Trojaner-Board - Total Verseucht

Hier
mal meinHiJACKThis Log-File
Logfile of HijackThis v1.99.1
Scan saved at 19:26:47, on 11.01.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\iTunes\iTunesHelper.exe
C:\Programme\QuickTime\qttask.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\Programme\CyberLink\PowerDVD\PDVDServ.exe
C:\Programme\SlySoft\CloneCD\CloneCDTray.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\ICQLite\ICQLite.exe
C:\Programme\MSN Messenger\msnmsgr.exe
C:\Programme\GMX\GMX SMS-Manager\SMSMngr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\SYSTEM32\GEARSEC.EXE
C:\WINDOWS\System32\oodag.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\iPod\bin\iPodService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Temporary Internet Files\Content.IE5\M6PMKEKF\HijackThis[1].exe
C:\WINDOWS\system32\dwwin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer bereitgestellt von Lycos Europe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:80
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1:80
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {73364D99-1240-4dff-B11A-67E448373048} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - (no file)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - (no file)
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll
O3 - Toolbar: LEC - {1DBAB667-A486-421e-AFE4-CF07DD0088E5} - C:\Programme\Power Translator 10\Applications\LEC IE Translation Extension.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [RemoteControl] C:\Programme\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Programme\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [CloneDVDElbyDelay] "C:\Programme\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L ElbyDelay
O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P26 "EPSON Stylus CX3600 Series" /O6 "USB001" /M "Stylus CX3600"
O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [ICQ Lite] "C:\Programme\ICQLite\ICQLite.exe" -minimize
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [GMX SMS-Manager] C:\Programme\GMX\GMX SMS-Manager\SMSMngr.exe
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -trayboot
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Windows Live Search - res://C:\Programme\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.lycos.de/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {26CBF141-7D0F-46E1-AA06-718958B6E4D2} - http://download.ebay.com/turbo_lister/DE/install.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-30.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://manusuchi13.spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {59136DB4-6CA3-4B40-8F2F-BBF84B6F1E91} (Attachment Upload Control) - https://stream.web.de/mail/activex/mail_upload_11213.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.johannrain-softwareentwicklung.de/DE/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1131057433236
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1143124716838
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586-jc.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab
O16 - DPF: {BA749BC1-143E-430D-B1DA-1D2AF67A3658} - http://scripts.downloadv3.com/binaries/EGDAccess/EGDACCESS_1069_XP.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game02.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C2481ED1-9896-4D49-AE90-69858DFDE446} - http://scripts.downloadv3.com/binaries/EGDAccess/EGDACCESS_1073_XP.cab
O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f012.mail.lycos.de/app/uploader/FileUploader.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\SYSTEM32\GEARSEC.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: LEC TranslateDotNet Server - Language Engineering Corporation, LLC - C:\Programme\Power Translator 10\LogoMedia TranslateDotNet Server.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\System32\oodag.exe
O23 - Service: PsShutdown (PsShutdownSvc) - Unknown owner - C:\WINDOWS\System32\PSSDNSVC.EXE
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programme\CyberLink\Shared Files\RichVideo.exe (file missing)
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Programme\TuneUp Utilities 2004\WinStylerThemeSvc.exe

über eine antwort wäre ich sehr erfreut
gruß tomtom

Hiermal ein scan 1.Teil

Lavasoft Ad-aware Personal Build 6.181
Logdatei erzeugt am :Donnerstag, 11. Januar 2007 17:59:03
Created with Ad-aware Personal, free for private use.
Benutze Referenzdatei :01R347 26.10.2004
______________________________________________________

Ad-aware Settings
=========================
Aktiviert : Intensive Dateiprüfung aktivieren
Aktiviert : Sicherheitsmodus (immer nachfragen)
Aktiviert : Prüfe laufende Prozesse
Aktiviert : Prüfe Registrierung
Aktiviert : Erweiterte Registrierungsprüfung
Aktiviert : IE Favoriten überprüfen
Aktiviert : Suche in ZIP-Archiven
Aktiviert : Scan my Hosts file

Extended Ad-aware Settings
=========================
Aktiviert : Prozesse die bei Prüfung erkannt wurden, automatisch beenden
Aktiviert : Füge Details über Ad-Aware Einstellungen zu Logdatei
Aktiviert : Füge erweiterte Details über Ad-Aware Einstellungen zu Logdatei
Aktiviert : Windows erlauben, Dateien beim nächsten Systemstart zu entfernen
Aktiviert : Archivierte Sicherungen beim Wiederherstellen löschen
Aktiviert : Sicherheitskopie von zu aktualisierenden Dateien erstellen
Aktiviert : Akkustisches Signal, falls Objekte identifiziert werden

11.01.2007 17:59:03 - Scan started. (Custom mode)

Liste der geladenen Prozesse
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ThreadCreationTime : 11.01.2007 16:26:01
BasePriority : Normal

#:2 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ThreadCreationTime : 11.01.2007 16:26:13
BasePriority : High

#:3 [services.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 11.01.2007 16:26:14
BasePriority : Normal
FileSize : 106 KB
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
CompanyName : Microsoft Corporation
FileDescription : Anwendung f
InternalName : services.exe
OriginalFilename : services.exe
ProductName : Betriebssystem Microsoft
Created on : 18.08.2001 19:00:00
Last accessed : 11.01.2007 16:25:57
Last modified : 03.08.2004 23:58:12

#:4 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 11.01.2007 16:26:14
BasePriority : Normal
FileSize : 13 KB
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
OriginalFilename : lsass.exe
ProductName : Microsoft
Created on : 29.08.2002 01:43:40
Last accessed : 11.01.2007 16:25:57
Last modified : 03.08.2004 23:58:00

#:5 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 11.01.2007 16:26:14
BasePriority : Normal
FileSize : 14 KB
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 18.08.2001 19:00:00
Last accessed : 11.01.2007 16:25:57
Last modified : 03.08.2004 23:58:16

#:6 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 11.01.2007 16:26:15
BasePriority : Normal
FileSize : 14 KB
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 18.08.2001 19:00:00
Last accessed : 11.01.2007 16:25:57
Last modified : 03.08.2004 23:58:16

#:7 [explorer.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 11.01.2007 16:26:17
BasePriority : Normal
FileSize : 1011 KB
FileVersion : 6.00.2900.2649 (xpsp.050406-1732)
ProductVersion : 6.00.2900.2649
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Betriebssystem Microsoft
Created on : 29.05.2003 09:48:20
Last accessed : 11.01.2007 16:26:38
Last modified : 07.04.2005 18:46:59

#:8 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 11.01.2007 16:26:18
BasePriority : Normal
FileSize : 56 KB
FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
ProductVersion : 5.1.2600.2696
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
OriginalFilename : spoolsv.exe
ProductName : Microsoft
Created on : 18.08.2001 19:00:00
Last accessed : 11.01.2007 16:25:57
Last modified : 10.06.2005 23:53:32

#:9 [ituneshelper.exe]
FilePath : C:\Programme\iTunes\
ThreadCreationTime : 11.01.2007 16:26:22
BasePriority : Normal
FileSize : 272 KB
FileVersion : 6.0.4.2
ProductVersion : 6.0.4.2
CompanyName : Apple Computer, Inc.
FileDescription : iTunesHelper Module
InternalName : iTunesHelper
OriginalFilename : iTunesHelper.exe
ProductName : iTunes
Created on : 23.02.2006 14:45:20
Last accessed : 11.01.2007 16:25:57
Last modified : 23.02.2006 14:45:20

#:10 [qttask.exe]
FilePath : C:\Programme\QuickTime\
ThreadCreationTime : 11.01.2007 16:26:22
BasePriority : Normal
FileSize : 276 KB
FileVersion : 7.1
ProductVersion : QuickTime 7.1
Copyright : Copyright Apple Computer, Inc. 1989-2006
CompanyName : Apple Computer, Inc.
FileDescription : QuickTime Task
InternalName : QuickTime Task
OriginalFilename : QTTask.exe
ProductName : QuickTime
Created on : 26.05.2006 16:16:49
Last accessed : 11.01.2007 16:25:57
Last modified : 26.05.2006 16:16:49

#:11 [realsched.exe]
FilePath : C:\Programme\Gemeinsame Dateien\Real\Update_OB\
ThreadCreationTime : 11.01.2007 16:26:22
BasePriority : Normal
FileSize : 176 KB
FileVersion : 0.1.0.3208
ProductVersion : 0.1.0.3208
Copyright : Copyright
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
OriginalFilename : realsched.exe
ProductName : RealPlayer (32-bit)
Created on : 28.11.2005 23:14:51
Last accessed : 11.01.2007 16:25:57
Last modified : 28.11.2005 23:14:51

#:12 [pdvdserv.exe]
FilePath : C:\Programme\CyberLink\PowerDVD\
ThreadCreationTime : 11.01.2007 16:26:22
BasePriority : Normal
FileSize : 32 KB
FileVersion : 5.00.0000
ProductVersion : 5.00.0000
Copyright : Copyright (c) CyberLink Corp. 1997-2002
CompanyName : Cyberlink Corp.
FileDescription : PowerDVD RC Service
InternalName : PowerDVD RC Service
OriginalFilename : PDVDSERV.EXE
ProductName : PowerDVD
Created on : 20.08.2006 18:44:42
Last accessed : 11.01.2007 16:25:57
Last modified : 14.07.2004 23:07:56

#:13 [clonecdtray.exe]
FilePath : C:\Programme\SlySoft\CloneCD\
ThreadCreationTime : 11.01.2007 16:26:22
BasePriority : Normal
FileSize : 56 KB
FileVersion : 5, 2, 3, 1
ProductVersion : 5, 2, 3, 1
Copyright : Copyright
CompanyName : SlySoft, Inc.
FileDescription : CloneCD Tray
InternalName : CloneCDTray
OriginalFilename : CloneCDTray.exe
ProductName : CloneCD
Created on : 19.05.2005 13:47:36
Last accessed : 11.01.2007 16:26:50
Last modified : 19.05.2005 13:47:36

#:14 [e_fati9be.exe]
FilePath : C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\
ThreadCreationTime : 11.01.2007 16:26:23
BasePriority : Normal
FileSize : 96 KB
FileVersion : 3.00
ProductVersion : 3.00
Copyright : Copyright (C) SEIKO EPSON CORP. 2004
CompanyName : SEIKO EPSON CORPORATION
FileDescription : EPSON Status Monitor 3
InternalName : E_S5I0B1
OriginalFilename : E_S5I0B1.EXE
ProductName : EPSON Status Monitor 3
Created on : 01.04.2005 17:53:41
Last accessed : 11.01.2007 16:25:57
Last modified : 04.03.2004 03:00:00

#:15 [avgnt.exe]
FilePath : C:\Programme\AntiVir PersonalEdition Classic\
ThreadCreationTime : 11.01.2007 16:26:23
BasePriority : Normal
FileSize : 256 KB
FileVersion : 7.00.01.06
ProductVersion : 7.00.01.06
Copyright : Copyright
CompanyName : Avira GmbH
FileDescription : Antivirus System Tray Tool
OriginalFilename : avgnt.exe
ProductName : AntiVir Workstation
Created on : 13.12.2006 17:31:33
Last accessed : 11.01.2007 16:25:57
Last modified : 13.12.2006 22:31:42

#:16 [icqlite.exe]
FilePath : C:\Programme\ICQLite\
ThreadCreationTime : 11.01.2007 16:26:23
BasePriority : Normal
FileSize : 3068 KB
FileVersion : 20, 52, 2587, 0
ProductVersion : 20, 52, 2587, 0
Copyright : Copyright (C) 2002
CompanyName : ICQ Ltd.
FileDescription : ICQLite
InternalName : ICQ Lite
OriginalFilename : ICQLite.exe
ProductName : ICQLite
Created on : 27.03.2006 22:09:34
Last accessed : 11.01.2007 16:26:25
Last modified : 27.07.2006 18:12:50

#:17 [msnmsgr.exe]
FilePath : C:\Programme\MSN Messenger\
ThreadCreationTime : 11.01.2007 16:26:24
BasePriority : Normal
FileSize : 5229 KB
FileVersion : 8.0.0812.00
ProductVersion : 8.0.0812
Copyright : Copyright (c) Microsoft Corporation. All rights reserved.
CompanyName : Microsoft Corporation
FileDescription : Messenger
InternalName : msnmsgr.exe
OriginalFilename : msnmsgr.exe
ProductName : Messenger
Created on : 29.07.2006 18:33:48
Last accessed : 11.01.2007 16:26:39
Last modified : 29.07.2006 18:33:48

#:18 [smsmngr.exe]
FilePath : C:\Programme\GMX\GMX SMS-Manager\
ThreadCreationTime : 11.01.2007 16:26:24
BasePriority : Normal
FileSize : 3367 KB
FileVersion : 1.13.6.1
ProductVersion : 1.0.0.0
Copyright : Copyright (C) 2003-2005 Schlund+Partner AG - Copyright (C) 2001-2002 W+R Software GmbH
CompanyName : Schlund+Partner AG
ProductName : SMS-Manager
Created on : 29.03.2006 12:54:42
Last accessed : 11.01.2007 16:06:00
Last modified : 29.03.2006 12:54:42

#:19 [ctfmon.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 11.01.2007 16:26:24
BasePriority : Normal
FileSize : 15 KB
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
OriginalFilename : CTFMON.EXE
ProductName : Microsoft
Created on : 29.08.2002 01:43:36
Last accessed : 11.01.2007 16:25:57
Last modified : 03.08.2004 23:57:50

#:20 [sched.exe]
FilePath : C:\Programme\AntiVir PersonalEdition Classic\
ThreadCreationTime : 11.01.2007 16:26:26
BasePriority : Normal
FileSize : 46 KB
FileVersion : 7.00.00.34
ProductVersion : 7.00.00.34
Copyright : Copyright
CompanyName : Avira GmbH
FileDescription : Antivirus Scheduler
InternalName : avschd
OriginalFilename : sched.exe
ProductName : AntiVir Scheduler
Created on : 13.12.2006 17:31:34
Last accessed : 11.01.2007 16:25:57
Last modified : 13.12.2006 22:31:45

#:21 [avguard.exe]
FilePath : C:\Programme\AntiVir PersonalEdition Classic\
ThreadCreationTime : 11.01.2007 16:26:27
BasePriority : Normal
FileSize : 196 KB
FileVersion : 7.00.00.44
ProductVersion : 7.00.00.44
Copyright : Copyright
CompanyName : AVIRA GmbH
FileDescription : Antivirus On-Access Service
InternalName : AVGuard
OriginalFilename : avguard.exe
ProductName : AntiVir Workstation
Created on : 13.12.2006 17:31:33
Last accessed : 11.01.2007 16:25:57
Last modified : 13.12.2006 22:31:42

#:22 [gearsec.exe]
FilePath : C:\WINDOWS\SYSTEM32\
ThreadCreationTime : 11.01.2007 16:26:27
BasePriority : Normal
FileSize : 52 KB
FileVersion : 1, 0, 0, 6
ProductVersion : 1, 0, 0, 6
Copyright : Copyright
CompanyName : GEAR Software
FileDescription : gearsec
InternalName : gearsec
OriginalFilename : gearsec.exe
ProductName : gearsec
Created on : 21.01.2005 20:02:22
Last accessed : 11.01.2007 16:25:57
Last modified : 21.01.2005 20:01:33

#:23 [oodag.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 11.01.2007 16:26:28
BasePriority : Normal
FileSize : 180 KB
FileVersion : 6.5.851
ProductVersion : 6.5.851
Copyright : Copyright 1999-2004 O&O Software GmbH
CompanyName : O&O Software GmbH
FileDescription : O&O Defrag Agent
InternalName : oodag.exe
OriginalFilename : oodag.exe
ProductName : O&O Defrag
Created on : 17.05.2004 13:57:00
Last accessed : 11.01.2007 16:25:57
Last modified : 17.05.2004 13:57:00

#:24 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 11.01.2007 16:26:34
BasePriority : Normal
FileSize : 14 KB
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 18.08.2001 19:00:00
Last accessed : 11.01.2007 16:25:57
Last modified : 03.08.2004 23:58:16

#:25 [ipodservice.exe]
FilePath : C:\Programme\iPod\bin\
ThreadCreationTime : 11.01.2007 16:26:49
BasePriority : Normal
FileSize : 316 KB
FileVersion : 6.0.4.2
ProductVersion : 6.0.4.2
CompanyName : Apple Computer, Inc.
FileDescription : iPodService Module
InternalName : iPodService
OriginalFilename : iPodService.exe
ProductName : iTunes
Created on : 23.02.2006 14:45:06
Last accessed : 11.01.2007 16:26:49
Last modified : 23.02.2006 14:45:06

#:26 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 11.01.2007 16:28:02
BasePriority : Normal
FileSize : 14 KB
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 18.08.2001 19:00:00
Last accessed : 11.01.2007 16:25:57
Last modified : 03.08.2004 23:58:16

#:27 [wuauclt.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 11.01.2007 16:28:05
BasePriority : Normal
FileSize : 121 KB
FileVersion : 5.8.0.2469 built by: lab01_n(wmbla)
ProductVersion : 5.8.0.2469
CompanyName : Microsoft Corporation
FileDescription : Automatische Updates
InternalName : wuauclt.exe
OriginalFilename : wuauclt.exe
ProductName : Betriebssystem Microsoft
Created on : 29.09.2003 22:34:48
Last accessed : 11.01.2007 16:27:36
Last modified : 26.05.2005 03:16:22

#:28 [iexplore.exe]
FilePath : C:\Programme\Internet Explorer\
ThreadCreationTime : 11.01.2007 16:35:31
BasePriority : Normal
FileSize : 607 KB
FileVersion : 7.00.5730.11 (winmain(wmbla).061017-1135)
ProductVersion : 7.00.5730.11
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
OriginalFilename : IEXPLORE.EXE
ProductName : Windows
Created on : 29.09.2003 22:36:41
Last accessed : 11.01.2007 16:06:58
Last modified : 17.10.2006 11:04:40

#:29 [ad-aware.exe]
FilePath : C:\Programme\Lavasoft\Ad-aware 6\
ThreadCreationTime : 11.01.2007 16:58:39
BasePriority : Normal
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 29.09.2003 23:27:11
Last accessed : 11.01.2007 16:58:39
Last modified : 12.07.2003 20:00:20