Deckard's System Scanner v20071014.68 Run by Andrea on 2008-06-11 09:06:34 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point. -- Last 5 Restore Point(s) -- 66: 2008-06-11 07:06:44 UTC - RP181 - Deckard's System Scanner Restore Point 65: 2008-06-10 18:55:11 UTC - RP180 - Software Distribution Service 3.0 64: 2008-06-10 04:56:25 UTC - RP179 - Systemprüfpunkt 63: 2008-06-09 04:26:57 UTC - RP178 - Systemprüfpunkt 62: 2008-06-07 19:13:56 UTC - RP177 - ComboFix created restore point -- First Restore Point -- 1: 2008-03-14 19:16:50 UTC - RP116 - Systemprüfpunkt Backed up registry hives. Performed disk cleanup. [color=red]Total Physical Memory: 510 MiB (512 MiB recommended).[/color] -- HijackThis (run as Andrea.exe) ---------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 09:07:30, on 11.6.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programme\Sygate\SPF\smc.exe C:\WINDOWS\system32\spoolsv.exe C:\Programme\AVPersonal\AVGUARD.EXE C:\Programme\AVPersonal\AVWUPSRV.EXE C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Programme\Spyware Terminator\sp_rsser.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe C:\Programme\Spyware Terminator\SpywareTerminatorShield.exe C:\WINDOWS\system32\hkcmd.exe C:\Programme\Java\jre1.6.0_05\bin\jusched.exe C:\PROGRA~1\T-Online\KINDER~1\TO_KSSW.exe C:\WINDOWS\tsnp325.exe C:\WINDOWS\vsnp325.exe C:\Programme\AVPersonal\AVGNT.EXE C:\WINDOWS\system32\ctfmon.exe C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Dokumente und Einstellungen\Andrea\Desktop\dss.exe C:\DOKUME~1\Andrea\Desktop\HIJACK~1\Andrea.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60429 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60429 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Programme\Crawler\Toolbar\ctbr.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Programme\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file) O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Programme\Crawler\Toolbar\ctbr.dll O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file) O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [CM-SmWizard] C:\WINDOWS\System\SmWizard.exe O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [SpywareTerminator] "C:\Programme\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [T-Online Kinderschutz-Software] "C:\PROGRA~1\T-Online\KINDER~1\TO_KSSW.exe" O4 - HKLM\..\Run: [tsnpstd325] C:\WINDOWS\tsnp325.exe O4 - HKLM\..\Run: [snp325] C:\WINDOWS\vsnp325.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [AVGCtrl] C:\Programme\AVPersonal\AVGNT.EXE /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: &Windows Live Search - res://C:\Programme\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Crawler Search - tbr:iemenu O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\kslsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\kslsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\kslsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\kslsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\kslsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\kslsp.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1198856510328 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1198856601703 O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Programme\Crawler\Toolbar\ctbr.dll O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Programme\AVPersonal\AVGUARD.EXE O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Programme\AVPersonal\AVWUPSRV.EXE O23 - Service: Google Updater Service (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Programme\Sygate\SPF\smc.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Programme\Spyware Terminator\sp_rsser.exe O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Programme\TuneUp Utilities 2004\WinStylerThemeSvc.exe -- End of file - 8841 bytes -- File Associations ----------------------------------------------------------- All associations okay. -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R0 BsStor (InCD Storage Helper Driver) - c:\windows\system32\drivers\bsstor.sys R0 Teefer (Teefer for NT) - c:\windows\system32\drivers\teefer.sys R1 OMCI - c:\windows\system32\drivers\omci.sys R1 sp_rsdrv2 (Spyware Terminator Driver 2) - c:\windows\system32\drivers\sp_rsdrv2.sys R1 ssmdrv - c:\windows\system32\drivers\ssmdrv.sys R1 wpsdrvnt - c:\windows\system32\drivers\wpsdrvnt.sys R2 BsUDF (InCD UDF Driver) - c:\windows\system32\drivers\bsudf.sys R2 wg3n (SyGate for NT, wg3n) - c:\windows\system32\drivers\wg3n.sys R3 avgntdd - c:\programme\avpersonal\avgntdd.sys R3 SNP325 (USB PC Camera (SNPSTD325)) - c:\windows\system32\drivers\snp325.sys S3 cmuda (C-Media WDM Audio Interface) - c:\windows\system32\drivers\cmuda.sys S3 EverestDriver (Lavalys EVEREST Kernel Driver) - c:\programme\lavalys\everest home edition\kerneld.wnt -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 AVWUpSrv (AntiVir Update) - c:\programme\avpersonal\avwupsrv.exe R2 sp_rssrv (Spyware Terminator Realtime Shield Service) - "c:\programme\spyware terminator\sp_rsser.exe" S3 TUWinStylerThemeSvc (TuneUp WinStyler Theme Service) - "c:\programme\tuneup utilities 2004\winstylerthemesvc.exe" -- Device Manager: Disabled ---------------------------------------------------- Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318} Description: Ethernet-Controller Device ID: PCI\VEN_14E4&DEV_4401&SUBSYS_81271028&REV_01\4&3B1CAF2B&0&48F0 Manufacturer: Name: Ethernet-Controller PNP Device ID: PCI\VEN_14E4&DEV_4401&SUBSYS_81271028&REV_01\4&3B1CAF2B&0&48F0 Service: Class GUID: {4D36E96C-E325-11CE-BFC1-08002BE10318} Description: SoundMAX Integrated Digital Audio Device ID: PCI\VEN_8086&DEV_24C5&SUBSYS_01601028&REV_01\3&172E68DD&0&FD Manufacturer: Analog Devices, Inc. Name: SoundMAX Integrated Digital Audio PNP Device ID: PCI\VEN_8086&DEV_24C5&SUBSYS_01601028&REV_01\3&172E68DD&0&FD Service: Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318} Description: Microsoft Tun-Miniportadapter Device ID: ROOT\NET\0002 Manufacturer: Microsoft Name: Microsoft Tun-Miniportadapter #2 PNP Device ID: ROOT\NET\0002 Service: tunmp -- Scheduled Tasks ------------------------------------------------------------- 2008-06-10 06:25:00 252 --a------ C:\WINDOWS\Tasks\Auf Updates für Windows Live Toolbar prüfen.job 2008-05-16 17:15:00 402 --a------ C:\WINDOWS\Tasks\1-Klick-Wartung.job -- Files created between 2008-05-11 and 2008-06-11 ----------------------------- 2008-06-07 21:23:53 0 d-------- C:\327882R2FWJFW 2008-06-07 21:13:45 68096 --a------ C:\WINDOWS\zip.exe 2008-06-07 21:13:45 49152 --a------ C:\WINDOWS\VFind.exe 2008-06-07 21:13:45 212480 --a------ C:\WINDOWS\swxcacls.exe 2008-06-07 21:13:45 136704 --a------ C:\WINDOWS\swsc.exe 2008-06-07 21:13:45 161792 --a------ C:\WINDOWS\swreg.exe 2008-06-07 21:13:45 98816 --a------ C:\WINDOWS\sed.exe 2008-06-07 21:13:45 80412 --a------ C:\WINDOWS\grep.exe 2008-06-07 21:13:45 89504 --a------ C:\WINDOWS\fdsv.exe 2008-06-07 17:19:58 0 dr-h----- C:\Dokumente und Einstellungen\Andrea\Recent 2008-06-07 17:19:12 0 d-------- C:\Programme\CCleaner 2008-06-07 16:43:27 0 d-------- C:\Programme\AVPersonal 2008-06-07 16:02:57 0 d--h----- C:\Dokumente und Einstellungen\yvonne\Druckumgebung 2008-06-07 16:02:57 0 d-------- C:\Dokumente und Einstellungen\yvonne\Desktop 2008-06-07 16:02:57 0 d-------- C:\Dokumente und Einstellungen\yvonne\Application Data 2008-06-07 16:02:57 0 d-------- C:\Dokumente und Einstellungen\yvonne\Application Data\Spyware Terminator 2008-06-07 16:02:57 0 dr-h----- C:\Dokumente und Einstellungen\yvonne\Anwendungsdaten 2008-06-07 16:02:56 0 d--h----- C:\Dokumente und Einstellungen\yvonne\Vorlagen 2008-06-07 16:02:56 0 dr------- C:\Dokumente und Einstellungen\yvonne\Startmenü 2008-06-07 16:02:56 0 dr-h----- C:\Dokumente und Einstellungen\yvonne\SendTo 2008-06-07 16:02:56 0 dr-h----- C:\Dokumente und Einstellungen\yvonne\Recent 2008-06-07 16:02:56 0 d--h----- C:\Dokumente und Einstellungen\yvonne\Lokale Einstellungen 2008-06-07 14:37:05 0 d-------- C:\RECYCLER(2) 2008-05-21 21:34:33 9344 -----n--- C:\WINDOWS\system32\drivers\bsstor.sys 2008-05-21 21:34:32 389504 -----n--- C:\WINDOWS\system32\drivers\bsudf.sys 2008-05-21 21:34:23 155648 -ra------ C:\WINDOWS\system32\NeroCheck.exe 2008-05-21 21:34:19 0 d-------- C:\Programme\Ahead -- Find3M Report --------------------------------------------------------------- 2008-06-07 16:08:56 0 d-------- C:\Programme\ICQ6 2008-06-07 13:23:13 0 d-------- C:\Programme\ICQToolbar 2008-05-22 11:00:28 0 d-------- C:\Programme\Spyware Terminator 2008-04-17 10:29:38 0 d-------- C:\Programme\Java 2008-04-17 10:25:54 0 d-------- C:\Programme\Microsoft Silverlight 2008-04-17 10:12:18 0 d-------- C:\Dokumente und Einstellungen\Andrea\Anwendungsdaten\Google 2008-04-17 10:12:03 0 d-------- C:\Dokumente und Einstellungen\Andrea\Anwendungsdaten\ICQ Toolbar 2008-03-30 08:50:18 316594 --a------ C:\WINDOWS\system32\perfh007.dat 2008-03-30 08:50:18 48156 --a------ C:\WINDOWS\system32\perfc007.dat -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Cmaudio"="cmicnfg.cpl" [] "CM-SmWizard"="C:\WINDOWS\System\SmWizard.exe" [29.08.2003 13:02] "ISUSPM Startup"="C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [17.02.2005 08:15] "ISUSScheduler"="C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe" [17.02.2005 08:15] "SmcService"="C:\PROGRA~1\Sygate\SPF\smc.exe" [24.02.2004 17:35] "SpywareTerminator"="C:\Programme\Spyware Terminator\SpywareTerminatorShield.exe" [28.12.2007 15:56] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [23.01.2005 11:36] "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [23.01.2005 11:31] "TkBellExe"="C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" [28.12.2007 16:15] "Adobe Reader Speed Launcher"="C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe" [10.10.2007 20:51] "SunJavaUpdateSched"="C:\Programme\Java\jre1.6.0_05\bin\jusched.exe" [22.02.2008 04:25] "T-Online Kinderschutz-Software"="C:\PROGRA~1\T-Online\KINDER~1\TO_KSSW.exe" [07.08.2007 18:28] "tsnpstd325"="C:\WINDOWS\tsnp325.exe" [10.10.2006 16:49] "snp325"="C:\WINDOWS\vsnp325.exe" [10.10.2006 15:11] "NeroCheck"="C:\WINDOWS\system32\NeroCheck.exe" [09.07.2001 12:50] "AVGCtrl"="C:\Programme\AVPersonal\AVGNT.exe" [17.09.2003 19:25] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [04.08.2004 09:57] "swg"="C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [02.01.2008 14:24] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "DisableRegistryTools"=0 (0x0) "HideLegacyLogonScripts"=0 (0x0) "HideLogoffScripts"=0 (0x0) "RunLogonScriptSync"=1 (0x1) "RunStartupScriptSync"=0 (0x0) "HideStartupScripts"=0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "HideLegacyLogonScripts"=0 (0x0) "HideLogoffScripts"=0 (0x0) "RunLogonScriptSync"=1 (0x1) "RunStartupScriptSync"=0 (0x0) "HideStartupScripts"=0 (0x0) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] @="Volume shadow copy" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ] "C:\Programme\ICQ6\ICQ.exe" silent [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD] C:\Programme\Ahead\InCD\InCD.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "T-Online Kinderschutz-Software"="C:\Programme\T-Online\Kinderschutz-Software_2\TO_KSSW.exe" "CameraFixer"=C:\WINDOWS\CameraFixer.exe -- End of Deckard's System Scanner: finished at 2008-06-11 09:08:24 ------------