Deckard's System Scanner v20071014.68 Run by Schnudels on 2008-07-20 10:36:09 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- HijackThis (run as Schnudels.exe) ------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:36:11, on 20.07.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Programme\TuneUp Utilities 2006\WinStylerThemeSvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe C:\WINDOWS\system32\spoolsv.exe C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Programme\Symantec\LiveUpdate\AluSchedulerSvc.exe C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe C:\WINDOWS\system32\nvsvc32.exe C:\Programme\samsung\Samsung Network Manager\SNMWLANService.exe C:\Programme\SRS Labs\WOWXT and TSXT Driver\SRS_PostInstaller.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\alg.exe C:\Programme\iPod\bin\iPodService.exe C:\PROGRA~1\GEMEIN~1\SYMANT~1\CCPD-LC\symlcsvc.exe C:\WINDOWS\Explorer.EXE C:\Programme\Java\jre1.6.0_05\bin\jusched.exe C:\Programme\Analog Devices\Core\smax4pnp.exe C:\Programme\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\AGRSMMSG.exe C:\Programme\CyberLink\PowerDVD\PDVDServ.exe C:\Programme\Samsung\Samsung Battery Manager\BatteryManager.exe C:\Programme\Samsung\DisplayManager\DisplayManager.exe C:\Programme\SAMSUNG\MagicKBD\MagicKBD.exe C:\Programme\SAMSUNG\FW LiveUpdate\FWManager.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe C:\Programme\QuickTime\QTTask.exe C:\Programme\iTunes\iTunesHelper.exe C:\Programme\Gemeinsame Dateien\LogiShrd\LComMgr\Communications_Helper.exe C:\Programme\Logitech\QuickCam\Quickcam.exe C:\WINDOWS\system32\ctfmon.exe C:\Programme\Messenger\msmsgs.exe C:\Programme\Microsoft ActiveSync\wcescomm.exe C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\PROGRA~1\MICROS~3\rapimgr.exe C:\Programme\Logitech\SetPoint\SetPoint.exe C:\Programme\Fujitsu Siemens\WinManager\WinManager.exe C:\Programme\Hardcopy\hardcopy.exe C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE C:\Programme\Gemeinsame Dateien\Logitech\KhalShared\KHALMNPR.EXE C:\Programme\Gemeinsame Dateien\Logishrd\LQCVFX\COCIManager.exe C:\Programme\Mozilla Firefox\firefox.exe C:\Programme\Adobe\Acrobat 7.0\Reader\AcroRd32Info.exe C:\1_HANS-JÖRG\Web-Downloads\dss.exe C:\PROGRA~1\TRENDM~1\HIJACK~1\SCHNUD~1.EXE C:\WINDOWS\system32\wbem\wmiprvse.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://pressespiegel.metacommunication.com/custom/siemens/content.aspx R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\GEMEIN~1\SYMANT~1\IDS\IPSBHO.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [Verknüpfung mit der High Definition Audio-Eigenschaftenseite] HDAShCut.exe O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programme\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [SoundMAX] C:\Programme\Analog Devices\SoundMAX\Smax4.exe /tray O4 - HKLM\..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [MagicKeyboard] C:\Programme\SAMSUNG\MagicKBD\PreMKBD.exe O4 - HKLM\..\Run: [DisplayManager] C:\Programme\Samsung\DisplayManager\DMLoader.exe O4 - HKLM\..\Run: [RemoteControl] C:\Programme\CyberLink\PowerDVD\PDVDServ.exe O4 - HKLM\..\Run: [BatteryManager] C:\Programme\Samsung\Samsung Battery Manager\BatteryManager.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Name of App] C:\Programme\SAMSUNG\FW LiveUpdate\FWManager.exe r O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [osCheck] "C:\Programme\Norton AntiVirus\osCheck.exe" O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Programme\Gemeinsame Dateien\LogiShrd\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Programme\Logitech\QuickCam\Quickcam.exe" /hide O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [updateMgr] C:\Programme\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_0 O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [AnyDVD] "C:\Programme\SlySoft\AnyDVD\AnyDVD.exe" O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programme\Microsoft ActiveSync\wcescomm.exe" O4 - HKLM\..\Policies\Explorer\Run: [SystemManager] C:\WINDOWS\system32\systemprop.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Hardcopy.LNK = C:\Programme\Hardcopy\hardcopy.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: WinManager.lnk = C:\Programme\Fujitsu Siemens\WinManager\WinManager.exe O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Senden an &Bluetooth-Gerät... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra 'Tools' menuitem: Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Programme\Yahoo!\Common\Yinsthelper.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Programme\Symantec\LiveUpdate\AluSchedulerSvc.exe O23 - Service: Automatisches LiveUpdate - Scheduler - Symantec Corporation - C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\Programme\Symantec\LiveUpdate\LuComServer_3_4.EXE O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Programme\Gemeinsame Dateien\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Samsung Update Plus - Unknown owner - C:\Programme\Samsung\Samsung Update Plus\SLUBackgroundService.exe O23 - Service: SNM WLAN Service - Unknown owner - C:\Programme\samsung\Samsung Network Manager\SNMWLANService.exe O23 - Service: SRS PostInstaller Service (SRS_PostInstaller) - SRS Labs, Inc. - C:\Programme\SRS Labs\WOWXT and TSXT Driver\SRS_PostInstaller.exe O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\GEMEIN~1\SYMANT~1\CCPD-LC\symlcsvc.exe O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Programme\TuneUp Utilities 2006\WinStylerThemeSvc.exe -- End of file - 11756 bytes -- Files created between 2008-06-20 and 2008-07-20 ----------------------------- 2008-07-20 08:09:14 0 d-------- C:\Programme\Trend Micro 2008-07-19 10:22:24 0 d-------- C:\Dokumente und Einstellungen\Schnudels\.thumbnails 2008-07-19 10:19:39 0 d-------- C:\Dokumente und Einstellungen\Schnudels\.gimp-2.4 2008-07-19 10:18:55 0 d-------- C:\Programme\GIMP-2.0 2008-06-22 12:09:48 0 d-------- C:\Programme\Zattoo -- Find3M Report --------------------------------------------------------------- 2008-07-20 08:34:22 469 --a------ C:\Dokumente und Einstellungen\Schnudels\Anwendungsdaten\SamsungLiveUpdateConfig.ini 2008-07-19 10:22:34 0 d-------- C:\Dokumente und Einstellungen\Schnudels\Anwendungsdaten\gtk-2.0 2008-07-18 00:37:00 0 d-------- C:\Programme\Gemeinsame Dateien\Symantec Shared 2008-06-25 09:54:45 0 d-------- C:\Dokumente und Einstellungen\Schnudels\Anwendungsdaten\Mozilla 2008-06-03 08:21:00 0 d-------- C:\Programme\Symantec 2008-06-01 23:17:57 0 d-------- C:\Programme\Microsoft.NET 2008-06-01 22:50:43 410608 --a------ C:\WINDOWS\system32\perfh007.dat 2008-06-01 22:50:43 72862 --a------ C:\WINDOWS\system32\perfc007.dat 2008-05-25 21:20:41 0 d-------- C:\Dokumente und Einstellungen\Schnudels\Anwendungsdaten\FDRLab 2008-05-25 21:20:40 0 d-------- C:\Programme\FDRLab 2008-05-22 21:34:32 0 d-------- C:\Programme\Gemeinsame Dateien 2008-05-22 13:57:38 2528 --a------ C:\Dokumente und Einstellungen\Schnudels\Anwendungsdaten\$_hpcst$.hpc 2008-05-22 13:55:36 0 d-------- C:\Programme\Microsoft ActiveSync 2008-05-22 10:45:53 0 d-------- C:\Programme\Fujitsu Siemens 2008-05-22 09:31:58 0 d--h----- C:\Programme\InstallShield Installation Information -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}] 31.01.2008 23:06 116088 --a------ C:\PROGRA~1\GEMEIN~1\SYMANT~1\IDS\IPSBHO.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="C:\Programme\Java\jre1.6.0_05\bin\jusched.exe" [22.02.2008 04:25] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [08.12.2005 19:53] "nwiz"="nwiz.exe" [08.12.2005 19:53 C:\WINDOWS\system32\nwiz.exe] "Verknüpfung mit der High Definition Audio-Eigenschaftenseite"="HDAShCut.exe" [07.01.2005 17:07 C:\WINDOWS\system32\HdAShCut.exe] "SoundMAXPnP"="C:\Programme\Analog Devices\Core\smax4pnp.exe" [20.05.2005 17:11] "SoundMAX"="C:\Programme\Analog Devices\SoundMAX\Smax4.exe" [26.07.2005 08:54] "SynTPLpr"="C:\Programme\Synaptics\SynTP\SynTPLpr.exe" [19.05.2006 15:52] "SynTPEnh"="C:\Programme\Synaptics\SynTP\SynTPEnh.exe" [19.05.2006 15:51] "AGRSMMSG"="AGRSMMSG.exe" [12.12.2005 23:50 C:\WINDOWS\AGRSMMSG.exe] "MagicKeyboard"="C:\Programme\SAMSUNG\MagicKBD\PreMKBD.exe" [11.04.2005 13:01] "DisplayManager"="C:\Programme\Samsung\DisplayManager\DMLoader.exe" [16.11.2005 11:13] "RemoteControl"="C:\Programme\CyberLink\PowerDVD\PDVDServ.exe" [02.11.2004 20:24] "BatteryManager"="C:\Programme\Samsung\Samsung Battery Manager\BatteryManager.exe" [25.04.2006 14:05] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [09.07.2001 12:50] "Name of App"="C:\Programme\SAMSUNG\FW LiveUpdate\FWManager.exe" [07.07.2008 13:12 C:\Programme\SAMSUNG\FW LiveUpdate\FWManager.exe] "ccApp"="C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe" [31.01.2008 14:15] "osCheck"="C:\Programme\Norton AntiVirus\osCheck.exe" [24.08.2007 22:53] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [11.04.2007 16:32 C:\WINDOWS\KHALMNPR.Exe] "QuickTime Task"="C:\Programme\QuickTime\QTTask.exe" [01.02.2008 00:13] "iTunesHelper"="C:\Programme\iTunes\iTunesHelper.exe" [19.02.2008 14:10] "LogitechCommunicationsManager"="C:\Programme\Gemeinsame Dateien\LogiShrd\LComMgr\Communications_Helper.exe" [25.10.2007 17:33 C:\Programme\Gemeinsame Dateien\LogiShrd\LComMgr\Communications_Helper.exe] "LogitechQuickCamRibbon"="C:\Programme\Logitech\QuickCam\Quickcam.exe" [25.10.2007 17:37] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [04.08.2004 14:00] "updateMgr"="C:\Programme\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [22.11.2004 08:18] "MSMSGS"="C:\Programme\Messenger\msmsgs.exe" [13.10.2004 18:24] "AnyDVD"="C:\Programme\SlySoft\AnyDVD\AnyDVD.exe" [27.03.2008 10:54] "H/PC Connection Agent"="C:\Programme\Microsoft ActiveSync\wcescomm.exe" [13.11.2006 13:50] C:\Dokumente und Einstellungen\Schnudels\Startmen\Programme\Autostart\ Hardcopy.LNK - C:\Programme\Hardcopy\hardcopy.exe [01.05.2006 09:05:06] C:\Dokumente und Einstellungen\All Users\Startmen\Programme\Autostart\ Adobe Gamma Loader.lnk - C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe [26.10.2006 20:18:45] BTTray.lnk - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe [02.12.2005 14:30:42] Logitech Desktop Messenger.lnk - C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [12.02.2008 14:41:13] Logitech SetPoint.lnk - C:\Programme\Logitech\SetPoint\SetPoint.exe [12.02.2008 14:22:37] WinManager.lnk - C:\Programme\Fujitsu Siemens\WinManager\WinManager.exe [22.05.2008 10:45:31] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\Run] "SystemManager"=C:\WINDOWS\system32\systemprop.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] @="" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "MSMSGS"="C:\Programme\Messenger\msmsgs.exe" /background "LDM"=C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "QuickTime Task"="C:\Programme\QuickTime\qttask.exe" -atboottime "RestoreIT!"="C:\Programme\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" VBStart "TkBellExe"="C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot -- End of Deckard's System Scanner: finished at 2008-07-20 10:36:32 ------------