 | |
OSAM LogFile Auswertung
hallo,
ich versuche meinen PC schneller booten zu lassen und bin dabei hier auf osam gestoßen, denn ich bae die vermutung das etwas bei den autoruns nicht stimmt. Nach dem einloggen dauert es knapp 5min bis er bedienbar ist der PC.
osam.log Code:
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 08:22:37 on 01.06.2012
OS: Windows 7 Home Premium Edition Service Pack 1 (Build 7601), 64-bit
Default Browser: Google Inc. Google Chrome 0.0.0.0
Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures
Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries
[Control Panel Objects]
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"Pando" - "Pando Networks" - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.cpl
[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"AsIO" (AsIO) - ? - C:\Windows\SysWow64\drivers\AsIO.sys (File found, but it contains no detailed information)
"avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys
"avkmgr" (avkmgr) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avkmgr.sys
"cpudrv64" (cpudrv64) - ? - C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys (File found, but it contains no detailed information)
"EagleX64" (EagleX64) - ? - C:\Windows\system32\drivers\EagleX64.sys (File not found)
"Hamachi Network Interface" (hamachi) - "LogMeIn, Inc." - C:\Windows\System32\DRIVERS\hamachi.sys
"ISO DVD/CD-ROM Device Driver" (ISODrive) - "EZB Systems, Inc." - G:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys
"PROCEXP151" (PROCEXP151) - ? - C:\Windows\system32\Drivers\PROCEXP151.SYS (File not found)
"X6va006" (X6va006) - ? - C:\Users\helfull\AppData\Local\Temp\006C5BD.tmp (File not found)
[Explorer]
-----( HKCU\Software\Classes\Folder\shellex\ColumnHandlers )-----
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - (File not found | COM-object registry key not found)
-----( HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found)
{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found)
{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found)
{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found)
{AE424E85-F6DF-4910-A6A9-438797986431} "OpenOffice.org Property Handler" - ? - (File not found | COM-object registry key not found)
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
{30351349-7B7D-4FCC-81B4-1E394CA267EB} "{30351349-7B7D-4FCC-81B4-1E394CA267EB}" - ? - (File not found | COM-object registry key not found)
-----( HKLM\Software\Classes\Protocols\Handler )-----
{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{D8D1CE8C-B1EB-4E95-B63B-1531BA60E992} "DivX Property Handler" - "DivX, Inc." - C:\Program Files (x86)\DivX\DivX Plus Media Foundation Components\DivXPropertyHandler.dll
{83238FAE-D346-4E12-8734-D42F7554B3E6} "DivX Thumbnail Provider" - "DivX, Inc." - C:\Program Files (x86)\DivX\DivX Plus Media Foundation Components\DivXThumbnailProvider.dll
{3C16B20A-BA16-4156-916F-0A375ECFFE24} "GitExtensions Shell Extension" - ? - C:\Program Files (x86)\GitExtensions\GitExtensionsShellEx32.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - (File not found | COM-object registry key not found)
{087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - (File not found | COM-object registry key not found)
{63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - (File not found | COM-object registry key not found)
{3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - (File not found | COM-object registry key not found)
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll
{B41DB860-64E4-11D2-9906-E49FADC173CA} "WinRAR shell extension" - ? - (File not found | COM-object registry key not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad )-----
{E6FB5E20-DE35-11CF-9C87-00AA005127ED} "WebCheck" - ? - (File not found | COM-object registry key not found)
[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found)
<binary data> "{F999A48B-1950-4D81-9971-79018F807B4B}" - ? - (File not found | COM-object registry key not found)
-----( HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks )-----
{f999a48b-1950-4d81-9971-79018f807b4b} "{f999a48b-1950-4d81-9971-79018f807b4b}" - ? - (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} "Java Plug-in 1.6.0_22" - "Oracle Corporation" - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} "Java Plug-in 1.6.0_27" - "Oracle Corporation" - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 10.4.1" - "Oracle Corporation" - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 10.4.1" - "Oracle Corporation" - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
{D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\Windows\SysWOW64\Macromed\Flash\Flash11g.ocx / hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
10 "10" - ? - (File not found | COM-object registry key not found)
{99079a25-328f-4bd4-be04-00955acaa0a7} "Searchqu Toolbar" - ? - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll
{5911488E-9D1E-40ec-8CBB-06B231CC153F} "StartNow Toolbar" - ? - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{326E768D-4182-46FD-9C16-1449A49795F4} "DivX Plus Web Player HTML5 <video>" - "DivX, LLC" - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} "Hotspot Shield Class" - ? - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Oracle Corporation" - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Oracle Corporation" - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
{9D717F81-9148-4f12-8568-69135F087DB0} "SearchCore for Browsers" - "Bandoo Media, inc" - C:\PROGRA~2\SEARCH~1\SEARCH~1\BROWSE~1.DLL
{99079a25-328f-4bd4-be04-00955acaa0a7} "Searchqu Toolbar" - ? - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll
{6E13D095-45C3-4271-9475-F3B48227DD9F} "StartNow Toolbar Helper" - ? - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll
[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"CurseClientStartup.ccip" - ? - C:\Users\helfull\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
"desktop.ini" - ? - C:\Users\helfull\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"Dropbox.lnk" - "Dropbox, Inc." - C:\Users\helfull\AppData\Roaming\Dropbox\bin\Dropbox.exe (Shortcut exists | File exists)
"Nettalk.lnk" - "Nicolas Kruse" - G:\Program Files (x86)\Nettalk6\Nettalk.exe (Shortcut exists | File exists)
"OpenOffice.org 3.3.lnk" - ? - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (Shortcut exists | File found, but it contains no detailed information | File exists)
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"GamersFirst LIVE!.lnk" - "GamersFirst" - C:\Program Files (x86)\GamersFirst\LIVE!\Live.exe (Shortcut exists | File exists)
"LOLRecorder.lnk" - "LOL Replay" - G:\Program Files (x86)\LOLReplay\LOLRecorder.exe (Shortcut exists | File exists)
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"Akamai NetSession Interface" - "Akamai Technologies, Inc" - "C:\Users\helfull\AppData\Local\Akamai\netsession_win.exe"
"DAEMON Tools Lite" - "DT Soft Ltd" - "G:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"Kvhkhu" - ? - C:\Users\helfull\AppData\Roaming\Kvhkhu.exe (File not found)
"Microsoft DLL Registration" - ? - C:\Users\helfull\AppData\Roaming\regsrv64.exe (File not found)
"PService" - ? - C:\Users\helfull\AppData\Roaming\70C9.exe (File not found)
"Skype" - "Skype Technologies S.A." - "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"Steam" - "Valve Corporation" - "C:\Program Files (x86)\Steam\steam.exe" -silent
"uTorrent" - "BitTorrent, Inc." - "G:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----
"StartupPrograms" - ? - rdpclip (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"AdobeCS5.5ServiceManager" - "Adobe Systems Incorporated" - "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
"APSDaemon" - "Apple Inc." - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"DATAMNGR" - "Bandoo Media, inc" - C:\PROGRA~2\SEARCH~1\SEARCH~1\DATAMN~1.EXE
"HDAudDeck" - "VIA" - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
"iTunesHelper" - "Apple Inc." - "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"LogMeIn Hamachi Ui" - "LogMeIn Inc." - "G:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"PService" - ? - C:\Users\helfull\AppData\Roaming\70C9.exe (File not found)
"StartNowToolbarHelper" - ? - "C:\Program Files (x86)\StartNow Toolbar\ToolbarHelper.exe" (File not found)
"SwitchBoard" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" (WinDefend) - ? - C:\Program Files (x86)\Windows Defender\mpsvc.dll (File not found)
"@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101" (WMPNetworkSvc) - ? - "C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe" (File not found)
"Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
"Akamai NetSession Interface" (Akamai) - ? - c:\program files (x86)\common files\akamai\netsession_win_80c2ffa.dll (File found, but it contains no detailed information)
"Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
"ASP.NET-Zustandsdienst" (aspnet_state) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
"Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
"Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
"Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe
"Futuremark SystemInfo Service" (Futuremark SystemInfo Service) - "Futuremark Corporation" - C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
"Hotspot Shield Monitoring Service" (HssWd) - ? - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe (File found, but it contains no detailed information)
"Hotspot Shield Routing Service" (HssSrv) - ? - C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
"Hotspot Shield Service" (hshld) - ? - C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe (File found, but it contains no detailed information)
"Hotspot Shield Tray Service" (HssTrayService) - ? - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE (File found, but it contains no detailed information)
"iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe
"LogMeIn Hamachi Tunneling Engine" (Hamachi2Svc) - "LogMeIn Inc." - G:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
"Microsoft .NET Framework NGEN v4.0.30319_X64" (clr_optimization_v4.0.30319_64) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"NVIDIA Display Driver Service" (nvsvc) - "NVIDIA Corporation" - C:\Windows\system32\nvvsvc.exe
"NVIDIA Stereoscopic 3D Driver Service" (Stereo Service) - "NVIDIA Corporation" - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
"NVIDIA Update Service Daemon" (nvUpdatusService) - "NVIDIA Corporation" - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
"PnkBstrA" (PnkBstrA) - ? - C:\Windows\system32\PnkBstrA.exe (File not found)
"Skype Updater" (SkypeUpdate) - "Skype Technologies" - C:\Program Files (x86)\Skype\Updater\Updater.exe
"SQL Server (SQLEXPRESS)" (MSSQL$SQLEXPRESS) - "Microsoft Corporation" - C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
"SQL Server VSS Writer" (SQLWriter) - "Microsoft Corporation" - C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
"Steam Client Service" (Steam Client Service) - "Valve Corporation" - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
"SwitchBoard" (SwitchBoard) - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
"Updater Service for StartNow Toolbar" (Updater Service for StartNow Toolbar) - ? - C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe (File found, but it contains no detailed information)
"Webbereitstellungs-Agent-Dienst" (MsDepSvc) - "Microsoft Corporation" - C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe
[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----
"mdnsNSP" - "Apple Inc." - C:\Program Files (x86)\Bonjour\mdnsNSP.dll
===[ Logfile end ]=========================================[ Logfile end ]===
If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru
|
hat sich erledigt, habe den PC neu aufgesetzt. |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 09:22 Uhr. | |
Copyright ©2000-2024, Trojaner-Board
Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.