Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Trojan Backdoor Activity 15

Trojan Backdoor Activity 15


Log-Analyse und Auswertung: Trojan Backdoor Activity 15

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 13.06.2014, 20:52   #1
Archi1000
 
Trojan Backdoor Activity 15 - Standard

Trojan Backdoor Activity 15


Hallo Leute,
bin neu hier u. dringend auf eure Hilfe angewiesen.
Norton 360 gibt ständig ein Pop Up Fenster mit der Meldung "Norton blockierte einen Angriff von: System Infected: Trojan Backdoor Aktivity 15".
Habe heute schon länger gegooggelt und bin auf eure Seite gestoßen.
Habe schon eine Log-Datei mit Osam erstellt, die ich in ganzer länge eingefügt habe.


Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 21:13:00 on 13.06.2014

OS: Windows 7 Ultimate Edition Service Pack 1 (Build 7601), 32-bit
Default Browser: Microsoft Corporation Internet Explorer 11.00.9600.16428

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[AppInit DLLs]
-----( HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows )-----
"AppInit_DLLs" - "Adobe Systems, Inc." - C:\Windows\system32\acaptuser32.dll

[Boot Execute]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Session Manager )-----
"BootExecute" - "O&O Software GmbH" - C:\Windows\system32\OODBS.exe

[Common]
-----( %SystemRoot%\Tasks )-----
"HP Photo Creations Communicator.job" - ? - C:\ProgramData\HP Photo Creations\Communicator.exe (File found, but it contains no detailed information)
"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
"MxTray.job" - "MAGIX AG" - C:\Program Files\MAGIX\PC_Live\MxTray.exe
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options )-----
"fileencrypt.exe" - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe (File is exclusively opened, access blocked)
"filesplitter.exe" - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe (File is exclusively opened, access blocked)
"hamachi-2-ui.exe" - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe (File is exclusively opened, access blocked)
"hcwsigmon.exe" - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe (File is exclusively opened, access blocked)
"hpwucli.exe" - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe (File is exclusively opened, access blocked)
"integrator.exe" - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe (File is exclusively opened, access blocked)
"ir.exe" - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe (File is exclusively opened, access blocked)
"kies.exe" - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe (File is exclusively opened, access blocked)
"kiesagent.exe" - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe (File is exclusively opened, access blocked)
"kmseldi.exe" - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe (File is exclusively opened, access blocked)
"lightscribecontrolpanel.exe" - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe (File is exclusively opened, access blocked)
"lslauncher.exe" - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe (File is exclusively opened, access blocked)
"mxtray.exe" - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe (File is exclusively opened, access blocked)
"oodcnt.exe" - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe (File is exclusively opened, access blocked)
"pcct.exe" - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe (File is exclusively opened, access blocked)
"pc_check_tuning_2012_de-de_setup.exe" - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe (File is exclusively opened, access blocked)
"pc_live_de-de_setup.exe" - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe (File is exclusively opened, access blocked)
"photoproduct.exe" - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe (File is exclusively opened, access blocked)
"quickattendance.exe" - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe (File is exclusively opened, access blocked)
"restarttvserver.exe" - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe (File is exclusively opened, access blocked)
"samsung link menu start.exe" - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe (File is exclusively opened, access blocked)
"samsung pc share manager.exe" - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe (File is exclusively opened, access blocked)
"setup.exe" - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe (File is exclusively opened, access blocked)
"skype.exe" - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe (File is exclusively opened, access blocked)
"tuningstart.exe" - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe (File is exclusively opened, access blocked)
"unins000.exe" - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe (File is exclusively opened, access blocked)
"vid.exe" - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe (File is exclusively opened, access blocked)
"wintv7.exe" - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe (File is exclusively opened, access blocked)
"wintvtvpi.exe" - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe (File is exclusively opened, access blocked)

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"AxSWindC.cpl" - "Alcohol Soft Development Team" - C:\Windows\system32\AxSWindC.cpl
"btcpl.cpl" - "Broadcom Corporation." - C:\Windows\system32\btcpl.cpl
"FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office15\MLCFG32.CPL
"QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"@%SystemRoot%\system32\drivers\tsusbhub.sys,-1" (tsusbhub) - ? - C:\Windows\System32\drivers\tsusbhub.sys (File not found)
"a5o2n7x1" (a5o2n7x1) - "Microsoft Corporation" - C:\Windows\system32\drivers\a5o2n7x1.sys (Hidden registry entry, rootkit activity | File signed by Microsoft)
"acedrv11" (acedrv11) - "Protect Software GmbH" - C:\Windows\system32\drivers\acedrv11.sys
"adfs" (adfs) - ? - C:\Windows\system32\drivers\adfs.sys (File not found)
"apd5p7zh" (apd5p7zh) - "Microsoft Corporation" - C:\Windows\system32\drivers\apd5p7zh.sys (Hidden registry entry, rootkit activity | File signed by Microsoft)
"atksgt" (atksgt) - ? - C:\Windows\System32\DRIVERS\atksgt.sys (File found, but it contains no detailed information)
"BHDrvx86" (BHDrvx86) - "Symantec Corporation" - C:\Program Files\Norton 360\NortonData\21.0.1.3\Definitions\BASHDefs\20140606.001\BHDrvx86.sys
"Bluetooth Audio" (TosRfSnd) - "TOSHIBA Corporation" - C:\Windows\System32\drivers\tosrfsnd.sys
"Bluetooth COM Port" (tosporte) - "TOSHIBA Corporation" - C:\Windows\System32\DRIVERS\tosporte.sys
"Bluetooth Personal Area Network" (tosrfnds) - "TOSHIBA Corporation." - C:\Windows\System32\DRIVERS\tosrfnds.sys
"Bluetooth Port Client Driver" (BTSLBCSP) - "Broadcom Corporation." - C:\Windows\system32\drivers\btslbcsp.sys
"Bluetooth RFBNEP" (tosrfbnp) - "TOSHIBA Corporation" - C:\Windows\System32\Drivers\tosrfbnp.sys
"Bluetooth RFBUS" (tosrfbd) - "TOSHIBA CORPORATION" - C:\Windows\System32\DRIVERS\tosrfbd.sys
"Bluetooth RFCOMM" (Tosrfcom) - "TOSHIBA Corporation" - C:\Windows\System32\Drivers\tosrfcom.sys
"Bluetooth RFHID" (Tosrfhid) - "TOSHIBA Corporation." - C:\Windows\System32\DRIVERS\Tosrfhid.sys
"Bluetooth Serial Driver" (BTSERIAL) - "Broadcom Corporation." - C:\Windows\system32\drivers\btserial.sys
"Bluetooth USB Controller" (Tosrfusb) - "TOSHIBA CORPORATION" - C:\Windows\System32\DRIVERS\tosrfusb.sys
"Bluetooth-Audiogerät" (btaudio) - "Broadcom Corporation." - C:\Windows\System32\drivers\btaudio.sys
"Bluetooth-Bus-Enumerator" (BTKRNL) - "Broadcom Corporation." - C:\Windows\System32\DRIVERS\btkrnl.sys
"Bluetooth-LAN-Zugangsserver" (BTWDNDIS) - "Broadcom Corporation." - C:\Windows\System32\DRIVERS\btwdndis.sys
"epmntdrv" (epmntdrv) - ? - C:\Windows\system32\epmntdrv.sys (File found, but it contains no detailed information)
"EraserUtilRebootDrv" (EraserUtilRebootDrv) - "Symantec Corporation" - C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
"EuGdiDrv" (EuGdiDrv) - ? - C:\Windows\system32\EuGdiDrv.sys (File found, but it contains no detailed information)
"FssFltr" (fssfltr) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\fssfltr.sys
"FsUsbExDisk" (FsUsbExDisk) - ? - C:\Windows\system32\FsUsbExDisk.SYS (File found, but it contains no detailed information)
"GEAR ASPI Filter Driver" (GEARAspiWDM) - "GEAR Software Inc." - C:\Windows\System32\DRIVERS\GEARAspiWDM.sys
"Hamachi Network Interface" (hamachi) - "LogMeIn, Inc." - C:\Windows\System32\DRIVERS\hamachi.sys
"HitmanPro.Alert Support Driver" (hmpalert) - ? - C:\Windows\System32\drivers\hmpalert.sys
"IDSVix86" (IDSVix86) - "Symantec Corporation" - C:\Program Files\Norton 360\NortonData\21.0.1.3\Definitions\IPSDefs\20140612.001\IDSvix86.sys
"iScsiPort-Treiber" (iScsiPrt) - ? - C:\Windows\system32\drivers\msiscsi.sys (Data mismatch, rootkit activity)
"lirsgt" (lirsgt) - ? - C:\Windows\System32\DRIVERS\lirsgt.sys (File found, but it contains no detailed information)
"MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys
"MBAMWebAccessControl" (MBAMWebAccessControl) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mwac.sys
"N360 Settings Manager" (ccSet_N360) - "Symantec Corporation" - C:\Windows\system32\drivers\N360\1503000.00C\ccSetx86.sys
"NAVENG" (NAVENG) - "Symantec Corporation" - C:\Program Files\Norton 360\NortonData\21.0.1.3\Definitions\VirusDefs\20140613.002\NAVENG.SYS
"NAVEX15" (NAVEX15) - "Symantec Corporation" - C:\Program Files\Norton 360\NortonData\21.0.1.3\Definitions\VirusDefs\20140613.002\NAVEX15.SYS
"PQNTDrv" (PQNTDrv) - "PowerQuest Corporation" - C:\Windows\system32\drivers\PQNTDrv.sys
"Revoflt" (Revoflt) - "VS Revo Group" - C:\Windows\System32\DRIVERS\revoflt.sys
"sptd" (sptd) - "Duplex Secure Ltd." - C:\Windows\System32\Drivers\sptd.sys (File is exclusively opened, access blocked)
"Symantec Data Store" (SymDS) - "Symantec Corporation" - C:\Windows\System32\drivers\N360\1503000.00C\SYMDS.SYS
"Symantec Eraser Control driver" (eeCtrl) - "Symantec Corporation" - C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
"Symantec Extended File Attributes" (SymEFA) - "Symantec Corporation" - C:\Windows\System32\drivers\N360\1503000.00C\SYMEFA.SYS
"Symantec Iron Driver" (SymIRON) - "Symantec Corporation" - C:\Windows\system32\drivers\N360\1503000.00C\Ironx86.SYS
"Symantec Network Security WFP Driver" (SymNetS) - "Symantec Corporation" - C:\Windows\System32\Drivers\N360\1503000.00C\SYMNETS.SYS
"Symantec Real Time Storage Protection" (SRTSP) - "Symantec Corporation" - C:\Windows\System32\Drivers\N360\1503000.00C\SRTSP.SYS
"Symantec Real Time Storage Protection (PEL)" (SRTSPX) - "Symantec Corporation" - C:\Windows\system32\drivers\N360\1503000.00C\SRTSPX.SYS
"SymEvent" (SymEvent) - "Symantec Corporation" - C:\Windows\system32\Drivers\SYMEVENT.SYS
"Synth3dVsc" (Synth3dVsc) - ? - C:\Windows\System32\drivers\synth3dvsc.sys (File not found)
"TuneUpUtilitiesDrv" (TuneUpUtilitiesDrv) - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys (File is exclusively opened, access blocked)
"VGPU" (VGPU) - ? - C:\Windows\System32\drivers\rdvgkmd.sys (File not found)
"VIA USB Host Controller Lower Filter" (vulfnths) - "VIA Technologies, Inc." - C:\Windows\System32\Drivers\vulfnth.sys
"VIA USB Roothub Lower Filter" (vulfntrs) - "VIA Technologies, Inc." - C:\Windows\System32\Drivers\vulfntr.sys
"Virtueller Bluetooth-Kommunikationstreiber" (BTDriver) - "Broadcom Corporation." - C:\Windows\System32\DRIVERS\btport.sys
"WIDCOMM USB Bluetooth Driver" (BTWUSB) - "Broadcom Corporation." - C:\Windows\System32\Drivers\btwusb.sys

[Explorer]
-----( HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{45C6AFA5-2C13-402f-BC5D-45CC8172EF6B} "Bluetooth" - ? - (File not found | COM-object registry key not found)
{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found)
{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found)
{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found)
{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----
{10880D85-AAD9-4558-ABDC-2AB1552D831F} "LightScribe Control Panel" - "Hewlett-Packard Company" - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{C9E60ED7-FEAE-477b-B6A6-7D62103A0C6B} "NeroDigitalColumnHandler Class" - "Nero AG" - C:\Program Files\Common Files\Nero\SMC\NeroDigitalExt.dll
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{807583E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} "Album Download IE Asynchronous Pluggable Protocol Interface" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\Program Files\Windows Live\Messenger\msgrapp.dll
{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Messenger\msgrapp.dll
{D924BDC6-C83A-4BD5-90D0-095128A113D1} "Protocol Class" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
{91774881-D725-4E58-B298-07617B9B86A8} "Skype IE add-on Pluggable Protocol" - "Microsoft Corporation" - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
{EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} "WidImg Class" - "Broadcom Corporation." - C:\Windows\system32\btxppanel.dll
{03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )-----
{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - E:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} "Acrobat Elements Context Menu" - "Adobe Systems Inc." - F:\Program Files\Adobe\Acrobat 8.0\Acrobat Elements\ContextMenu.dll
{3D60EDA7-9AB4-4DA8-864C-D9B5F2E7281D} "Arbeitsbereiche" - "Microsoft Corporation" - E:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
{5F327514-6C5E-4d60-8F16-D07FA08A78ED} "Auto Update Property Sheet Extension" - ? - (File not found | COM-object registry key not found)
{6af09ec9-b429-11d4-a1fb-0090960218cb} "Bluetooth-Umgebung" - "Broadcom Corporation." - C:\Windows\system32\btneighborhood.dll
{DE902992-61FC-4A01-8091-53E1895C9775} "CDR Icon Handler" - "Corel Corporation" - C:\Program Files\Common Files\Corel\Shared\Shell Extension\x86\ShellXP.dll
{7AD101F2-0B93-4D66-A1CA-DF73F3C4377B} "CDR preview provider" - "Corel Corporation" - C:\Program Files\Common Files\Corel\Shared\Shell Extension\x86\ShellVista.dll
{7FA63AC0-F5BC-4F3B-A9CF-94328D812B62} "CDR Property Handler" - "Corel Corporation" - C:\Program Files\Common Files\Corel\Shared\Shell Extension\x86\ShellVista.dll
{1462EBAA-96E7-4D93-9A66-0E4068DE4FCF} "CDR Thumbnail provider" - "Corel Corporation" - C:\Program Files\Common Files\Corel\Shared\Shell Extension\x86\ShellXP.dll
{D66DC78C-4F61-447F-942B-3FB6980118CF} "CInfoTipShellExt Class" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office15\VISSHE.DLL
{DE902994-61FC-4A01-8091-53E1895C9775} "CMX Icon Handler" - "Corel Corporation" - C:\Program Files\Common Files\Corel\Shared\Shell Extension\x86\ShellXP.dll
{1462EBAC-96E7-4D93-9A66-0E4068DE4FCF} "CMX Thumbnail provider" - "Corel Corporation" - C:\Program Files\Common Files\Corel\Shared\Shell Extension\x86\ShellXP.dll
{DE902993-61FC-4A01-8091-53E1895C9775} "CPT Icon Handler" - "Corel Corporation" - C:\Program Files\Common Files\Corel\Shared\Shell Extension\x86\ShellXP.dll
{7FA63AC1-F5BC-4F3B-A9CF-94328D812B62} "CPT Property Handler" - "Corel Corporation" - C:\Program Files\Common Files\Corel\Shared\Shell Extension\x86\ShellVista.dll
{1462EBAB-96E7-4D93-9A66-0E4068DE4FCF} "CPT Thumbnail provider" - "Corel Corporation" - C:\Program Files\Common Files\Corel\Shared\Shell Extension\x86\ShellXP.dll
{ACEF9F57-4DEF-4CC9-A2C0-7A158D967E63} "Device Center Property Page" - "Microsoft Corporation" - C:\Program Files\Microsoft Mouse and Keyboard Center\cplredirector.dll
{872A9397-E0D6-4e28-B64D-52B8D0A7EA35} "DisplayCplExt Class" - "Advanced Micro Devices, Inc." - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiamaxx.dll
{693BE9C0-BEC3-11D2-B4C1-C33BBD3AD64B} "Fast Explorer Shell Extension" - "Alex Yakovlev" - C:\ProgramData\AllDup\FEShlExt.dll
{72923739-5A47-40A3-9895-25AF0DFBB9E4} "Glary Utilities Context Menu Shell Extension" - "Glarysoft Ltd" - C:\PROGRA~1\GLARYU~1\CONTEX~1.DLL
{99FD978C-D287-4F50-827F-B2C658EDA8E7} "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" - "Microsoft Corporation" - E:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} "Groove Explorer Icon Overlay 2 (GFS Stub)" - "Microsoft Corporation" - E:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
{920E6DB1-9907-4370-B3A0-BAFC03D81399} "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" - "Microsoft Corporation" - E:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
{16F3DD56-1AF5-4347-846D-7C10C4192619} "Groove Explorer Icon Overlay 3 (GFS Folder)" - "Microsoft Corporation" - E:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
{2916C86E-86A6-43FE-8112-43ABE6BF8DCC} "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" - "Microsoft Corporation" - E:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
{2A541AE1-5BF6-4665-A8A3-CFA9672E4291} "Groove Folder Synchronization" - "Microsoft Corporation" - E:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - E:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
{6C467336-8281-4E60-8204-430CED96822D} "Groove GFS Context Menu Handler" - "Microsoft Corporation" - E:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - E:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
{A449600E-1DC6-4232-B948-9BD794D62056} "Groove GFS Stub Icon Handler" - "Microsoft Corporation" - E:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
{387E725D-DC16-4D76-B310-2C93ED4752A0} "Groove XML Icon Handler" - "Microsoft Corporation" - E:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
{506F4668-F13E-4AA1-BB04-B43203AB3CC0} "ImageExtractorShellExt Class" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office15\VISSHE.DLL
{DC70C4A5-2044-4c59-B806-DEFB9AE0DF7C} "KbLogiExt Class" - "Logitech, Inc." - C:\Program Files\Logitech\SetPointP\kbcplext.dll
{528EE335-5034-4EFC-834E-63E5F02D2BC2} "Mediencenter Overlay Handler" - ? - (File not found | COM-object registry key not found)
{6066ADF0-9EB0-43E5-ADB6-990F5A3B979C} "Mediencenter Overlay Handler" - ? - (File not found | COM-object registry key not found)
{77BC4082-DB5F-439A-8DC8-F9E24A63B0DE} "Mediencenter Overlay Handler" - ? - (File not found | COM-object registry key not found)
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office15\msohevi.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\msoshext.dll
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\msoshext.dll
{0875DCB6-C686-4243-9432-ADCCF0B9F2D7} "Microsoft OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office15\ONFILTER.DLL
{00020D75-0000-0000-C000-000000000046} "Microsoft Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office14\MLSHEXT.DLL
{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} "Microsoft SkyDrive Pro Browser Helper" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL
{8BA85C75-763B-4103-94EB-9470F12FE0F7} "Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL
{CD55129A-B1A1-438E-A425-CEBC7DC684EE} "Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL
{E768CD3B-BDDC-436D-9C13-E1B39CA257B1} "Microsoft SkyDrive Pro Icon Overlay 3 (InSync)" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL
{97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} "NeroCoverEd Live Icons" - ? - (File not found | COM-object registry key not found)
{C9E60ED7-FEAE-477b-B6A6-7D62103A0C6B} "NeroDigitalColumnHandler Class" - "Nero AG" - C:\Program Files\Common Files\Nero\SMC\NeroDigitalExt.dll
{1CA6BBC9-E9FA-4021-822B-075DF1837B63} "NeroDigitalIconHandler Class" - "Nero AG" - C:\Program Files\Common Files\Nero\SMC\NeroDigitalExt.dll
{4FBFFA8D-F390-471a-AE46-FEB93623AD63} "NeroDigitalInfoHandler Class" - "Nero AG" - C:\Program Files\Common Files\Nero\SMC\NeroDigitalExt.dll
{846083A4-BFC6-4447-985C-6578B466A7D7} "NeroDigitalPropSheetHandler Class" - "Nero AG" - C:\Program Files\Common Files\Nero\SMC\NeroDigitalExt.dll
{EDCC595A-F0EE-4d81-B554-D5D01C7AFB87} "NeroDigitalThumbnailHandler Class" - "Nero AG" - C:\Program Files\Common Files\Nero\SMC\NeroDigitalExt.dll
{F764812A-132C-4013-9960-5CBBEB408A0E} "NeroShellExt Class" - "Nero AG" - C:\Program Files\Common Files\Nero\NeroShellExt\NeroShellExt.dll
{48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} "OODShellExtObj Class" - "O&O Software GmbH" - F:\Program Files\OO Software\Defrag\oodsh.dll
{0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office14\OLKFSTUB.DLL
{2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} "RUShellExt Class" - "VS Revo Group" - E:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll
{5E2121EE-0300-11D4-8D3B-444553540000} "SimpleShlExt Class" - "Advanced Micro Devices, Inc." - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll
{7020EDF4-B454-4814-9AA4-1D604D3F1417} "TraXExCM" - ? - (File not found | COM-object registry key not found)
{4838CD50-7E5D-4811-9B17-C47A85539F28} "TuneUp Disk Space Explorer Shell Extension" - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2014\DseShExt-x86.dll (File is exclusively opened, access blocked)
{4858E7D9-8E12-45a3-B6A3-1CD128C9D403} "TuneUp Shredder Shell Extension" - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2014\SDShelEx-win32.dll (File is exclusively opened, access blocked)
{44440D00-FF19-4AFC-B765-9A0970567D97} "TuneUp Theme Extension" - "TuneUp Software" - C:\Windows\System32\uxtuneup.dll
{DBD8E168-244D-448C-9922-25508950D1DC} "USIShellExt Class" - "Ulead Systems, Inc." - C:\Program Files\Common Files\Ulead Systems\DVD\USIShex.dll
{B28AA736-876B-46DA-B3A8-84C5E30BA492} "Web Sites" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE15\WXPNSE.DLL
{E6FB5E20-DE35-11CF-9C87-00AA005127ED} "WebCheck" - ? - (File not found | COM-object registry key not found)
{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll
{E0D79304-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, S.L." - E:\Programme\wzshlstb.dll
{E0D79305-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, S.L." - E:\Programme\wzshlstb.dll
{E0D79306-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, S.L." - E:\Programme\wzshlstb.dll
{E0D79307-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, S.L." - E:\Programme\wzshlstb.dll
{0563DB41-F538-4B37-A92D-4659049B7766} "WLMD Message Handler" - ? - (File not found | COM-object registry key not found)
{06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe
Logitech Setpoint Extension "{B9B9F083-2B04-452A-8691-83694AC1037B}" - ? - (File not found | COM-object registry key not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad )-----
{E6FB5E20-DE35-11CF-9C87-00AA005127ED} "WebCheck" - ? - (File not found | COM-object registry key not found)

[Internet Explorer]
-----( HKCU\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars )-----
{555D4D79-4BD2-4094-A395-CFC534424A05} "HP Smart Web Printing" - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "Adobe PDF" - "Adobe Systems Incorporated" - F:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
<binary data> "Google Toolbar" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found)
<binary data> "{D4027C7F-154A-4066-A1AD-4243D8127440}" - ? - (File not found | COM-object registry key not found)
-----( HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks )-----
{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} "IObit Toolbar" - "Spigot, Inc." - C:\Program Files\IObit Toolbar\IE\6.3\iobitToolbarIE.dll (File is exclusively opened, access blocked)
{00000000-6E41-4FD3-8538-502F5495E5FC} "{00000000-6E41-4FD3-8538-502F5495E5FC}" - ? - (File not found | COM-object registry key not found)
{40c3cc16-7269-4b32-9531-17f2950fb06f} "{40c3cc16-7269-4b32-9531-17f2950fb06f}" - ? - (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} "Java Plug-in 1.7.0_09" - ? - C:\Program Files\Java\jre7\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 10.45.2" - ? - C:\Program Files\Java\jre7\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
{D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\Windows\system32\Macromed\Flash\Flash32_13_0_0_214.ocx / hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
{E2883E8F-472F-4FB0-9522-AC9BF37916A7} "{E2883E8F-472F-4FB0-9522-AC9BF37916A7}" - ? - (File not found | COM-object registry key not found) / hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars )-----
{182EC0BE-5110-49C8-A062-BEB1D02A220B} "Adobe PDF" - "Adobe Systems Incorporated" - F:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
{555D4D79-4BD2-4094-A395-CFC534424A05} "HP Smart Web Printing" - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} "@C:\Program Files\Windows Live\Companion\companionlang.dll,-600" - "Microsoft Corporation" - C:\Program Files\Windows Live\Companion\companioncore.dll
{5F7B1267-94A9-47F5-98DB-E99415F33AEC} "@C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004" - "Microsoft Corporation" - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
{ba696155-d96e-4281-b467-0367a0456474} "BandClsid" - ? - (File not found | COM-object registry key not found)
{CAFEEFAC-001017-0002-0017-ABCDEFFEDCBC} "ClsidExtension" - ? - (File not found | COM-object registry key not found)
{E601996F-E400-41CA-804B-CD6373A7EEE2} "ClsidExtension" - "kikin" - C:\Program Files\kikin\ie_kikin.dll
{DDE87865-83C5-48c4-8357-2F5B1AA84522} "HP Smart Web Printing ein- oder ausblenden" - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} "Lync Click to Call" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
{FFFDC614-B694-4AE6-AB38-5D6374584B52} "OneNote Lin&ked Notes" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
{48E73304-E1D6-4330-914C-F5F514E3486C} "Send to OneNote" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
{898EA8C8-E7FF-479B-8935-AEC46303B9E5} "Skype Click to Call" - "Microsoft Corporation" - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
!{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} "!{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}" - ? - (File not found | COM-object registry key not found)
!{2318C2B1-4965-11d4-9B18-009027A5CD4F} "!{2318C2B1-4965-11d4-9B18-009027A5CD4F}" - ? - (File not found | COM-object registry key not found)
!{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} "!{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" - ? - (File not found | COM-object registry key not found)
10 "10" - ? - (File not found | COM-object registry key not found)
<binary data> "Adobe PDF" - "Adobe Systems Incorporated" - F:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
{8dcb7100-df86-4384-8842-8fa844297b3f} "Bing Bar" - "Microsoft Corporation." - C:\Program Files\Microsoft\BingBar\BingExt.dll
<binary data> "Glarysoft Toolbar" - ? - C:\Program Files\Glarysoft Toolbar\tbcore3.dll
<binary data> "Google Toolbar" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} "Norton Toolbar" - "Symantec Corporation" - C:\Program Files\Norton 360\Engine\21.3.0.12\coIEPlg.dll
{40c3cc16-7269-4b32-9531-17f2950fb06f} "Winload Toolbar" - ? - (File not found | COM-object registry key not found)
<binary data> "{D4027C7F-154A-4066-A1AD-4243D8127440}" - ? - (File not found | COM-object registry key not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{AE7CD045-E861-484f-8273-0445EE161910} "Adobe PDF Conversion Toolbar Helper" - "Adobe Systems Incorporated" - F:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} "Adobe PDF Reader" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
{d2ce3e00-f94a-4740-988e-03dc2f38c34f} "Bing Bar Helper" - "Microsoft Corporation." - C:\Program Files\Microsoft\BingBar\BingExt.dll
{AA58ED58-01DD-4d91-8333-CF10577473F7} "Google Toolbar Helper" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - E:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
{0347C33E-8762-4905-BF09-768834316C61} "HP Print Enhancer" - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} "HP Smart BHO Class" - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} "IObit Toolbar" - "Spigot, Inc." - C:\Program Files\IObit Toolbar\IE\6.3\iobitToolbarIE.dll (File is exclusively opened, access blocked)
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Oracle Corporation" - C:\Program Files\Java\jre7\bin\jp2ssv.dll
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Oracle Corporation" - C:\Program Files\Java\jre7\bin\ssv.dll
{E601996F-E400-41CA-804B-CD6373A7EEE2} "kikin Plugin" - "kikin" - C:\Program Files\kikin\ie_kikin.dll
{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} "Lync Browser Helper" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} "Microsoft SkyDrive Pro Browser Helper" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL
{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} "Norton Identity Protection" - "Symantec Corporation" - C:\Program Files\Norton 360\Engine\21.3.0.12\coIEPlg.dll
{6D53EC84-6AAE-4787-AEEE-F4628F01010C} "Norton Vulnerability Protection" - "Symantec Corporation" - C:\Program Files\Norton 360\Engine\21.3.0.12\IPS\IPSBHO.DLL
{B4F3A835-0E21-4959-BA22-42B3008E02FF} "Office Document Cache Handler" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} "Skype Browser Helper" - "Microsoft Corporation" - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
{A7AF277D-1466-4A7B-93AF-B043984A5671} "TBSB05810 Class" - ? - C:\Program Files\Glarysoft Toolbar\tbcore3.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID Sign-in Helper" - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
{9FDDE16B-836F-4806-AB1F-1455CBEFF289} "Windows Live Messenger Companion Helper" - "Microsoft Corporation" - C:\Program Files\Windows Live\Companion\companioncore.dll

[LSA Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )-----
"Security Packages" - "Microsoft Corp." - C:\Windows\system32\livessp.dll

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\Wolfgang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"BTTray.lnk" - "Broadcom Corporation." - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Shortcut exists | File exists)
-----( HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows )-----
"load" - "Veeiaa" - C:\ProgramData\Microsoft.com
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"Raptr" - "Raptr, Inc" - C:\PROGRA~1\Raptr\raptrstub.exe --startup
"Steam" - "Valve Corporation" - "C:\Program Files\Steam\Steam.exe" -silent
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce )-----
"WindowsUpdate" - "Veeiaa" - "C:\ProgramData\Windows Manager\winmgr.exe" (File is exclusively opened, access blocked)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"APSDaemon" - "Apple Inc." - "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"EvtMgr6" - "Logitech, Inc." - C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
"OODefragTray" - "O&O Software GmbH" - F:\Program Files\OO Software\Defrag\oodtray.exe
"RUSB3MON" - "Renesas Electronics Corporation" - "C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe"
"StartCCC" - "Advanced Micro Devices, Inc." - "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe" MSRun

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"Adobe PDF Port" - "Adobe Systems Incorporated." - C:\Windows\system32\AdobePDF.dll
"Bluetooth-Druckeranschluss" - "Broadcom Corporation." - C:\Windows\system32\bthcrp.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"@%SystemRoot%\System32\uxtuneup.dll,-4096" (UxTuneUp) - "TuneUp Software" - C:\Windows\System32\uxtuneup.dll
"Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
"Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
"ASP.NET State Service" (aspnet_state) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
"Bluetooth Service" (btwdins) - "Broadcom Corporation." - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
"Browser 7 Maintenance Service" (Browser7Maintenance) - "Deutsche Telekom AG" - C:\Program Files\Browser 7 Maintenance Service\maintenanceservice.exe
"Cron Service for Prey" (CronService) - "Fork Ltd." - F:\Prey\platform\windows\cronsvc.exe
"FLEXnet Licensing Service" (FLEXnet Licensing Service) - "Acresso Software Inc." - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
"FsUsbExService" (FsUsbExService) - "Teruten" - C:\Windows\system32\FsUsbExService.Exe
"Google Software Updater" (gusvc) - "Google" - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
"Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"HitmanPro.Alert Service" (hmpalertsvc) - "SurfRight B.V." - C:\Program Files\HitmanPro.Alert\hmpalert.exe
"HP CUE DeviceDiscovery Service" (hpqddsvc) - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
"HP Network Devices Support" (HPSLPSVC) - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
"hpqcxs08" (hpqcxs08) - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
"InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
"KMService" (KMService) - ? - C:\Windows\system32\srvany.exe (File found, but it contains no detailed information)
"Logitech Bluetooth Service" (LBTServ) - "Logitech, Inc." - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
"MBAMScheduler" (MBAMScheduler) - "Malwarebytes Corporation" - C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe (File is exclusively opened, access blocked)
"MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe (File is exclusively opened, access blocked)
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"Net Driver HPZ12" (Net Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZinw12.dll
"NLS Service" (nlsX86cc) - "Nalpeiron Ltd." - C:\Windows\system32\NLSSRV32.EXE
"Norton 360" (N360) - "Symantec Corporation" - C:\Program Files\Norton 360\Engine\21.3.0.12\N360.exe
"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
"Office Software Protection Platform" (osppsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
"Pml Driver HPZ12" (Pml Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZipm12.dll
"Protexis Licensing V2" (PSI_SVC_2) - "Protexis Inc." - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
"ProtexisLicensing" (ProtexisLicensing) - ? - C:\Windows\system32\PSIService.exe
"StarWind AE Service" (StarWindServiceAE) - "StarWind Software" - D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
"Steam Client Service" (Steam Client Service) - "Valve Corporation" - C:\Program Files\Common Files\Steam\SteamService.exe
"System Store" (SystemStoreService) - ? - C:\Program Files\SoftwareUpdater\SystemStore.exe
"TuneUp Utilities Service" (TuneUp.UtilitiesSvc) - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe (File is exclusively opened, access blocked)
"Windows Live Family Safety Service" (fsssvc) - "Microsoft Corporation" - C:\Program Files\Windows Live\Family Safety\fsssvc.exe
"Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

[Winlogon]
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )-----
"LBTWlgn" - "Logitech, Inc." - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll

[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----
"mdnsNSP" - "Apple Inc." - C:\Program Files\Bonjour\mdnsNSP.dll
"WindowsLive Local NSP" - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
"WindowsLive NSP" - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

===[ Logfile end ]=========================================[ Logfile end ]===

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru


Kann mir jemand sagen, was ich löschen muß?

 

Themen zu Trojan Backdoor Activity 15
acrobat update, adobe, adobe flash player, autorun, backdoor, bingbar, bonjour, browser, desktop, dringend, explorer, flash player, flashplayercplapp.cpl, help, helper, internet, internet explorer, log-datei, logfile, löschen, pdf, programme, registry, registry key, revo uninstaller, security, software, symantec, system, trojan, windows


« Trojaner frißt Word - behauptet immer, daß die Dateien - egal welche ich anklicke - beschädigt seien und nicht geöffnet werden können. | Windows 7: angeklickt flash player nicht aktuell »


Ähnliche Themen: Trojan Backdoor Activity 15


  1. System infected, Trojaner backdoor, suspicius, activity 3
    Plagegeister aller Art und deren Bekämpfung - 30.01.2015 (7)
  2. Malware und Trojan activity detectedm CPU 100%!, noise, windows herstel
    Log-Analyse und Auswertung - 12.10.2014 (1)
  3. TRojan.Betabot Activity 3
    Plagegeister aller Art und deren Bekämpfung - 17.02.2014 (7)
  4. Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject
    Log-Analyse und Auswertung - 01.02.2014 (17)
  5. Trojan.bebloh und Angriff durch Trojan.Ransomlock.P Activity 2
    Log-Analyse und Auswertung - 09.07.2013 (8)
  6. Backdoor.Trojan
    Plagegeister aller Art und deren Bekämpfung - 06.03.2013 (69)
  7. Trojan.Backdoor.mrx
    Plagegeister aller Art und deren Bekämpfung - 19.02.2013 (37)
  8. Trojan.Agent, Backdoor.Agent, Trojan.Banker > 10 Trojaner auf einem PC
    Log-Analyse und Auswertung - 22.07.2012 (0)
  9. Stark trojanerverseuchtes System! (Trojan Buzuss, Backdoor Trojan, Trojan Dropper,..)
    Plagegeister aller Art und deren Bekämpfung - 09.09.2010 (3)
  10. Backdoor.Trojan - Was nun?
    Plagegeister aller Art und deren Bekämpfung - 11.11.2009 (1)
  11. Backdoor.Trojan und Backdoor.Grybird
    Mülltonne - 13.10.2008 (0)
  12. Hilfe zu Trojaner HTTP Trojan Zlob Activity
    Plagegeister aller Art und deren Bekämpfung - 15.08.2008 (1)
  13. HTTP Trojan Vundo Activity
    Mülltonne - 10.08.2008 (0)
  14. HTTP Trojan Vundo Activity
    Log-Analyse und Auswertung - 08.04.2008 (6)
  15. IRC.Backdoor.Trojan
    Plagegeister aller Art und deren Bekämpfung - 07.09.2007 (1)
  16. Backdoor.Trojan
    Plagegeister aller Art und deren Bekämpfung - 03.12.2006 (18)
  17. Backdoor.Trojan
    Plagegeister aller Art und deren Bekämpfung - 08.05.2006 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Trojan Backdoor Activity 15 - Hallo Leute, bin neu hier u. dringend auf eure Hilfe angewiesen. Norton 360 gibt ständig ein Pop Up Fenster mit der Meldung "Norton blockierte einen Angriff von: System Infected: Trojan - Trojan Backdoor Activity 15...
Archiv
Du betrachtest: Trojan Backdoor Activity 15 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131