" /h ccCommon (autostart)
Treiber für Microsoft-ACPI-Kontrollmethodenkompatible Batterie: system32\DRIVERS\CmBatt.sys (manual start)
CmdIde: \SystemRoot\system32\DRIVERS\cmdide.sys (disabled)
Microsoft Composite Battery-Treiber: system32\DRIVERS\compbatt.sys (system)
COM+-Systemanwendung: C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start)
Cpqarray: \SystemRoot\system32\DRIVERS\cpqarray.sys (disabled)
Kryptografiedienste: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Cisco Systems VPN Adapter: system32\DRIVERS\CVirtA.sys (manual start)
Cisco Systems, Inc. VPN Service: "C:\Programme\Cisco Systems\VPN Client\cvpnd.exe" (autostart)
Cisco Systems Inc. IPSec Driver: \??\C:\WINDOWS\system32\Drivers\CVPNDRVA.sys (autostart)
dac2w2k: \SystemRoot\system32\DRIVERS\dac2w2k.sys (disabled)
dac960nt: \SystemRoot\system32\DRIVERS\dac960nt.sys (disabled)
DCOM-Server-Prozessstart: %SystemRoot%\system32\svchost -k DcomLaunch (autostart)
DHCP-Client: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Laufwerktreiber: system32\DRIVERS\disk.sys (system)
Verwaltungsdienst für die Verwaltung logischer Datenträger: %SystemRoot%\System32\dmadmin.exe /com (manual start)
dmboot: System32\drivers\dmboot.sys (disabled)
Treiber für die Verwaltung logischer Datenträger: System32\drivers\dmio.sys (system)
dmload: System32\drivers\dmload.sys (disabled)
Verwaltung logischer Datenträger: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Microsoft Kernel-DLS-Synthesizer: system32\drivers\DMusic.sys (manual start)
Deterministic Network Enhancer Miniport: system32\DRIVERS\dne2000.sys (manual start)
DNS-Client: %SystemRoot%\system32\svchost.exe -k NetworkService (autostart)
MS IEEE-1284.4-Treiber: system32\DRIVERS\Dot4.sys (manual start)
Druckerklassentreiber für IEEE-1284.4: system32\DRIVERS\Dot4Prt.sys (manual start)
Dot4USB-Filter Dot4USB Filter: system32\DRIVERS\dot4usb.sys (manual start)
dpti2o: \SystemRoot\system32\DRIVERS\dpti2o.sys (disabled)
Microsoft Kernel-DRM-Audioentschlüsselung: system32\drivers\drmkaud.sys (manual start)
Intel(R) PRO-Adaptertreiber: system32\DRIVERS\e100b325.sys (manual start)
Egatebus: system32\drivers\egatebus.sys (manual start)
Egatecard: System32\Drivers\egate.sys (manual start)
Egaterdr: system32\drivers\egaterdr.sys (manual start)
Media Center Receiver Service: C:\WINDOWS\eHome\ehRecvr.exe (autostart)
Media Center-Planerdienst: C:\WINDOWS\eHome\ehSched.exe (autostart)
Fehlerberichterstattungsdienst: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Ereignisprotokoll: %SystemRoot%\system32\services.exe (autostart)
COM+-Ereignissystem: C:\WINDOWS\system32\svchost.exe -k netsvcs (manual start)
EvtEng: C:\Programme\Intel\Wireless\Bin\EvtEng.exe (autostart)
Kompatibilität für schnelle Benutzerumschaltung: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Fax: %systemroot%\system32\fxssvc.exe (autostart)
Diskettencontrollertreiber: system32\DRIVERS\fdc.sys (manual start)
Diskettenlaufwerktreiber: system32\DRIVERS\flpydisk.sys (manual start)
FltMgr: system32\DRIVERS\fltMgr.sys (system)
Treiber für Volume-Manager: system32\DRIVERS\ftdisk.sys (system)
G DATA Personal Firewall: C:\Programme\AntiVirenKit InternetSecurity\Firewall\GDFwSvc.exe (manual start)
GDInterceptor: \??\C:\WINDOWS\system32\interceptor.sys (manual start)
GDNdisIc: system32\drivers\GDNdisIc.sys (system)
GDTdiInterceptor: \??\C:\WINDOWS\system32\drivers\GDTdiIcpt.sys (autostart)
gmer: System32\DRIVERS\gmer.sys (manual start)
Standardpaketklassifizierung: system32\DRIVERS\msgpc.sys (manual start)
Hilfe und Support: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
HID Input Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Microsoft HID Class-Treiber: system32\DRIVERS\hidusb.sys (manual start)
HookCentre: \??\C:\WINDOWS\system32\drivers\HookCentre.sys (manual start)
hpn: \SystemRoot\system32\DRIVERS\hpn.sys (disabled)
HSFHWICH: system32\DRIVERS\HSFHWICH.sys (manual start)
HSF_DP: system32\DRIVERS\HSF_DP.sys (manual start)
HTTP: System32\Drivers\HTTP.sys (manual start)
HTTP-SSL: %SystemRoot%\System32\svchost.exe -k HTTPFilter (manual start)
i2omp: \SystemRoot\system32\DRIVERS\i2omp.sys (disabled)
i8042-Tastatur- und PS/2-Mausanschluss-Treiber: system32\DRIVERS\i8042prt.sys (system)
InstallDriver Table Manager: "C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe" (manual start)
Filtertreiber für CD-Brennen: system32\DRIVERS\imapi.sys (system)
IMAPI-CD-Brenn-COM-Dienste: C:\WINDOWS\system32\imapi.exe (manual start)
InCD File System: system32\drivers\InCDFs.sys (disabled)
InCDPass: system32\drivers\InCDPass.sys (system)
InCD Reader: system32\drivers\InCDRm.sys (system)
ini910u: \SystemRoot\system32\DRIVERS\ini910u.sys (disabled)
IntelIde: system32\DRIVERS\intelide.sys (system)
Intel-Prozessortreiber: system32\DRIVERS\intelppm.sys (system)
IPv6-Windows-Firewalltreiber: system32\DRIVERS\Ip6Fw.sys (manual start)
Filtertreiber für IP-Verkehr: system32\DRIVERS\ipfltdrv.sys (manual start)
IP/IP-Tunneltreiber: system32\DRIVERS\ipinip.sys (manual start)
Übersetzer für IP-Netzwerkadressen: system32\DRIVERS\ipnat.sys (manual start)
IPSEC-Treiber: system32\DRIVERS\ipsec.sys (system)
IR-Enumeratordienst: system32\DRIVERS\irenum.sys (manual start)
PnP-ISA/EISA-Bus-Treiber: system32\DRIVERS\isapnp.sys (system)
Intel Wireless Connection Agent Miniport for Win XP: system32\DRIVERS\iwca.sys (manual start)
Tastaturklassentreiber: system32\DRIVERS\kbdclass.sys (system)
Tastatur-HID-Treiber: system32\DRIVERS\kbdhid.sys (system)
Microsoft Kernel-Waveaudiomixer: system32\drivers\kmixer.sys (manual start)
Server: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Arbeitsstationsdienst: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
LiveUpdate: "C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE" (manual start)
TCP/IP-NetBIOS-Hilfsprogramm: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
Media Center Extender Service: C:\WINDOWS\ehome\mcrdsvc.exe (autostart)
mdmxsdk: system32\DRIVERS\mdmxsdk.sys (autostart)
Nachrichtendienst: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled)
MHN: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
MHN-Treiber: system32\DRIVERS\mhndrv.sys (manual start)
NetMeeting-Remotedesktop-Freigabe: C:\WINDOWS\system32\mnmsrvc.exe (manual start)
Mausklassentreiber: system32\DRIVERS\mouclass.sys (system)
Maus-HID-Treiber: system32\DRIVERS\mouhid.sys (manual start)
mraid35x: \SystemRoot\system32\DRIVERS\mraid35x.sys (disabled)
Redirector für WebDav-Client: system32\DRIVERS\mrxdav.sys (manual start)
MRXSMB: system32\DRIVERS\mrxsmb.sys (system)
Distributed Transaction Coordinator: C:\WINDOWS\system32\msdtc.exe (manual start)
Windows Installer: C:\WINDOWS\system32\msiexec.exe /V (manual start)
Microsoft Streaming Service Proxy: system32\drivers\MSKSSRV.sys (manual start)
Microsoft Proxy für Streaming Clock: system32\drivers\MSPCLOCK.sys (manual start)
Microsoft Proxy für Streaming Quality Manager: system32\drivers\MSPQM.sys (manual start)
Microsoft-Systemverwaltungs-BIOS-Treiber: system32\DRIVERS\mssmbios.sys (manual start)
RAS-NDIS-TAPI-Treiber: system32\DRIVERS\ndistapi.sys (manual start)
NDIS-Benutzermodus-E/A-Protokoll: system32\DRIVERS\ndisuio.sys (manual start)
RAS-NDIS-WAN-Treiber: system32\DRIVERS\ndiswan.sys (manual start)
NetBIOS-Schnittstelle: system32\DRIVERS\netbios.sys (system)
NetBios über TCP/IP: system32\DRIVERS\netbt.sys (system)
Netzwerk-DDE-Dienst: %SystemRoot%\system32\netdde.exe (disabled)
Netzwerk-DDE-Serverdienst: %SystemRoot%\system32\netdde.exe (disabled)
Anmeldedienst: %SystemRoot%\system32\lsass.exe (manual start)
Netzwerkverbindungen: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
1394-Netzwerktreiber: system32\DRIVERS\nic1394.sys (manual start)
NICCONFIGSVC: C:\Programme\Dell\NICCONFIGSVC\NICCONFIGSVC.exe (autostart)
NLA (Network Location Awareness): %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
NSNDIS5 NDIS Protocol Driver: \??\C:\WINDOWS\system32\NSNDIS5.SYS (manual start)
NT-LM-Sicherheitsdienst: %SystemRoot%\system32\lsass.exe (manual start)
Wechselmedien: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled)
nv: system32\DRIVERS\nv4_mini.sys (manual start)
Filtertreiber für IPX-Verkehr: system32\DRIVERS\nwlnkflt.sys (manual start)
Treiber für IPX-Verkehrsweiterleitung: system32\DRIVERS\nwlnkfwd.sys (manual start)
OHCI-konformer IEEE 1394-Hostcontroller: system32\DRIVERS\ohci1394.sys (system)
OMCI WDM Device Driver: system32\DRIVERS\omci.sys (system)
Office Source Engine: "C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE" (manual start)
Treiber für parallelen Anschluss: system32\DRIVERS\parport.sys (manual start)
PCAMPR5 NDIS Protocol Driver: \??\C:\WINDOWS\system32\PCAMPR5.SYS (manual start)
PCI-Bus-Treiber: system32\DRIVERS\pci.sys (system)
PCIIde: system32\DRIVERS\pciide.sys (system)
Pcmcia: system32\DRIVERS\pcmcia.sys (system)
ProDyne DSL Adapter: system32\DRIVERS\PDDSLADP.SYS (manual start)
PEEK5 Protocol Driver: \??\C:\PROGRA~1\WILDPA~1\AIROPE~1\PEEK5.SYS (manual start)
perc2: \SystemRoot\system32\DRIVERS\perc2.sys (disabled)
perc2hib: \SystemRoot\system32\DRIVERS\perc2hib.sys (disabled)
Padus ASPI Shell: system32\drivers\pfc.sys (manual start)
Plug & Play: %SystemRoot%\system32\services.exe (autostart)
Pml Driver HPZ12: C:\WINDOWS\system32\HPZipm12.exe (manual start)
IPSEC-Dienste: %SystemRoot%\system32\lsass.exe (autostart)
WAN-Miniport (PPTP): system32\DRIVERS\raspptp.sys (manual start)
Geschützter Speicher: %SystemRoot%\system32\lsass.exe (autostart)
QoS-Paketplaner: system32\DRIVERS\psched.sys (manual start)
Treiber für direkte Parallelverbindung: system32\DRIVERS\ptilink.sys (manual start)
ql1080: \SystemRoot\system32\DRIVERS\ql1080.sys (disabled)
Ql10wnt: \SystemRoot\system32\DRIVERS\ql10wnt.sys (disabled)
ql12160: \SystemRoot\system32\DRIVERS\ql12160.sys (disabled)
ql1240: \SystemRoot\system32\DRIVERS\ql1240.sys (disabled)
ql1280: \SystemRoot\system32\DRIVERS\ql1280.sys (disabled)
Treiber für automatische RAS-Verbindung: system32\DRIVERS\rasacd.sys (system)
Verwaltung für automatische RAS-Verbindung: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
WAN-Miniport (L2TP): system32\DRIVERS\rasl2tp.sys (manual start)
RAS-Verbindungsverwaltung: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
Remotezugriff-PPPOE-Treiber: system32\DRIVERS\raspppoe.sys (manual start)
Parallelanschluss (direkt): system32\DRIVERS\raspti.sys (manual start)
Rdbss: system32\DRIVERS\rdbss.sys (system)
RDPCDD: System32\DRIVERS\RDPCDD.sys (system)
Treiber für Terminalserver-Geräteumleitung: system32\DRIVERS\rdpdr.sys (manual start)
Sitzungs-Manager für Remotedesktophilfe: C:\WINDOWS\system32\sessmgr.exe (manual start)
Filtertreiber für digitale CD-Audiowiedergabe: system32\DRIVERS\redbook.sys (system)
RegSrvc: C:\Programme\Intel\Wireless\Bin\RegSrvc.exe (autostart)
Routing und RAS: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled)
Remote-Registrierung: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
Microsoft Legacy Modem Driver: System32\Drivers\RootMdm.sys (manual start)
RPC-Locator: %SystemRoot%\system32\locator.exe (manual start)
Remoteprozeduraufruf (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart)
QoS-RSVP: %SystemRoot%\system32\rsvp.exe (manual start)
Spectrum24 Event Monitor: C:\Programme\Intel\Wireless\Bin\S24EvMon.exe (autostart)
WLAN Transport: system32\DRIVERS\s24trans.sys (autostart)
Sicherheitskontenverwaltung: %SystemRoot%\system32\lsass.exe (autostart)
Smartcard: %SystemRoot%\System32\SCardSvr.exe (autostart)
Taskplaner: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
sdbus: system32\DRIVERS\sdbus.sys (manual start)
Secdrv: system32\DRIVERS\secdrv.sys (manual start)
Sekundäre Anmeldung: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Systemereignisbenachrichtigung: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Serenum-Filtertreiber: system32\DRIVERS\serenum.sys (manual start)
Treiber für seriellen Anschluss: system32\DRIVERS\serial.sys (system)
SFF-Speicherklassentreiber: system32\DRIVERS\sffdisk.sys (manual start)
SFF-Speicherprotokolltreiber für SDBus: system32\DRIVERS\sffp_sd.sys (manual start)
High-Capacity-Diskettenlaufwerk: system32\DRIVERS\sfloppy.sys (manual start)
Windows-Firewall/Gemeinsame Nutzung der Internetverbindung: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Shellhardwareerkennung: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
SIS AGP-Bus-Filter: \SystemRoot\system32\DRIVERS\sisagp.sys (disabled)
Sparrow: \SystemRoot\system32\DRIVERS\sparrow.sys (disabled)
Microsoft Kernel-Audiosplitter: system32\drivers\splitter.sys (manual start)
Druckwarteschlange: %SystemRoot%\system32\spoolsv.exe (autostart)
sptd: System32\Drivers\sptd.sys (system)
Filtertreiber für Systemwiederherstellung: \SystemRoot\system32\DRIVERS\sr.sys (disabled)
Systemwiederherstellungsdienst: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Srv: system32\DRIVERS\srv.sys (manual start)
SSDP Discovery Service: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
SigmaTel C-Major Audio: system32\drivers\STAC97.sys (manual start)
Windows-Bilderfassung (WIA): %SystemRoot%\system32\svchost.exe -k imgsvc (autostart)
Software-Bus-Treiber: system32\DRIVERS\swenum.sys (manual start)
Microsoft Kernel GS Wavetablesynthesizer: system32\drivers\swmidi.sys (manual start)
MS Software Shadow Copy Provider: C:\WINDOWS\system32\dllhost.exe /Processid:{179F4715-E4EF-48B5-A7EF-7B0D4ECD944C} (manual start)
symc810: \SystemRoot\system32\DRIVERS\symc810.sys (disabled)
symc8xx: \SystemRoot\system32\DRIVERS\symc8xx.sys (disabled)
sym_hi: \SystemRoot\system32\DRIVERS\sym_hi.sys (disabled)
sym_u3: \SystemRoot\system32\DRIVERS\sym_u3.sys (disabled)
Microsoft Kernel-Systemaudiogerät: system32\drivers\sysaudio.sys (manual start)
Leistungsdatenprotokolle und Warnungen: %SystemRoot%\system32\smlogsvc.exe (manual start)
Telefonie: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
TCP/IP-Protokolltreiber: system32\DRIVERS\tcpip.sys (system)
Terminal-Gerätetreiber: system32\DRIVERS\termdd.sys (system)
Terminaldienste: %SystemRoot%\System32\svchost -k DComLaunch (manual start)
Designs: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Telnet: C:\WINDOWS\system32\tlntsvr.exe (disabled)
TOSHIBA Bluetooth HID port driver: system32\drivers\Toshidpt.sys (manual start)
TosIde: \SystemRoot\system32\DRIVERS\toside.sys (disabled)
Bluetooth Port Driver from Toshiba: system32\DRIVERS\tosporte.sys (manual start)
Bluetooth RFBUS from TOSHIBA: System32\Drivers\tosrfbd.sys (manual start)
Bluetooth RFBNEP from TOSHIBA: System32\Drivers\tosrfbnp.sys (manual start)
Bluetooth RFCOMM from TOSHIBA: System32\Drivers\tosrfcom.sys (system)
Bluetooth RFHID from TOSHIBA: system32\DRIVERS\Tosrfhid.sys (manual start)
Bluetooth Personal Area Network from TOSHIBA: system32\DRIVERS\tosrfnds.sys (manual start)
Bluetooth Audio Device (WDM) from TOSHIBA: system32\drivers\TosRfSnd.sys (manual start)
Bluetooth USB Controller: System32\Drivers\tosrfusb.sys (manual start)
Überwachung verteilter Verknüpfungen (Client): %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
ultra: \SystemRoot\system32\DRIVERS\ultra.sys (disabled)
Windows User Mode Driver Framework: C:\WINDOWS\system32\wdfmgr.exe (manual start)
Microcode Updatetreiber: system32\DRIVERS\update.sys (manual start)
Universeller Plug & Play-Gerätehost: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
Uninterruptible Power Supply: %SystemRoot%\System32\ups.exe (manual start)
USB-Audiotreiber (WDM): system32\drivers\usbaudio.sys (manual start)
Microsoft Standard-USB-Haupttreiber: system32\DRIVERS\usbccgp.sys (manual start)
Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller: system32\DRIVERS\usbehci.sys (manual start)
Microsoft USB-Standardhubtreiber: system32\DRIVERS\usbhub.sys (manual start)
Microsoft USB-Druckerklasse: system32\DRIVERS\usbprint.sys (manual start)
USB-Scannertreiber: system32\DRIVERS\usbscan.sys (manual start)
USB-Massenspeichertreiber: system32\DRIVERS\USBSTOR.SYS (manual start)
Miniporttreiber für universellen Microsoft USB-Hostcontroller: system32\DRIVERS\usbuhci.sys (manual start)
VgaSave: \SystemRoot\System32\drivers\vga.sys (system)
VIA AGP-Bus-Filter: \SystemRoot\system32\DRIVERS\viaagp.sys (disabled)
ViaIde: \SystemRoot\system32\DRIVERS\viaide.sys (disabled)
vsdatant: \??\C:\WINDOWS\system32\vsdatant.sys (manual start)
Volumeschattenkopie: %SystemRoot%\System32\vssvc.exe (manual start)
Intel(R) PRO/Wireless 2200BG Netzwerkverbindungstreiber für Windows XP: system32\DRIVERS\w29n51.sys (manual start)
Windows Time: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
RAS-IP-ARP-Treiber: system32\DRIVERS\wanarp.sys (manual start)
Treiber für Microsoft WINMM-WDM-Audiokompatibilität: system32\drivers\wdmaud.sys (manual start)
Webclient: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
winachsf: system32\DRIVERS\HSF_CNXT.sys (manual start)
Windows-Verwaltungsinstrumentation: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
WLANKEEPER: C:\Programme\Intel\Wireless\Bin\WLKeeper.exe (autostart)
Dienst für Seriennummern der tragbaren Medien: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Treibererweiterungen für Windows-Verwaltungsinstrumentation: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
WMI-Leistungsadapter: C:\WINDOWS\system32\wbem\wmiapsrv.exe (manual start)
WildPackets Symbol-OEM Wireless LAN Card Driver: system32\DRIVERS\WPSYM24.sys (manual start)
Sicherheitscenter: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Automatische Updates: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Konfigurationsfreie drahtlose Verbindung: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Netzwerkversorgungsdienst: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
X-Micro WLAN 11g USB Adapter(X-Micro): system32\DRIVERS\zd1211u.sys (manual start)
ZDBRGSYS NDIS Protocol Driver: \??\C:\WINDOWS\system32\ZDBRGSYS.SYS (manual start)
ZDPNDIS5 NDIS Protocol Driver: \??\C:\WINDOWS\system32\ZDPNDIS5.SYS (manual start)


--------------------------------------------------

Enumerating Windows NT logon/logoff scripts:
*No scripts set to run*

Windows NT checkdisk command:
BootExecute = autocheck autochk *

Windows NT 'Wininit.ini':
PendingFileRenameOperations: *Registry value not found*

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\system32\webcheck.dll
SysTray: C:\WINDOWS\system32\stobject.dll

--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

*Registry key not found*

--------------------------------------------------

End of report, 41.722 bytes
Report generated in 0,360 seconds

Command line options:
   /verbose  - to add additional info on each section
   /complete - to include empty sections and unsuspicious data
   /full     - to include several rarely-important sections
   /force9x  - to include Win9x-only startups even if running on WinNT
   /forcent  - to include WinNT-only startups even if running on Win9x
   /forceall - to include all Win9x and WinNT startups, regardless of platform
   /history  - to list version history only




HIJACKTHIS STARTUP NORMAL

StartupList report, 20.02.2007, 19:10:45
StartupList version: 1.52.2
Started from : C:\Dokumente und Einstellungen\BP\Desktop\HijackThis.EXE
Detected: Windows XP SP2 (WinNT 5.01.2600)
Detected: Internet Explorer v6.00 SP2 (6.00.2900.2180)
* Using default options
* Including empty and uninteresting sections
* Showing rarely important sections
==================================================

Running processes:

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Intel\Wireless\Bin\EvtEng.exe
C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
C:\Programme\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Programme\Apoint\Apoint.exe
C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe
C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe
C:\Programme\AntiVirenKit InternetSecurity\AVKTray\AVKTray.exe
C:\WINDOWS\system32\DrvMon.exe
C:\Programme\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\Programme\Digital Line Detect\DLG.exe
C:\Programme\AntiVirenKit InternetSecurity\Firewall\GDFirewallTray.exe
C:\Programme\Citrix\ICA Client\pnagent.exe
C:\Programme\Apoint\Apntex.exe
C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\AVKProxy.exe
C:\Programme\AntiVirenKit InternetSecurity\AVK\AVKService.exe
C:\Programme\AntiVirenKit InternetSecurity\AVK\AVKWCtl.exe
C:\Programme\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Programme\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\Programme\AntiVirenKit InternetSecurity\Firewall\GDFwSvc.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Programme\AntiVirenKit InternetSecurity\Firewall\Admin.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Dokumente und Einstellungen\BP\Desktop\HijackThis.exe

--------------------------------------------------

Listing of startup folders:

Shell folders Startup:
[C:\Dokumente und Einstellungen\BP\Startmenü\Programme\Autostart]
*No files*

Shell folders AltStartup:
*Folder not found*

User shell folders Startup:
*Folder not found*

User shell folders AltStartup:
*Folder not found*

Shell folders Common Startup:
[C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart]
Adobe Reader Speed Launch.lnk = C:\Programme\Adobe\Reader 8.0\Reader\reader_sl.exe
Adobe Reader Synchronizer.lnk = C:\Programme\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
Digital Line Detect.lnk = ?
G DATA Firewall Tray.lnk = ?
Post-it® Software Notes Lite.lnk = C:\Programme\PSNLite\PsnLite.exe
Program Neighborhood Agent.lnk = C:\Programme\Citrix\ICA Client\pnagent.exe
VPN Client.lnk = ?

Shell folders Common AltStartup:
*Folder not found*

User shell folders Common Startup:
*Folder not found*

User shell folders Alternate Common Startup:
*Folder not found*

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,

[HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon]
*Registry key not found*

[HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
*Registry value not found*

[HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon]
*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

ehTray = C:\WINDOWS\ehome\ehtray.exe
Apoint = C:\Programme\Apoint\Apoint.exe
SunJavaUpdateSched = C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
ATIPTA = "C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe"
(Default) = 
IntelWireless = C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
ISUSPM Startup = C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
ISUSScheduler = "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe" -start
NeroFilterCheck = C:\WINDOWS\system32\NeroCheck.exe
adiras = adiras.exe
AVKTray = "C:\Programme\AntiVirenKit InternetSecurity\AVKTray\AVKTray.exe"

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

MSMSGS = "C:\Programme\Messenger\msmsgs.exe" /background
DrvMon.exe = C:\WINDOWS\system32\DrvMon.exe

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run

*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

[OptionalComponents]
*No values found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*

--------------------------------------------------

File association entry for .EXE:
HKEY_CLASSES_ROOT\exefile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .COM:
HKEY_CLASSES_ROOT\comfile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .BAT:
HKEY_CLASSES_ROOT\batfile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .PIF:
HKEY_CLASSES_ROOT\piffile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .SCR:
HKEY_CLASSES_ROOT\scrfile\shell\open\command

(Default) = "%1" /S

--------------------------------------------------

File association entry for .HTA:
HKEY_CLASSES_ROOT\htafile\shell\open\command

(Default) = C:\WINDOWS\system32\mshta.exe "%1" %*

--------------------------------------------------

File association entry for .TXT:
HKEY_CLASSES_ROOT\txtfile\shell\open\command

(Default) = %SystemRoot%\system32\NOTEPAD.EXE %1

--------------------------------------------------

Enumerating Active Setup stub paths:
HKLM\Software\Microsoft\Active Setup\Installed Components
(* = disabled by HKCU twin)

[>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP

[>{26923b43-4d38-484f-9b9e-de460746276c}] *
StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE

[>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] *
StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

[>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

[KB910393] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\EasyCDBlock.inf,PerUserInstall

[{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] *
StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

[{407408d4-94ed-4d86-ab69-a7f649d112ee}] *
StubPath = %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection QuickLaunchShortcut 640 %systemroot%\inf\mcdftreg.inf

[{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] *
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

[{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT

[{5945c046-1e7d-11d1-bc44-00c04fd912be}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser

[{6BF52A52-394A-11d3-B153-00C04F79FAA6}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub

[{7790769C-0471-11d2-AF11-00C04FA35D02}] *
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

[{89820200-ECBD-11cf-8B85-00AA005B4340}] *
StubPath = regsvr32.exe /s /n /i:U shell32.dll

[{89820200-ECBD-11cf-8B85-00AA005B4383}] *
StubPath = %SystemRoot%\system32\ie4uinit.exe

[{89B4C1CD-B018-4511-B0A1-5476DBF70820}] *
StubPath = C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install

[{8b15971b-5355-4c82-8c07-7e181ea07608}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser

--------------------------------------------------

Enumerating ICQ Agent Autostart apps:
HKCU\Software\Mirabilis\ICQ\Agent\Apps

*Registry key not found*

--------------------------------------------------

Load/Run keys from C:\WINDOWS\WIN.INI:

load=*INI section not found*
run=*INI section not found*

Load/Run keys from Registry:

HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\Windows: load=
HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=

--------------------------------------------------

Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=Explorer.exe
SCRNSAVE.EXE=C:\WINDOWS\system32\logon.scr
drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry key not found*
HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------

Checking for EXPLORER.EXE instances:

C:\WINDOWS\Explorer.exe: PRESENT!

C:\Explorer.exe: not present
C:\WINDOWS\Explorer\Explorer.exe: not present
C:\WINDOWS\System\Explorer.exe: not present
C:\WINDOWS\System32\Explorer.exe: not present
C:\WINDOWS\Command\Explorer.exe: not present
C:\WINDOWS\Fonts\Explorer.exe: not present

--------------------------------------------------

Checking for superhidden extensions:

.lnk: HIDDEN! (arrow overlay: yes)
.pif: HIDDEN! (arrow overlay: yes)
.exe: not hidden
.com: not hidden
.bat: not hidden
.hta: not hidden
.scr: not hidden
.shs: HIDDEN!
.shb: HIDDEN!
.vbs: not hidden
.vbe: not hidden
.wsh: not hidden
.scf: HIDDEN! (arrow overlay: NO!)
.url: HIDDEN! (arrow overlay: yes)
.js: not hidden
.jse: not hidden

--------------------------------------------------

Verifying REGEDIT.EXE integrity:

- Regedit.exe found in C:\WINDOWS
- .reg open command is normal (regedit.exe %1)
- Company name OK: 'Microsoft Corporation'
- Original filename OK: 'REGEDIT.EXE'
- File description: 'Registrierungs-Editor'

Registry check passed

--------------------------------------------------

Enumerating Browser Helper Objects:

G DATA WebFilter Class - C:\Programme\AntiVirenKit InternetSecurity\Webfilter\AvkWebIE.dll - {0124123D-61B4-456f-AF86-78C53A0790C5}
(no name) - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
(no name) - C:\Programme\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll - {AE7CD045-E861-484f-8273-0445EE161910}

--------------------------------------------------

Enumerating Task Scheduler jobs:

ISP-Anmeldungserinnerung 1.job
Symantec NetDetect.job

--------------------------------------------------

Enumerating Download Program Files:

[QuickTime Object]
InProcServer32 = C:\Programme\QuickTime\QTPlugin.ocx
CODEBASE = http://www.apple.com/qtactivex/qtplugin.cab

[Windows Genuine Advantage Validation Tool]
InProcServer32 = C:\WINDOWS\system32\LegitCheckControl.DLL
CODEBASE = http://go.microsoft.com/fwlink/?linkid=39204

[Silverwire Image Uploader 3.0 Control]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\ImageUploader3.ocx
CODEBASE = http://www.fotowire.com/download/client/uploader/ImageUploader3.cab

[Java Plug-in]
InProcServer32 = C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
CODEBASE = http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

[Photo Uploader Control]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\PhotoUploader.ocx
CODEBASE = http://www.studivz.net/lib/photouploader/PhotoUploader.cab

[GetInfo.MainClass]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\GetInfo.dll
CODEBASE = https://www.bppassport.com/diligent/GetInfo.cab

[Java Plug-in]
InProcServer32 = C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
CODEBASE = http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab

[Java Plug-in]
InProcServer32 = C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
CODEBASE = http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

[Java Plug-in 1.5.0_06]
InProcServer32 = C:\Programme\Java\jre1.5.0_06\bin\npjpi150_06.dll
CODEBASE = http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

--------------------------------------------------

Enumerating Winsock LSP files:

NameSpace #1: C:\WINDOWS\System32\mswsock.dll
NameSpace #2: C:\WINDOWS\System32\winrnr.dll
NameSpace #3: C:\WINDOWS\System32\mswsock.dll
Protocol #1: C:\WINDOWS\system32\mswsock.dll
Protocol #2: C:\WINDOWS\system32\mswsock.dll
Protocol #3: C:\WINDOWS\system32\mswsock.dll
Protocol #4: C:\WINDOWS\system32\rsvpsp.dll
Protocol #5: C:\WINDOWS\system32\rsvpsp.dll
Protocol #6: C:\WINDOWS\system32\mswsock.dll
Protocol #7: C:\WINDOWS\system32\mswsock.dll
Protocol #8: C:\WINDOWS\system32\mswsock.dll
Protocol #9: C:\WINDOWS\system32\mswsock.dll
Protocol #10: C:\WINDOWS\system32\mswsock.dll
Protocol #11: C:\WINDOWS\system32\mswsock.dll
Protocol #12: C:\WINDOWS\system32\mswsock.dll
Protocol #13: C:\WINDOWS\system32\mswsock.dll
Protocol #14: C:\WINDOWS\system32\mswsock.dll
Protocol #15: C:\WINDOWS\system32\mswsock.dll
Protocol #16: C:\WINDOWS\system32\mswsock.dll
Protocol #17: C:\WINDOWS\system32\mswsock.dll
Protocol #18: C:\WINDOWS\system32\mswsock.dll
Protocol #19: C:\WINDOWS\system32\mswsock.dll
Protocol #20: C:\WINDOWS\system32\mswsock.dll
Protocol #21: C:\WINDOWS\system32\mswsock.dll
Protocol #22: C:\WINDOWS\system32\mswsock.dll
Protocol #23: C:\WINDOWS\system32\mswsock.dll

--------------------------------------------------

Enumerating Windows NT/2000/XP services

abp480n5: \SystemRoot\system32\DRIVERS\ABP480N5.SYS (disabled)
Microsoft ACPI-Treiber: system32\DRIVERS\ACPI.sys (system)
actser: system32\drivers\actser.sys (manual start)
General Purpose USB Driver (adildr.sys): System32\Drivers\adildr.sys (autostart)
AT-AR215 USB ADSL Modem: system32\DRIVERS\adiusbaw.sys (manual start)
Adobe LM Service: "C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe" (disabled)
adpu160m: \SystemRoot\system32\DRIVERS\adpu160m.sys (disabled)
Microsoft Kernel-Echounterdrückung: system32\drivers\aec.sys (manual start)
AEGIS Protocol (IEEE 802.1x) v3.1.0.1: system32\DRIVERS\AegisP.sys (autostart)
AFD: \SystemRoot\System32\drivers\afd.sys (system)
Intel AGP-Bus-Filter: \SystemRoot\system32\DRIVERS\agp440.sys (disabled)
Compaq AGP-Bus-Filter: \SystemRoot\system32\DRIVERS\agpCPQ.sys (disabled)
Aha154x: \SystemRoot\system32\DRIVERS\aha154x.sys (disabled)
aic78u2: \SystemRoot\system32\DRIVERS\aic78u2.sys (disabled)
aic78xx: \SystemRoot\system32\DRIVERS\aic78xx.sys (disabled)
Warndienst: %SystemRoot%\system32\svchost.exe -k LocalService (disabled)
Gatewaydienst auf Anwendungsebene: %SystemRoot%\System32\alg.exe (manual start)
AliIde: \SystemRoot\system32\DRIVERS\aliide.sys (disabled)
ALI AGP-Bus-Filter: \SystemRoot\system32\DRIVERS\alim1541.sys (disabled)
AMD AGP-Bus-Filtertreiber: \SystemRoot\system32\DRIVERS\amdagp.sys (disabled)
amsint: \SystemRoot\system32\DRIVERS\amsint.sys (disabled)
Alps Touch Pad Filter Driver for Windows 2000/XP: system32\DRIVERS\Apfiltr.sys (manual start)
APPDRV: \SystemRoot\SYSTEM32\DRIVERS\APPDRV.SYS (system)
Anwendungsverwaltung: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
1394-ARP-Clientprotokoll: system32\DRIVERS\arp1394.sys (manual start)
asc: \SystemRoot\system32\DRIVERS\asc.sys (disabled)
asc3350p: \SystemRoot\system32\DRIVERS\asc3350p.sys (disabled)
asc3550: \SystemRoot\system32\DRIVERS\asc3550.sys (disabled)
ASP.NET State Service: %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (manual start)
Asynchroner RAS -Medientreiber: system32\DRIVERS\asyncmac.sys (manual start)
Standard-IDE/ESDI-Festplattencontroller: system32\DRIVERS\atapi.sys (system)
Ati HotKey Poller: %SystemRoot%\system32\Ati2evxx.exe (autostart)
ati2mtag: system32\DRIVERS\ati2mtag.sys (manual start)
Protokoll für ATM ARP-Client: system32\DRIVERS\atmarpc.sys (manual start)
Windows Audio: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Audiostubtreiber: system32\DRIVERS\audstub.sys (manual start)
Automatisches LiveUpdate - Scheduler: "C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe" (autostart)
AVKProxy: "C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\AVKProxy.exe" (autostart)
AVK Service: "C:\Programme\AntiVirenKit InternetSecurity\AVK\AVKService.exe" (autostart)
AVK Wächter: "C:\Programme\AntiVirenKit InternetSecurity\AVK\AVKWCtl.exe" (autostart)
Broadcom 440x 10/100 Integrated Controller XP Driver: system32\DRIVERS\bcm4sbxp.sys (manual start)
Intelligenter Hintergrundübertragungsdienst: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
Computerbrowser: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
cbidf: \SystemRoot\system32\DRIVERS\cbidf2k.sys (disabled)
cd20xrnt: \SystemRoot\system32\DRIVERS\cd20xrnt.sys (disabled)
CD-ROM-Laufwerktreiber: system32\DRIVERS\cdrom.sys (system)
Indexing Service: %SystemRoot%\system32\cisvc.exe (manual start)
Ablagemappe: %SystemRoot%\system32\clipsrv.exe (disabled)
.NET Runtime Optimization Service v2.0.50727_X86: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (manual start)
Symantec Lic NetConnect service: "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe" /h ccCommon (autostart)
Treiber für Microsoft-ACPI-Kontrollmethodenkompatible Batterie: system32\DRIVERS\CmBatt.sys (manual start)
CmdIde: \SystemRoot\system32\DRIVERS\cmdide.sys (disabled)
Microsoft Composite Battery-Treiber: system32\DRIVERS\compbatt.sys (system)
COM+-Systemanwendung: C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start)
Cpqarray: \SystemRoot\system32\DRIVERS\cpqarray.sys (disabled)
Kryptografiedienste: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Cisco Systems VPN Adapter: system32\DRIVERS\CVirtA.sys (manual start)
Cisco Systems, Inc. VPN Service: "C:\Programme\Cisco Systems\VPN Client\cvpnd.exe" (autostart)
Cisco Systems Inc. IPSec Driver: \??\C:\WINDOWS\system32\Drivers\CVPNDRVA.sys (autostart)
dac2w2k: \SystemRoot\system32\DRIVERS\dac2w2k.sys (disabled)
dac960nt: \SystemRoot\system32\DRIVERS\dac960nt.sys (disabled)
DCOM-Server-Prozessstart: %SystemRoot%\system32\svchost -k DcomLaunch (autostart)
DHCP-Client: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Laufwerktreiber: system32\DRIVERS\disk.sys (system)
Verwaltungsdienst für die Verwaltung logischer Datenträger: %SystemRoot%\System32\dmadmin.exe /com (manual start)
dmboot: System32\drivers\dmboot.sys (disabled)
Treiber für die Verwaltung logischer Datenträger: System32\drivers\dmio.sys (system)
dmload: System32\drivers\dmload.sys (disabled)
Verwaltung logischer Datenträger: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Microsoft Kernel-DLS-Synthesizer: system32\drivers\DMusic.sys (manual start)
Deterministic Network Enhancer Miniport: system32\DRIVERS\dne2000.sys (manual start)
DNS-Client: %SystemRoot%\system32\svchost.exe -k NetworkService (autostart)
MS IEEE-1284.4-Treiber: system32\DRIVERS\Dot4.sys (manual start)
Druckerklassentreiber für IEEE-1284.4: system32\DRIVERS\Dot4Prt.sys (manual start)
Dot4USB-Filter Dot4USB Filter: system32\DRIVERS\dot4usb.sys (manual start)
dpti2o: \SystemRoot\system32\DRIVERS\dpti2o.sys (disabled)
Microsoft Kernel-DRM-Audioentschlüsselung: system32\drivers\drmkaud.sys (manual start)
Intel(R) PRO-Adaptertreiber: system32\DRIVERS\e100b325.sys (manual start)
Egatebus: system32\drivers\egatebus.sys (manual start)
Egatecard: System32\Drivers\egate.sys (manual start)
Egaterdr: system32\drivers\egaterdr.sys (manual start)
Media Center Receiver Service: C:\WINDOWS\eHome\ehRecvr.exe (autostart)
Media Center-Planerdienst: C:\WINDOWS\eHome\ehSched.exe (autostart)
Fehlerberichterstattungsdienst: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Ereignisprotokoll: %SystemRoot%\system32\services.exe (autostart)
COM+-Ereignissystem: C:\WINDOWS\system32\svchost.exe -k netsvcs (manual start)
EvtEng: C:\Programme\Intel\Wireless\Bin\EvtEng.exe (autostart)
Kompatibilität für schnelle Benutzerumschaltung: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Fax: %systemroot%\system32\fxssvc.exe (autostart)
Diskettencontrollertreiber: system32\DRIVERS\fdc.sys (manual start)
Diskettenlaufwerktreiber: system32\DRIVERS\flpydisk.sys (manual start)
FltMgr: system32\DRIVERS\fltMgr.sys (system)
Treiber für Volume-Manager: system32\DRIVERS\ftdisk.sys (system)
G DATA Personal Firewall: C:\Programme\AntiVirenKit InternetSecurity\Firewall\GDFwSvc.exe (manual start)
GDInterceptor: \??\C:\WINDOWS\system32\interceptor.sys (manual start)
GDNdisIc: system32\drivers\GDNdisIc.sys (system)
GDTdiInterceptor: \??\C:\WINDOWS\system32\drivers\GDTdiIcpt.sys (autostart)
gmer: System32\DRIVERS\gmer.sys (manual start)
Standardpaketklassifizierung: system32\DRIVERS\msgpc.sys (manual start)
Hilfe und Support: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
HID Input Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Microsoft HID Class-Treiber: system32\DRIVERS\hidusb.sys (manual start)
HookCentre: \??\C:\WINDOWS\system32\drivers\HookCentre.sys (manual start)
hpn: \SystemRoot\system32\DRIVERS\hpn.sys (disabled)
HSFHWICH: system32\DRIVERS\HSFHWICH.sys (manual start)
HSF_DP: system32\DRIVERS\HSF_DP.sys (manual start)
HTTP: System32\Drivers\HTTP.sys (manual start)
HTTP-SSL: %SystemRoot%\System32\svchost.exe -k HTTPFilter (manual start)
i2omp: \SystemRoot\system32\DRIVERS\i2omp.sys (disabled)
i8042-Tastatur- und PS/2-Mausanschluss-Treiber: system32\DRIVERS\i8042prt.sys (system)
InstallDriver Table Manager: "C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe" (manual start)
Filtertreiber für CD-Brennen: system32\DRIVERS\imapi.sys (system)
IMAPI-CD-Brenn-COM-Dienste: C:\WINDOWS\system32\imapi.exe (manual start)
InCD File System: system32\drivers\InCDFs.sys (disabled)
InCDPass: system32\drivers\InCDPass.sys (system)
InCD Reader: system32\drivers\InCDRm.sys (system)
ini910u: \SystemRoot\system32\DRIVERS\ini910u.sys (disabled)
IntelIde: system32\DRIVERS\intelide.sys (system)
Intel-Prozessortreiber: system32\DRIVERS\intelppm.sys (system)
IPv6-Windows-Firewalltreiber: system32\DRIVERS\Ip6Fw.sys (manual start)
Filtertreiber für IP-Verkehr: system32\DRIVERS\ipfltdrv.sys (manual start)
IP/IP-Tunneltreiber: system32\DRIVERS\ipinip.sys (manual start)
Übersetzer für IP-Netzwerkadressen: system32\DRIVERS\ipnat.sys (manual start)
IPSEC-Treiber: system32\DRIVERS\ipsec.sys (system)
IR-Enumeratordienst: system32\DRIVERS\irenum.sys (manual start)
PnP-ISA/EISA-Bus-Treiber: system32\DRIVERS\isapnp.sys (system)
Intel Wireless Connection Agent Miniport for Win XP: system32\DRIVERS\iwca.sys (manual start)
Tastaturklassentreiber: system32\DRIVERS\kbdclass.sys (system)
Tastatur-HID-Treiber: system32\DRIVERS\kbdhid.sys (system)
Microsoft Kernel-Waveaudiomixer: system32\drivers\kmixer.sys (manual start)
Server: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Arbeitsstationsdienst: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
LiveUpdate: "C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE" (manual start)
TCP/IP-NetBIOS-Hilfsprogramm: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
Media Center Extender Service: C:\WINDOWS\ehome\mcrdsvc.exe (autostart)
mdmxsdk: system32\DRIVERS\mdmxsdk.sys (autostart)
Nachrichtendienst: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled)
MHN: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
MHN-Treiber: system32\DRIVERS\mhndrv.sys (manual start)
NetMeeting-Remotedesktop-Freigabe: C:\WINDOWS\system32\mnmsrvc.exe (manual start)
Mausklassentreiber: system32\DRIVERS\mouclass.sys (system)
Maus-HID-Treiber: system32\DRIVERS\mouhid.sys (manual start)
mraid35x: \SystemRoot\system32\DRIVERS\mraid35x.sys (disabled)
Redirector für WebDav-Client: system32\DRIVERS\mrxdav.sys (manual start)
MRXSMB: system32\DRIVERS\mrxsmb.sys (system)
Distributed Transaction Coordinator: C:\WINDOWS\system32\msdtc.exe (manual start)
Windows Installer: C:\WINDOWS\system32\msiexec.exe /V (manual start)
Microsoft Streaming Service Proxy: system32\drivers\MSKSSRV.sys (manual start)
Microsoft Proxy für Streaming Clock: system32\drivers\MSPCLOCK.sys (manual start)
Microsoft Proxy für Streaming Quality Manager: system32\drivers\MSPQM.sys (manual start)
Microsoft-Systemverwaltungs-BIOS-Treiber: system32\DRIVERS\mssmbios.sys (manual start)
RAS-NDIS-TAPI-Treiber: system32\DRIVERS\ndistapi.sys (manual start)
NDIS-Benutzermodus-E/A-Protokoll: system32\DRIVERS\ndisuio.sys (manual start)
RAS-NDIS-WAN-Treiber: system32\DRIVERS\ndiswan.sys (manual start)
NetBIOS-Schnittstelle: system32\DRIVERS\netbios.sys (system)
NetBios über TCP/IP: system32\DRIVERS\netbt.sys (system)
Netzwerk-DDE-Dienst: %SystemRoot%\system32\netdde.exe (disabled)
Netzwerk-DDE-Serverdienst: %SystemRoot%\system32\netdde.exe (disabled)
Anmeldedienst: %SystemRoot%\system32\lsass.exe (manual start)
Netzwerkverbindungen: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
1394-Netzwerktreiber: system32\DRIVERS\nic1394.sys (manual start)
NICCONFIGSVC: C:\Programme\Dell\NICCONFIGSVC\NICCONFIGSVC.exe (autostart)
NLA (Network Location Awareness): %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
NSNDIS5 NDIS Protocol Driver: \??\C:\WINDOWS\system32\NSNDIS5.SYS (manual start)
NT-LM-Sicherheitsdienst: %SystemRoot%\system32\lsass.exe (manual start)
Wechselmedien: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled)
nv: system32\DRIVERS\nv4_mini.sys (manual start)
Filtertreiber für IPX-Verkehr: system32\DRIVERS\nwlnkflt.sys (manual start)
Treiber für IPX-Verkehrsweiterleitung: system32\DRIVERS\nwlnkfwd.sys (manual start)
OHCI-konformer IEEE 1394-Hostcontroller: system32\DRIVERS\ohci1394.sys (system)
OMCI WDM Device Driver: system32\DRIVERS\omci.sys (system)
Office Source Engine: "C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE" (manual start)
Treiber für parallelen Anschluss: system32\DRIVERS\parport.sys (manual start)
PCAMPR5 NDIS Protocol Driver: \??\C:\WINDOWS\system32\PCAMPR5.SYS (manual start)
PCI-Bus-Treiber: system32\DRIVERS\pci.sys (system)
PCIIde: system32\DRIVERS\pciide.sys (system)
Pcmcia: system32\DRIVERS\pcmcia.sys (system)
ProDyne DSL Adapter: system32\DRIVERS\PDDSLADP.SYS (manual start)
PEEK5 Protocol Driver: \??\C:\PROGRA~1\WILDPA~1\AIROPE~1\PEEK5.SYS (manual start)
perc2: \SystemRoot\system32\DRIVERS\perc2.sys (disabled)
perc2hib: \SystemRoot\system32\DRIVERS\perc2hib.sys (disabled)
Padus ASPI Shell: system32\drivers\pfc.sys (manual start)
Plug & Play: %SystemRoot%\system32\services.exe (autostart)
Pml Driver HPZ12: C:\WINDOWS\system32\HPZipm12.exe (manual start)
IPSEC-Dienste: %SystemRoot%\system32\lsass.exe (autostart)
WAN-Miniport (PPTP): system32\DRIVERS\raspptp.sys (manual start)
Geschützter Speicher: %SystemRoot%\system32\lsass.exe (autostart)
QoS-Paketplaner: system32\DRIVERS\psched.sys (manual start)
Treiber für direkte Parallelverbindung: system32\DRIVERS\ptilink.sys (manual start)
ql1080: \SystemRoot\system32\DRIVERS\ql1080.sys (disabled)
Ql10wnt: \SystemRoot\system32\DRIVERS\ql10wnt.sys (disabled)
ql12160: \SystemRoot\system32\DRIVERS\ql12160.sys (disabled)
ql1240: \SystemRoot\system32\DRIVERS\ql1240.sys (disabled)
ql1280: \SystemRoot\system32\DRIVERS\ql1280.sys (disabled)
Treiber für automatische RAS-Verbindung: system32\DRIVERS\rasacd.sys (system)
Verwaltung für automatische RAS-Verbindung: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
WAN-Miniport (L2TP): system32\DRIVERS\rasl2tp.sys (manual start)
RAS-Verbindungsverwaltung: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
Remotezugriff-PPPOE-Treiber: system32\DRIVERS\raspppoe.sys (manual start)
Parallelanschluss (direkt): system32\DRIVERS\raspti.sys (manual start)
Rdbss: system32\DRIVERS\rdbss.sys (system)
RDPCDD: System32\DRIVERS\RDPCDD.sys (system)
Treiber für Terminalserver-Geräteumleitung: system32\DRIVERS\rdpdr.sys (manual start)
Sitzungs-Manager für Remotedesktophilfe: C:\WINDOWS\system32\sessmgr.exe (manual start)
Filtertreiber für digitale CD-Audiowiedergabe: system32\DRIVERS\redbook.sys (system)
RegSrvc: C:\Programme\Intel\Wireless\Bin\RegSrvc.exe (autostart)
Routing und RAS: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled)
Remote-Registrierung: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
Microsoft Legacy Modem Driver: System32\Drivers\RootMdm.sys (manual start)
RPC-Locator: %SystemRoot%\system32\locator.exe (manual start)
Remoteprozeduraufruf (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart)
QoS-RSVP: %SystemRoot%\system32\rsvp.exe (manual start)
Spectrum24 Event Monitor: C:\Programme\Intel\Wireless\Bin\S24EvMon.exe (autostart)
WLAN Transport: system32\DRIVERS\s24trans.sys (autostart)
Sicherheitskontenverwaltung: %SystemRoot%\system32\lsass.exe (autostart)
Smartcard: %SystemRoot%\System32\SCardSvr.exe (autostart)
Taskplaner: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
sdbus: system32\DRIVERS\sdbus.sys (manual start)
Secdrv: system32\DRIVERS\secdrv.sys (manual start)
Sekundäre Anmeldung: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Systemereignisbenachrichtigung: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Serenum-Filtertreiber: system32\DRIVERS\serenum.sys (manual start)
Treiber für seriellen Anschluss: system32\DRIVERS\serial.sys (system)
SFF-Speicherklassentreiber: system32\DRIVERS\sffdisk.sys (manual start)
SFF-Speicherprotokolltreiber für SDBus: system32\DRIVERS\sffp_sd.sys (manual start)
High-Capacity-Diskettenlaufwerk: system32\DRIVERS\sfloppy.sys (manual start)
Windows-Firewall/Gemeinsame Nutzung der Internetverbindung: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Shellhardwareerkennung: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
SIS AGP-Bus-Filter: \SystemRoot\system32\DRIVERS\sisagp.sys (disabled)
Sparrow: \SystemRoot\system32\DRIVERS\sparrow.sys (disabled)
Microsoft Kernel-Audiosplitter: system32\drivers\splitter.sys (manual start)
Druckwarteschlange: %SystemRoot%\system32\spoolsv.exe (autostart)
sptd: System32\Drivers\sptd.sys (system)
Filtertreiber für Systemwiederherstellung: \SystemRoot\system32\DRIVERS\sr.sys (disabled)
Systemwiederherstellungsdienst: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Srv: system32\DRIVERS\srv.sys (manual start)
SSDP Discovery Service: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
SigmaTel C-Major Audio: system32\drivers\STAC97.sys (manual start)
Windows-Bilderfassung (WIA): %SystemRoot%\system32\svchost.exe -k imgsvc (autostart)
Software-Bus-Treiber: system32\DRIVERS\swenum.sys (manual start)
Microsoft Kernel GS Wavetablesynthesizer: system32\drivers\swmidi.sys (manual start)
MS Software Shadow Copy Provider: C:\WINDOWS\system32\dllhost.exe /Processid:{179F4715-E4EF-48B5-A7EF-7B0D4ECD944C} (manual start)
symc810: \SystemRoot\system32\DRIVERS\symc810.sys (disabled)
symc8xx: \SystemRoot\system32\DRIVERS\symc8xx.sys (disabled)
sym_hi: \SystemRoot\system32\DRIVERS\sym_hi.sys (disabled)
sym_u3: \SystemRoot\system32\DRIVERS\sym_u3.sys (disabled)
Microsoft Kernel-Systemaudiogerät: system32\drivers\sysaudio.sys (manual start)
Leistungsdatenprotokolle und Warnungen: %SystemRoot%\system32\smlogsvc.exe (manual start)
Telefonie: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
TCP/IP-Protokolltreiber: system32\DRIVERS\tcpip.sys (system)
Terminal-Gerätetreiber: system32\DRIVERS\termdd.sys (system)
Terminaldienste: %SystemRoot%\System32\svchost -k DComLaunch (manual start)
Designs: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Telnet: C:\WINDOWS\system32\tlntsvr.exe (disabled)
TOSHIBA Bluetooth HID port driver: system32\drivers\Toshidpt.sys (manual start)
TosIde: \SystemRoot\system32\DRIVERS\toside.sys (disabled)
Bluetooth Port Driver from Toshiba: system32\DRIVERS\tosporte.sys (manual start)
Bluetooth RFBUS from TOSHIBA: System32\Drivers\tosrfbd.sys (manual start)
Bluetooth RFBNEP from TOSHIBA: System32\Drivers\tosrfbnp.sys (manual start)
Bluetooth RFCOMM from TOSHIBA: System32\Drivers\tosrfcom.sys (system)
Bluetooth RFHID from TOSHIBA: system32\DRIVERS\Tosrfhid.sys (manual start)
Bluetooth Personal Area Network from TOSHIBA: system32\DRIVERS\tosrfnds.sys (manual start)
Bluetooth Audio Device (WDM) from TOSHIBA: system32\drivers\TosRfSnd.sys (manual start)
Bluetooth USB Controller: System32\Drivers\tosrfusb.sys (manual start)
Überwachung verteilter Verknüpfungen (Client): %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
ultra: \SystemRoot\system32\DRIVERS\ultra.sys (disabled)
Windows User Mode Driver Framework: C:\WINDOWS\system32\wdfmgr.exe (manual start)
Microcode Updatetreiber: system32\DRIVERS\update.sys (manual start)
Universeller Plug & Play-Gerätehost: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
Uninterruptible Power Supply: %SystemRoot%\System32\ups.exe (manual start)
USB-Audiotreiber (WDM): system32\drivers\usbaudio.sys (manual start)
Microsoft Standard-USB-Haupttreiber: system32\DRIVERS\usbccgp.sys (manual start)
Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller: system32\DRIVERS\usbehci.sys (manual start)
Microsoft USB-Standardhubtreiber: system32\DRIVERS\usbhub.sys (manual start)
Microsoft USB-Druckerklasse: system32\DRIVERS\usbprint.sys (manual start)
USB-Scannertreiber: system32\DRIVERS\usbscan.sys (manual start)
USB-Massenspeichertreiber: system32\DRIVERS\USBSTOR.SYS (manual start)
Miniporttreiber für universellen Microsoft USB-Hostcontroller: system32\DRIVERS\usbuhci.sys (manual start)
VgaSave: \SystemRoot\System32\drivers\vga.sys (system)
VIA AGP-Bus-Filter: \SystemRoot\system32\DRIVERS\viaagp.sys (disabled)
ViaIde: \SystemRoot\system32\DRIVERS\viaide.sys (disabled)
vsdatant: \??\C:\WINDOWS\system32\vsdatant.sys (manual start)
Volumeschattenkopie: %SystemRoot%\System32\vssvc.exe (manual start)
Intel(R) PRO/Wireless 2200BG Netzwerkverbindungstreiber für Windows XP: system32\DRIVERS\w29n51.sys (manual start)
Windows Time: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
RAS-IP-ARP-Treiber: system32\DRIVERS\wanarp.sys (manual start)
Treiber für Microsoft WINMM-WDM-Audiokompatibilität: system32\drivers\wdmaud.sys (manual start)
Webclient: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
winachsf: system32\DRIVERS\HSF_CNXT.sys (manual start)
Windows-Verwaltungsinstrumentation: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
WLANKEEPER: C:\Programme\Intel\Wireless\Bin\WLKeeper.exe (autostart)
Dienst für Seriennummern der tragbaren Medien: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Treibererweiterungen für Windows-Verwaltungsinstrumentation: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
WMI-Leistungsadapter: C:\WINDOWS\system32\wbem\wmiapsrv.exe (manual start)
WildPackets Symbol-OEM Wireless LAN Card Driver: system32\DRIVERS\WPSYM24.sys (manual start)
Sicherheitscenter: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Automatische Updates: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Konfigurationsfreie drahtlose Verbindung: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Netzwerkversorgungsdienst: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
X-Micro WLAN 11g USB Adapter(X-Micro): system32\DRIVERS\zd1211u.sys (manual start)
ZDBRGSYS NDIS Protocol Driver: \??\C:\WINDOWS\system32\ZDBRGSYS.SYS (manual start)
ZDPNDIS5 NDIS Protocol Driver: \??\C:\WINDOWS\system32\ZDPNDIS5.SYS (manual start)


--------------------------------------------------

Enumerating Windows NT logon/logoff scripts:
*No scripts set to run*

Windows NT checkdisk command:
BootExecute = autocheck autochk *

Windows NT 'Wininit.ini':
PendingFileRenameOperations: *Registry value not found*

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\system32\webcheck.dll
SysTray: C:\WINDOWS\system32\stobject.dll

--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

*Registry key not found*

--------------------------------------------------

End of report, 43.291 bytes
Report generated in 1,718 seconds

Command line options:
   /verbose  - to add additional info on each section
   /complete - to include empty sections and unsuspicious data
   /full     - to include several rarely-important sections
   /force9x  - to include Win9x-only startups even if running on WinNT
   /forcent  - to include WinNT-only startups even if running on Win9x
   /forceall - to include all Win9x and WinNT startups, regardless of platform
   /history  - to list version history only





HIJACKTHIS SCAN ABGESICHERT

Logfile of HijackThis v1.99.1
Scan saved at 19:07:07, on 20.02.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Dokumente und Einstellungen\BP\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com
O1 - Hosts file is located at: C:\WINDOWS\System32\drivers\etc\hosts
O2 - BHO: G DATA WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Programme\AntiVirenKit InternetSecurity\Webfilter\AvkWebIE.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: TextAloud - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\Programme\TextAloud\TAForIE.dll
O3 - Toolbar: G DATA WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Programme\AntiVirenKit InternetSecurity\Webfilter\AvkWebIE.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [IntelWireless] C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [adiras] adiras.exe
O4 - HKLM\..\Run: [AVKTray] "C:\Programme\AntiVirenKit InternetSecurity\AVKTray\AVKTray.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DrvMon.exe] C:\WINDOWS\system32\DrvMon.exe
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -trayboot
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programme\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Programme\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: G DATA Firewall Tray.lnk = ?
O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Programme\PSNLite\PsnLite.exe
O4 - Global Startup: Program Neighborhood Agent.lnk = C:\Programme\Citrix\ICA Client\pnagent.exe
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\OFFICE~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\OFFICE~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O15 - Trusted Zone: *.bp.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4E8A3661-FB5B-4AEF-BF60-B0E9712FAE49} (Silverwire Image Uploader 3.0 Control) - http://www.fotowire.com/download/client/uploader/ImageUploader3.cab
O16 - DPF: {96512D57-F751-4088-A689-5778FCC77F7A} (Photo Uploader Control) - http://www.studivz.net/lib/photouploader/PhotoUploader.cab
O16 - DPF: {A58EA309-CE0A-49C4-A18C-31F77FE681E9} (GetInfo.MainClass) - https://www.bppassport.com/diligent/GetInfo.cab
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = bp1.ad.bp.com,ad.bp.com,bp.com
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = bp1.ad.bp.com,ad.bp.com,bp.com
O20 - Winlogon Notify: IntelWireless - C:\Programme\Intel\Wireless\Bin\LgNotify.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatisches LiveUpdate - Scheduler - Symantec Corporation - C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVKProxy - G DATA Software AG - C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\AVKProxy.exe
O23 - Service: AVK Service (AVKService) - Unknown owner - C:\Programme\AntiVirenKit InternetSecurity\AVK\AVKService.exe
O23 - Service: AVK Wächter (AVKWCtl) - Unknown owner - C:\Programme\AntiVirenKit InternetSecurity\AVK\AVKWCtl.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Programme\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: EvtEng - Intel Corporation - C:\Programme\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: G DATA Personal Firewall (GDFwSvc) - Unknown owner - C:\Programme\AntiVirenKit InternetSecurity\Firewall\GDFwSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Programme\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation  - C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: WLANKEEPER - Intel® Corporation - C:\Programme\Intel\Wireless\Bin\WLKeeper.exe





HIJACKTHIS SCAN NORMAL

Logfile of HijackThis v1.99.1
Scan saved at 18:36:14, on 20.02.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Intel\Wireless\Bin\EvtEng.exe
C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
C:\Programme\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\AVKProxy.exe
C:\Programme\AntiVirenKit InternetSecurity\AVK\AVKService.exe
C:\Programme\AntiVirenKit InternetSecurity\AVK\AVKWCtl.exe
C:\Programme\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Programme\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\Programme\AntiVirenKit InternetSecurity\Firewall\GDFwSvc.exe
C:\Programme\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Programme\Apoint\Apoint.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe
C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe
C:\Programme\Apoint\Apntex.exe
C:\Programme\AntiVirenKit InternetSecurity\AVKTray\AVKTray.exe
C:\WINDOWS\system32\DrvMon.exe
C:\Programme\Digital Line Detect\DLG.exe
C:\Programme\AntiVirenKit InternetSecurity\Firewall\GDFirewallTray.exe
C:\PROGRA~1\OFFICE~3\OFFICE11\OUTLOOK.EXE
C:\WINDOWS\ISW\alice\signup\alicecnn.exe
C:\WINDOWS\system32\WISPTIS.EXE
C:\Programme\ICQLite\ICQLite.exe
C:\Dokumente und Einstellungen\BP\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com
O2 - BHO: G DATA WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Programme\AntiVirenKit InternetSecurity\Webfilter\AvkWebIE.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: TextAloud - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\Programme\TextAloud\TAForIE.dll
O3 - Toolbar: G DATA WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Programme\AntiVirenKit InternetSecurity\Webfilter\AvkWebIE.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [IntelWireless] C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [adiras] adiras.exe
O4 - HKLM\..\Run: [AVKTray] "C:\Programme\AntiVirenKit InternetSecurity\AVKTray\AVKTray.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DrvMon.exe] C:\WINDOWS\system32\DrvMon.exe
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -trayboot
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programme\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Programme\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: G DATA Firewall Tray.lnk = ?
O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Programme\PSNLite\PsnLite.exe
O4 - Global Startup: Program Neighborhood Agent.lnk = C:\Programme\Citrix\ICA Client\pnagent.exe
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\OFFICE~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\OFFICE~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O15 - Trusted Zone: *.bp.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4E8A3661-FB5B-4AEF-BF60-B0E9712FAE49} (Silverwire Image Uploader 3.0 Control) - http://www.fotowire.com/download/client/uploader/ImageUploader3.cab
O16 - DPF: {96512D57-F751-4088-A689-5778FCC77F7A} (Photo Uploader Control) - http://www.studivz.net/lib/photouploader/PhotoUploader.cab
O16 - DPF: {A58EA309-CE0A-49C4-A18C-31F77FE681E9} (GetInfo.MainClass) - https://www.bppassport.com/diligent/GetInfo.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{95A95914-C22A-417D-9500-E68445CFC005}: NameServer = 213.191.92.82 213.191.74.11
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = bp1.ad.bp.com,ad.bp.com,bp.com
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = bp1.ad.bp.com,ad.bp.com,bp.com
O20 - Winlogon Notify: IntelWireless - C:\Programme\Intel\Wireless\Bin\LgNotify.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatisches LiveUpdate - Scheduler - Symantec Corporation - C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVKProxy - G DATA Software AG - C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\AVKProxy.exe
O23 - Service: AVK Service (AVKService) - Unknown owner - C:\Programme\AntiVirenKit InternetSecurity\AVK\AVKService.exe
O23 - Service: AVK Wächter (AVKWCtl) - Unknown owner - C:\Programme\AntiVirenKit InternetSecurity\AVK\AVKWCtl.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Programme\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: EvtEng - Intel Corporation - C:\Programme\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: G DATA Personal Firewall (GDFwSvc) - Unknown owner - C:\Programme\AntiVirenKit InternetSecurity\Firewall\GDFwSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Programme\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation  - C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: WLANKEEPER - Intel® Corporation - C:\Programme\Intel\Wireless\Bin\WLKeeper.exe