WinPFind3 logfile created on: 25.02.2007 15:28:31 WinPFind3U by OldTimer - Version 1.0.19 Folder = C:\Dokumente und Einstellungen\Seeeb\Desktop\Virenbekämpfung\WinPFind3u\ Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) Internet Explorer (Version = 6.0.2900.2180) 1310076 Kb Total Physical Memory | 846544 Kb Available Physical Memory | 64,62% Memory free 1944800 Kb Paging File | 1615532 Kb Available in Paging File | 83,07% Paging File free Paging file location(s): C:\pagefile.sys 768 1536; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 74557664 Kb Total Space | 26537144 Kb Free Space | 35,59% Space Free Drive D: | 644904 Kb Total Space | 0 Kb Free Space | 0,00% Space Free E: Drive not present or media not loaded F: Drive not present or media not loaded [Processes - Non-Microsoft Only] 1xconfig.exe -> %ProgramFiles%\Intel\Wireless\Bin\1XConfig.exe -> Intel [Ver = 9, 0, 1, 33 | Size = 245760 bytes | Modified Date = 07.09.2004 15:03:40 | Attr = ] aluschedulersvc.exe -> %ProgramFiles%\Symantec\LiveUpdate\ALUSchedulerSvc.exe -> Symantec Corporation [Ver = 3.0.0.171 | Size = 100032 bytes | Modified Date = 03.08.2006 17:34:44 | Attr = ] apntex.exe -> %ProgramFiles%\Apoint\ApntEx.exe -> Alps Electric Co., Ltd. [Ver = 5.5.1.19 | Size = 45056 bytes | Modified Date = 19.08.2004 13:40:08 | Attr = ] apoint.exe -> %ProgramFiles%\Apoint\Apoint.exe -> Alps Electric Co., Ltd. [Ver = 5.5.101.141 | Size = 155648 bytes | Modified Date = 13.09.2004 15:33:20 | Attr = ] ati2evxx.exe -> %System32%\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4107 | Size = 405504 bytes | Modified Date = 04.12.2004 02:32:34 | Attr = ] ati2evxx.exe -> %System32%\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4107 | Size = 405504 bytes | Modified Date = 04.12.2004 02:32:34 | Attr = ] atiptaxx.exe -> %ProgramFiles%\ATI Technologies\ATI Control Panel\atiptaxx.exe -> ATI Technologies, Inc. [Ver = 6.14.10.5125 | Size = 344064 bytes | Modified Date = 03.12.2004 20:00:00 | Attr = ] ccapp.exe -> %CommonProgramFiles%\Symantec Shared\CCAPP.EXE -> Symantec Corporation [Ver = 103.0.7.2 | Size = 59040 bytes | Modified Date = 08.03.2006 14:21:28 | Attr = ] ccevtmgr.exe -> %CommonProgramFiles%\Symantec Shared\CCEVTMGR.EXE -> Symantec Corporation [Ver = 103.0.7.2 | Size = 198304 bytes | Modified Date = 08.03.2006 14:21:28 | Attr = ] ccproxy.exe -> %CommonProgramFiles%\Symantec Shared\CCPROXY.EXE -> Symantec Corporation [Ver = 103.0.8.2 | Size = 235168 bytes | Modified Date = 10.07.2006 14:32:58 | Attr = ] ccsetmgr.exe -> %CommonProgramFiles%\Symantec Shared\CCSETMGR.EXE -> Symantec Corporation [Ver = 103.0.7.2 | Size = 181920 bytes | Modified Date = 08.03.2006 14:21:30 | Attr = ] dlg.exe -> %ProgramFiles%\Digital Line Detect\DLG.exe -> BVRP Software [Ver = 1, 0, 0, 1 | Size = 24576 bytes | Modified Date = 29.10.2003 02:06:00 | Attr = ] evteng.exe -> %ProgramFiles%\Intel\Wireless\Bin\EvtEng.exe -> Intel Corporation [Ver = 9, 0, 1, 12 | Size = 86016 bytes | Modified Date = 07.09.2004 15:02:40 | Attr = ] ifrmewrk.exe -> %ProgramFiles%\Intel\Wireless\Bin\iFrmewrk.exe -> Intel Corporation [Ver = 9, 0, 1, 19 | Size = 385024 bytes | Modified Date = 30.10.2004 13:59:54 | Attr = ] issvc.exe -> %ProgramFiles%\Norton Internet Security\ISSVC.exe -> Symantec Corporation [Ver = 8.0.5.14 | Size = 83584 bytes | Modified Date = 18.04.2005 19:49:24 | Attr = ] jusched.exe -> %ProgramFiles%\Java\j2re1.4.2_03\bin\jusched.exe -> [Ver = | Size = 32881 bytes | Modified Date = 19.11.2003 16:48:14 | Attr = ] navapsvc.exe -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\NAVAPSVC.EXE -> Symantec Corporation [Ver = 11.0.16.2 | Size = 177312 bytes | Modified Date = 18.01.2006 13:26:14 | Attr = ] nicconfigsvc.exe -> %ProgramFiles%\Dell\NICCONFIGSVC\NICCONFIGSVC.exe -> Dell Inc. [Ver = 1, 0, 0, 1 | Size = 356352 bytes | Modified Date = 30.01.2005 19:04:26 | Attr = ] quickset.exe -> %ProgramFiles%\Dell\QuickSet\quickset.exe -> [Ver = 1, 0, 0, 1 | Size = 606208 bytes | Modified Date = 07.02.2005 07:43:08 | Attr = ] regsrvc.exe -> %ProgramFiles%\Intel\Wireless\Bin\RegSrvc.exe -> Intel Corporation [Ver = 9, 0, 1, 10 | Size = 139264 bytes | Modified Date = 07.09.2004 15:02:04 | Attr = ] s24evmon.exe -> %ProgramFiles%\Intel\Wireless\Bin\S24EvMon.exe -> Intel Corporation [Ver = 9, 0, 1, 41 | Size = 360521 bytes | Modified Date = 07.09.2004 15:05:10 | Attr = ] sndsrvc.exe -> %CommonProgramFiles%\Symantec Shared\SNDSrvc.exe -> Symantec Corporation [Ver = 5.5.1.6 | Size = 206552 bytes | Modified Date = 05.04.2005 11:17:22 | Attr = ] spbbcsvc.exe -> %CommonProgramFiles%\Symantec Shared\SPBBC\SPBBCSvc.exe -> Symantec Corporation [Ver = 1,0,1,47 | Size = 173160 bytes | Modified Date = 31.01.2005 13:19:24 | Attr = ] symlcsvc.exe -> %CommonProgramFiles%\Symantec Shared\CCPD-LC\symlcsvc.exe -> Symantec Corporation [Ver = 1, 8, 54, 534 | Size = 822424 bytes | Modified Date = 10.05.2005 13:28:44 | Attr = ] symwsc.exe -> %CommonProgramFiles%\Symantec Shared\Security Center\symwsc.exe -> Symantec Corporation [Ver = 2005.1.2.20 | Size = 316544 bytes | Modified Date = 02.11.2004 16:59:50 | Attr = ] tosa2dp.exe -> %ProgramFiles%\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe -> TOSHIBA CORPORATION. [Ver = 3.01.4y30.GR | Size = 253952 bytes | Modified Date = 30.11.2004 18:11:34 | Attr = ] tosbthsp.exe -> %ProgramFiles%\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe -> TOSHIBA CORPORATION. [Ver = 2.03.3603.0 | Size = 450560 bytes | Modified Date = 14.10.2004 03:13:58 | Attr = ] tosbtmng.exe -> %ProgramFiles%\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe -> TOSHIBA CORPORATION. [Ver = 3.03.5114.GR | Size = 479232 bytes | Modified Date = 14.01.2005 18:58:40 | Attr = ] ulcdrsvr.exe -> %CommonProgramFiles%\Ulead Systems\DVD\ULCDRSvr.exe -> Ulead Systems, Inc. [Ver = 1, 0, 0, 4 | Size = 49152 bytes | Modified Date = 13.03.2004 04:04:16 | Attr = ] unlockerassistant.exe -> %ProgramFiles%\Unlocker\UnlockerAssistant.exe -> [Ver = | Size = 15872 bytes | Modified Date = 07.09.2006 17:19:28 | Attr = ] winpfind3u.exe -> %UserDesktop%\Virenbekämpfung\WinPFind3u\WinPFind3U.exe -> Oldtimer Tools [Ver = 1.0.19.0 | Size = 311296 bytes | Modified Date = 23.02.2007 21:00:08 | Attr = ] wlkeeper.exe -> %ProgramFiles%\Intel\Wireless\Bin\WLKEEPER.exe -> Intel® Corporation [Ver = 9, 0, 1, 14 | Size = 225353 bytes | Modified Date = 07.09.2004 15:12:32 | Attr = ] zcfgsvc.exe -> %ProgramFiles%\Intel\Wireless\Bin\ZCfgSvc.exe -> Intel Corporation [Ver = 9, 0, 1, 45 | Size = 389120 bytes | Modified Date = 07.09.2004 15:08:02 | Attr = ] [Win32 Services - Non-Microsoft Only] (Adobe LM Service) Adobe LM Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Adobe Systems Shared\Service\Adobelmsvc.exe -> Adobe Systems [Ver = 2.67.010 | Size = 72704 bytes | Modified Date = 22.10.2006 16:57:26 | Attr = ] (Ati HotKey Poller) Ati HotKey Poller [Win32_Own | Auto | Running] -> %System32%\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4107 | Size = 405504 bytes | Modified Date = 04.12.2004 02:32:34 | Attr = ] (Automatisches LiveUpdate - Scheduler) Automatisches LiveUpdate - Scheduler [Win32_Own | Auto | Running] -> %ProgramFiles%\Symantec\LiveUpdate\ALUSchedulerSvc.exe -> Symantec Corporation [Ver = 3.0.0.171 | Size = 100032 bytes | Modified Date = 03.08.2006 17:34:44 | Attr = ] (ccEvtMgr) Symantec Event Manager [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\CCEVTMGR.EXE -> Symantec Corporation [Ver = 103.0.7.2 | Size = 198304 bytes | Modified Date = 08.03.2006 14:21:28 | Attr = ] (ccProxy) Symantec Network Proxy [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\CCPROXY.EXE -> Symantec Corporation [Ver = 103.0.8.2 | Size = 235168 bytes | Modified Date = 10.07.2006 14:32:58 | Attr = ] (ccPwdSvc) Symantec Password Validation [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Symantec Shared\CCPWDSVC.EXE -> Symantec Corporation [Ver = 103.0.7.2 | Size = 79520 bytes | Modified Date = 08.03.2006 14:21:30 | Attr = ] (ccSetMgr) Symantec Settings Manager [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\CCSETMGR.EXE -> Symantec Corporation [Ver = 103.0.7.2 | Size = 181920 bytes | Modified Date = 08.03.2006 14:21:30 | Attr = ] (dmadmin) Verwaltungsdienst für die Verwaltung logischer Datenträger [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 225280 bytes | Modified Date = 04.08.2004 13:00:00 | Attr = ] (EvtEng) EvtEng [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\EvtEng.exe -> Intel Corporation [Ver = 9, 0, 1, 12 | Size = 86016 bytes | Modified Date = 07.09.2004 15:02:40 | Attr = ] (ISSVC) ISSVC [Win32_Own | Auto | Running] -> %ProgramFiles%\Norton Internet Security\ISSVC.exe -> Symantec Corporation [Ver = 8.0.5.14 | Size = 83584 bytes | Modified Date = 18.04.2005 19:49:24 | Attr = ] (LiveUpdate) LiveUpdate [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Symantec\LiveUpdate\LuComServer_3_0.EXE -> Symantec Corporation [Ver = 3.0.0.171 | Size = 2119360 bytes | Modified Date = 03.08.2006 17:34:44 | Attr = ] (navapsvc) Norton AntiVirus Auto-Protect-Dienst [Win32_Own | Auto | Running] -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\NAVAPSVC.EXE -> Symantec Corporation [Ver = 11.0.16.2 | Size = 177312 bytes | Modified Date = 18.01.2006 13:26:14 | Attr = ] (NICCONFIGSVC) NICCONFIGSVC [Win32_Own | Auto | Running] -> %ProgramFiles%\Dell\NICCONFIGSVC\NICCONFIGSVC.exe -> Dell Inc. [Ver = 1, 0, 0, 1 | Size = 356352 bytes | Modified Date = 30.01.2005 19:04:26 | Attr = ] (RegSrvc) RegSrvc [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\RegSrvc.exe -> Intel Corporation [Ver = 9, 0, 1, 10 | Size = 139264 bytes | Modified Date = 07.09.2004 15:02:04 | Attr = ] (S24EventMonitor) Spectrum24 Event Monitor [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\S24EvMon.exe -> Intel Corporation [Ver = 9, 0, 1, 41 | Size = 360521 bytes | Modified Date = 07.09.2004 15:05:10 | Attr = ] (SAVScan) SAVScan [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\SAVSCAN.EXE -> Symantec Corporation [Ver = 9.4.2.1 | Size = 198368 bytes | Modified Date = 07.03.2005 20:59:36 | Attr = ] (SBService) ScriptBlocking Service [Win32_Own | Auto | Stopped] -> %CommonProgramFiles%\Symantec Shared\Script Blocking\SBSERV.EXE -> Symantec Corporation [Ver = 11.0.16.2 | Size = 67184 bytes | Modified Date = 19.10.2005 18:55:00 | Attr = ] (SNDSrvc) Symantec Network Drivers Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\SNDSrvc.exe -> Symantec Corporation [Ver = 5.5.1.6 | Size = 206552 bytes | Modified Date = 05.04.2005 11:17:22 | Attr = ] (SPBBCSvc) Symantec SPBBCSvc [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\SPBBC\SPBBCSvc.exe -> Symantec Corporation [Ver = 1,0,1,47 | Size = 173160 bytes | Modified Date = 31.01.2005 13:19:24 | Attr = ] (Symantec Core LC) Symantec Core LC [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\CCPD-LC\symlcsvc.exe -> Symantec Corporation [Ver = 1, 8, 54, 534 | Size = 822424 bytes | Modified Date = 10.05.2005 13:28:44 | Attr = ] (SymWSC) SymWMI Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\Security Center\symwsc.exe -> Symantec Corporation [Ver = 2005.1.2.20 | Size = 316544 bytes | Modified Date = 02.11.2004 16:59:50 | Attr = ] (UleadBurningHelper) Ulead Burning Helper [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Ulead Systems\DVD\ULCDRSvr.exe -> Ulead Systems, Inc. [Ver = 1, 0, 0, 4 | Size = 49152 bytes | Modified Date = 13.03.2004 04:04:16 | Attr = ] (WLANKEEPER) WLANKEEPER [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\Wireless\Bin\WLKEEPER.exe -> Intel® Corporation [Ver = 9, 0, 1, 14 | Size = 225353 bytes | Modified Date = 07.09.2004 15:12:32 | Attr = ] [Registry - Non-Microsoft Only] < Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Apoint -> %ProgramFiles%\Apoint\Apoint.exe -> Alps Electric Co., Ltd. [Ver = 5.5.101.141 | Size = 155648 bytes | Modified Date = 13.09.2004 15:33:20 | Attr = ] ATIPTA -> %ProgramFiles%\ATI Technologies\ATI Control Panel\atiptaxx.exe -> ATI Technologies, Inc. [Ver = 6.14.10.5125 | Size = 344064 bytes | Modified Date = 03.12.2004 20:00:00 | Attr = ] ccApp -> %CommonProgramFiles%\Symantec Shared\CCAPP.EXE -> Symantec Corporation [Ver = 103.0.7.2 | Size = 59040 bytes | Modified Date = 08.03.2006 14:21:28 | Attr = ] Dell QuickSet -> %ProgramFiles%\Dell\QuickSet\quickset.exe -> [Ver = 1, 0, 0, 1 | Size = 606208 bytes | Modified Date = 07.02.2005 07:43:08 | Attr = ] IntelWireless -> %ProgramFiles%\Intel\Wireless\Bin\iFrmewrk.exe -> Intel Corporation [Ver = 9, 0, 1, 19 | Size = 385024 bytes | Modified Date = 30.10.2004 13:59:54 | Attr = ] SunJavaUpdateSched -> %ProgramFiles%\Java\j2re1.4.2_03\bin\jusched.exe -> [Ver = | Size = 32881 bytes | Modified Date = 19.11.2003 16:48:14 | Attr = ] Symantec NetDriver Monitor -> %ProgramFiles%\SymNetDrv\SNDMon.exe -> Symantec Corporation [Ver = 5.5.1.6 | Size = 100056 bytes | Modified Date = 04.12.2005 00:32:02 | Attr = ] UnlockerAssistant -> %ProgramFiles%\Unlocker\UnlockerAssistant.exe -> [Ver = | Size = 15872 bytes | Modified Date = 07.09.2006 17:19:28 | Attr = ] < OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ IMAIL -> Installed = 1 -> MAPI -> Installed = 1 -> MSFS -> Installed = 1 -> < Common Startup > -> C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart %AllUsersStartup%\Bluetooth Manager.lnk -> %ProgramFiles%\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe -> TOSHIBA CORPORATION. [Ver = 3.03.5114.GR | Size = 479232 bytes | Modified Date = 14.01.2005 18:58:40 | Attr = ] %AllUsersStartup%\Digital Line Detect.lnk -> %ProgramFiles%\Digital Line Detect\DLG.exe -> BVRP Software [Ver = 1, 0, 0, 1 | Size = 24576 bytes | Modified Date = 29.10.2003 02:06:00 | Attr = ] < User Startup > -> C:\Dokumente und Einstellungen\Seeeb\Startmenü\Programme\Autostart %UserStartup%\Adobe Gamma.lnk -> %CommonProgramFiles%\Adobe\Calibration\Adobe Gamma Loader.exe -> Adobe Systems, Inc. [Ver = 1, 0, 0, 1 | Size = 113664 bytes | Modified Date = 16.03.2005 18:16:50 | Attr = ] < Disabled MSConfig Registry Items [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ DVDLauncher -> %ProgramFiles%\CyberLink\PowerDVD\DVDLauncher.exe -> CyberLink Corp. [Ver = 3.00.0000 | Size = 57344 bytes | Modified Date = 12.10.2004 16:54:30 | Attr = ] NeroFilterCheck -> %System32%\NeroCheck.exe -> Ahead Software Gmbh [Ver = 1, 0, 0, 2 | Size = 155648 bytes | Modified Date = 09.07.2001 10:50:42 | Attr = ] snpstd -> %SystemRoot%\vsnpstd.exe -> [Ver = 1, 0, 0, 4 | Size = 40960 bytes | Modified Date = 31.12.2003 17:39:04 | Attr = ] Sony Ericsson PC Suite -> %ProgramFiles%\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe -> Sony Ericsson Mobile Communications AB [Ver = 1.1.1.3 | Size = 159744 bytes | Modified Date = 26.10.2005 16:17:24 | Attr = R ] swg -> %ProgramFiles%\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe -> File not found TerraTec Remote Control -> %CommonProgramFiles%\TerraTec\Remote\TTTVRC.exe -> TerraTec Electronic GmbH [Ver = 3, 73, 0, 273 | Size = 1404928 bytes | Modified Date = 14.07.2005 10:45:32 | Attr = ] < File Associations > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ .bat [@ = batfile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb} -> .cmd [@ = cmdfile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb} -> .com [@ = comfile] -> PersistentHandler = {098f2470-bae0-11cd-b579-08002b30bfeb} -> .cpl [@ = cplfile] -> PersistentHandler = {098f2470-bae0-11cd-b579-08002b30bfeb} -> .exe [@ = exefile] -> PersistentHandler = {098f2470-bae0-11cd-b579-08002b30bfeb} -> .hta [@ = htafile] -> PersistentHandler = {eec97550-47a9-11cf-b952-00aa0051fe20} -> .html [@ = htmlfile] -> PersistentHandler = {eec97550-47a9-11cf-b952-00aa0051fe20} -> .inf [@ = inffile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb} -> .ini [@ = inifile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb} -> .url [@ = InternetShortcut] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb} -> .js [@ = JSFile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb} -> .jse [@ = JSEFile] -> PersistentHandler = Reg Data - Key not found -> .pif [@ = piffile] -> PersistentHandler = Reg Data - Key not found -> .reg [@ = regfile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb} -> .scr [@ = scrfile] -> PersistentHandler = Reg Data - Key not found -> .txt [@ = txtfile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb} -> .vbe [@ = VBEFile] -> PersistentHandler = Reg Data - Key not found -> .vbs [@ = VBSFile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb} -> .wsf [@ = WSFFile] -> PersistentHandler = Reg Data - Key not found -> .wsh [@ = WSHFile] -> PersistentHandler = Reg Data - Key not found -> < Registry Shell Spawning > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command batfile [edit] -> %SystemRoot%\System32\NOTEPAD.EXE %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 70144 bytes | Modified Date = 04.08.2004 13:00:00 | Attr = ] batfile [open] -> "%1" %* -> batfile [print] -> %SystemRoot%\System32\NOTEPAD.EXE /p %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 70144 bytes | Modified Date = 04.08.2004 13:00:00 | Attr = ] cmdfile [edit] -> %SystemRoot%\System32\NOTEPAD.EXE %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 70144 bytes | Modified Date = 04.08.2004 13:00:00 | Attr = ] cmdfile [open] -> "%1" %* -> cmdfile [print] -> %SystemRoot%\System32\NOTEPAD.EXE /p %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 70144 bytes | Modified Date = 04.08.2004 13:00:00 | Attr = ] comfile [open] -> "%1" %* -> cplfile [cplopen] -> rundll32.exe shell32.dll,Control_RunDLL "%1",%* -> Microsoft Corporation [Ver = 6.00.2900.3051 (xpsp_sp2_gdr.061219-0316) | Size = 8494592 bytes | Modified Date = 19.12.2006 21:49:40 | Attr = ] exefile [open] -> "%1" %* -> htafile [open] -> %System32%\mshta.exe "%1" %* -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 29184 bytes | Modified Date = 04.08.2004 13:00:00 | Attr = ] htmlfile [edit] -> "%ProgramFiles%\Microsoft Office\OFFICE11\msohtmed.exe" %1 -> Microsoft Corporation [Ver = 11.0.5510 | Size = 55360 bytes | Modified Date = 14.07.2003 21:52:56 | Attr = ] htmlfile [open] -> "%ProgramFiles%\Internet Explorer\iexplore.exe" -nohome -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 93184 bytes | Modified Date = 04.08.2004 13:00:00 | Attr = ] htmlfile [opennew] -> "%ProgramFiles%\Internet Explorer\iexplore.exe" %1 -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 93184 bytes | Modified Date = 04.08.2004 13:00:00 | Attr = ] htmlfile [print] -> "%ProgramFiles%\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 -> Microsoft Corporation [Ver = 11.0.5510 | Size = 55360 bytes | Modified Date = 14.07.2003 21:52:56 | Attr = ] http [open] -> "%ProgramFiles%\Internet Explorer\iexplore.exe" -nohome -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 93184 bytes | Modified Date = 04.08.2004 13:00:00 | Attr = ] https [open] -> "%ProgramFiles%\Internet Explorer\iexplore.exe" -nohome -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 93184 bytes | Modified Date = 04.08.2004 13:00:00 | Attr = ] inffile [install] -> %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 33792 bytes | Modified Date = 04.08.2004 13:00:00 | Attr = ] inffile [open] -> %SystemRoot%\System32\NOTEPAD.EXE %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 70144 bytes | Modified Date = 04.08.2004 13:00:00 | Attr = ] inffile [print] -> %SystemRoot%\System32\NOTEPAD.EXE /p %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 70144 bytes | Modified Date = 04.08.2004 13:00:00 | Attr = ] inifile [open] -> %SystemRoot%\System32\NOTEPAD.EXE %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 70144 bytes | Modified Date = 04.08.2004 13:00:00 | Attr = ] inifile [print] -> %SystemRoot%\System32\NOTEPAD.EXE /p %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 70144 bytes | Modified Date = 04.08.2004 13:00:00 | Attr = ] InternetShortcut [open] -> rundll32.exe shdocvw.dll,OpenURL %l -> Microsoft Corporation [Ver = 6.00.2900.3059 (xpsp_sp2_qfe.070104-0040) | Size = 1498112 bytes | Modified Date = 04.01.2007 14:02:12 | Attr = ] InternetShortcut [print] -> rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" -> Microsoft Corporation [Ver = 6.00.2900.3059 (xpsp_sp2_qfe.070104-0040) | Size = 3083264 bytes | Modified Date = 04.01.2007 14:02:06 | Attr = ] jsfile [edit] -> %SystemRoot%\System32\Notepad.exe %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 70144 bytes | Modified Date = 04.08.2004 13:00:00 | Attr = ] jsfile [open] -> %SystemRoot%\System32\WScript.exe "%1" %* -> Microsoft Corporation [Ver = 5.6.0.8820 | Size = 114688 bytes | Modified Date = 04.08.2004 13:00:00 | Attr = ] jsfile [print] -> %SystemRoot%\System32\Notepad.exe /p %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 70144 bytes | Modified Date = 04.08.2004 13:00:00 | Attr = ] jsefile [edit] -> %SystemRoot%\System32\Notepad.exe %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 70144 bytes | Modified Date = 04.08.2004 13:00:00 | Attr = ] jsefile [open] -> %SystemRoot%\System32\WScript.exe "%1" %* -> Microsoft Corporation [Ver = 5.6.0.8820 | Size = 114688 bytes | Modified Date = 04.08.2004 13:00:00 | Attr = ] jsefile [print] -> %SystemRoot%\System32\Notepad.exe /p %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 70144 bytes | Modified Date = 04.08.2004 13:00:00 | Attr = ] piffile [open] -> "%1" %* -> regfile [edit] -> %SystemRoot%\system32\NOTEPAD.EXE %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 70144 bytes | Modified Date = 04.08.2004 13:00:00 | Attr = ] regfile [open] -> regedit.exe "%1" -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 153600 bytes | Modified Date = 04.08.2004 13:00:00 | Attr = ] regfile [merge] -> Reg Data - Key not found -> regfile [print] -> %SystemRoot%\system32\NOTEPAD.EXE /p %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 70144 bytes | Modified Date = 04.08.2004 13:00:00 | Attr = ] scrfile [config] -> "%1" -> scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 138240 bytes | Modified Date = 04.08.2004 13:00:00 | Attr = ] scrfile [open] -> "%1" /S -> txtfile [edit] -> Reg Data - Key not found -> txtfile [open] -> %SystemRoot%\system32\NOTEPAD.EXE %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 70144 bytes | Modified Date = 04.08.2004 13:00:00 | Attr = ] txtfile [print] -> %SystemRoot%\system32\NOTEPAD.EXE /p %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 70144 bytes | Modified Date = 04.08.2004 13:00:00 | Attr = ] txtfile [printto] -> %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 70144 bytes | Modified Date = 04.08.2004 13:00:00 | Attr = ] vbefile [edit] -> %SystemRoot%\System32\Notepad.exe %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 70144 bytes | Modified Date = 04.08.2004 13:00:00 | Attr = ] vbefile [open] -> %SystemRoot%\System32\WScript.exe "%1" %* -> Microsoft Corporation [Ver = 5.6.0.8820 | Size = 114688 bytes | Modified Date = 04.08.2004 13:00:00 | Attr = ] vbefile [print] -> %SystemRoot%\System32\Notepad.exe /p %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 70144 bytes | Modified Date = 04.08.2004 13:00:00 | Attr = ] vbsfile [edit] -> %SystemRoot%\System32\Notepad.exe %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 70144 bytes | Modified Date = 04.08.2004 13:00:00 | Attr = ] vbsfile [open] -> %SystemRoot%\System32\WScript.exe "%1" %* -> Microsoft Corporation [Ver = 5.6.0.8820 | Size = 114688 bytes | Modified Date = 04.08.2004 13:00:00 | Attr = ] vbsfile [print] -> %SystemRoot%\System32\Notepad.exe /p %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 70144 bytes | Modified Date = 04.08.2004 13:00:00 | Attr = ] wsffile [edit] -> %SystemRoot%\System32\Notepad.exe %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 70144 bytes | Modified Date = 04.08.2004 13:00:00 | Attr = ] wsffile [open] -> %SystemRoot%\System32\WScript.exe "%1" %* -> Microsoft Corporation [Ver = 5.6.0.8820 | Size = 114688 bytes | Modified Date = 04.08.2004 13:00:00 | Attr = ] wsffile [print] -> %SystemRoot%\System32\Notepad.exe /p %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 70144 bytes | Modified Date = 04.08.2004 13:00:00 | Attr = ] wshfile [open] -> %SystemRoot%\System32\WScript.exe "%1" %* -> Microsoft Corporation [Ver = 5.6.0.8820 | Size = 114688 bytes | Modified Date = 04.08.2004 13:00:00 | Attr = ] Unknown [openas] -> %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 -> Microsoft Corporation [Ver = 6.00.2900.3051 (xpsp_sp2_gdr.061219-0316) | Size = 8494592 bytes | Modified Date = 19.12.2006 21:49:40 | Attr = ] Directory [find] -> %SystemRoot%\Explorer.exe -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 1035264 bytes | Modified Date = 04.08.2004 13:00:00 | Attr = ] Directory [Winamp.Bookmark] -> "%ProgramFiles%\Winamp\Winamp.exe" /BOOKMARK "%1" -> Nullsoft [Ver = 5.04 | Size = 979456 bytes | Modified Date = 27.07.2004 20:39:14 | Attr = ] Directory [Winamp.Enqueue] -> "%ProgramFiles%\Winamp\Winamp.exe" /ADD "%1" -> Nullsoft [Ver = 5.04 | Size = 979456 bytes | Modified Date = 27.07.2004 20:39:14 | Attr = ] Directory [Winamp.Play] -> "%ProgramFiles%\Winamp\Winamp.exe" "%1" -> Nullsoft [Ver = 5.04 | Size = 979456 bytes | Modified Date = 27.07.2004 20:39:14 | Attr = ] Folder [open] -> %SystemRoot%\Explorer.exe /idlist,%I,%L -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 1035264 bytes | Modified Date = 04.08.2004 13:00:00 | Attr = ] Folder [explore] -> %SystemRoot%\Explorer.exe /e,/idlist,%I,%L -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 1035264 bytes | Modified Date = 04.08.2004 13:00:00 | Attr = ] Drive [find] -> %SystemRoot%\Explorer.exe -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 1035264 bytes | Modified Date = 04.08.2004 13:00:00 | Attr = ] Applications\iexplore.exe [open] -> "%ProgramFiles%\Internet Explorer\iexplore.exe" %1 -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 93184 bytes | Modified Date = 04.08.2004 13:00:00 | Attr = ] CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -> "%ProgramFiles%\Internet Explorer\iexplore.exe" -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 93184 bytes | Modified Date = 04.08.2004 13:00:00 | Attr = ] < ActiveX StubPath [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\ {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -> -> {22d6f312-b0f6-11d0-94ab-0080c74c7e95} -> -> {2C7339CF-2B09-4501-B3F3-F3508C9228ED} -> %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll -> {44BBA840-CC51-11CF-AAFA-00AA00B6015C} -> "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install -> {44BBA842-CC51-11CF-AAFA-00AA00B6015B} -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT -> {5945c046-1e7d-11d1-bc44-00c04fd912be} -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser -> {6BF52A52-394A-11d3-B153-00C04F79FAA6} -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub -> {73FA19D0-2D75-11D2-995D-00C04F98BBC9} -> -> {7790769C-0471-11d2-AF11-00C04FA35D02} -> "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install -> {89820200-ECBD-11cf-8B85-00AA005B4340} -> regsvr32.exe /s /n /i:U shell32.dll -> {89820200-ECBD-11cf-8B85-00AA005B4383} -> %SystemRoot%\system32\ie4uinit.exe -> {89B4C1CD-B018-4511-B0A1-5476DBF70820} -> C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install -> {8b15971b-5355-4c82-8c07-7e181ea07608} -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser -> {94de52c8-2d59-4f1b-883e-79663d2d9a8c} -> -> <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} -> C:\WINDOWS\system32\ieudinit.exe >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} -> C:\WINDOWS\inf\unregmp2.exe /ShowWMP -> >{26923b43-4d38-484f-9b9e-de460746276c} -> %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE -> >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS -> RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP -> >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} -> %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE -> < WOW Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WOW cmdline -> %SystemRoot%\system32\ntvdm.exe -> wowcmdline -> %SystemRoot%\system32\ntvdm.exe -a %SystemRoot%\system32\krnl386 -> < Session Manager Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager BootExecute -> autocheck autochk *; -> < SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders < Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon *VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> Control_RunDLL -> -> File not found < Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon < Winlogon\Notify settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ AtiExtEvent -> %System32%\ati2evxx.dll -> ATI Technologies Inc. [Ver = 6.14.10.4107 | Size = 90112 bytes | Modified Date = 04.12.2004 02:32:40 | Attr = ] < Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 -> < Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer not found. -> -> < Desktop Components > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\ 0 -> [Key] -> 0 -> FriendlyName = Die derzeitige Homepage -> 0 -> Source = About:Home -> 0 -> SubscribedURL = About:Home -> < HOSTS File > (820 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts 127.0.0.1 localhost -> -> < Internet Explorer Settings > -> HKLM: Default_Page_URL -> http://www.euro.dell.com/ -> HKLM: Main\\Default_Search_URL -> http://www.google.com/ie -> HKLM: Local Page -> %SystemRoot%\system32\blank.htm -> HKLM: Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKLM: Start Page -> http://www.euro.dell.com/ -> HKLM: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKLM: Search\\Default_Search_URL -> http://www.google.com/ie -> HKLM: SearchAssistant -> http://www.google.com/ie -> HKCU: Default_Page_URL -> http://www.euro.dell.com/ -> HKCU: Local Page -> C:\WINDOWS\system32\blank.htm -> HKCU: Search Bar -> http://www.google.com/ie -> HKCU: Search Page -> http://www.google.com -> HKCU: Start Page -> http://www.google.de/ -> HKCU: SearchAssistant -> http://www.google.com/ie -> HKCU: ProxyEnable -> 0 -> < Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ msn.com [ - ] -> -> < BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [AcroIEHlprObj Class] -> Adobe Systems Incorporated [Ver = 6.0.1.2003110300 | Size = 54248 bytes | Modified Date = 03.11.2003 13:17:44 | Attr = ] {9ECB9560-04F9-4bbc-943D-298DDF1699E1} [HKLM] -> %CommonProgramFiles%\Symantec Shared\AdBlocking\NISShExt.dll [CNisExtBho Class] -> Symantec Corporation [Ver = 8.0.2.5 | Size = 103552 bytes | Modified Date = 31.01.2005 13:19:00 | Attr = ] {AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> %ProgramFiles%\google\googletoolbar1.dll [Google Toolbar Helper] -> File not found {BDF3E430-B101-42AD-A544-FADC6B084872} [HKLM] -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL [CNavExtBho Class] -> Symantec Corporation [Ver = 11.0.16.2 | Size = 218784 bytes | Modified Date = 18.01.2006 13:26:16 | Attr = ] < Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} [HKLM] -> %CommonProgramFiles%\Symantec Shared\AdBlocking\NISShExt.dll [Norton Internet Security] -> Symantec Corporation [Ver = 8.0.2.5 | Size = 103552 bytes | Modified Date = 31.01.2005 13:19:00 | Attr = ] {2318C2B1-4965-11d4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\google\googletoolbar1.dll [&Google] -> File not found {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKLM] -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL [Norton AntiVirus] -> Symantec Corporation [Ver = 11.0.16.2 | Size = 218784 bytes | Modified Date = 18.01.2006 13:26:16 | Attr = ] < Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKLM] -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL [Norton AntiVirus] -> Symantec Corporation [Ver = 11.0.16.2 | Size = 218784 bytes | Modified Date = 18.01.2006 13:26:16 | Attr = ] WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} [HKLM] -> %CommonProgramFiles%\Symantec Shared\AdBlocking\NISShExt.dll [Norton Internet Security] -> Symantec Corporation [Ver = 8.0.2.5 | Size = 103552 bytes | Modified Date = 31.01.2005 13:19:00 | Attr = ] WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\google\googletoolbar1.dll [&Google] -> File not found WebBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKLM] -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL [Norton AntiVirus] -> Symantec Corporation [Ver = 11.0.16.2 | Size = 218784 bytes | Modified Date = 18.01.2006 13:26:16 | Attr = ] < Internet Explorer CmdMapping [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -> 8192 - Sun Java Konsole -> {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} -> 8195 - Reg Data - Key not found -> {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} -> 8196 - Reg Data - Key not found -> {85d1f590-48f4-11d9-9669-0800200c9a66} -> 8199 - Uninstall BitDefender Online Scanner v8 -> {92780B25-18CC-41C8-B9BE-3C9C571A8263} -> 8193 - Reg Data - Value does not exist -> {B863453A-26C3-4e1f-A54D-A2CD196348E9} -> 8197 - Reg Data - Key not found -> {e2e2dd38-d088-4134-82b7-f2ba38496583} -> 8198 - @xpsp3res.dll,-20001 -> {FB5F1910-F110-11d2-BB9E-00C04F795683} -> 8194 - Windows Messenger -> NextId -> 8200 -> < Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ {85d1f590-48f4-11d9-9669-0800200c9a66} [HKLM] -> Reg Data - Key not found [MenuText: Uninstall BitDefender Online Scanner v8] -> File not found {92780B25-18CC-41C8-B9BE-3C9C571A8263} -> Reg Data - Value does not exist [ButtonText: Recherchieren] -> File not found {e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> Reg Data - Key not found [MenuText: @xpsp3res.dll,-20001] -> File not found {FB5F1910-F110-11d2-BB9E-00C04F795683} -> %ProgramFiles%\Messenger\msmsgs.exe [ButtonText: Messenger] -> File not found < Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ Nach Microsoft &Excel exportieren -> -> File not found < Approved Shell Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved {00E7B358-F65B-4dcf-83DF-CD026B94BFD4} [HKLM] -> Reg Data - Key not found [Autoplay for SlideShow] -> File not found {0DF44EAA-FF21-4412-828E-260A8728E7F1} [HKLM] -> Reg Data - Key not found [Taskleiste und Startmenü] -> File not found {42071714-76d4-11d1-8b24-00a0c9068ff3} [HKLM] -> deskpan.dll [CPL-Erweiterung für Anzeigeverschiebung] -> File not found {73B24247-042E-4EF5-ADC2-42F62E6FD654} [HKLM] -> Reg Data - Key not found [ICQ Lite Shell Extension] -> File not found {764BF0E1-F219-11ce-972D-00AA00A14F56} [HKLM] -> Reg Data - Key not found [Shellerweiterungen für die Dateikomprimierung] -> File not found {7A9D77BD-5403-11d2-8785-2E0420524153} [HKLM] -> Reg Data - Key not found [Benutzerkonten] -> File not found {853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} [HKLM] -> Reg Data - Key not found [Kontextmenü für die Verschlüsselung] -> File not found {88895560-9AA2-1069-930E-00AA0030EBC8} [HKLM] -> %System32%\hticons.dll [Erweiterung für HyperTerminal-Icons] -> Hilgraeve, Inc. [Ver = 5.1.2600.0 | Size = 44544 bytes | Modified Date = 04.08.2004 13:00:00 | Attr = ] {A5110426-177D-4e08-AB3F-785F10B4439C} [HKLM] -> %ProgramFiles%\Sony Ericsson\Mobile2\File Manager\fmgrgui.dll [Sony Ericsson Datei-Manager] -> Sony Ericsson Mobile Communications AB [Ver = 1, 3, 11, 0 | Size = 397312 bytes | Modified Date = 14.03.2006 15:23:00 | Attr = R ] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR shell extension] -> [Ver = | Size = 126976 bytes | Modified Date = 16.09.2006 21:19:36 | Attr = ] {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} [HKLM] -> %ProgramFiles%\Unlocker\UnlockerCOM.dll [UnlockerShellExtension] -> [Ver = | Size = 8704 bytes | Modified Date = 07.09.2006 17:19:02 | Attr = ] {E0D79304-84BE-11CE-9641-444553540000} [HKLM] -> %ProgramFiles%\WinZip\WZSHLSTB.DLL [WinZip] -> WinZip Computing, Inc. [Ver = 4.1 (32-bit) | Size = 5120 bytes | Modified Date = 14.09.2004 09:00:00 | Attr = ] {E0D79305-84BE-11CE-9641-444553540000} [HKLM] -> %ProgramFiles%\WinZip\WZSHLSTB.DLL [WinZip] -> WinZip Computing, Inc. [Ver = 4.1 (32-bit) | Size = 5120 bytes | Modified Date = 14.09.2004 09:00:00 | Attr = ] {E0D79306-84BE-11CE-9641-444553540000} [HKLM] -> %ProgramFiles%\WinZip\WZSHLSTB.DLL [WinZip] -> WinZip Computing, Inc. [Ver = 4.1 (32-bit) | Size = 5120 bytes | Modified Date = 14.09.2004 09:00:00 | Attr = ] {E0D79307-84BE-11CE-9641-444553540000} [HKLM] -> %ProgramFiles%\WinZip\WZSHLSTB.DLL [WinZip] -> WinZip Computing, Inc. [Ver = 4.1 (32-bit) | Size = 5120 bytes | Modified Date = 14.09.2004 09:00:00 | Attr = ] {F367BD78-D2B5-459A-B775-9C14E06FCC3D} [HKLM] -> %ProgramFiles%\Miranda IM\Plugins\shellfilesend.dll [Miranda Contact] -> [Ver = 1, 0, 0, 1 | Size = 123904 bytes | Modified Date = 14.06.2004 15:27:46 | Attr = ] < ContextMenuHandlers - * [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\ {5345A4D5-41EB-4A2F-9616-CE1D4F6C35B2} [HKLM] -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL [Symantec.Norton.Antivirus.IEContextMenu] -> Symantec Corporation [Ver = 11.0.16.2 | Size = 218784 bytes | Modified Date = 18.01.2006 13:26:16 | Attr = ] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR] -> [Ver = | Size = 126976 bytes | Modified Date = 16.09.2006 21:19:36 | Attr = ] {E0D79304-84BE-11CE-9641-444553540000} [HKLM] -> %ProgramFiles%\WinZip\WZSHLSTB.DLL [WinZip] -> WinZip Computing, Inc. [Ver = 4.1 (32-bit) | Size = 5120 bytes | Modified Date = 14.09.2004 09:00:00 | Attr = ] < ContextMenuHandlers - AllFilesystemObjects [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\ {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} [HKLM] -> %ProgramFiles%\Unlocker\UnlockerCOM.dll [UnlockerShellExtension] -> [Ver = | Size = 8704 bytes | Modified Date = 07.09.2006 17:19:02 | Attr = ] < ContextMenuHandlers - Directory [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\ContextMenuHandlers\ {B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR] -> [Ver = | Size = 126976 bytes | Modified Date = 16.09.2006 21:19:36 | Attr = ] {E0D79304-84BE-11CE-9641-444553540000} [HKLM] -> %ProgramFiles%\WinZip\WZSHLSTB.DLL [WinZip] -> WinZip Computing, Inc. [Ver = 4.1 (32-bit) | Size = 5120 bytes | Modified Date = 14.09.2004 09:00:00 | Attr = ] < ContextMenuHandlers - Folder [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ContextMenuHandlers\ {5345A4D5-41EB-4A2F-9616-CE1D4F6C35B2} [HKLM] -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL [Symantec.Norton.Antivirus.IEContextMenu] -> Symantec Corporation [Ver = 11.0.16.2 | Size = 218784 bytes | Modified Date = 18.01.2006 13:26:16 | Attr = ] {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} [HKLM] -> %ProgramFiles%\Unlocker\UnlockerCOM.dll [UnlockerShellExtension] -> [Ver = | Size = 8704 bytes | Modified Date = 07.09.2006 17:19:02 | Attr = ] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR] -> [Ver = | Size = 126976 bytes | Modified Date = 16.09.2006 21:19:36 | Attr = ] {E0D79304-84BE-11CE-9641-444553540000} [HKLM] -> %ProgramFiles%\WinZip\WZSHLSTB.DLL [WinZip] -> WinZip Computing, Inc. [Ver = 4.1 (32-bit) | Size = 5120 bytes | Modified Date = 14.09.2004 09:00:00 | Attr = ] < User Agent Post Platform [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform SV1 -> -> < DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ {1A1C756C-A7D6-4917-B68A-1E3360EBD19D} -> () -> {22E56EE3-38B8-46F8-AF56-91A2CC4AB7D8} -> (Intel(R) PRO/Wireless 2200BG Network Connection) -> {2B2F8174-B6F9-42C3-8135-3BA408F39390} -> (Windows Mobile-based Device) -> {35E110EC-0D0C-4BB3-AF42-82BD087696B0} -> () -> {3AA5BC5E-6EAA-4941-9DD4-4007A4D7E68D} -> (Broadcom 440x 10/100 Integrated Controller) -> {87E0D3E7-B205-418B-B11D-B2A252B7712F} -> (1394-Netzwerkadapter) -> {E9F51CD9-67EA-49DE-B320-F7721B684FF3} -> (Sony Ericsson Device 039 USB Ethernet Emulation (NDIS 5)) -> < Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ipp -> Reg Data - Key not found -> File not found msdaipp -> Reg Data - Key not found -> File not found < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ {17492023-C23A-453E-A040-C7C580BBF700} -> Windows Genuine Advantage Validation Tool - CodeBase = http://go.microsoft.com/fwlink/?linkid=39204 -> {193C772A-87BE-4B19-A7BB-445B226FE9A1} -> ewidoOnlineScan Control - CodeBase = http://downloads.ewido.net/ewidoOnlineScan.cab -> {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> BDSCANONLINE Control - CodeBase = http://download.bitdefender.com/resources/scan8/oscan8.cab -> {9D190AE6-C81E-4039-8061-978EBAD10073} -> F-Secure Online Scanner 3.0 - CodeBase = http://support.f-secure.com/ols/fscax.cab -> Microsoft XML Parser for Java -> - CodeBase = file://C:\WINDOWS\Java\classes\xmldso.cab -> [Files - Created Within 30 days] Battlefield 1942.lnk -> %AllUsersDesktop%\Battlefield 1942.lnk -> [Ver = | Size = 1610 bytes | Created Date = 21.02.2007 16:29:56 | Attr = ] eReg.dat -> %SystemRoot%\eReg.dat -> [Ver = | Size = 536 bytes | Created Date = 21.02.2007 16:30:04 | Attr = ] snpstd.ini -> %SystemRoot%\snpstd.ini -> [Ver = | Size = 15541 bytes | Created Date = 30.01.2007 15:32:51 | Attr = ] snpstd.src -> %SystemRoot%\snpstd.src -> [Ver = | Size = 13023 bytes | Created Date = 30.01.2007 15:32:51 | Attr = ] usnpstd.exe -> %SystemRoot%\usnpstd.exe -> [Ver = 1, 0, 0, 0 | Size = 20480 bytes | Created Date = 30.01.2007 15:32:40 | Attr = ] vsnpstd.exe -> %SystemRoot%\vsnpstd.exe -> [Ver = 1, 0, 0, 4 | Size = 40960 bytes | Created Date = 30.01.2007 15:32:51 | Attr = ] avmadd32.dll -> %System32%\avmadd32.dll -> AVM GmbH [Ver = 3, 17, 0, 0 | Size = 55808 bytes | Created Date = 01.02.2007 17:49:06 | Attr = R ] avmprmon.dll -> %System32%\avmprmon.dll -> AVM Berlin GmbH [Ver = 1, 0, 0, 1 | Size = 16384 bytes | Created Date = 01.02.2007 17:49:08 | Attr = R ] csnpstd.dll -> %System32%\csnpstd.dll -> [Ver = 0, 9, 0, 5 | Size = 61440 bytes | Created Date = 30.01.2007 15:32:43 | Attr = ] dsnpstd.ax -> %System32%\dsnpstd.ax -> [Ver = 1, 0, 1, 1 | Size = 36864 bytes | Created Date = 30.01.2007 15:32:42 | Attr = ] dsnpstd.dll -> %System32%\dsnpstd.dll -> [Ver = 1, 1, 0, 0 | Size = 53248 bytes | Created Date = 30.01.2007 15:32:51 | Attr = ] lame_enc.dll -> %System32%\lame_enc.dll -> [Ver = | Size = 126464 bytes | Created Date = 15.02.2007 13:27:06 | Attr = ] NCTAudioCompress2.dll -> %System32%\NCTAudioCompress2.dll -> Online Media Technologies Ltd. [Ver = 2,6,2,242 | Size = 1810432 bytes | Created Date = 15.02.2007 13:27:06 | Attr = ] NCTAudioCompress3.dll -> %System32%\NCTAudioCompress3.dll -> Online Media Technologies Ltd. [Ver = 1,1,2,401 | Size = 2564096 bytes | Created Date = 15.02.2007 13:27:06 | Attr = ] NCTAudioFile2.dll -> %System32%\NCTAudioFile2.dll -> NCT Company Ltd. [Ver = 2,6,1,573 | Size = 1986560 bytes | Created Date = 15.02.2007 13:27:07 | Attr = ] NCTAVIFile.dll -> %System32%\NCTAVIFile.dll -> NCT Company Ltd. [Ver = 1,6,2,429 | Size = 294912 bytes | Created Date = 15.02.2007 13:27:07 | Attr = ] NCTQuickTimeFile.dll -> %System32%\NCTQuickTimeFile.dll -> Online Media Technologies Company Ltd. [Ver = 1,6,2,1346 | Size = 282624 bytes | Created Date = 15.02.2007 13:27:07 | Attr = ] NCTRMFile.dll -> %System32%\NCTRMFile.dll -> NCT Company Ltd. [Ver = 1,6,2,336 | Size = 1245184 bytes | Created Date = 15.02.2007 13:27:07 | Attr = ] NCTVideoCompress.dll -> %System32%\NCTVideoCompress.dll -> NCT Company Ltd. [Ver = 1,6,2,1384 | Size = 2260992 bytes | Created Date = 15.02.2007 13:27:07 | Attr = ] NCTVideoCoreM.dll -> %System32%\NCTVideoCoreM.dll -> NCT Company Ltd. [Ver = 1,6,2,802 | Size = 991232 bytes | Created Date = 15.02.2007 13:27:07 | Attr = ] NCTVideoCoreU.dll -> %System32%\NCTVideoCoreU.dll -> NCT Company Ltd. [Ver = 1,6,2,185 | Size = 106496 bytes | Created Date = 15.02.2007 13:27:07 | Attr = ] NCTVideoFile.dll -> %System32%\NCTVideoFile.dll -> NCT Company Ltd. [Ver = 1,6,2,104 | Size = 139264 bytes | Created Date = 15.02.2007 13:27:07 | Attr = ] NCTWMVFile.dll -> %System32%\NCTWMVFile.dll -> NCT Company Ltd. [Ver = 1,4,1,140 | Size = 196608 bytes | Created Date = 15.02.2007 13:27:07 | Attr = ] rsnpstd.dll -> %System32%\rsnpstd.dll -> [Ver = 1, 0, 0, 1 | Size = 40960 bytes | Created Date = 30.01.2007 15:32:43 | Attr = ] vsnpstd.dll -> %System32%\vsnpstd.dll -> [Ver = 1, 0, 1, 1 | Size = 36864 bytes | Created Date = 30.01.2007 15:32:42 | Attr = ] snpstd.sys -> %System32%\drivers\snpstd.sys -> [Ver = 1, 0, 9, 7 | Size = 301824 bytes | Created Date = 30.01.2007 15:32:49 | Attr = ] [Files - Modified Within 30 days] boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 211 bytes | Modified Date = 23.02.2007 18:36:28 | Attr = RHS] hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 1341587456 bytes | Modified Date = 25.02.2007 14:28:26 | Attr = HS] DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %LocalAppData%\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [Ver = | Size = 71680 bytes | Modified Date = 21.02.2007 12:52:58 | Attr = ] GDIPFONTCACHEV1.DAT -> %LocalAppData%\GDIPFONTCACHEV1.DAT -> [Ver = | Size = 84344 bytes | Modified Date = 05.02.2007 13:24:22 | Attr = ] IconCache.db -> %LocalAppData%\IconCache.db -> [Ver = | Size = 5857442 bytes | Modified Date = 23.02.2007 01:09:26 | Attr = H ] Battlefield 1942.lnk -> %AllUsersDesktop%\Battlefield 1942.lnk -> [Ver = | Size = 1610 bytes | Modified Date = 21.02.2007 16:29:58 | Attr = ] bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 25.02.2007 14:28:28 | Attr = S] eReg.dat -> %SystemRoot%\eReg.dat -> [Ver = | Size = 536 bytes | Modified Date = 21.02.2007 16:30:06 | Attr = ] imsins.BAK -> %SystemRoot%\imsins.BAK -> [Ver = | Size = 1374 bytes | Modified Date = 15.02.2007 10:21:40 | Attr = ] NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [Ver = | Size = 116 bytes | Modified Date = 21.02.2007 21:43:58 | Attr = ] system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 227 bytes | Modified Date = 23.02.2007 18:36:28 | Attr = ] win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 1155 bytes | Modified Date = 23.02.2007 18:36:28 | Attr = ] winamp.ini -> %SystemRoot%\winamp.ini -> [Ver = | Size = 192 bytes | Modified Date = 25.02.2007 15:28:02 | Attr = ] wininit.ini -> %SystemRoot%\wininit.ini -> [Ver = | Size = 917 bytes | Modified Date = 13.02.2007 17:01:52 | Attr = ] WirelessFTP.INI -> %SystemRoot%\WirelessFTP.INI -> [Ver = | Size = 98 bytes | Modified Date = 11.02.2007 15:49:34 | Attr = ] FNTCACHE.DAT -> %System32%\FNTCACHE.DAT -> [Ver = | Size = 288496 bytes | Modified Date = 08.02.2007 10:13:12 | Attr = ] QuickTime.qtp -> %System32%\QuickTime.qtp -> [Ver = | Size = 8003 bytes | Modified Date = 23.02.2007 12:43:22 | Attr = ] wpa.dbl -> %System32%\wpa.dbl -> [Ver = | Size = 2206 bytes | Modified Date = 25.02.2007 14:29:48 | Attr = ] hosts.ics -> %System32%\drivers\etc\hosts.ics -> [Ver = | Size = 432 bytes | Modified Date = 25.02.2007 14:32:08 | Attr = ] [File String Scan - Non-Microsoft Only] @Alternate Data Stream - 88 bytes -> %SystemDrive%\INFCACHE.1:SummaryInformation -> @Alternate Data Stream - 0 bytes -> %SystemDrive%\INFCACHE.1:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} -> @Alternate Data Stream - 0 bytes -> %SystemRoot%\Thumbs.db:encryptable -> PEC2 , -> %System32%\dfrg.msc -> [Ver = | Size = 41118 bytes | Modified Date = 04.08.2004 13:00:00 | Attr = ] aspack , -> %System32%\lame_enc.dll -> [Ver = | Size = 126464 bytes | Modified Date = 07.08.2003 14:01:52 | Attr = ] winsync , -> %System32%\wbdbase.deu -> [Ver = | Size = 1309184 bytes | Modified Date = 04.08.2004 13:00:00 | Attr = ] < End of report >