Home » Spyware & Browser Hijacker Support Forum » Etwas im System eingefangen? » Themenansicht

Etwas im System eingefangen?
#0
13.11.2006, 19:29
Sephiz
...neu hier

Beiträge: 4
#1 Ich habe das Gefühl, dass sich bei mir "irgendwas" eingeschlichen hat:


Logfile of HijackThis v1.99.1
Scan saved at 18:53:14, on 13.11.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5700.0007)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Intel\Wireless\Bin\EvtEng.exe
C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
C:\Programme\Intel\Wireless\Bin\WLKeeper.exe
C:\Programme\Sygate\SPF\smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Web.de\adminsvc.exe
C:\Programme\BlueTooth\HidSwitchService\HidSw.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Dell\QuickSet\NICCONFIGSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
C:\Programme\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\ehome\RMSvc.exe
C:\Programme\UPHClean\uphclean.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programme\Java\j2re1.4.2_03\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Programme\Synaptics\SynTP\SynTPEnh.exe
C:\Programme\Dell\QuickSet\Quickset.exe
C:\Programme\Intel\Wireless\bin\ZCfgSvc.exe
C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe
C:\Programme\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\ehome\RMSysTry.exe
C:\Programme\Microsoft Office\Office\FINDFAST.EXE
C:\Programme\Microsoft Office\Office\OSA.EXE
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Downloads\hijackthis_199\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.web.de/home
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID}
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www1.euro.dell.com/content/default.aspx?c=de&l=de&s=gen
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Programme\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Programme\Free Download Manager\iefdmcks.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Programme\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Programme\Dell\QuickSet\Quickset.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Programme\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Extender-Ressourcenüberwachung.lnk = C:\WINDOWS\ehome\RMSysTry.exe
O4 - Global Startup: Microsoft-Indexerstellung.lnk = C:\Programme\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: Office-Start.lnk = C:\Programme\Microsoft Office\Office\OSA.EXE
O8 - Extra context menu item: Alles mit FlashGet laden - C:\Programme\FlashGet\jc_all.htm
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Programme\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Programme\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Programme\Free Download Manager\dllink.htm
O8 - Extra context menu item: Easy-WebPrint - Drucken - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint - Vorschau - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Mit FlashGet laden - C:\Programme\FlashGet\jc_link.htm
O8 - Extra context menu item: RF - Formular ausfüllen - file://C:\Programme\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: RF - Formular speichern - file://C:\Programme\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: RF - Menü anpassen - file://C:\Programme\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: RF - RoboForm-Leiste ein/aus - file://C:\Programme\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Ausfüllen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Programme\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: RF - Formular ausfüllen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Programme\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Speichern - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Programme\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: RF - Formular speichern - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Programme\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Programme\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RF - RoboForm-Leiste ein/aus - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Programme\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20060912/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/german/kavwebscan_unicode.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {78AEEDE8-7345-4FB5-A8FE-4BFF16EF25FC} (McAfee Virtual Technician Control Class) - http://mvt.mcafee.com/mvt/bin/3,0,1,0/mvt.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe
O23 - Service: Web.de Browser Update (AdminSVC) - hablamax - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Web.de\adminsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Bluetooth Hid Switch Service - Cambridge Silicon Radio - C:\Programme\BlueTooth\HidSwitchService\HidSw.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Programme\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programme\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Programme\SiSoftware\SiSoftware Sandra Lite 2007\Win32\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Programme\SiSoftware\SiSoftware Sandra Lite 2007\RpcSandraSrv.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Programme\Sygate\SPF\smc.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Programme\Intel\Wireless\Bin\WLKeeper.exe



COMBOFIX:

Sephiz - 06-11-13 19:19:16.95 Service Pack 2
ComboFix 06.11.9 - Running from: "C:\Dokumente und Einstellungen\Sephiz\Desktop"

((((((((((((((((((((((((((((((( Files Created from 2006-10-13 to 2006-11-13 ))))))))))))))))))))))))))))))))))


2006-11-12 19:08 77,824 --a------ C:\WINDOWS\system32\DBSynchClient.dll
2006-11-12 19:08 26,384 --a------ C:\WINDOWS\system32\fm20ENU.DLL
2006-11-12 19:07 36,864 --a------ C:\WINDOWS\system32\Authenticator.dll
2006-11-12 12:14 495,616 --a------ C:\WINDOWS\SwSetupu.exe
2006-11-09 22:10 118,784 --a------ C:\WINDOWS\system32\MSSTDFMT.DLL
2006-11-09 22:09 2,566,736 --a------ C:\spywareblastersetup351.exe
2006-11-08 19:55 251,656 --a------ C:\jre-1_5_0_09-windows-i586-p-iftw.exe
2006-11-08 19:53 16,508,560 --a------ C:\jre-1_5_0_09-windows-i586-p.exe
2006-11-07 20:46 80,384 --a------ C:\WINDOWS\gamedelete.exe
2006-10-29 12:10 24,576 --a------ C:\WINDOWS\system32\STKIT432.DLL
2006-10-28 12:12 2,560 --a------ C:\WINDOWS\_MSRSTRT.EXE
2006-10-20 17:17 44,544 -ra------ C:\WINDOWS\system32\msxml4a.dll
2006-10-20 17:10 121,856 --------- C:\WINDOWS\system32\xmllite.dll
2006-10-18 23:03 43,008 --------- C:\WINDOWS\system32\wpdshextres.dll
2006-10-18 22:47 767,488 --------- C:\WINDOWS\system32\WMVSENCD.dll
2006-10-18 22:47 656,896 --------- C:\WINDOWS\system32\WMVXENCD.dll
2006-10-18 22:47 613,376 --------- C:\WINDOWS\system32\wmpmde.dll
2006-10-18 22:47 317,440 --------- C:\WINDOWS\system32\MP4SDECD.dll
2006-10-18 22:47 295,936 --------- C:\WINDOWS\system32\wmpeffects.dll
2006-10-18 22:47 284,160 --------- C:\WINDOWS\system32\PortableDeviceApi.dll
2006-10-18 22:47 259,072 --------- C:\WINDOWS\system32\MPG4DECD.dll
2006-10-18 22:47 259,072 --------- C:\WINDOWS\system32\MP43DECD.dll
2006-10-18 22:47 2,603,008 --------- C:\WINDOWS\system32\WpdShext.dll
2006-10-18 22:47 199,168 --------- C:\WINDOWS\system32\PortableDeviceWMDRM.dll
2006-10-18 22:47 166,912 --------- C:\WINDOWS\system32\PortableDeviceTypes.dll
2006-10-18 22:47 133,632 --------- C:\WINDOWS\system32\WPDShServiceObj.dll
2006-10-18 22:47 132,096 --------- C:\WINDOWS\system32\PortableDeviceWiaCompat.dll
2006-10-18 22:47 130,048 --------- C:\WINDOWS\system32\wmpps.dll
2006-10-18 22:47 101,888 --------- C:\WINDOWS\system32\PortableDeviceClassExtension.dll
2006-10-18 22:47 1,574,912 --------- C:\WINDOWS\system32\WMVENCOD.dll
2006-10-18 22:47 1,543,680 --------- C:\WINDOWS\system32\WMVDECOD.dll
2006-10-18 22:47 1,382,912 --------- C:\WINDOWS\system32\WMVSDECD.dll
2006-10-18 21:00 17,408 --------- C:\WINDOWS\system32\wpdshextautoplay.exe


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-11-13 19:11 -------- d-------- C:\Programme\CleanUp!
2006-11-13 19:04 -------- d-------- C:\Programme\Mozilla Firefox
2006-11-13 18:58 -------- d-------- C:\Programme\PFConfig
2006-11-12 22:02 -------- d-------- C:\Programme\PeerGuardian2
2006-11-12 22:02 -------- d-------- C:\Dokumente und Einstellungen\Sephiz\Anwendungsdaten\Free Download Manager
2006-11-12 19:10 -------- d-------- C:\Programme\Berlitz English
2006-11-12 19:08 -------- d--h----- C:\Programme\Uninstall Information
2006-11-12 19:08 -------- d-------- C:\Programme\Gemeinsame Dateien\Microsoft Shared
2006-11-12 18:05 -------- d-------- C:\Programme\Yahoo!
2006-11-12 14:33 -------- d-------- C:\Programme\Trillian
2006-11-12 12:18 -------- d-------- C:\Dokumente und Einstellungen\Sephiz\Anwendungsdaten\Help
2006-11-11 12:47 -------- d-------- C:\Programme\FlashGet
2006-11-11 12:38 -------- d-------- C:\Programme\Vidalia
2006-11-11 12:38 -------- d-------- C:\Dokumente und Einstellungen\Sephiz\Anwendungsdaten\Vidalia
2006-11-11 12:36 -------- d-------- C:\Programme\CCleaner
2006-11-09 22:12 -------- d-------- C:\Programme\SpywareBlaster
2006-11-09 18:50 -------- d-------- C:\Programme\Privoxy
2006-11-08 20:14 -------- d-------- C:\Dokumente und Einstellungen\Sephiz\Anwendungsdaten\Tor
2006-11-07 20:45 -------- d-------- C:\Programme\ASCII
2006-11-01 22:37 -------- d-------- C:\Programme\XPcleanV7
2006-11-01 18:26 -------- d-------- C:\Dokumente und Einstellungen\Sephiz\Anwendungsdaten\vlc
2006-11-01 18:25 -------- d-------- C:\Programme\VideoLAN
2006-11-01 18:10 196 --a------ C:\Dokumente und Einstellungen\Sephiz\Anwendungsdaten\G-Force Prefs (WindowsMediaPlayer).txt
2006-11-01 12:57 -------- d-------- C:\Programme\Gamers.IRC
2006-11-01 12:25 -------- d-------- C:\Programme\TraXEx
2006-11-01 11:36 -------- d-------- C:\Dokumente und Einstellungen\Sephiz\Anwendungsdaten\phonostar-Player
2006-10-31 21:57 -------- d-------- C:\Programme\Windows Media Connect 2
2006-10-31 21:52 -------- d-------- C:\Programme\UPHClean
2006-10-31 20:09 -------- d-------- C:\Programme\Windows Media Player
2006-10-29 12:24 -------- d-------- C:\Programme\Registry Mechanic
2006-10-29 12:10 -------- d-------- C:\Programme\WinASO
2006-10-28 12:14 -------- d-------- C:\Programme\GetRight
2006-10-28 12:12 2560 --a------ C:\WINDOWS\_MSRSTRT.EXE
2006-10-24 20:33 8282112 --a------ C:\WINDOWS\system32\wmploc.dll
2006-10-24 20:04 99840 --a------ C:\WINDOWS\system32\wmpshell.dll
2006-10-24 20:04 275968 --a------ C:\WINDOWS\system32\wmerror.dll
2006-10-24 20:02 8192 --a------ C:\WINDOWS\system32\asferror.dll
2006-10-21 23:05 -------- d-------- C:\Programme\QuickTime
2006-10-21 13:05 -------- d-------- C:\Programme\phonostar
2006-10-20 17:17 -------- d-------- C:\Programme\Internet Explorer
2006-10-20 17:17 -------- d-------- C:\Programme\Gemeinsame Dateien
2006-10-20 17:07 -------- d-------- C:\Programme\Free Download Manager
2006-10-18 22:58 8704 --a------ C:\WINDOWS\system32\wdfmgr.exe
2006-10-18 22:58 8704 --a------ C:\WINDOWS\system32\uwdf.exe
2006-10-18 22:47 991744 --a------ C:\WINDOWS\system32\drmv2clt.dll
2006-10-18 22:47 937984 --a------ C:\WINDOWS\system32\WMNetMgr.dll
2006-10-18 22:47 757248 --a------ C:\WINDOWS\system32\WMADMOD.dll
2006-10-18 22:47 63488 --a------ C:\WINDOWS\system32\wpdmtpus.dll
2006-10-18 22:47 629760 --a------ C:\WINDOWS\system32\wpd_ci.dll
2006-10-18 22:47 603648 --a------ C:\WINDOWS\system32\WMSPDMOD.dll
2006-10-18 22:47 542720 --a------ C:\WINDOWS\system32\blackbox.dll
2006-10-18 22:47 535040 --a------ C:\WINDOWS\system32\wmdrmsdk.dll
2006-10-18 22:47 429056 --a------ C:\WINDOWS\system32\wmdrmdev.dll
2006-10-18 22:47 414208 --a------ C:\WINDOWS\system32\msscp.dll
2006-10-18 22:47 4096 --a------ C:\WINDOWS\system32\wmvdmoe2.dll
2006-10-18 22:47 4096 --a------ C:\WINDOWS\system32\wmvdmod.dll
2006-10-18 22:47 4096 --a------ C:\WINDOWS\system32\WMVADVE.DLL
2006-10-18 22:47 4096 --a------ C:\WINDOWS\system32\WMVADVD.dll
2006-10-18 22:47 4096 --a------ C:\WINDOWS\system32\wmsdmoe2.dll
2006-10-18 22:47 4096 --a------ C:\WINDOWS\system32\wmsdmod.dll
2006-10-18 22:47 4096 --a------ C:\WINDOWS\system32\wdfapi.dll
2006-10-18 22:47 4096 --a------ C:\WINDOWS\system32\MPG4DMOD.dll
2006-10-18 22:47 4096 --a------ C:\WINDOWS\system32\MP4SDMOD.dll
2006-10-18 22:47 4096 --a------ C:\WINDOWS\system32\MP43DMOD.dll
2006-10-18 22:47 37376 --a------ C:\WINDOWS\system32\wmdmps.dll
2006-10-18 22:47 35840 --a------ C:\WINDOWS\system32\wpdconns.dll
2006-10-18 22:47 356352 --a------ C:\WINDOWS\system32\wpdsp.dll
2006-10-18 22:47 348672 --a------ C:\WINDOWS\system32\wmdrmnet.dll
2006-10-18 22:47 33792 --a------ C:\WINDOWS\system32\wmdmlog.dll
2006-10-18 22:47 321536 --a------ C:\WINDOWS\system32\mswmdm.dll
2006-10-18 22:47 314880 --a------ C:\WINDOWS\system32\wmpdxm.dll
2006-10-18 22:47 276992 --a------ C:\WINDOWS\system32\audiodev.dll
2006-10-18 22:47 27136 --a------ C:\WINDOWS\system32\mspmsnsv.dll
2006-10-18 22:47 2450944 --a------ C:\WINDOWS\system32\wmvcore.dll
2006-10-18 22:47 242688 --a------ C:\WINDOWS\system32\wmpasf.dll
2006-10-18 22:47 229376 --a------ C:\WINDOWS\system32\cewmdm.dll
2006-10-18 22:47 222208 --a------ C:\WINDOWS\system32\wmasf.dll
2006-10-18 22:47 212992 --a------ C:\WINDOWS\system32\MFPLAT.dll
2006-10-18 22:47 211456 --a------ C:\WINDOWS\system32\qasf.dll
2006-10-18 22:47 204288 --a------ C:\WINDOWS\system32\wmpsrcwp.dll
2006-10-18 22:47 179712 --a------ C:\WINDOWS\system32\msnetobj.dll
2006-10-18 22:47 175616 --a------ C:\WINDOWS\system32\mspmsp.dll
2006-10-18 22:47 1661440 --a------ C:\WINDOWS\system32\wmpencen.dll
2006-10-18 22:47 157184 --a------ C:\WINDOWS\system32\wmidx.dll
2006-10-18 22:47 154624 --a------ C:\WINDOWS\system32\wpdmtp.dll
2006-10-18 22:47 1329152 --a------ C:\WINDOWS\system32\WMSPDMOE.dll
2006-10-18 22:47 11264 --a------ C:\WINDOWS\system32\LAPRXY.dll
2006-10-18 22:47 1117696 --a------ C:\WINDOWS\system32\WMADMOE.dll
2006-10-18 21:03 100864 --a------ C:\WINDOWS\system32\logagent.exe
2006-10-18 21:00 38528 --a------ C:\WINDOWS\system32\drivers\wpdusb.sys
2006-10-18 21:00 249856 --a------ C:\WINDOWS\system32\drmupgds.exe
2006-10-18 18:12 -------- d-------- C:\Programme\DVDFab Decrypter 3
2006-10-18 17:59 40 ---hs---- C:\Dokumente und Einstellungen\Sephiz\Anwendungsdaten\.zreglib
2006-10-13 19:40 -------- d-------- C:\Programme\Maxthon
2006-10-12 09:54 82432 -ra------ C:\WINDOWS\system32\msxml4r.dll
2006-10-12 09:54 1233920 -ra------ C:\WINDOWS\system32\msxml4.dll
2006-10-09 16:15 1669632 --a------ C:\WINDOWS\system32\msvidctl.dll
2006-10-09 16:12 456192 --a------ C:\WINDOWS\system32\encdec.dll
2006-10-09 16:12 291840 --a------ C:\WINDOWS\system32\sbe.dll
2006-10-09 16:12 235008 --a------ C:\WINDOWS\system32\psisdecd.dll
2006-10-08 12:29 20096 --a------ C:\WINDOWS\system32\drivers\AnyDVD.sys
2006-10-07 15:28 -------- d-------- C:\Programme\AtomixMP3
2006-10-05 19:18 -------- d-------- C:\Dokumente und Einstellungen\Sephiz\Anwendungsdaten\Google
2006-10-05 19:17 -------- d--h----- C:\Programme\InstallShield Installation Information
2006-10-05 19:17 -------- d-------- C:\Programme\Google
2006-10-05 18:54 -------- d-------- C:\Programme\Native Instruments
2006-10-02 19:43 -------- d-------- C:\Programme\Canon
2006-10-02 15:28 312128 --------- C:\WINDOWS\system32\msdelta.dll
2006-09-28 20:13 95344 --------- C:\WINDOWS\system32\WUDFCoinstaller.dll
2006-09-28 19:00 82944 --------- C:\WINDOWS\system32\drivers\WudfRd.sys
2006-09-28 18:56 55808 --------- C:\WINDOWS\system32\WudfSvc.dll
2006-09-28 18:56 316416 --------- C:\WINDOWS\system32\WUDFx.dll
2006-09-28 18:56 165376 --------- C:\WINDOWS\system32\WudfPlatform.dll
2006-09-28 18:56 146432 --------- C:\WINDOWS\system32\WudfHost.exe
2006-09-28 18:55 77568 --------- C:\WINDOWS\system32\drivers\WudfPf.sys
2006-09-25 17:58 23856 --a------ C:\WINDOWS\system32\spupdsvc.exe
2006-09-24 16:22 -------- d-------- C:\Programme\TomTom HOME
2006-09-24 16:21 -------- d-------- C:\Dokumente und Einstellungen\Sephiz\Anwendungsdaten\InstallShield
2006-09-20 18:34 -------- d-------- C:\Programme\Microsoft Office
2006-09-18 18:36 -------- d-------- C:\Programme\AntiVir PersonalEdition Classic
2006-09-13 06:02 1084416 --a------ C:\WINDOWS\system32\msxml3.dll
2006-08-28 09:23 5906432 --------- C:\WINDOWS\system32\ieframe.dll
2006-08-28 09:23 50688 --------- C:\WINDOWS\system32\msfeedsbs.dll
2006-08-28 09:23 457728 --------- C:\WINDOWS\system32\msfeeds.dll
2006-08-28 09:23 413696 --a------ C:\WINDOWS\system32\vbscript.dll
2006-08-28 09:23 225792 --a------ C:\WINDOWS\system32\webcheck.dll
2006-08-28 09:23 175616 --------- C:\WINDOWS\system32\ieui.dll
2006-08-28 09:23 152064 --a------ C:\WINDOWS\system32\msls31.dll
2006-08-28 09:09 78336 --a------ C:\WINDOWS\system32\ieencode.dll
2006-08-28 09:09 206336 --------- C:\WINDOWS\system32\WinFXDocObj.exe
2006-08-28 09:08 40448 --a------ C:\WINDOWS\system32\licmgr10.dll
2006-08-28 09:08 105472 --a------ C:\WINDOWS\system32\url.dll
2006-08-28 09:08 100352 --a------ C:\WINDOWS\system32\occache.dll
2006-08-28 09:07 16896 --a------ C:\WINDOWS\system32\corpol.dll
2006-08-28 09:05 71680 --a------ C:\WINDOWS\system32\admparse.dll
2006-08-28 09:05 378368 --a------ C:\WINDOWS\system32\iedkcs32.dll
2006-08-28 09:05 229376 --a------ C:\WINDOWS\system32\ieaksie.dll
2006-08-28 09:05 152064 --a------ C:\WINDOWS\system32\ieakeng.dll
2006-08-28 09:04 55296 --a------ C:\WINDOWS\system32\iesetup.dll
2006-08-28 09:04 54784 --a------ C:\WINDOWS\system32\ie4uinit.exe
2006-08-28 09:04 43008 --a------ C:\WINDOWS\system32\iernonce.dll
2006-08-28 09:04 122880 --a------ C:\WINDOWS\system32\advpack.dll
2006-08-28 09:04 11776 --a------ C:\WINDOWS\system32\ieudinit.exe
2006-08-28 09:02 61440 --------- C:\WINDOWS\system32\icardie.dll
2006-08-28 09:02 12288 --------- C:\WINDOWS\system32\msfeedssync.exe
2006-08-28 09:01 35328 --a------ C:\WINDOWS\system32\imgutil.dll
2006-08-28 09:01 262656 --------- C:\WINDOWS\system32\iertutil.dll
2006-08-28 08:59 45568 --a------ C:\WINDOWS\system32\mshta.exe
2006-08-28 08:27 380928 --------- C:\WINDOWS\system32\ieapfltr.dll
2006-08-28 08:25 48128 --a------ C:\WINDOWS\system32\mshtmler.dll
2006-08-28 08:22 161792 --a------ C:\WINDOWS\system32\ieakui.dll
2006-08-25 16:46 617472 --a------ C:\WINDOWS\system32\comctl32.dll
2006-08-21 13:26 16896 --a------ C:\WINDOWS\system32\fltlib.dll
2006-08-21 10:14 23040 --a------ C:\WINDOWS\system32\fltmc.exe
2006-08-16 12:58 100352 --a------ C:\WINDOWS\system32\6to4svc.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"MSMSGS"="\"C:\\Programme\\Messenger\\msmsgs.exe\" /background"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"WMPNSCFG"="C:\\Programme\\Windows Media Player\\WMPNSCFG.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"ehTray"="C:\\WINDOWS\\ehome\\ehtray.exe"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /installquiet"
"NVHotkey"="rundll32.exe nvHotkey.dll,Start"
"SunJavaUpdateSched"="C:\\Programme\\Java\\j2re1.4.2_03\\bin\\jusched.exe"
"SigmatelSysTrayApp"="stsystra.exe"
"SynTPEnh"="C:\\Programme\\Synaptics\\SynTP\\SynTPEnh.exe"
"Dell QuickSet"="C:\\Programme\\Dell\\QuickSet\\Quickset.exe"
"IntelZeroConfig"="\"C:\\Programme\\Intel\\Wireless\\bin\\ZCfgSvc.exe\""
"IntelWireless"="\"C:\\Programme\\Intel\\Wireless\\Bin\\ifrmewrk.exe\" /tf Intel PROSet/Wireless"
"dla"="C:\\WINDOWS\\system32\\dla\\tfswctrl.exe"
"ISUSPM Startup"="\"C:\\Programme\\Gemeinsame Dateien\\InstallShield\\UpdateService\\isuspm.exe\" -startup"
"ISUSScheduler"="\"C:\\Programme\\Gemeinsame Dateien\\InstallShield\\UpdateService\\issch.exe\" -start"
"Acronis Scheduler2 Service"="\"C:\\Programme\\Gemeinsame Dateien\\Acronis\\Schedule2\\schedhlp.exe\""
"avgnt"="\"C:\\Programme\\AntiVir PersonalEdition Classic\\avgnt.exe\" /min"
"SmcService"="C:\\PROGRA~1\\Sygate\\SPF\\smc.exe -startgui"
"QuickTime Task"="\"C:\\Programme\\QuickTime\\qttask.exe\" -atboottime"
"RegistryMechanic"=""

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000005

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Die derzeitige Homepage"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,de,00,00,00,00,00,00,00,81,06,00,00,8a,04,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"
"{553858A7-4922-4e7e-B1C1-97140C1C16EF}"="IE Component Categories cache daemon"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"InstallVisualStyle"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,\
63,65,73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,5c,52,6f,79,61,6c,65,2e,\
6d,73,73,74,79,6c,65,73,00
"InstallTheme"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,63,65,\
73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,2e,74,68,65,6d,65,00

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Bluetooth Manager.lnk]
"backup"="C:\\WINDOWS\\pss\\Bluetooth Manager.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\Toshiba\\BLUETO~1\\TOSBTM~1.EXE "
"item"="Bluetooth Manager"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Digital Line Detect.lnk]
"backup"="C:\\WINDOWS\\pss\\Digital Line Detect.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\DIGITA~1\\DLG.exe "
"item"="Digital Line Detect"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Logitech Harmony Remote V5.lnk]
"backup"="C:\\WINDOWS\\pss\\Logitech Harmony Remote V5.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\Logitech\\HARMON~1\\HARMON~1.EXE /Monitor /Vendor=logitech"
"item"="Logitech Harmony Remote V5"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Logitech Harmony-Fernbedienung.lnk]
"backup"="C:\\WINDOWS\\pss\\Logitech Harmony-Fernbedienung.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\Logitech\\HARMON~1\\HARMON~1.EXE "
"item"="Logitech Harmony-Fernbedienung"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Office-Start.lnk]
"path"="C:\\Dokumente und Einstellungen\\All Users\\Startmenü\\Programme\\Autostart\\Office-Start.lnk"
"backup"="C:\\WINDOWS\\pss\\Office-Start.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\MICROS~3\\Office\\OSA.EXE -b"
"item"="Office-Start"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^TraXEx 3.1.lnk]
"backup"="C:\\WINDOWS\\pss\\TraXEx 3.1.lnkCommon Startup"
"location"="Common Startup"
"item"="TraXEx 3.1"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^VLC360.lnk]
"location"="Common Startup"
"item"="VLC360"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTimounterMonitor]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TimounterMonitor"
"hkey"="HKLM"
"command"="C:\\Programme\\Acronis\\TrueImageHome\\TimounterMonitor.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="bittorrent"
"hkey"="HKCU"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="daemon"
"hkey"="HKLM"
"command"="\"C:\\Programme\\DAEMON Tools\\daemon.exe\" -lang 1033"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="DVDLauncher"
"hkey"="HKLM"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy-PrintToolBox]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BJPSMAIN"
"hkey"="HKLM"
"command"="C:\\Programme\\Canon\\Easy-PrintToolBox\\BJPSMAIN.EXE /logon"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Language"
"hkey"="HKLM"
"command"="C:\\Programme\\CyberLink\\PowerDVD\\Language\\Language.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCAgentExe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="mcagent"
"hkey"="HKLM"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCUpdateExe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="mcupdate"
"hkey"="HKLM"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MPFExe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="MpfTray"
"hkey"="HKLM"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSKAGENTEXE]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="MskAgent"
"hkey"="HKLM"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSKDetectorExe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="MSKDetct"
"hkey"="HKLM"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="msmsgs"
"hkey"="HKCU"
"command"="\"C:\\Programme\\Messenger\\msmsgs.exe\" /background"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NeroCheck"
"hkey"="HKLM"
"command"="C:\\Programme\\Gemeinsame Dateien\\Ahead\\Lib\\NeroCheck.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OASClnt]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="oasclnt"
"hkey"="HKLM"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PhonostarAgent]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ps_agent"
"hkey"="HKCU"
"command"="C:\\Programme\\phonostar\\ps_agent.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PhonostarTimer]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ps_timer"
"hkey"="HKCU"
"command"="C:\\Programme\\phonostar\\ps_timer.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoboForm]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="RoboTaskBarIcon"
"hkey"="HKCU"
"command"="\"C:\\Programme\\Siber Systems\\AI RoboForm\\RoboTaskBarIcon.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Shareaza]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Shareaza"
"hkey"="HKCU"
"command"="\"C:\\Programme\\Shareaza\\Shareaza.exe\" -tray"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TeaTimer"
"hkey"="HKCU"
"command"="C:\\Programme\\Spybot - Search & Destroy\\TeaTimer.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="steam"
"hkey"="HKCU"
"command"="\"c:\\programme\\valve\\steam\\steam.exe\" -silent"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TomTomHOME"
"hkey"="HKLM"
"command"="\"C:\\Programme\\TomTom HOME\\TomTomHOME.exe\" -s"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Transcode360]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Transcode360Tray"
"hkey"="HKLM"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TrueImageMonitor"
"hkey"="HKLM"
"command"="C:\\Programme\\Acronis\\TrueImageHome\\TrueImageMonitor.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirusScan Online]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="mcvsshld"
"hkey"="HKLM"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VSOCheckTask]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="mcmnhdlr"
"hkey"="HKLM"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WINSWEEP Popupblocker]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="WSPopup"
"hkey"="HKCU"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"


Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\ISP-Anmeldungserinnerung 1.job

Completion time: 06-11-13 19:19:47.23
C:\ComboFix.txt ... 06-11-13 19:19
C:\ComboFix2.txt ... 06-11-13 19:10


Wäre nett, wenn ihr mal schauen könntet.

Gruss
Sephiz
Seitenanfang Seitenende
14.11.2006, 00:34
Sabina
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#2 scanne online mit panda oder ewido und poste den scanreport
http://virus-protect.org/onlinescan.html
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
14.11.2006, 20:07
Sephiz
...neu hier

Themenstarter

Beiträge: 4
#3 Und hier noch Ewido

__________________________________________________
ewido anti-spyware online scanner
http://www.ewido.net
__________________________________________________


Name: TrackingCookie.Adnet
Path: :mozilla.6:C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Mozilla\Firefox\Profiles\q9ydobku.default\cookies.txt
Risk: Medium

Name: TrackingCookie.Adnet
Path: :mozilla.7:C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Mozilla\Firefox\Profiles\q9ydobku.default\cookies.txt
Risk: Medium

Name: TrackingCookie.Serving-sys
Path: :mozilla.15:C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Mozilla\Firefox\Profiles\q9ydobku.default\cookies.txt
Risk: Medium

Name: TrackingCookie.Ivwbox
Path: :mozilla.22:C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Mozilla\Firefox\Profiles\q9ydobku.default\cookies.txt
Risk: Medium

Name: TrackingCookie.Serving-sys
Path: :mozilla.28:C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Mozilla\Firefox\Profiles\q9ydobku.default\cookies.txt
Risk: Medium

Name: TrackingCookie.Serving-sys
Path: :mozilla.29:C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Mozilla\Firefox\Profiles\q9ydobku.default\cookies.txt
Risk: Medium

Name: TrackingCookie.Serving-sys
Path: :mozilla.30:C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Mozilla\Firefox\Profiles\q9ydobku.default\cookies.txt
Risk: Medium

Name: TrackingCookie.Serving-sys
Path: :mozilla.31:C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Mozilla\Firefox\Profiles\q9ydobku.default\cookies.txt
Risk: Medium

Name: TrackingCookie.Serving-sys
Path: :mozilla.32:C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Mozilla\Firefox\Profiles\q9ydobku.default\cookies.txt
Risk: Medium

Name: TrackingCookie.Adition
Path: :mozilla.38:C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Mozilla\Firefox\Profiles\q9ydobku.default\cookies.txt
Risk: Medium

Name: TrackingCookie.Adition
Path: :mozilla.39:C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Mozilla\Firefox\Profiles\q9ydobku.default\cookies.txt
Risk: Medium
Seitenanfang Seitenende
15.11.2006, 01:26
Sabina
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#4 ich habe nichts gefunden - und der Virenscanner nur Cookies, die kein Problem darstellen.
wieso meinst du, Schadware auf dem Rechner zu haben ? Reklamiert dein Virenscanner etwas, oder ???
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren:
Seite(n): 1