"GabriEle" - 2007-05-07 16:05:27 Service Pack 2 ComboFix 07-05.07.3.V - Running from: "C:\Programme\Mozilla Firefox\" ((((((((((((((((((((((((((((((( Files Created from 2007-04-07 to 2007-05-07 )))))))))))))))))))))))))))))))))) 2007-05-07 08:45 d-------- C:\DOKUME~1\GabriEle\ANWEND~1\CyberLink 2007-05-07 08:24 d-------- C:\WINDOWS\ShellNew 2007-05-07 08:18 d-------- C:\DOKUME~1\GabriEle\ANWEND~1\Help 2007-05-07 08:16 d-------- C:\WINDOWS\LastGood 2007-05-07 07:57 71,496 --a------ C:\WINDOWS\system32\drivers\mfeavfk.sys 2007-05-07 07:57 37,480 --a------ C:\WINDOWS\system32\drivers\mfesmfk.sys 2007-05-07 07:57 34,184 --a------ C:\WINDOWS\system32\drivers\mfebopk.sys 2007-05-07 07:57 32,008 --a------ C:\WINDOWS\system32\drivers\mferkdk.sys 2007-05-07 07:57 170,408 --a------ C:\WINDOWS\system32\drivers\mfehidk.sys 2007-05-07 07:57 109,608 --a------ C:\WINDOWS\system32\drivers\Mpfp.sys 2007-05-07 07:56 d-------- C:\Programme\Gemeinsame Dateien\McAfee 2007-05-07 01:07 d-------- C:\Programme\Gemeinsame Dateien\WinAntiVirus Pro 2006 2007-05-07 01:07 d-------- C:\DOKUME~1\GabriEle\ANWEND~1\WinAntiVirus Pro 2006 2007-05-06 13:36 1,140 --a------ C:\WINDOWS\mozver.dat 2007-05-03 22:08 d-------- C:\DOKUME~1\GabriEle\ANWEND~1\AdobeUM 2007-05-03 21:59 d---s---- C:\DOKUME~1\GabriEle\UserData 2007-04-30 14:37 d-------- C:\DOKUME~1\GabriEle\ANWEND~1\Sonic 2007-04-30 14:37 d-------- C:\DOKUME~1\GabriEle\ANWEND~1\Leadertech 2007-04-30 14:26 d-------- C:\DOKUME~1\ALLUSE~1\ANWEND~1\SingleClick Systems 2007-04-30 11:43 88 -r-hs---- C:\WINDOWS\system32\0C59C8B392.sys 2007-04-30 11:43 2,828 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys 2007-04-30 11:42 d-------- C:\DOKUME~1\GabriEle\ANWEND~1\Corel 2007-04-30 11:35 d-------- C:\DOKUME~1\GabriEle\ANWEND~1\Microsoft Web Folders 2007-04-30 11:15 0 --a------ C:\DOKUME~1\GabriEle\ANWEND~1\wklnhst.dat 2007-04-30 11:15 d-------- C:\DOKUME~1\GabriEle\ANWEND~1\Template 2007-04-30 10:50 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys 2007-04-30 10:50 12,288 --a------ C:\WINDOWS\system32\drivers\mouhid.sys 2007-04-28 16:16 0 --a------ C:\WINDOWS\nsreg.dat 2007-04-28 16:09 d-------- C:\DOKUME~1\Besucher\ANWEND~1\Google 2007-04-28 16:07 d-------- C:\DOKUME~1\Besucher\ANWEND~1\McAfee.com Personal Firewall 2007-04-28 16:06 786,432 --ah----- C:\DOKUME~1\Besucher\ntuser.dat 2007-04-28 16:06 dr-h----- C:\DOKUME~1\Besucher\Anwendungsdaten 2007-04-28 16:06 dr------- C:\DOKUME~1\Besucher\Startmen 2007-04-28 16:06 dr------- C:\DOKUME~1\Besucher\Favoriten 2007-04-28 16:06 dr------- C:\DOKUME~1\Besucher\Eigene Dateien 2007-04-28 16:06 d--h----- C:\DOKUME~1\Besucher\Vorlagen 2007-04-28 16:06 d--h----- C:\DOKUME~1\Besucher\Netzwerkumgebung 2007-04-28 16:06 d--h----- C:\DOKUME~1\Besucher\Lokale Einstellungen 2007-04-28 16:06 d--h----- C:\DOKUME~1\Besucher\Druckumgebung 2007-04-28 16:06 d--h----- C:\DOKUME~1\Besucher\ANWEND~1\Gtek 2007-04-25 21:07 d-------- C:\Programme\MSXML 4.0 2007-04-25 19:21 d-------- C:\DOKUME~1\Tabea\ANWEND~1\Google 2007-04-25 19:19 d-------- C:\DOKUME~1\Tabea\ANWEND~1\McAfee.com Personal Firewall 2007-04-25 19:18 786,432 --ah----- C:\DOKUME~1\Tabea\ntuser.dat 2007-04-25 19:18 dr-h----- C:\DOKUME~1\Tabea\Anwendungsdaten 2007-04-25 19:18 dr------- C:\DOKUME~1\Tabea\Startmen 2007-04-25 19:18 dr------- C:\DOKUME~1\Tabea\Favoriten 2007-04-25 19:18 dr------- C:\DOKUME~1\Tabea\Eigene Dateien 2007-04-25 19:18 d--h----- C:\DOKUME~1\Tabea\Vorlagen 2007-04-25 19:18 d--h----- C:\DOKUME~1\Tabea\Netzwerkumgebung 2007-04-25 19:18 d--h----- C:\DOKUME~1\Tabea\Lokale Einstellungen 2007-04-25 19:18 d--h----- C:\DOKUME~1\Tabea\Druckumgebung 2007-04-25 19:18 d--h----- C:\DOKUME~1\Tabea\ANWEND~1\Gtek 2007-04-25 19:18 d-------- C:\DOKUME~1\LOCALS~1\ANWEND~1\McAfee.com Personal Firewall 2007-04-25 16:03 d-------- C:\WINDOWS\system32\PreInstall 2007-04-25 16:02 d-------- C:\DOKUME~1\GabriEle\ANWEND~1\Google 2007-04-25 14:51 d-------- C:\DOKUME~1\ALLUSE~1\ANWEND~1\Google 2007-04-25 14:50 d-------- C:\WINDOWS\system32\SoftwareDistribution 2007-04-25 14:50 d-------- C:\WINDOWS\system32\LogFiles 2007-04-25 12:28 1,572,864 --ah----- C:\DOKUME~1\GabriEle\NTUSER.DAT 2007-04-25 12:28 dr-h----- C:\DOKUME~1\GabriEle\Anwendungsdaten 2007-04-25 12:28 dr------- C:\DOKUME~1\GabriEle\Startmen 2007-04-25 12:28 dr------- C:\DOKUME~1\GabriEle\Favoriten 2007-04-25 12:28 dr------- C:\DOKUME~1\GabriEle\Eigene Dateien 2007-04-25 12:28 d--h----- C:\DOKUME~1\GabriEle\Vorlagen 2007-04-25 12:28 d--h----- C:\DOKUME~1\GabriEle\Netzwerkumgebung 2007-04-25 12:28 d--h----- C:\DOKUME~1\GabriEle\Lokale Einstellungen 2007-04-25 12:28 d--h----- C:\DOKUME~1\GabriEle\Druckumgebung 2007-04-25 12:28 d--h----- C:\DOKUME~1\GabriEle\ANWEND~1\Gtek 2007-04-25 12:28 d-------- C:\DOKUME~1\GabriEle\ANWEND~1\McAfee.com Personal Firewall 2007-04-25 12:22 262,144 --a------ C:\DOKUME~1\ALLUSE~1\NTUSER.DAT 2007-04-19 12:27 d--hs---- C:\RECYCLER 2007-04-19 12:26 d-a------ C:\DOKUME~1\ALLUSE~1\ANWEND~1\TEMP 2007-04-19 12:24 44,544 --a------ C:\WINDOWS\system32\msxml4a.dll 2007-04-19 12:24 198,144 --a------ C:\WINDOWS\system32\_psisdecd.dll 2007-04-19 12:24 1,047,552 --a------ C:\WINDOWS\system32\MFC71u.dll 2007-04-19 12:24 d-------- C:\Programme\CyberLink 2007-04-19 12:24 d-------- C:\MDT 2007-04-19 12:24 d-------- C:\DOKUME~1\ALLUSE~1\ANWEND~1\Dell 2007-04-19 12:24 d-------- C:\DOKUME~1\ALLUSE~1\ANWEND~1\CyberLink 2007-04-19 12:23 d--h----- C:\DOKUME~1\DEFAUL~1\ANWEND~1\Gtek 2007-04-19 12:23 d-------- C:\Programme\Google 2007-04-19 12:23 d-------- C:\Programme\Dell Support 2007-04-19 12:23 d-------- C:\Programme\BAE 2007-04-19 12:23 d-------- C:\DOKUME~1\ALLUSE~1\ANWEND~1\GTek 2007-04-19 12:22 9,216 --a------ C:\WINDOWS\system32\MpfApi.dll 2007-04-19 12:22 80,640 --a------ C:\WINDOWS\system32\drivers\MpFirewall.sys 2007-04-19 12:22 d-------- C:\Programme\McAfee 2007-04-19 12:22 d-------- C:\DOKUME~1\ALLUSE~1\ANWEND~1\McAfee.com Personal Firewall 2007-04-19 12:22 d-------- C:\DOKUME~1\ALLUSE~1\ANWEND~1\McAfee 2007-04-19 12:21 d-------- C:\DOKUME~1\ALLUSE~1\ANWEND~1\McAfee.com 2007-04-19 12:19 98,358 --a------ C:\WINDOWS\dla.exe 2007-04-19 12:19 87,488 --a------ C:\WINDOWS\system32\drivers\drvmcdb.sys 2007-04-19 12:19 61,498 --a------ C:\WINDOWS\system32\tfswapi.dll 2007-04-19 12:19 5,627 --a------ C:\WINDOWS\system32\drivers\sscdbhk5.sys 2007-04-19 12:19 40,480 --a------ C:\WINDOWS\system32\drivers\drvnddm.sys 2007-04-19 12:19 349,760 --a------ C:\WINDOWS\system32\mcinsctl.dll 2007-04-19 12:19 288,320 --a------ C:\WINDOWS\system32\mcgdmgr.dll 2007-04-19 12:19 23,545 --a------ C:\WINDOWS\system32\drivers\ssrtln.sys 2007-04-19 12:19 d-------- C:\WINDOWS\system32\dla 2007-04-19 12:19 d-------- C:\Programme\McAfee.com 2007-04-19 12:19 d-------- C:\DOKUME~1\ALLUSE~1\ANWEND~1\InstallShield 2007-04-19 12:18 d-------- C:\Programme\Sonic 2007-04-19 12:18 d-------- C:\Programme\Gemeinsame Dateien\TiVo Shared 2007-04-19 12:18 d-------- C:\Programme\Gemeinsame Dateien\Sonic Shared 2007-04-19 12:17 d-------- C:\Programme\Dell Network Assistant 2007-04-19 12:16 d-------- C:\Programme\Gemeinsame Dateien\Corel 2007-04-19 12:16 d-------- C:\Programme\Corel 2007-04-19 12:16 d-------- C:\My Music 2007-04-19 12:16 d-------- C:\DOKUME~1\ALLUSE~1\ANWEND~1\Corel 2007-04-19 12:15 53,248 --a------ C:\WINDOWS\system32\DellSys.dll 2007-04-19 12:15 17,153 --a------ C:\WINDOWS\system32\drivers\omci.sys 2007-04-19 12:15 d-------- C:\Programme\Microsoft Works 2007-04-19 12:15 d-------- C:\Programme\Creative 2007-04-19 12:14 89,088 --a------ C:\WINDOWS\system32\ATL71.DLL 2007-04-19 12:14 86,016 --a------ C:\WINDOWS\system32\preflib.dll 2007-04-19 12:14 770,048 --a------ C:\WINDOWS\system32\BCMLogon.dll 2007-04-19 12:14 757,760 --a------ C:\WINDOWS\system32\bcm1xsup.dll 2007-04-19 12:14 69,632 --a------ C:\WINDOWS\system32\bcmwlpkt.dll 2007-04-19 12:14 499,712 --a------ C:\WINDOWS\system32\MSVCP71.DLL 2007-04-19 12:14 44,032 --a------ C:\WINDOWS\system32\wltrynt.dll 2007-04-19 12:14 348,160 --a------ C:\WINDOWS\system32\MSVCR71.DLL 2007-04-19 12:14 33,664 --a------ C:\WINDOWS\system32\drivers\BCMWLNPF.SYS 2007-04-19 12:14 253,952 --a------ C:\WINDOWS\system32\bcmwlu00.exe 2007-04-19 12:14 20,480 --a------ C:\WINDOWS\system32\WLTRYSVC.EXE 2007-04-19 12:14 2,129,920 --a------ C:\WINDOWS\system32\WLBCGCBPRO731.DLL 2007-04-19 12:14 16,128 --a------ C:\WINDOWS\system32\drivers\APPDRV.SYS 2007-04-19 12:14 1,392,640 --a------ C:\WINDOWS\system32\WLTRAY.EXE 2007-04-19 12:14 1,253,376 --a------ C:\WINDOWS\system32\BCMWLTRY.EXE 2007-04-19 12:14 1,060,864 --a------ C:\WINDOWS\system32\MFC71.DLL 2007-04-19 12:14 d--h----- C:\Programme\InstallShield Installation Information 2007-04-19 12:14 d-------- C:\WINDOWS\Downloaded Installations 2007-04-19 12:14 d-------- C:\Programme\NetWaiting 2007-04-19 12:14 d-------- C:\Programme\Modem Helper 2007-04-19 12:14 d-------- C:\Programme\Digital Line Detect 2007-04-19 12:14 d-------- C:\Programme\Dell 2007-04-19 12:14 d-------- C:\Programme\Broadcom 2007-04-19 12:13 94,299 --a------ C:\WINDOWS\system32\SynTPAPI.dll 2007-04-19 12:13 82,014 --a------ C:\WINDOWS\system32\SynCOM.dll 2007-04-19 12:13 81,920 --a------ C:\WINDOWS\system32\SynTPCo2.dll 2007-04-19 12:13 69,723 --a------ C:\WINDOWS\system32\SynTPFcs.dll 2007-04-19 12:13 191,872 --a------ C:\WINDOWS\system32\drivers\SynTP.sys 2007-04-19 12:13 114,688 --a------ C:\WINDOWS\system32\SynCtrl.dll 2007-04-19 12:13 d-------- C:\Programme\Synaptics 2007-04-19 12:13 d-------- C:\Programme\Gemeinsame Dateien\InstallShield 2007-04-19 12:12 82,944 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys 2007-04-19 12:12 7,552 --a------ C:\WINDOWS\system32\drivers\MSKSSRV.sys 2007-04-19 12:12 60,800 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys 2007-04-19 12:12 60,288 --a------ C:\WINDOWS\system32\drivers\drmk.sys 2007-04-19 12:12 6,400 --a------ C:\WINDOWS\system32\drivers\splitter.sys 2007-04-19 12:12 54,272 --a------ C:\WINDOWS\system32\drivers\swmidi.sys 2007-04-19 12:12 52,864 --a------ C:\WINDOWS\system32\drivers\DMusic.sys 2007-04-19 12:12 5,376 --a------ C:\WINDOWS\system32\drivers\MSPCLOCK.sys 2007-04-19 12:12 4,992 --a------ C:\WINDOWS\system32\drivers\MSPQM.sys 2007-04-19 12:12 4,096 --a------ C:\WINDOWS\system32\ksuser.dll 2007-04-19 12:12 282,624 --a------ C:\WINDOWS\stsystra.exe 2007-04-19 12:12 2,944 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys 2007-04-19 12:12 172,416 --a------ C:\WINDOWS\system32\drivers\kmixer.sys 2007-04-19 12:12 142,464 --a------ C:\WINDOWS\system32\drivers\aec.sys 2007-04-19 12:12 1,052,672 --a------ C:\WINDOWS\system32\stlang.dll 2007-04-19 12:12 d-------- C:\Programme\Sigmatel 2007-04-19 12:12 d-------- C:\Programme\CONEXANT 2007-04-19 12:11 221,184 --a------ C:\WINDOWS\system32\wmpns.dll 2007-04-19 12:11 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe 2007-04-19 12:10 28,672 --------- C:\WINDOWS\system32\verclsid.exe 2007-04-19 12:04 d--h----- C:\WINDOWS\$hf_mig$ 2007-04-19 11:59 155,648 --a------ C:\WINDOWS\system32\igfxres.dll 2007-04-19 11:54 d-------- C:\WINDOWS\system32\ReinstallBackups 2007-04-19 11:53 8,832 --a------ C:\WINDOWS\system32\drivers\wmiacpi.sys 2007-04-19 11:53 61,056 --a------ C:\WINDOWS\system32\drivers\ohci1394.sys 2007-04-19 11:53 6,400 --a------ C:\WINDOWS\system32\drivers\enum1394.sys 2007-04-19 11:53 53,248 --a------ C:\WINDOWS\system32\drivers\1394bus.sys 2007-04-19 11:52 9,344 --a------ C:\WINDOWS\system32\drivers\compbatt.sys 2007-04-19 11:52 16,256 --a------ C:\WINDOWS\system32\drivers\battc.sys 2007-04-19 11:52 14,080 --a------ C:\WINDOWS\system32\drivers\CmBatt.sys 2007-04-19 11:48 98,304 --a------ C:\WINDOWS\system32\igfxtray.exe 2007-04-19 11:48 94,208 --a------ C:\WINDOWS\system32\igfxext.exe 2007-04-19 11:48 899,196 --a------ C:\WINDOWS\system32\ialmdd5.dll 2007-04-19 11:48 86,016 --a------ C:\WINDOWS\system32\mdmxsdk.dll 2007-04-19 11:48 86,016 --a------ C:\WINDOWS\system32\igfxdo.dll 2007-04-19 11:48 77,824 --a------ C:\WINDOWS\system32\hkcmd.exe 2007-04-19 11:48 73,728 --a------ C:\WINDOWS\system32\hccutils.dll 2007-04-19 11:48 717,952 --a------ C:\WINDOWS\system32\drivers\HSF_CNXT.sys 2007-04-19 11:48 61,440 --a------ C:\WINDOWS\system32\iAlmCoIn_v4446.dll 2007-04-19 11:48 604,928 --a------ C:\WINDOWS\system32\drivers\BCMWL5.SYS 2007-04-19 11:48 57,344 --a------ C:\WINDOWS\system32\igfxsrvc.dll 2007-04-19 11:48 524,288 --a------ C:\WINDOWS\system32\igldev32.dll 2007-04-19 11:48 49,152 --a------ C:\WINDOWS\system32\ialmrem.dll 2007-04-19 11:48 450,560 --a------ C:\WINDOWS\system32\igfxcfg.exe 2007-04-19 11:48 44,544 --a------ C:\WINDOWS\system32\drivers\bcm4sbxp.sys 2007-04-19 11:48 40,960 --a------ C:\WINDOWS\system32\igfxexps.dll 2007-04-19 11:48 36,992 --a------ C:\WINDOWS\system32\ialmrnt5.dll 2007-04-19 11:48 214,748 --a------ C:\WINDOWS\system32\ialmdev5.dll 2007-04-19 11:48 201,600 --a------ C:\WINDOWS\system32\drivers\HSFHWAZL.sys 2007-04-19 11:48 2,310,144 --a------ C:\WINDOWS\system32\iglicd32.dll 2007-04-19 11:48 159,744 --a------ C:\WINDOWS\system32\igfxsrvc.exe 2007-04-19 11:48 147,456 --a------ C:\WINDOWS\system32\igfxpph.dll 2007-04-19 11:48 139,264 --a------ C:\WINDOWS\system32\igfxdev.dll 2007-04-19 11:48 13,059 --a------ C:\WINDOWS\system32\drivers\mdmxsdk.sys 2007-04-19 11:48 119,933 --a------ C:\WINDOWS\system32\ialmdnt5.dll 2007-04-19 11:48 118,784 --a------ C:\WINDOWS\system32\igfxpers.exe 2007-04-19 11:48 114,688 --a------ C:\WINDOWS\system32\igfxzoom.exe 2007-04-19 11:48 110,592 --a------ C:\WINDOWS\system32\uci100.dll 2007-04-19 11:48 1,503,232 --a------ C:\WINDOWS\system32\igfxress.dll 2007-04-19 11:48 1,364,574 --a------ C:\WINDOWS\system32\drivers\ialmnt5.sys 2007-04-19 11:48 1,035,008 --a------ C:\WINDOWS\system32\drivers\HSF_DPV.sys 2007-04-19 11:47 90,112 --a------ C:\WINDOWS\system32\snymsico.dll 2007-04-19 11:47 51,328 --a------ C:\WINDOWS\system32\drivers\rimsptsk.sys 2007-04-19 11:47 49,152 --a------ C:\WINDOWS\setpwrcg.exe 2007-04-19 11:47 307,968 --a------ C:\WINDOWS\system32\drivers\rixdptsk.sys 2007-04-19 11:47 28,544 --a------ C:\WINDOWS\system32\drivers\rimmptsk.sys 2007-04-19 11:47 208,896 --a------ C:\WINDOWS\system32\stacapi.dll 2007-04-19 11:47 16,480 --a------ C:\WINDOWS\system32\rixdicon.dll 2007-04-19 11:47 112,128 --a------ C:\WINDOWS\system32\staco.dll 2007-04-19 11:47 1,156,648 --a------ C:\WINDOWS\system32\drivers\sthda.sys 2007-04-19 11:47 d-------- C:\drivers (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-05-07 11:00:26 -------- d-----w C:\DOKUME~1\GabriEle\ANWEND~1.\Corel 2007-05-07 08:50:53 -------- d-----w C:\DOKUME~1\GabriEle\ANWEND~1.\McAfee.com Personal Firewall 2007-05-07 07:18:21 -------- d-----w C:\DOKUME~1\GabriEle\ANWEND~1.\CyberLink 2007-05-07 06:23:51 -------- d-----w C:\Programme\microsoft frontpage 2007-05-07 06:18:29 -------- d-----w C:\DOKUME~1\GabriEle\ANWEND~1.\Help 2007-05-06 23:07:38 -------- d-----w C:\DOKUME~1\GabriEle\ANWEND~1.\WinAntiVirus Pro 2006 2007-05-03 20:08:05 -------- d-----w C:\DOKUME~1\GabriEle\ANWEND~1.\AdobeUM 2007-04-30 12:37:51 -------- d-----w C:\DOKUME~1\GabriEle\ANWEND~1.\Sonic 2007-04-30 12:37:15 -------- d-----w C:\DOKUME~1\GabriEle\ANWEND~1.\Leadertech 2007-04-30 09:35:21 -------- d-----w C:\DOKUME~1\GabriEle\ANWEND~1.\Microsoft Web Folders 2007-04-30 09:15:27 -------- d-----w C:\DOKUME~1\GabriEle\ANWEND~1.\Template 2007-04-30 09:15:26 0 ----a-w C:\DOKUME~1\GabriEle\ANWEND~1.\wklnhst.dat 2007-04-30 08:54:21 64,848 ----a-w C:\WINDOWS\system32\perfc007.dat 2007-04-30 08:54:21 393,086 ----a-w C:\WINDOWS\system32\perfh007.dat 2007-04-25 14:02:25 -------- d-----w C:\DOKUME~1\GabriEle\ANWEND~1.\Google 2007-04-25 12:26:25 -------- d-----w C:\Programme\Online-Dienste 2007-04-19 10:23:52 -------- d--h--w C:\DOKUME~1\GabriEle\ANWEND~1.\Gtek 2007-03-17 13:44:25 293,376 ----a-w C:\WINDOWS\system32\winsrv.dll 2007-03-08 15:36:30 579,072 ----a-w C:\WINDOWS\system32\user32.dll 2007-03-08 15:36:30 40,960 ----a-w C:\WINDOWS\system32\mf3216.dll 2007-03-08 15:36:30 281,600 ----a-w C:\WINDOWS\system32\gdi32.dll 2007-03-08 15:32:24 1,843,712 ----a-w C:\WINDOWS\system32\win32k.sys (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] "{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}"="C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll" "{41D68ED8-4CFF-4115-88A6-6EBB8AF19000}"="c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll" "{5CA3D70E-1895-11CF-8E15-001234567890}"="C:\WINDOWS\system32\dla\tfswshx.dll" "{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"="C:\Programme\Java\jre1.5.0_06\bin\ssv.dll" "{7DB2D5A0-7241-4E79-B68D-6309F01C5231}"="c:\programme\mcafee\virusscan\scriptcl.dll" "{CA6319C0-31B7-401E-A518-A07C3DB8F777}"="C:\Programme\BAE\BAE.dll" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "igfxtray"="C:\\WINDOWS\\system32\\igfxtray.exe" "igfxhkcmd"="C:\\WINDOWS\\system32\\hkcmd.exe" "igfxpers"="C:\\WINDOWS\\system32\\igfxpers.exe" "SunJavaUpdateSched"="C:\\Programme\\Java\\jre1.5.0_06\\bin\\jusched.exe" "SigmatelSysTrayApp"="stsystra.exe" "SynTPEnh"="C:\\Programme\\Synaptics\\SynTP\\SynTPEnh.exe" "Dell QuickSet"="C:\\Programme\\Dell\\QuickSet\\quickset.exe" "Broadcom Wireless Manager UI"="C:\\WINDOWS\\system32\\WLTRAY.exe" "CTSVolFE.exe"="\"C:\\Programme\\Creative\\Mixer\\CTSVolFE.exe\" /r" "dla"="C:\\WINDOWS\\system32\\dla\\tfswctrl.exe" "ISUSPM Startup"="C:\\PROGRA~1\\GEMEIN~1\\INSTAL~1\\UPDATE~1\\ISUSPM.exe -startup" "ISUSScheduler"="\"C:\\Programme\\Gemeinsame Dateien\\InstallShield\\UpdateService\\issch.exe\" -start" "MSKDetectorExe"="C:\\PROGRA~1\\McAfee\\SPAMKI~1\\MSKDetct.exe /startup" "ECenter"="\"c:\\dell\\E-Center\\EULALauncher.exe\"" "PCMService"="\"C:\\Programme\\Dell\\MediaDirect\\PCMService.exe\"" "MSKAGENTEXE"="C:\\PROGRA~1\\McAfee\\SPAMKI~1\\MskAgent.exe" "MPFExe"="C:\\PROGRA~1\\McAfee.com\\PERSON~1\\MpfTray.exe" "Corel Photo Downloader"="C:\\Programme\\Corel\\Corel Snapfire Plus\\Corel Photo Downloader.exe" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe" "ModemOnHold"="C:\\Programme\\NetWaiting\\netwaiting.exe" "DellSupport"="\"C:\\Programme\\Dell Support\\DSAgnt.exe\" /startup" "MSMSGS"="\"C:\\Programme\\Messenger\\msmsgs.exe\" /background" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoCDBurning"=dword:00000000 HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa Authentication Packages msv1_0\0\0 Security Packages kerberos\0msv1_0\0schannel\0wdigest\0\0 Notification Packages scecli\0\0 HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\MCODS [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost] HTTPFilter HTTPFilter\0\0 LocalService Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0 NetworkService DnsCache\0\0 DcomLaunch DcomLaunch\0TermService\0\0 rpcss RpcSs\0\0 imgsvc StiSvc\0\0 termsvcs TermService\0\0 HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost *newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_MCAFEE_HACKERWATCH_SERVICE *newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_MCMISPUPDMGR *newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_MCMSCSVC *newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_MCNASVC *newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_MCODS *newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_MCPROMGR *newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_MCREDIRECTOR *newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_MCSYSMON *newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_MFESMFK Contents of the 'Scheduled Tasks' folder C:\WINDOWS\tasks\McDefragTask.job C:\WINDOWS\tasks\McQcTask.job ******************************************************************** catchme 0.3.660 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-05-07 16:06:47 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden services ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 ******************************************************************** Completion time: 2007-05-07 16:06:51 C:\ComboFix-quarantined-files.txt ... 2007-05-07 16:06