huch das hab ich ja glatt vergessen ....
Code:
Alles auswählen Aufklappen ATTFilter
OSAM Logfile:
Code:
Alles auswählen Aufklappen ATTFilter
Report of OSAM : Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 21:33:53 on 29.03.2012
OS: Windows Vista Home Premium Edition Service Pack 2 (Build 6002), 32-bit
Default Browser: Mozilla Corporation Firefox 3.6.28
Scanner Settings
Rootkits detection (hidden registry)
Rootkits detection (hidden files)
Retrieve files information
Check Microsoft signatures
Filters
Trusted entries
Empty entries
Hidden registry entries (rootkit activity)
Exclusively opened files
Not found files
Files without detailed information
Existing files
Non-startable services
Non-startable drivers
Active entries
Disabled entries
Risk Name Publisher Full Path Status
Common
%SystemRoot%\Tasks
|||| "GoogleUpdateTaskMachineCore.job" "Google Inc." C:\Program Files\Google\Update\GoogleUpdate.exe File exists
|||| "GoogleUpdateTaskMachineUA.job" "Google Inc." C:\Program Files\Google\Update\GoogleUpdate.exe File exists
|| "ParetoLogic Registration3.job" C:\Program Files\Common Files\ParetoLogic\UUS3\UUS3.dll File exists
Control Panel Objects
%SystemRoot%\system32
|||||| "BCMWLCPL.CPL" "Dell Inc." C:\Windows\system32\BCMWLCPL.CPL File exists
|||||| "FlashPlayerCPLApp.cpl" "Adobe Systems Incorporated" C:\Windows\system32\FlashPlayerCPLApp.cpl File exists
HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls
|||||| "bcmwlcpl.cpl" "Dell Inc." C:\Windows\System32\bcmwlcpl.cpl File exists
|||||| "mlcfg32.cpl" "Microsoft Corporation" C:\PROGRA~1\MICROS~3\Office12\MLCFG32.CPL File exists
|||||| "QuickTime" "Apple Inc." C:\Program Files\QuickTime\QTSystem\QuickTime.cpl File exists
Drivers
HKLM\SYSTEM\CurrentControlSet\Services
|||||| "avgntflt" (avgntflt) "Avira GmbH" C:\Windows\System32\DRIVERS\avgntflt.sys File exists
|||||| "avipbb" (avipbb) "Avira GmbH" C:\Windows\System32\DRIVERS\avipbb.sys File exists
|||||| "avkmgr" (avkmgr) "Avira GmbH" C:\Windows\System32\DRIVERS\avkmgr.sys File exists
|||||| "BCM42RLY" (BCM42RLY) "Broadcom Corporation" C:\Windows\System32\drivers\BCM42RLY.sys File exists
"catchme" (catchme) C:\ComboFix\catchme.sys File not found
"fxldapod" (fxldapod) C:\Users\sandra\AppData\Local\Temp\fxldapod.sys Hidden registry entry, rootkit activity | File not found
"IP in IP Tunnel Driver" (IpInIp) C:\Windows\System32\DRIVERS\ipinip.sys File not found
"IPX Traffic Filter Driver" (NwlnkFlt) C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
"IPX Traffic Forwarder Driver" (NwlnkFwd) C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
|||||| "MBAMProtector" (MBAMProtector) "Malwarebytes Corporation" C:\Windows\system32\drivers\mbam.sys File exists
|||||| "PxHelp20" (PxHelp20) "Sonic Solutions" C:\Windows\System32\Drivers\PxHelp20.sys File exists
|||||| "ssmdrv" (ssmdrv) "Avira GmbH" C:\Windows\System32\DRIVERS\ssmdrv.sys File exists
"Symantec Network Security Intermediate Filter Service" (SymIM) C:\Windows\System32\DRIVERS\SymIM.sys File not found
"SymIMMP" (SymIMMP) C:\Windows\System32\DRIVERS\SymIM.sys File not found
Explorer
HKLM\Software\Classes\Folder\shellex\ColumnHandlers
|||||| {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" "Adobe Systems, Inc." C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll File exists
HKLM\Software\Classes\Protocols\Filter
|||||| {807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" "Microsoft Corporation" C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL File exists
HKLM\Software\Classes\Protocols\Handler
|||||| {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" "Microsoft Corporation" C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll File exists
|||||| {88FED34C-F0CA-4636-A375-3CB6248B04CD} "Local Groove Web Services Protocol" "Microsoft Corporation" C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll File exists
|||||| {0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" "Microsoft Corporation" C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll File exists
{91774881-D725-4E58-B298-07617B9B86A8} "Skype IE add-on Pluggable Protocol" C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll File not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
|||||| {B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" "Microsoft Corporation" C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll File exists
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
{911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" File not found | COM-object registry key not found
{1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" File not found | COM-object registry key not found
{34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" File not found | COM-object registry key not found
{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" File not found | COM-object registry key not found
{2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" File not found | COM-object registry key not found
|||||| {99FD978C-D287-4F50-827F-B2C658EDA8E7} "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft Corporation" C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll File exists
|||||| {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft Corporation" C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll File exists
|||||| {920E6DB1-9907-4370-B3A0-BAFC03D81399} "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft Corporation" C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll File exists
|||||| {16F3DD56-1AF5-4347-846D-7C10C4192619} "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft Corporation" C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll File exists
|||||| {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft Corporation" C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll File exists
|||||| {2A541AE1-5BF6-4665-A8A3-CFA9672E4291} "Groove Folder Synchronization" "Microsoft Corporation" C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll File exists
|||||| {72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" "Microsoft Corporation" C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll File exists
|||||| {6C467336-8281-4E60-8204-430CED96822D} "Groove GFS Context Menu Handler" "Microsoft Corporation" C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll File exists
|||||| {B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" "Microsoft Corporation" C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll File exists
|||||| {A449600E-1DC6-4232-B948-9BD794D62056} "Groove GFS Stub Icon Handler" "Microsoft Corporation" C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll File exists
|||||| {387E725D-DC16-4D76-B310-2C93ED4752A0} "Groove XML Icon Handler" "Microsoft Corporation" C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll File exists
{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" File not found | COM-object registry key not found
|||||| {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" "Apple Inc." C:\Program Files\iTunes\iTunesMiniPlayer.dll File exists
|||||| {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" "Microsoft Corporation" C:\Program Files\Microsoft Office\Office12\msohevi.dll File exists
|||||| {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" "Microsoft Corporation" C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll File exists
|||||| {5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" "Microsoft Corporation" C:\PROGRA~1\MICROS~3\Office12\ONFILTER.DLL File exists
|||||| {00020d75-0000-0000-c000-000000000046} "Microsoft Office Outlook" "Microsoft Corporation" C:\PROGRA~1\MICROS~3\Office12\MLSHEXT.DLL File exists
|||||| {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" "Microsoft Corporation" C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll File exists
|||||| {0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" "Microsoft Corporation" C:\PROGRA~1\MICROS~3\Office12\OLKFSTUB.DLL File exists
{C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" File not found | COM-object registry key not found
{E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" File not found | COM-object registry key not found
|||||| {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" "Avira Operations GmbH & Co. KG" C:\Program Files\Avira\AntiVir Desktop\shlext.dll File exists
|||||| {5E2121EE-0300-11D4-8D3B-444553540000} "SimpleShlExt Class" C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll File exists
{da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" File not found | COM-object registry key not found
|||||| {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" C:\Program Files\WinRAR\rarext.dll File exists
Internet Explorer
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
"ITBar7Layout" File not found | COM-object registry key not found
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units
|||| {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} "Java Plug-in 1.6.0_07"
hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab "Sun Microsystems, Inc." C:\Program Files\Java\jre6\bin\jp2iexp.dll File exists
|||| {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_20"
hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab "Sun Microsystems, Inc." C:\Program Files\Java\jre6\bin\jp2iexp.dll File exists
|||| {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} "Java Plug-in 1.6.0_20"
hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab "Sun Microsystems, Inc." C:\Program Files\Java\jre6\bin\jp2iexp.dll File exists
|||| {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_20"
hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab "Sun Microsystems, Inc." C:\Program Files\Java\jre6\bin\npjpi160_20.dll File exists
|||| {C3F79A2B-B9B4-4A66-B012-3EE46475B072} "MessengerStatsClient Class"
hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab "Microsoft Corporation" C:\Windows\Downloaded Program Files\MessengerStatsPAClient.dll File exists
HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions
|||| {48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" "Microsoft Corporation" C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll File exists
|||| "ICQ6" "ICQ, Inc." C:\Program Files\ICQ6\ICQ.exe File exists
|| {FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" "Microsoft Corporation" C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL File exists
{898EA8C8-E7FF-479B-8935-AEC46303B9E5} "Skype Plug-In" C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll File not found
HKLM\SOFTWARE\Microsoft\Internet Explorer\Plugins\Extension
|| "MDL Chime 2.6 SP7" "MDL Information Systems, Inc (Elsevier MDL)" C:\Program Files\Internet Explorer\Plugins\npchime.dll File exists
|| "MDL Chime 2.6 SP7" "MDL Information Systems, Inc (Elsevier MDL)" C:\Program Files\Internet Explorer\Plugins\npchime.dll File exists
|| "MDL Chime 2.6 SP7" "MDL Information Systems, Inc (Elsevier MDL)" C:\Program Files\Internet Explorer\Plugins\npchime.dll File exists
|| "MDL Chime 2.6 SP7" "MDL Information Systems, Inc (Elsevier MDL)" C:\Program Files\Internet Explorer\Plugins\npchime.dll File exists
|| "MDL Chime 2.6 SP7" "MDL Information Systems, Inc (Elsevier MDL)" C:\Program Files\Internet Explorer\Plugins\npchime.dll File exists
|| "MDL Chime 2.6 SP7" "MDL Information Systems, Inc (Elsevier MDL)" C:\Program Files\Internet Explorer\Plugins\npchime.dll File exists
|| "MDL Chime 2.6 SP7" "MDL Information Systems, Inc (Elsevier MDL)" C:\Program Files\Internet Explorer\Plugins\npchime.dll File exists
|| "MDL Chime 2.6 SP7" "MDL Information Systems, Inc (Elsevier MDL)" C:\Program Files\Internet Explorer\Plugins\npchime.dll File exists
|| "MDL Chime 2.6 SP7" "MDL Information Systems, Inc (Elsevier MDL)" C:\Program Files\Internet Explorer\Plugins\npchime.dll File exists
|| "MDL Chime 2.6 SP7" "MDL Information Systems, Inc (Elsevier MDL)" C:\Program Files\Internet Explorer\Plugins\npchime.dll File exists
|| "MDL Chime 2.6 SP7" "MDL Information Systems, Inc (Elsevier MDL)" C:\Program Files\Internet Explorer\Plugins\npchime.dll File exists
|| "MDL Chime 2.6 SP7" "MDL Information Systems, Inc (Elsevier MDL)" C:\Program Files\Internet Explorer\Plugins\npchime.dll File exists
|| "MDL Chime 2.6 SP7" "MDL Information Systems, Inc (Elsevier MDL)" C:\Program Files\Internet Explorer\Plugins\npchime.dll File exists
|| "MDL Chime 2.6 SP7" "MDL Information Systems, Inc (Elsevier MDL)" C:\Program Files\Internet Explorer\Plugins\npchime.dll File exists
|| "MDL Chime 2.6 SP7" "MDL Information Systems, Inc (Elsevier MDL)" C:\Program Files\Internet Explorer\Plugins\npchime.dll File exists
|| "MDL Chime 2.6 SP7" "MDL Information Systems, Inc (Elsevier MDL)" C:\Program Files\Internet Explorer\Plugins\npchime.dll File exists
|| "MDL Chime 2.6 SP7" "MDL Information Systems, Inc (Elsevier MDL)" C:\Program Files\Internet Explorer\Plugins\npchime.dll File exists
|| "MDL Chime 2.6 SP7" "MDL Information Systems, Inc (Elsevier MDL)" C:\Program Files\Internet Explorer\Plugins\npchime.dll File exists
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar
"Avira SearchFree Toolbar plus Web Protection" "Ask" C:\Program Files\Ask.com\GenericAskToolbar.dll File exists
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
|||||| {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" "Adobe Systems Incorporated" C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll File exists
{D4027C7F-154A-4066-A1AD-4243D8127440} "Avira SearchFree Toolbar plus Web Protection" "Ask" C:\Program Files\Ask.com\GenericAskToolbar.dll File exists
|||||| {72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" "Microsoft Corporation" C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll File exists
|||| {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" "Sun Microsystems, Inc." C:\Program Files\Java\jre6\bin\jp2ssv.dll File exists
|||||| {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live Anmelde-Hilfsprogramm" "Microsoft Corporation" C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll File exists
Logon
%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup
|||||| "Dell Dock.lnk" "Stardock Corporation" C:\Program Files\Dell\DellDock\DellDock.exe Shortcut exists | File exists
|||||| "desktop.ini" C:\Users\sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini File exists
%AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup
|||||| "desktop.ini" C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini File exists
|||||| "McAfee Security Scan Plus.lnk" "McAfee, Inc." C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe Shortcut exists | File exists
|||| "QuickSet.lnk" "Dell Inc." C:\Program Files\Dell\QuickSet\quickset.exe Shortcut exists | File exists
HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd
"StartupPrograms" rdpclip File not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
|||| "Adobe Reader Speed Launcher" "Adobe Systems Incorporated" "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" File exists
"ApnUpdater" "Ask" "C:\Program Files\Ask.com\Updater\Updater.exe" File exists
|||| "AppleSyncNotifier" "Apple Inc." C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe File exists
|||| "APSDaemon" "Apple Inc." "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" File exists
|||||| "avgnt" "Avira Operations GmbH & Co. KG" "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min File exists
|||| "Broadcom Wireless Manager UI" "Dell Inc." C:\Windows\system32\WLTRAY.exe File exists
|||| "dellsupportcenter" "SupportSoft, Inc." "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter File exists
"GrooveMonitor" "Microsoft Corporation" "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" File exists
|||| "IAAnotif" "Intel Corporation" "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" File exists
|||| "iTunesHelper" "Apple Inc." "C:\Program Files\iTunes\iTunesHelper.exe" File exists
|||||| "Malwarebytes' Anti-Malware" "Malwarebytes Corporation" "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray File exists
|||| "PCMService" "CyberLink Corp." "C:\Program Files\Dell\MediaDirect\PCMService.exe" File exists
|||| "QuickTime Task" "Apple Inc." "C:\Program Files\QuickTime\QTTask.exe" -atboottime File exists
|||| "StartCCC" "Advanced Micro Devices, Inc." "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" File exists
|||| "SunJavaUpdateSched" "Sun Microsystems, Inc." "C:\Program Files\Common Files\Java\Java Update\jusched.exe" File exists
Network Providers
HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order
|||||| "Dell Wireless WLAN Card Logon Provider" "Dell Inc." C:\Windows\System32\BCMLogon.dll File exists
Print Monitors
HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
|||||| "Send To Microsoft OneNote Monitor" "Microsoft Corporation" C:\Windows\system32\msonpmon.dll File exists
Services
HKLM\SYSTEM\CurrentControlSet\Services
|||||| "Apple Mobile Device" (Apple Mobile Device) "Apple Inc." C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe File exists
"Avira Browser Schutz" (AntiVirWebService) "Avira Operations GmbH & Co. KG" C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE File exists
|||||| "Avira Echtzeit Scanner" (AntiVirService) "Avira Operations GmbH & Co. KG" C:\Program Files\Avira\AntiVir Desktop\avguard.exe File exists
|||||| "Avira Planer" (AntiVirSchedulerService) "Avira Operations GmbH & Co. KG" C:\Program Files\Avira\AntiVir Desktop\sched.exe File exists
|||||| "Dell Wireless WLAN Tray Service" (wltrysvc) C:\Windows\System32\WLTRYSVC.EXE File found, but it contains no detailed information
|||||| "Dienst "Bonjour"" (Bonjour Service) "Apple Inc." C:\Program Files\Bonjour\mDNSResponder.exe File exists
|||||| "Dock Login Service" (DockLoginService) "Stardock Corporation" C:\Program Files\Dell\DellDock\DockLogin.exe File exists
|||| "Google Update Service (gupdate)" (gupdate) "Google Inc." C:\Program Files\Google\Update\GoogleUpdate.exe File exists
|||| "Google Update-Dienst (gupdatem)" (gupdatem) "Google Inc." C:\Program Files\Google\Update\GoogleUpdate.exe File exists
|||||| "GoToAssist" (GoToAssist) "Citrix Online, a division of Citrix Systems, Inc." C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe File exists
|||||| "Intel(R) Matrix Storage Event Monitor" (IAANTMON) "Intel Corporation" C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe File exists
|||||| "iPod-Dienst" (iPod Service) "Apple Inc." C:\Program Files\iPod\bin\iPodService.exe File exists
|||||| "MBAMService" (MBAMService) "Malwarebytes Corporation" C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe File exists
|||||| "McAfee Security Scan Component Host Service" (McComponentHostService) "McAfee, Inc." C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe File exists
|||||| "Microsoft Office Diagnostics Service" (odserv) "Microsoft Corporation" C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE File exists
|||||| "Microsoft Office Groove Audit Service" (Microsoft Office Groove Audit Service) "Microsoft Corporation" C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe File exists
|||||| "Office Source Engine" (ose) "Microsoft Corporation" C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE File exists
|||||| "SeaPort" (SeaPort) "Microsoft Corporation" C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe File exists
|||||| "stllssvr" (stllssvr) "MicroVision Development, Inc." C:\Program Files\Common Files\SureThing Shared\stllssvr.exe File exists
|||||| "SupportSoft Sprocket Service (DellSupportCenter)" (sprtsvc_DellSupportCenter) "SupportSoft, Inc." C:\Program Files\Dell Support Center\bin\sprtsvc.exe File exists
Winlogon
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
|||||| "GoToAssist" "Citrix Online, a division of Citrix Systems, Inc." C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll File exists
Winsock Providers
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries
|||||| "mdnsNSP" "Apple Inc." C:\Program Files\Bonjour\mdnsNSP.dll File exists
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries
"AVSDA" "Avira Operations GmbH & Co. KG" C:\Program Files\Avira\AntiVir Desktop\avsda.dll File exists
If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru
liebe Grüße
hm ok ich denk das hab ich verbockt hab mir daas grad nochmal angesehn und glaub dass ich da was falsch gemacht habe...
habs falsch abgespeichert stimmts...?
hab den ganzen spass jetzt nochmal gemacht und richtig abgespeichert:
OSAM Logfile:
Code:
Alles auswählen Aufklappen ATTFilter
Report of OSAM : Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 22:41:22 on 29.03.2012
OS: Windows Vista Home Premium Edition Service Pack 2 (Build 6002), 32-bit
Default Browser: Mozilla Corporation Firefox 3.6.28
Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures
Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries
[Common]
-----( %SystemRoot%\Tasks )-----
"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"ParetoLogic Registration3.job" - ? - C:\Program Files\Common Files\ParetoLogic\UUS3\UUS3.dll
[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"BCMWLCPL.CPL" - "Dell Inc." - C:\Windows\system32\BCMWLCPL.CPL
"FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"bcmwlcpl.cpl" - "Dell Inc." - C:\Windows\System32\bcmwlcpl.cpl
"mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Office12\MLCFG32.CPL
"QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl
[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"aswMBR" (aswMBR) - ? - C:\Users\sandra\AppData\Local\Temp\aswMBR.sys (Hidden registry entry, rootkit activity | File not found)
"avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys
"avkmgr" (avkmgr) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avkmgr.sys
"BCM42RLY" (BCM42RLY) - "Broadcom Corporation" - C:\Windows\System32\drivers\BCM42RLY.sys
"catchme" (catchme) - ? - C:\ComboFix\catchme.sys (File not found)
"fxldapod" (fxldapod) - ? - C:\Users\sandra\AppData\Local\Temp\fxldapod.sys (Hidden registry entry, rootkit activity | File not found)
"IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys (File not found)
"IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys (File not found)
"IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys (File not found)
"MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys
"PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\Windows\System32\Drivers\PxHelp20.sys
"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys
"Symantec Network Security Intermediate Filter Service" (SymIM) - ? - C:\Windows\System32\DRIVERS\SymIM.sys (File not found)
"SymIMMP" (SymIMMP) - ? - C:\Windows\System32\DRIVERS\SymIM.sys (File not found)
[Explorer]
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
{88FED34C-F0CA-4636-A375-3CB6248B04CD} "Local Groove Web Services Protocol" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
{0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
{91774881-D725-4E58-B298-07617B9B86A8} "Skype IE add-on Pluggable Protocol" - ? - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )-----
{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? - (File not found | COM-object registry key not found)
{1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found)
{34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found)
{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? - (File not found | COM-object registry key not found)
{2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? - (File not found | COM-object registry key not found)
{99FD978C-D287-4F50-827F-B2C658EDA8E7} "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} "Groove Explorer Icon Overlay 2 (GFS Stub)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{920E6DB1-9907-4370-B3A0-BAFC03D81399} "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{16F3DD56-1AF5-4347-846D-7C10C4192619} "Groove Explorer Icon Overlay 3 (GFS Folder)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{2916C86E-86A6-43FE-8112-43ABE6BF8DCC} "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{2A541AE1-5BF6-4665-A8A3-CFA9672E4291} "Groove Folder Synchronization" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{6C467336-8281-4E60-8204-430CED96822D} "Groove GFS Context Menu Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{A449600E-1DC6-4232-B948-9BD794D62056} "Groove GFS Stub Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{387E725D-DC16-4D76-B310-2C93ED4752A0} "Groove XML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? - (File not found | COM-object registry key not found)
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Program Files\iTunes\iTunesMiniPlayer.dll
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\msohevi.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Office12\ONFILTER.DLL
{00020d75-0000-0000-c000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Office12\MLSHEXT.DLL
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Office12\OLKFSTUB.DLL
{C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? - (File not found | COM-object registry key not found)
{E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? - (File not found | COM-object registry key not found)
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll
{5E2121EE-0300-11D4-8D3B-444553540000} "SimpleShlExt Class" - ? - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll
{da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? - (File not found | COM-object registry key not found)
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Program Files\WinRAR\rarext.dll
[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} "Java Plug-in 1.6.0_07" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_20" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} "Java Plug-in 1.6.0_20" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_20" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_20.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
{C3F79A2B-B9B4-4A66-B012-3EE46475B072} "MessengerStatsClient Class" - "Microsoft Corporation" - C:\Windows\Downloaded Program Files\MessengerStatsPAClient.dll / hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
"ICQ6" - "ICQ, Inc." - C:\Program Files\ICQ6\ICQ.exe
{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
{898EA8C8-E7FF-479B-8935-AEC46303B9E5} "Skype Plug-In" - ? - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (File not found)
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Plugins\Extension )-----
"MDL Chime 2.6 SP7" - "MDL Information Systems, Inc (Elsevier MDL)" - C:\Program Files\Internet Explorer\Plugins\npchime.dll
"MDL Chime 2.6 SP7" - "MDL Information Systems, Inc (Elsevier MDL)" - C:\Program Files\Internet Explorer\Plugins\npchime.dll
"MDL Chime 2.6 SP7" - "MDL Information Systems, Inc (Elsevier MDL)" - C:\Program Files\Internet Explorer\Plugins\npchime.dll
"MDL Chime 2.6 SP7" - "MDL Information Systems, Inc (Elsevier MDL)" - C:\Program Files\Internet Explorer\Plugins\npchime.dll
"MDL Chime 2.6 SP7" - "MDL Information Systems, Inc (Elsevier MDL)" - C:\Program Files\Internet Explorer\Plugins\npchime.dll
"MDL Chime 2.6 SP7" - "MDL Information Systems, Inc (Elsevier MDL)" - C:\Program Files\Internet Explorer\Plugins\npchime.dll
"MDL Chime 2.6 SP7" - "MDL Information Systems, Inc (Elsevier MDL)" - C:\Program Files\Internet Explorer\Plugins\npchime.dll
"MDL Chime 2.6 SP7" - "MDL Information Systems, Inc (Elsevier MDL)" - C:\Program Files\Internet Explorer\Plugins\npchime.dll
"MDL Chime 2.6 SP7" - "MDL Information Systems, Inc (Elsevier MDL)" - C:\Program Files\Internet Explorer\Plugins\npchime.dll
"MDL Chime 2.6 SP7" - "MDL Information Systems, Inc (Elsevier MDL)" - C:\Program Files\Internet Explorer\Plugins\npchime.dll
"MDL Chime 2.6 SP7" - "MDL Information Systems, Inc (Elsevier MDL)" - C:\Program Files\Internet Explorer\Plugins\npchime.dll
"MDL Chime 2.6 SP7" - "MDL Information Systems, Inc (Elsevier MDL)" - C:\Program Files\Internet Explorer\Plugins\npchime.dll
"MDL Chime 2.6 SP7" - "MDL Information Systems, Inc (Elsevier MDL)" - C:\Program Files\Internet Explorer\Plugins\npchime.dll
"MDL Chime 2.6 SP7" - "MDL Information Systems, Inc (Elsevier MDL)" - C:\Program Files\Internet Explorer\Plugins\npchime.dll
"MDL Chime 2.6 SP7" - "MDL Information Systems, Inc (Elsevier MDL)" - C:\Program Files\Internet Explorer\Plugins\npchime.dll
"MDL Chime 2.6 SP7" - "MDL Information Systems, Inc (Elsevier MDL)" - C:\Program Files\Internet Explorer\Plugins\npchime.dll
"MDL Chime 2.6 SP7" - "MDL Information Systems, Inc (Elsevier MDL)" - C:\Program Files\Internet Explorer\Plugins\npchime.dll
"MDL Chime 2.6 SP7" - "MDL Information Systems, Inc (Elsevier MDL)" - C:\Program Files\Internet Explorer\Plugins\npchime.dll
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
<binary data> "Avira SearchFree Toolbar plus Web Protection" - "Ask" - C:\Program Files\Ask.com\GenericAskToolbar.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{D4027C7F-154A-4066-A1AD-4243D8127440} "Avira SearchFree Toolbar plus Web Protection" - "Ask" - C:\Program Files\Ask.com\GenericAskToolbar.dll
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live Anmelde-Hilfsprogramm" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"Dell Dock.lnk" - "Stardock Corporation" - C:\Program Files\Dell\DellDock\DellDock.exe (Shortcut exists | File exists)
"desktop.ini" - ? - C:\Users\sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"McAfee Security Scan Plus.lnk" - "McAfee, Inc." - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (Shortcut exists | File exists)
"QuickSet.lnk" - "Dell Inc." - C:\Program Files\Dell\QuickSet\quickset.exe (Shortcut exists | File exists)
-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----
"StartupPrograms" - ? - rdpclip (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"ApnUpdater" - "Ask" - "C:\Program Files\Ask.com\Updater\Updater.exe"
"AppleSyncNotifier" - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
"APSDaemon" - "Apple Inc." - "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
"Broadcom Wireless Manager UI" - "Dell Inc." - C:\Windows\system32\WLTRAY.exe
"dellsupportcenter" - "SupportSoft, Inc." - "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
"GrooveMonitor" - "Microsoft Corporation" - "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
"IAAnotif" - "Intel Corporation" - "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
"iTunesHelper" - "Apple Inc." - "C:\Program Files\iTunes\iTunesHelper.exe"
"Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"PCMService" - "CyberLink Corp." - "C:\Program Files\Dell\MediaDirect\PCMService.exe"
"QuickTime Task" - "Apple Inc." - "C:\Program Files\QuickTime\QTTask.exe" -atboottime
"StartCCC" - "Advanced Micro Devices, Inc." - "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
[Network Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order )-----
"Dell Wireless WLAN Card Logon Provider" - "Dell Inc." - C:\Windows\System32\BCMLogon.dll
[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\Windows\system32\msonpmon.dll
[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
"Avira Browser Schutz" (AntiVirWebService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
"Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
"Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\sched.exe
"Dell Wireless WLAN Tray Service" (wltrysvc) - ? - C:\Windows\System32\WLTRYSVC.EXE (File found, but it contains no detailed information)
"Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe
"Dock Login Service" (DockLoginService) - "Stardock Corporation" - C:\Program Files\Dell\DellDock\DockLogin.exe
"Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"GoToAssist" (GoToAssist) - "Citrix Online, a division of Citrix Systems, Inc." - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
"Intel(R) Matrix Storage Event Monitor" (IAANTMON) - "Intel Corporation" - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
"iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe
"MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
"McAfee Security Scan Component Host Service" (McComponentHostService) - "McAfee, Inc." - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
"Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
"Microsoft Office Groove Audit Service" (Microsoft Office Groove Audit Service) - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
"SeaPort" (SeaPort) - "Microsoft Corporation" - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
"stllssvr" (stllssvr) - "MicroVision Development, Inc." - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
"SupportSoft Sprocket Service (DellSupportCenter)" (sprtsvc_DellSupportCenter) - "SupportSoft, Inc." - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
[Winlogon]
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )-----
"GoToAssist" - "Citrix Online, a division of Citrix Systems, Inc." - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----
"mdnsNSP" - "Apple Inc." - C:\Program Files\Bonjour\mdnsNSP.dll
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries )-----
"AVSDA" - "Avira Operations GmbH & Co. KG" - C:\Program Files\Avira\AntiVir Desktop\avsda.dll
===[ Logfile end ]=========================================[ Logfile end ]===
If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru