here you go....
info.txt
info.txt logfile of random's system information tool 1.05 2009-02-27 19:10:30
======Uninstall list======
-->"C:\Programme\Real Spy Monitor\unins000.exe"
-->C:\Programme\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINXP\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINXP\UNNeroShowTime.exe /UNINSTALL
-->C:\WINXP\UNNeroVision.exe /UNINSTALL
-->msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
-->msiexec /i {46548E80-0409-0000-7E8A-45000F855001}
-->msiexec /I {B2F5D08C-7E79-4FCD-AAF4-57AD35FF0601}
-->msiexec /I{7F4C8163-F259-49A0-A018-2857A90578BC}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINXP\INF\PCHealth.inf
Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-1033-0000-0000-000000000001}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
Adobe Creative Suite 2-->C:\PROGRA~1\INSTAL~1\{0134A~1\setup.exe /relaunched/rootloc=e:\adobe creative suite 2.0/lang=0409
Adobe Flash Player 10 Plugin-->C:\WINXP\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
Adobe Reader 9 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A90000000001}
Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}
Adobe SVG Viewer 3.0-->C:\Programme\Gemeinsame Dateien\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Programme\Gemeinsame Dateien\Adobe\SVG Viewer 3.0\Uninstall\Install.log
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ASUS Enhanced Display Driver-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{315ACD04-BCEB-478B-9B1D-5431D0E6CB11}\setup.exe" -l0x9
ASUS Probe V2.24.03-->C:\WINXP\uninst.exe -f"c:\programme\asus\Asus Probe\DeIsL1.isu" -c"c:\programme\asus\Asus Probe\probunis.dll"
ASUS WLAN Card Utilities/Driver-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{8F722FA9-B994-4C9B-B292-FD32D6206EDF}\Setup.exe" -l0x7
AsusUpdate-->C:\WINXP\IsUninst.exe -fC:\Programme\ASUS\AsusUpdate\Uninst.isu
ASUSUpdate-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{587178E7-B1DF-494E-9838-FA4DD36E873C}\setup.exe" -l0x7
AxCrypt (Nur Entfernen)-->"C:\Programme\AxCrypt\AxCryptU.exe"
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
BUFFALO NAS Navigator-->C:\WINXP\UN060501.EXE /U
CCleaner (remove only)-->"C:\Programme\CCleaner\uninst.exe"
C-Media High Definition Audio Driver-->C:\WINXP\system32\cmirmdrv.exe
DVD Ripper Platinum 4-->C:\Programme\DVD Ripper Platinum 4\Uninstall.exe
File Securer v3.93-->"C:\Programme\File Securer\unins000.exe"
GetDataBack for NTFS-->C:\WINXP\uninst.exe -f"C:\Programme\GetDataBack for NTFS\DeIsL1.isu" -c"C:\Programme\GetDataBack for NTFS\_ISREG32.DLL"
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
HijackThis 2.0.2-->"C:\Programme\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HP Document Viewer 5.3-->C:\Programme\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat
HP Image Zone 5.3-->C:\Programme\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Imaging Device Functions 5.3-->C:\Programme\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
HP Product Assistant-->MsiExec.exe /I{36FDBE6E-6684-462B-AE98-9A39A1B200CC}
HP PSC & OfficeJet 5.3.B-->"C:\Programme\HP\Digital Imaging\{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}\setup\hpzscr01.exe" -datfile hposcr07.dat
HP Solution Center & Imaging Support Tools 5.3-->C:\Programme\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{FE57DE70-95DE-4B64-9266-84DA811053DB}
iPod Video Converter 3-->C:\Programme\iPod Video Converter 3\Uninstall.exe
Ipswitch WS_FTP Pro-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{AD88355B-A4E0-4DA1-BAC3-EA4FEA930691}\setup.exe" -l0x9
IsoBuster 1.7-->C:\Programme\IsoBuster\Uninst\unins000.exe
iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
Jasc Paint Shop Pro 9.01 - (9.0.1.1)-->C:\Programme\Paint Shop Pro 9\Unwise.exe /R /U C:\PROGRA~1\PAINTS~1\INSTALL.LOG
Jasc Paint Shop Pro 9-->MsiExec.exe /I{F843C6A3-224D-4615-94F8-3C461BD9AEA0}
Java 2 Runtime Environment, SE v1.4.2_02-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142020}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
LiveUpdate 3.1 (Symantec Corporation)-->"C:\Programme\Symantec\LiveUpdate\LSETUP.EXE" /U
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe" -l0x7 UNINSTALL
Logitech Print Service-->C:\PROGRA~1\Logitech\PRINTS~1\UNWISE.EXE C:\PROGRA~1\Logitech\PRINTS~1\INSTALL.LOG
Logitech QuickCam-->MsiExec.exe /I{0496D9E9-224B-4AFA-8F37-23B98D52F1EB}
Logitech® Camera-Treiber-->"C:\Programme\Gemeinsame Dateien\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
Malwarebytes' Anti-Malware-->"C:\Programme\Malwarebytes' Anti-Malware\unins000.exe"
Marvell Miniport Driver-->MsiExec.exe /X{C950420B-4182-49EA-850A-A6A2ABF06C6B}
Microsoft .NET Framework 1.1 German Language Pack-->MsiExec.exe /X{E78BFA60-5393-4C38-82AB-E8019E464EB4}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINXP\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINXP\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0-->C:\WINXP\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Office XP Professional mit FrontPage-->MsiExec.exe /I{90280407-6000-11D3-8CFE-0050048383C9}
Mozilla Firefox (3.0.6)-->C:\Programme\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Nero 7 Demo-->MsiExec.exe /I{79F71DBA-38D0-D6C4-DF6C-335C37091031}
NetObjects Fusion 9.0-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{7416D548-3DC2-4DBC-8FF6-03A031027E1B}\setup.exe" -l0x7 anything -uninst
NVIDIA Drivers-->C:\WINXP\system32\nvudisp.exe UninstallGUI
Picasa 3-->"C:\Programme\Google\Picasa3\Uninstall.exe"
PowerDesk 6-->MsiExec.exe /I{B93251B5-9209-4DAB-867C-AA98D91584CD}
QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
Sicherheitsupdate für Windows Internet Explorer 7 (KB958215)-->"C:\WINXP\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB960714)-->"C:\WINXP\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB961260)-->"C:\WINXP\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player (KB952069)-->"C:\WINXP\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB923789)-->C:\WINXP\system32\MacroMed\Flash\genuinst.exe C:\WINXP\system32\MacroMed\Flash\KB923789.inf
Sicherheitsupdate für Windows XP (KB954459)-->"C:\WINXP\$NtUninstallKB954459$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB954600)-->"C:\WINXP\$NtUninstallKB954600$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB955069)-->"C:\WINXP\$NtUninstallKB955069$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956802)-->"C:\WINXP\$NtUninstallKB956802$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB957097)-->"C:\WINXP\$NtUninstallKB957097$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB958644)-->"C:\WINXP\$NtUninstallKB958644$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB958687)-->"C:\WINXP\$NtUninstallKB958687$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB960715)-->"C:\WINXP\$NtUninstallKB960715$\spuninst\spuninst.exe"
Spybot - Search & Destroy-->"C:\Programme\Spybot - Search & Destroy\unins000.exe"
Suite Specific-->MsiExec.exe /I{C49DAA9C-5BA8-459A-8244-E57B69DF0F04}
Super Flexible File Synchronizer v4.45a-->"C:\Programme\SuperFlexible\unins000.exe"
Symantec AntiVirus-->MsiExec.exe /I{33CFCF98-F8D6-4549-B469-6F4295676D83}
Synchromagic-->C:\WINXP\unvise32.exe C:\Programme\Synchromagic\uninstal.log
Tag&Rename 3.2-->"C:\Programme\TagRename\unins000.exe"
TweakNow RegCleaner-->"C:\Programme\RegCleaner\unins000.exe"
Update für Windows XP (KB955839)-->"C:\WINXP\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update für Windows XP (KB967715)-->"C:\WINXP\$NtUninstallKB967715$\spuninst\spuninst.exe"
USB Storage Adapter FX (MXO)-->MXOun.exe MXOFX
Virtual Cable Tester-->MsiExec.exe /X{3D654496-9C3D-4565-858C-3E551ECDA4E2}
WinRAR archiver-->C:\Programme\WinRAR\uninstall.exe
======Hosts File======
127.0.0.1
www.007guard.com127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1
www.008k.com127.0.0.1 008k.com
127.0.0.1
www.00hq.com127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1
www.032439.com127.0.0.1 032439.com
======Security center information======
AV: Symantec AntiVirus Corporate Edition
System event log
Computer Name: ARBEITSZIMMER
Event Code: 51
Message: Bei einem Auslagerungsvorgang wurde ein Fehler festgestellt. Betroffen ist Gerät \Device\Harddisk7\D.
Record Number: 2019
Source Name: Disk
Time Written: 20090108190909.000000+540
Event Type: Warnung
User:
Computer Name: ARBEITSZIMMER
Event Code: 51
Message: Bei einem Auslagerungsvorgang wurde ein Fehler festgestellt. Betroffen ist Gerät \Device\Harddisk7\D.
Record Number: 2018
Source Name: Disk
Time Written: 20090108190909.000000+540
Event Type: Warnung
User:
Computer Name: ARBEITSZIMMER
Event Code: 51
Message: Bei einem Auslagerungsvorgang wurde ein Fehler festgestellt. Betroffen ist Gerät \Device\Harddisk7\D.
Record Number: 2017
Source Name: Disk
Time Written: 20090108190909.000000+540
Event Type: Warnung
User:
Computer Name: ARBEITSZIMMER
Event Code: 51
Message: Bei einem Auslagerungsvorgang wurde ein Fehler festgestellt. Betroffen ist Gerät \Device\Harddisk7\D.
Record Number: 2016
Source Name: Disk
Time Written: 20090108190909.000000+540
Event Type: Warnung
User:
Computer Name: ARBEITSZIMMER
Event Code: 51
Message: Bei einem Auslagerungsvorgang wurde ein Fehler festgestellt. Betroffen ist Gerät \Device\Harddisk7\D.
Record Number: 2015
Source Name: Disk
Time Written: 20090108190909.000000+540
Event Type: Warnung
User:
Application event log
Computer Name: ARBEITSZIMMER
Event Code: 1
Message:
Record Number: 1116
Source Name: Bonjour Service
Time Written: 20081217141331.000000+540
Event Type: Informationen
User:
Computer Name: ARBEITSZIMMER
Event Code: 35
Message: Der Dienst 'Symantec Event Manager' wurde gestartet.
Record Number: 1115
Source Name: ccEvtMgr
Time Written: 20081217141323.000000+540
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM
Computer Name: ARBEITSZIMMER
Event Code: 34
Message: Der Dienst 'Symantec Event Manager' wird gestartet.
Record Number: 1114
Source Name: ccEvtMgr
Time Written: 20081217141322.000000+540
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM
Computer Name: ARBEITSZIMMER
Event Code: 35
Message: Der Dienst 'Symantec Einstellungs-Manager' wurde gestartet.
Record Number: 1113
Source Name: ccSetMgr
Time Written: 20081217141322.000000+540
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM
Computer Name: ARBEITSZIMMER
Event Code: 34
Message: Der Dienst 'Symantec Einstellungs-Manager' wird gestartet.
Record Number: 1112
Source Name: ccSetMgr
Time Written: 20081217141321.000000+540
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Programme\QuickTime\QTSystem\;C:\Programme\Gemeinsame Dateien\Adobe\AGL
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 1, GenuineIntel
"PROCESSOR_REVISION"=0401
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Programme\Java\jre1.6.0_07\lib\ext\QTJava.zip
"QTJAVA"=C:\Programme\Java\jre1.6.0_07\lib\ext\QTJava.zip
-----------------EOF-----------------
log.txt
Logfile of random's system information tool 1.05 (written by random/random)
Run by Dude at 2009-02-27 19:10:12
Microsoft Windows XP Professional Service Pack 3
System drive C: has 226 GB (95%) free of 238 GB
Total RAM: 1023 MB (59% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:10:26, on 27.02.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINXP\System32\smss.exe
C:\WINXP\system32\winlogon.exe
C:\WINXP\system32\services.exe
C:\WINXP\system32\lsass.exe
C:\WINXP\system32\svchost.exe
C:\WINXP\System32\svchost.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINXP\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINXP\ATKKBService.exe
C:\Programme\Bonjour\mDNSResponder.exe
C:\Programme\Symantec AntiVirus\DefWatch.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\Programme\BUFFALO\NASNAVI\nassvc.exe
C:\WINXP\Explorer.EXE
C:\WINXP\system32\nvsvc32.exe
C:\WINXP\system32\svchost.exe
C:\Programme\Symantec AntiVirus\Rtvscan.exe
C:\WINXP\system32\RunDll32.exe
C:\Programme\Java\jre6\bin\jusched.exe
C:\Programme\ASUS\WLAN Card Utilities\Center.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\programme\asus\Asus Probe\AsusProb.exe
C:\WINXP\system32\RUNDLL32.EXE
C:\Programme\iTunes\iTunesHelper.exe
C:\WINXP\system32\LVCOMSX.EXE
C:\Programme\Logitech\Video\LogiTray.exe
C:\PROGRA~1\Maxtor\OneTouch\Utils\OneTouch.exe
C:\Programme\HP\HP Software Update\HPWuSchd2.exe
C:\Programme\SuperFlexible\ExtremeSyncService.exe
C:\Programme\iPod\bin\iPodService.exe
C:\Programme\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe
C:\Programme\Real Spy Monitor\winrsm.exe
C:\WINXP\system32\ctfmon.exe
C:\Programme\Gemeinsame Dateien\Ahead\lib\NMBgMonitor.exe
C:\Programme\Logitech\Video\FxSvr2.exe
C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programme\VCOM\PowerDesk\pddlghlp.exe
C:\Programme\Microsoft Office\Office10\msoffice.exe
C:\Programme\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Programme\HP\Digital Imaging\bin\hpqimzone.exe
C:\Programme\VCOM\PowerDesk\PDExplo.exe
C:\WINXP\system32\wuauclt.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Dokumente und Einstellungen\Dude\Desktop\RSIT.exe
C:\Programme\Trend Micro\HijackThis\Dude.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Programme\Ipswitch\WS_FTP Pro\wsbho2k0.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Control Center] C:\Programme\ASUS\WLAN Card Utilities\Center.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [ASUS Probe] c:\programme\asus\Asus Probe\AsusProb.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINXP\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINXP\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINXP\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINXP\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINXP\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINXP\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [LVCOMSX] C:\WINXP\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programme\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programme\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [MaxtorOneTouch] C:\PROGRA~1\Maxtor\OneTouch\Utils\OneTouch.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Programme\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ExtremeSync Background Scheduler] C:\Programme\SuperFlexible\ExtremeSyncService.exe /TIMERASAPP /STARTUP
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe Version Cue CS2] "C:\Programme\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Programme\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [Real Spy Monitor] "C:\Programme\Real Spy Monitor\winrsm.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINXP\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Programme\Logitech\Video\ManifestEngine.exe boot
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programme\Gemeinsame Dateien\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Programme\XtremeEmule\emule0.49b-Xtreme7.0\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINXP\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINXP\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINXP\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINXP\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Startup: BUFFALO NAS Navigator.lnk = C:\Programme\BUFFALO\NASNAVI\NasNavi.exe
O4 - Startup: Dialog Helper.lnk = C:\Programme\VCOM\PowerDesk\pddlghlp.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Gamma.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Programme\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver -
res://C:\WINXP\system32\GPhotos.scr/200
O8 - Extra context menu item: Convert link target to Adobe PDF -
res://C:\Programme\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF -
res://C:\Programme\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF -
res://C:\Programme\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF -
res://C:\Programme\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF -
res://C:\Programme\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF -
res://C:\Programme\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF -
res://C:\Programme\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF -
res://C:\Programme\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren -
res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINXP\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINXP\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS2 - Adobe Systems Incorporated - C:\Programme\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINXP\ATKKBService.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Programme\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Programme\Symantec AntiVirus\DefWatch.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NAS PM Service (NasPmService) - Unknown owner - C:\Programme\BUFFALO\NASNAVI\nassvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINXP\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINXP\system32\HPZipm12.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Programme\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Programme\Symantec AntiVirus\Rtvscan.exe
--
End of file - 12975 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Programme\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{601ED020-FB6C-11D3-87D8-0050DA59922B}]
WsftpBrowserHelper Class - C:\Programme\Ipswitch\WS_FTP Pro\wsbho2k0.dll [2004-06-17 118830]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Programme\Java\jre6\bin\ssv.dll [2008-12-08 320920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
AcroIEToolbarHelper Class - C:\Programme\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14 225280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Programme\Java\jre6\bin\jp2ssv.dll [2008-12-08 34816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-08 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Programme\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14 225280]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Cmaudio"=RunDll32 cmicnfg.cpl []
"SunJavaUpdateSched"=C:\Programme\Java\jre6\bin\jusched.exe [2008-12-08 136600]
"Control Center"=C:\Programme\ASUS\WLAN Card Utilities\Center.exe [2004-11-11 1571840]
"ccApp"=C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe [2006-07-19 52896]
"vptray"=C:\PROGRA~1\SYMANT~1\VPTray.exe [2006-11-27 126048]
"ASUS Probe"=c:\programme\asus\Asus Probe\AsusProb.exe [2002-12-06 617984]
"NvCplDaemon"=C:\WINXP\system32\NvCpl.dll [2004-12-15 5513216]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINXP\system32\NvMcTray.dll [2004-12-15 86016]
"QuickTime Task"=C:\Programme\QuickTime\QTTask.exe [2008-11-04 413696]
"iTunesHelper"=C:\Programme\iTunes\iTunesHelper.exe [2008-11-20 290088]
"IMJPMIG8.1"=C:\WINXP\IME\imjp8_1\IMJPMIG.EXE [2008-04-14 208952]
"MSPY2002"=C:\WINXP\system32\IME\PINTLGNT\ImScInst.exe [2008-04-14 59392]
"PHIME2002ASync"=C:\WINXP\system32\IME\TINTLGNT\TINTSETP.EXE [2008-04-14 455168]
"PHIME2002A"=C:\WINXP\system32\IME\TINTLGNT\TINTSETP.EXE [2008-04-14 455168]
"LVCOMSX"=C:\WINXP\system32\LVCOMSX.EXE [2004-05-21 221184]
"LogitechVideoRepair"=C:\Programme\Logitech\Video\ISStart.exe [2004-06-01 458752]
"LogitechVideoTray"=C:\Programme\Logitech\Video\LogiTray.exe [2004-06-01 217088]
"NeroFilterCheck"=C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"MaxtorOneTouch"=C:\PROGRA~1\Maxtor\OneTouch\Utils\OneTouch.exe [2003-05-21 45056]
"HP Software Update"=C:\Programme\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"ExtremeSync Background Scheduler"=C:\Programme\SuperFlexible\ExtremeSyncService.exe [2008-10-29 6433808]
"Adobe Reader Speed Launcher"=C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"Adobe Version Cue CS2"=C:\Programme\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe [2005-04-04 856064]
"Acrobat Assistant 7.0"=C:\Programme\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe [2004-12-14 483328]
""= []
"Real Spy Monitor"=C:\Programme\Real Spy Monitor\winrsm.exe [2007-05-03 686592]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe [2009-02-11 399504]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINXP\system32\ctfmon.exe [2008-04-14 15360]
"LogitechSoftwareUpdate"=C:\Programme\Logitech\Video\ManifestEngine.exe [2004-06-01 196608]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Programme\Gemeinsame Dateien\Ahead\lib\NMBgMonitor.exe [2006-03-01 90112]
"eMuleAutoStart"=C:\Programme\XtremeEmule\emule0.49b-Xtreme7.0\emule.exe [2008-09-26 6066176]
C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart
Adobe Acrobat Speed Launcher.lnk - C:\WINXP\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe
Adobe Gamma.lnk - C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe
HP Digital Imaging Monitor.lnk - C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
HP Image Zone Fast Start.lnk - C:\Programme\HP\Digital Imaging\bin\hpqthb08.exe
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
Microsoft Office.lnk - C:\Programme\Microsoft Office\Office10\OSA.EXE
C:\Dokumente und Einstellungen\Dude\Startmenü\Programme\Autostart
BUFFALO NAS Navigator.lnk - C:\Programme\BUFFALO\NASNAVI\NasNavi.exe
Dialog Helper.lnk - C:\Programme\VCOM\PowerDesk\pddlghlp.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
C:\WINXP\system32\NavLogon.dll [2006-11-27 43616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINXP\system32\WgaLogon.dll [2008-09-23 3584]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINXP\system32\wpdshserviceobj.dll [2008-07-09 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=149
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Silicon Image\SI3114\SiITray.exe"="C:\Program Files\Silicon Image\SI3114\SiITray.exe:*:Disabled:SiITray"
"C:\WINXP\system32\javaw.exe"="C:\WINXP\system32\javaw.exe:*:Enabled:javaw"
"C:\Programme\Bonjour\mDNSResponder.exe"="C:\Programme\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Programme\iTunes\iTunes.exe"="C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Programme\Nero\Nero 7\Nero Home\NeroHome.exe"="C:\Programme\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home"
"C:\WINXP\system32\sessmgr.exe"="C:\WINXP\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Programme\HP\Digital Imaging\bin\hpqste08.exe"="C:\Programme\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Programme\HP\Digital Imaging\bin\hposfx08.exe"="C:\Programme\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Programme\HP\Digital Imaging\bin\hposid01.exe"="C:\Programme\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Programme\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Programme\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Programme\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Programme\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Programme\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Programme\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Programme\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Programme\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Programme\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Programme\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Programme\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Programme\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Programme\HP\Digital Imaging\bin\hpoews01.exe"="C:\Programme\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======List of files/folders created in the last 1 months======
2009-02-27 19:10:12 ----D---- C:\rsit
2009-02-26 23:38:26 ----D---- C:\Dokumente und Einstellungen\Dude\Anwendungsdaten\Malwarebytes
2009-02-26 23:38:17 ----D---- C:\Programme\Malwarebytes' Anti-Malware
2009-02-26 23:38:17 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
2009-02-26 23:19:39 ----HDC---- C:\WINXP\$NtUninstallKB967715$
2009-02-25 17:15:31 ----D---- C:\WINXP\LastGood
2009-02-24 20:03:23 ----A---- C:\WINXP\system32\msln.exe
2009-02-15 14:32:25 ----D---- C:\Dokumente und Einstellungen\Dude\Anwendungsdaten\VCOM
2009-02-15 14:32:15 ----D---- C:\Programme\VCOM
2009-02-15 14:31:17 ----D---- C:\Programme\Gemeinsame Dateien\Wise Installation Wizard
2009-02-12 20:08:41 ----HDC---- C:\WINXP\$NtUninstallKB960715$
2009-02-10 21:44:47 ----A---- C:\WINXP\monitor.ini
2009-02-10 21:44:42 ----RSHD---- C:\Programme\real spy monitor
2009-02-05 23:10:29 ----A---- C:\WINXP\RegisterRSM.ini
2009-02-05 23:07:02 ----D---- C:\Programme\MSN Messenger
======List of files/folders modified in the last 1 months======
2009-02-27 19:09:02 ----D---- C:\Programme\Mozilla Firefox
2009-02-26 23:38:26 ----D---- C:\WINXP\Prefetch
2009-02-26 23:38:21 ----D---- C:\WINXP\system32\drivers
2009-02-26 23:38:17 ----RD---- C:\Programme
2009-02-26 23:20:31 ----HD---- C:\WINXP\inf
2009-02-26 23:20:25 ----D---- C:\WINXP
2009-02-26 23:19:57 ----RSHDC---- C:\WINXP\system32\dllcache
2009-02-26 23:19:48 ----D---- C:\WINXP\system32
2009-02-25 17:15:32 ----HD---- C:\WINXP\$hf_mig$
2009-02-25 17:15:30 ----D---- C:\WINXP\system32\CatRoot2
2009-02-25 07:42:48 ----D---- C:\Temp
2009-02-25 07:41:35 ----D---- C:\Programme\iPod Video Converter 3
2009-02-24 20:01:50 ----D---- C:\WINXP\Temp
2009-02-24 19:58:41 ----D---- C:\Programme\Symantec AntiVirus
2009-02-24 19:41:08 ----A---- C:\WINXP\SchedLgU.Txt
2009-02-23 03:41:56 ----SHD---- C:\System Volume Information
2009-02-23 03:39:48 ----D---- C:\WINXP\Registration
2009-02-22 22:30:16 ----A---- C:\WINXP\NeroDigital.ini
2009-02-21 13:36:19 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy
2009-02-21 13:36:06 ----D---- C:\WINXP\Minidump
2009-02-21 13:36:06 ----D---- C:\WINXP\Debug
2009-02-21 13:34:40 ----D---- C:\Programme\CCleaner
2009-02-21 09:27:24 ----SHD---- C:\WINXP\CSC
2009-02-21 09:26:55 ----HD---- C:\Config.Msi
2009-02-21 09:26:55 ----D---- C:\Programme\Spybot - Search & Destroy
2009-02-15 14:32:26 ----SHD---- C:\WINXP\Installer
2009-02-15 14:31:17 ----D---- C:\Programme\Gemeinsame Dateien
2009-02-15 14:26:27 ----D---- C:\Programme\Gemeinsame Dateien\Adobe
2009-02-15 14:26:19 ----D---- C:\WINXP\WinSxS
2009-02-15 14:24:38 ----D---- C:\Dokumente und Einstellungen\Dude\Anwendungsdaten\Adobe
2009-02-15 14:21:44 ----D---- C:\Programme\Adobe
2009-02-15 14:21:44 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Adobe
2009-02-12 21:46:53 ----D---- C:\Dokumente und Einstellungen\Dude\Anwendungsdaten\dvdcss
2009-02-12 20:08:19 ----D---- C:\Programme\Internet Explorer
2009-02-11 16:08:37 ----D---- C:\WINXP\Cursors
2009-02-04 08:21:12 ----A---- C:\WINXP\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 aslm75;aslm75; \??\C:\WINXP\system32\drivers\aslm75.sys []
R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINXP\system32\drivers\atkkbnt.sys [2004-07-20 20096]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\eeCtrl.sys []
R1 intelppm;Intel-Prozessortreiber; C:\WINXP\system32\DRIVERS\intelppm.sys [2008-04-14 40448]
R1 SAVRT;SAVRT; \??\C:\Programme\Symantec AntiVirus\savrt.sys []
R1 SAVRTPEL;SAVRTPEL; \??\C:\Programme\Symantec AntiVirus\Savrtpel.sys []
R1 SPBBCDrv;SPBBCDrv; \??\C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCDrv.sys []
R1 SYMTDI;SYMTDI; C:\WINXP\System32\Drivers\SYMTDI.SYS [2006-08-07 195776]
R2 Aspi32;Aspi32; C:\WINXP\System32\drivers\aspi32.sys [1999-09-10 25244]
R2 EIO;EIO; \??\C:\WINXP\system32\drivers\EIO.sys []
R3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINXP\system32\ASNDIS5.SYS []
R3 cmudax;C-Media High Definition Audio Interface; C:\WINXP\system32\drivers\cmudax.sys [2004-10-21 1275584]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINXP\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Microsoft UAA-Bustreiber für High Definition Audio; C:\WINXP\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINXP\system32\drivers\lvusbsta.sys [2004-05-28 19968]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINXP\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 MXOFX;USB Storage Adapter FX (MXO); C:\WINXP\system32\DRIVERS\MXOFX.SYS [2003-04-14 32512]
R3 NAVENG;NAVENG; \??\C:\PROGRA~1\GEMEIN~1\SYMANT~1\VIRUSD~1\20090220.004\naveng.sys []
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\GEMEIN~1\SYMANT~1\VIRUSD~1\20090220.004\navex15.sys []
R3 nv;nv; C:\WINXP\system32\DRIVERS\nv4_mini.sys [2004-12-15 3329504]
R3 PID_0920;Logitech QuickCam Express(PID_0920); C:\WINXP\system32\DRIVERS\LV532AV.SYS [2004-05-22 163328]
R3 SymEvent;SymEvent; \??\C:\Programme\Symantec\SYMEVENT.SYS []
R3 SYMREDRV;SYMREDRV; C:\WINXP\System32\Drivers\SYMREDRV.SYS [2006-08-07 24768]
R3 usbehci;Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller; C:\WINXP\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Microsoft USB-Standardhubtreiber; C:\WINXP\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbstor;USB-Massenspeichertreiber; C:\WINXP\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Miniporttreiber für universellen Microsoft USB-Hostcontroller; C:\WINXP\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINXP\system32\DRIVERS\yk51x86.sys [2004-10-27 223104]
S2 adfs;adfs; C:\WINXP\system32\drivers\adfs.sys []
S3 Arp1394;1394-ARP-Clientprotokoll; C:\WINXP\system32\DRIVERS\arp1394.sys [2008-10-18 60800]
S3 CCDECODE;Untertiteldecoder; C:\WINXP\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 gmer;gmer; C:\WINXP\System32\DRIVERS\gmer.sys [2008-12-07 85969]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINXP\system32\DRIVERS\HPZid412.sys [2005-12-17 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINXP\system32\DRIVERS\HPZipr12.sys [2005-12-17 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINXP\system32\DRIVERS\HPZius12.sys [2005-12-17 21744]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\WINXP\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI-Codec; C:\WINXP\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV-/Videoverbindung; C:\WINXP\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;1394-Netzwerktreiber; C:\WINXP\system32\DRIVERS\nic1394.sys [2008-10-18 61824]
S3 SLIP;BDA Slip De-Framer; C:\WINXP\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA-IPSink; C:\WINXP\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINXP\System32\Drivers\usbaapl.sys [2008-11-07 32000]
S3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINXP\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB-Druckerklasse; C:\WINXP\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB-Scannertreiber; C:\WINXP\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 W8100XP;Marvell Libertas 802.11b/g SoftAP Driver for Windows XP ; C:\WINXP\system32\DRIVERS\mrv8ka51.sys [2004-05-20 258560]
S3 WSTCODEC;World Standard Teletext-Codec; C:\WINXP\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINXP\system32\DRIVERS\WudfPf.sys [2008-07-09 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINXP\system32\DRIVERS\wudfrd.sys [2008-07-09 82944]
S4 sr;Filtertreiber für Systemwiederherstellung; C:\WINXP\system32\DRIVERS\sr.sys [2008-04-14 73472]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 ATKKeyboardService;ATK Keyboard Service; C:\WINXP\ATKKBService.exe [2004-07-20 90112]
R2 Bonjour Service;Bonjour-Dienst; C:\Programme\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 ccEvtMgr;Symantec Event Manager; C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe [2006-07-19 192160]
R2 ccSetMgr;Symantec Settings Manager; C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe [2006-07-19 169632]
R2 DefWatch;Symantec AntiVirus Definition Watcher; C:\Programme\Symantec AntiVirus\DefWatch.exe [2006-11-27 31840]
R2 JavaQuickStarterService;Java Quick Starter; C:\Programme\Java\jre6\bin\jqs.exe [2008-12-08 152984]
R2 NasPmService;NAS PM Service; C:\Programme\BUFFALO\NASNAVI\nassvc.exe [2007-10-26 233472]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINXP\system32\nvsvc32.exe [2004-12-15 139331]
R2 SPBBCSvc;Symantec SPBBCSvc; C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCSvc.exe [2006-04-11 1160848]
R2 Symantec AntiVirus;Symantec AntiVirus; C:\Programme\Symantec AntiVirus\Rtvscan.exe [2006-11-27 1836640]
R3 iPod Service;iPod-Dienst; C:\Programme\iPod\bin\iPodService.exe [2008-11-20 536872]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINXP\system32\HPZipm12.exe [2007-08-09 73728]
S3 Adobe LM Service;Adobe LM Service; C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-01-07 72704]
S3 Adobe Version Cue CS2;Adobe Version Cue CS2; C:\Programme\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe [2005-04-04 163840]
S3 aspnet_state;ASP.NET State Service; C:\WINXP\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINXP\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 gusvc;Google Updater Service; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-12-05 168432]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2006-09-08 2528960]
S3 SavRoam;SAVRoam; C:\Programme\Symantec AntiVirus\SavRoam.exe [2006-11-27 120416]
S3 SNDSrvc;Symantec Network Drivers Service; C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe [2006-08-07 214720]
S3 WMPNetworkSvc;Windows Media Player-Netzwerkfreigabedienst; C:\Programme\Windows Media Player\WMPNetwk.exe [2006-11-03 920576]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINXP\system32\svchost.exe [2008-04-14 14336]
-----------------EOF-----------------
mbam
Malwarebytes' Anti-Malware 1.34
Datenbank Version: 1806
Windows 5.1.2600 Service Pack 3
27.02.2009 19:07:42
mbam-log-2009-02-27 (19-07-42).txt
Scan-Methode: Vollständiger Scan (C:\|D:\|G:\|H:\|I:\|J:\|K:\|L:\|Y:\|Z:\|)
Durchsuchte Objekte: 601028
Laufzeit: 14 hour(s), 37 minute(s), 26 second(s)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)