Trojaner-Board - Startdreck.log

StartDreck (build 2.1.7 public stable) - 2005-03-07 @ 20:51:48 (GMT +01:00)
Platform: Windows ME (Win 4.90.3000 )
Internet Explorer: 5.50.4134.0100
Logged in as at BRANDO

»Registry
»Run Keys
»Current User
»Run
»RunOnce
»Default User
»Run
»RunOnce
»Local Machine
»Run
*FreePDFAssistent=C:\PROGRA~1\FreePDF\FreePDFA.exe
*LoadPowerProfile=Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
*NvCplDaemon=RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
*nwiz=nwiz.exe /install
*PCHealth=C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
*ScanRegistry=C:\WINDOWS\scanregw.exe /autorun
*SystemTray=SysTray.Exe
*TaskMonitor=C:\WINDOWS\taskmon.exe
*WinFast_2K=C:\WINDOWS\SYSTEM\WF2K.EXE
*WinFast2KLoadDefault=rundll32.exe wf2kcpl.dll,DllLoadDefaultSettings
*zBrowser Launcher=C:\TREIBER\TASTATUR\LOGITECH\ITOUCH\iTouch.exe
*QuickTime Task="C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
*Logitech Utility=Logi_MwX.Exe
*sp=rundll32 C:\WINDOWS\TEMP\SE.DLL,DllInstall
+OptionalComponents
+IMAIL
*Installed=1
+MAPI
*NoChange=1
*Installed=1
+MAPI
*NoChange=1
*Installed=1
»RunOnce
»RunServices
**StateMgr=C:\WINDOWS\System\Restore\StateMgr.exe
*SchedulingAgent=mstask.exe
*StillImageMonitor=C:\WINDOWS\SYSTEM\STIMON.EXE
»RunServicesOnce
**tmi=rundll32 C:\WINDOWS\ALLGTM.TXT,DllGetClassObject
»RunOnceEx
»RunServicesOnceEx
»File Associations (CR)
+.bat
*batfile="%1" %*
+.com
*comfile="%1" %*
+.exe
*exefile="%1" %*
+.hta
*htafile=C:\WINDOWS\SYSTEM\MSHTA.EXE "%1" %*
+.htm
*htmlfile="C:\PROGRA~1\INTERN~1\iexplore.exe" -nohome
+.html
*htmlfile="C:\PROGRA~1\INTERN~1\iexplore.exe" -nohome
+.js
*JSFile=C:\WINDOWS\WScript.exe "%1" %*
+.jse
*JSEFile=C:\WINDOWS\WScript.exe "%1" %*
+.pif
*piffile="%1" %*
+.reg
*regfile=regedit.exe "%1"
+.scr
*scrfile="%1" /S
+.txt
*txtfile=C:\WINDOWS\NOTEPAD.EXE %1
+.vbs
*VBSFile=C:\WINDOWS\WScript.exe "%1" %*
+.vbe
*VBEFile=C:\WINDOWS\WScript.exe "%1" %*
+.wsh
*WSHFile=C:\WINDOWS\WScript.exe "%1" %*
+.wsf
*WSFFile=C:\WINDOWS\WScript.exe "%1" %*
+.lnk
`lnkfile= [key or value does not exist]
»Browser Helper Objects (LM)
*Jccatch.IeCatch2.1/{A5366673-E8CA-11D3-9CD9-0090271D075B}
`InprocServer32=E:\FLASHGET 1.40\JCCATCH.DLL
*AcroIEHelper.AcroIEHlprObj.1/{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
`InprocServer32=E:\ADOBE ACROBAT READER 5.05\READER\ACTIVEX\ACROIEHELPER.OCX
*{B662A0CE-66F9-491D-94B4-4C82178F6EFD}
`InprocServer32=C:\WINDOWS\SYSTEM\PMJLDA.DLL
»Files
»Autostart Folders
»Current User
*C:\WINDOWS\Startmenü\Programme\Autostart\ISDNWatch.lnk
*C:\WINDOWS\Startmenü\Programme\Autostart\HotSync Manager.lnk
»Default User
*C:\WINDOWS\Startmenü\Programme\Autostart\ISDNWatch.lnk
*C:\WINDOWS\Startmenü\Programme\Autostart\HotSync Manager.lnk
»Local Machine
»INI-Files
»WIN.INI\[windows]
*LOAD=
*RUN=
»SYSTEM.INI\[boot]
*SHELL=Explorer.exe
»Text Files
*C:\msdos.sys
*C:\config.sys
*C:\autoexec.bat
*C:\WINDOWS\wininit.bak
*C:\WINDOWS\winstart.bat
*C:\WINDOWS\command\cmdinit.bat
*C:\WINDOWS\hosts
»System/Drivers
»Running Processes
+FF8F0FF1=C:\WINDOWS\SYSTEM\KERNEL32.DLL
+FFFFBDCD=C:\WINDOWS\SYSTEM\MSGSRV32.EXE
+FFFFDD8D=C:\WINDOWS\SYSTEM\mmtask.tsk
+FFFFD751=C:\WINDOWS\SYSTEM\MPREXE.EXE
+FFFE1BC9=C:\WINDOWS\SYSTEM\MSTASK.EXE
+FFFE0DA1=C:\WINDOWS\SYSTEM\STIMON.EXE
+FFFEA87D=C:\WINDOWS\RUNDLL32.EXE
+FFFEE9D1=C:\WINDOWS\EXPLORER.EXE
+FFFD4691=C:\PROGRAMME\FREEPDF\FREEPDFA.EXE
+FFFC1F1D=C:\WINDOWS\SYSTEM\SYSTRAY.EXE
+FFFC69AD=C:\WINDOWS\TASKMON.EXE
+FFFC037D=C:\WINDOWS\SYSTEM\WF2K.EXE
+FFFC5F4D=C:\TREIBER\TASTATUR\LOGITECH\ITOUCH\ITOUCH.EXE
+FFFB7545=C:\WINDOWS\SYSTEM\DDHELP.EXE
+FFFB4D0D=C:\WINDOWS\RUNDLL32.EXE
+FFFB8E15=C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
+FFFCE61D=C:\PROGRAMME\TELEDAT 150\IWATCH.EXE
+FFFB514D=C:\PROGRAMME\PALM DESKTOP\HOTSYNC.EXE
+FFFC1C3D=C:\WINDOWS\SYSTEM\WMIEXE.EXE
+FFFC8069=C:\TREIBER\MAUS\MOUSEWARE\SYSTEM\EM_EXEC.EXE
+FFF7BC3D=C:\WINDOWS\SYSTEM\WBEM\WINMGMT.EXE
+FFF34AC1=C:\WINDOWS\SYSTEM\SPOOL32.EXE
+FFF946C5=G:\ENTPACKT\STARTDRECK\STARTDRECK.EXE
+FFF86799=E:\MICROSOFT OFFICE 2000\OFFICE\OUTLOOK.EXE
»NT Services
»Application specific