| andreas1 | 24.10.2010 12:54 |
GMER stürzt mit mit einem Blue Screen ab.
OSAM´s log ist hier:
OSAM Logfile: Code:
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 23:10:06 on 23.10.2010
OS: Windows XP Professional Service Pack 3 (Build 2600)
Default Browser: Microsoft Corporation Internet Explorer 8.00.6001.18702
Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures
Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries
[Common]
-----( %SystemRoot%\Tasks )-----
"BackRex Internet Explorer Backup.job" - "BackRex Software" - C:\PROGRA~1\BACKRE~1\briec.exe
"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"PMTask.job" - ? - C:\PROGRA~1\ThinkPad\UTILIT~1\PWMIDTSK.EXE (File found, but it contains no detailed information)
[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"btcpl.cpl" - "Broadcom Corporation." - C:\WINDOWS\system32\btcpl.cpl
"ddbaccpl.cpl" - "DataDesign AG" - C:\WINDOWS\system32\ddbaccpl.cpl
"ddbacctm.cpl" - "DataDesign AG" - C:\WINDOWS\system32\ddbacctm.cpl
"infocardcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\infocardcpl.cpl
"javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\javacpl.cpl
"TpShCPL.cpl" - "Lenovo." - C:\WINDOWS\system32\TpShCPL.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"Nero BurnRights" - "Nero AG" - C:\Programme\Nero\Nero 7\Nero Toolkit\NeroBurnRights.cpl
"ProtectorSuiteInfoPanel" - "UPEK Inc." - C:\Programme\ThinkVantage Fingerprint Software\infopnl.cpl
"SMAX4CP" - "Analog Devices, Inc." - C:\Programme\Analog Devices\SoundMAX\SMax4.cpl
"SYMLIVE" - "Symantec Corporation" - C:\Programme\Symantec\LiveUpdate\S32LUCP1.CPL
[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"acedrv11" (acedrv11) - "Protect Software GmbH" - C:\WINDOWS\system32\drivers\acedrv11.sys
"Acronis Snapshots Manager (Build 378)" (snapman378) - "Acronis" - C:\WINDOWS\System32\DRIVERS\snman378.sys
"Acronis True Image Backup Archive Explorer" (timounter) - "Acronis" - C:\WINDOWS\System32\DRIVERS\timntr.sys
"Acronis True Image FS Filter" (tifsfilter) - "Acronis" - C:\WINDOWS\System32\DRIVERS\tifsfilt.sys
"Acronis Try&Decide and Restore Points filter (build 124)" (tdrpman124) - "Acronis" - C:\WINDOWS\System32\DRIVERS\tdrpm124.sys
"ANC" (ANC) - "IBM Corp." - C:\WINDOWS\System32\drivers\ANC.SYS
"APS Digitizer Activity Monitor" (TPDIGIMN) - "Lenovo." - C:\WINDOWS\System32\DRIVERS\ApsHM86.sys
"awecho" (awecho) - "Symantec Corporation" - C:\WINDOWS\System32\drivers\awechomd.sys
"awlegacy" (awlegacy) - "Symantec Corporation" - C:\WINDOWS\System32\Drivers\awlegacy.sys
"AW_HOST" (AW_HOST) - "Symantec Corporation" - C:\WINDOWS\System32\drivers\aw_host5.sys
"catchme" (catchme) - ? - C:\cofi\catchme.sys (File not found)
"Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys (File not found)
"epmntdrv" (epmntdrv) - ? - C:\WINDOWS\system32\epmntdrv.sys (File found, but it contains no detailed information)
"EuGdiDrv" (EuGdiDrv) - ? - C:\WINDOWS\system32\EuGdiDrv.sys (File found, but it contains no detailed information)
"Gernuwa" (Gernuwa) - "Symantec Corporation" - C:\WINDOWS\system32\drivers\Gernuwa.sys
"i2omgmt" (i2omgmt) - ? - C:\WINDOWS\system32\drivers\i2omgmt.sys (File not found)
"IBMTPCHK" (IBMTPCHK) - ? - C:\WINDOWS\System32\Drivers\IBMBLDID.sys (File found, but it contains no detailed information)
"InCD Reader" (InCDRm) - ? - C:\WINDOWS\System32\drivers\InCDRm.sys (File not found)
"InCDPass" (InCDPass) - ? - C:\WINDOWS\System32\drivers\InCDPass.sys (File not found)
"Kaspersky Lab Driver" (KLIF) - "Kaspersky Lab" - C:\WINDOWS\System32\DRIVERS\klif.sys
"lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys (File not found)
"OEM USB to Serial Converter Driver(Philips)" (U2SP) - ? - C:\WINDOWS\System32\DRIVERS\u2s2kxp.sys (File not found)
"PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys (File not found)
"PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys (File not found)
"PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys (File not found)
"PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys (File not found)
"PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys (File not found)
"rspSanity" (rspSanity) - "Resplendence Software Projects Sp." - C:\WINDOWS\System32\DRIVERS\rspSanity32.sys
"Shockprf" (Shockprf) - "Lenovo." - C:\WINDOWS\System32\DRIVERS\Apsx86.sys
"SMI Helper Driver (smihlp)" (smihlp) - "UPEK Inc." - C:\Programme\Gemeinsame Dateien\ThinkVantage Fingerprint Software\Drivers\smihlp.sys
"SymEvent" (SymEvent) - "Symantec Corporation" - C:\Programme\Symantec\SYMEVENT.SYS
"TPPWRIF" (TPPWRIF) - ? - C:\WINDOWS\System32\drivers\Tppwrif.sys (File found, but it contains no detailed information)
"TVicPort" (TVicPort) - "EnTech Taiwan" - C:\WINDOWS\system32\drivers\TVicPort.sys
"USB RNDIS Adapter" (usb_rndisx) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\usb8023x.sys
"USB2.0 Motor Tracking Camera" (SQTECH930B) - ? - C:\WINDOWS\System32\Drivers\Capt930b.sys (File not found)
"VMware Bridge Protocol" (VMnetBridge) - "VMware, Inc." - C:\WINDOWS\System32\DRIVERS\vmnetbridge.sys
"VMware hcmon" (hcmon) - "VMware, Inc." - C:\WINDOWS\system32\drivers\hcmon.sys
"VMware Network Application Interface" (VMnetuserif) - "VMware, Inc." - C:\WINDOWS\system32\drivers\vmnetuserif.sys
"VMware vmci" (vmci) - "VMware, Inc." - C:\WINDOWS\system32\Drivers\vmci.sys
"VMware vmx86" (vmx86) - "VMware, Inc." - C:\WINDOWS\system32\Drivers\vmx86.sys
"WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys (File not found)
"WinDriver6" (WinDriver6) - "Jungo" - C:\WINDOWS\System32\drivers\windrvr6.sys
[Explorer]
-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----
{89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{7D4D6379-F301-4311-BEBA-E26EB0561882} "NeroDigitalColumnHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroDigitalExt.dll
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
-----( HKLM\Software\Classes\Protocols\Handler )-----
{3D9F03FA-7A94-11D3-BE81-0050048385D1} "Data Page Pluggable Protocol mso-offdap Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
{0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL
{CD00020A-8B95-11D1-82DB-00C04FB1625D} "Microsoft PKM KnowledgePluggable Class" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} "Acrobat Elements Context Menu" - "Adobe Systems Inc." - C:\Programme\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.dll
{C539A15A-3AF9-4c92-B771-50CB78F5C751} "Acronis True Image Shell Context Menu Extension" - "Acronis" - C:\Programme\Acronis\TrueImageHome\tishell.dll
{C539A15B-3AF9-4c92-B771-50CB78F5C751} "Acronis True Image Shell Extension" - "Acronis" - C:\Programme\Acronis\TrueImageHome\tishell.dll
{6af09ec9-b429-11d4-a1fb-0090960218cb} "Bluetooth-Umgebung" - "Broadcom Corporation." - C:\WINDOWS\System32\BTNEIG~1.DLL
{42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? - (File not found | COM-object registry key not found)
{B28C18DB-6816-4F31-9630-397683E3C2C3} "Filzip Shell Extension" - ? - C:\Programme\Filzip\fzshext.dll
{1D2680C9-0E2A-469d-B787-065558BC7D43} "Fusion Cache" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? - (File not found | COM-object registry key not found)
{32683183-48a0-441b-a342-7c2a440a9478} "Media Band" - ? - (File not found | COM-object registry key not found)
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office10\msohev.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\msoshext.dll
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\msoshext.dll
{49BF5420-FA7F-11cf-8011-00A0C90A8F78} "Mobiles Gerät" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~4\Wcesview.dll
{7842554E-6BED-11D2-8CDB-B05550C10000} "Monitor Class" - "Broadcom Corporation." - C:\WINDOWS\System32\btncopy.dll
{B327765E-D724-4347-8B16-78AE18552FC3} "NeroDigitalIconHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroDigitalExt.dll
{7F1CF152-04F8-453A-B34C-E609530A9DC8} "NeroDigitalPropSheetHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroDigitalExt.dll
{0006F045-0000-0000-C000-000000000046} "Outlook-Dateisymbolerweiterung" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office10\OLKFSTUB.DLL
{D0FAC080-AE1A-11ce-8016-CE90976DC901} "Picture Publisher File Viewer" - ? - C:\WINDOWS\system32\ppiv30.dll (File found, but it contains no detailed information)
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - ? - (File not found | COM-object registry key not found)
{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - C:\WINDOWS\system32\dfshim.dll
{764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? - (File not found | COM-object registry key not found)
{e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - C:\WINDOWS\system32\dfshim.dll
{BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
[Internet Explorer]
-----( HKCU\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars )-----
{32683183-48a0-441b-a342-7c2a440a9478} "{32683183-48a0-441b-a342-7c2a440a9478}" - ? - (File not found | COM-object registry key not found)
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "Adobe PDF" - "Adobe Systems Incorporated" - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found)
<binary data> "ITBarLayout" - ? - (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{59136DB4-6CA3-4B40-8F2F-BBF84B6F1E91} "Attachment Upload Control" - "WEB.DE GmbH" - C:\WINDOWS\DOWNLO~1\MAIL_U~1.OCX / https://stream.web.de/mail/activex/mail_upload_11213.cab
{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} "BDSCANONLINE Control" - "BitDefender" - C:\WINDOWS\DOWNLO~1\oscan82.ocx / hxxp://download.bitdefender.com/resources/scanner/sources/de/scan8/oscan8.cab
{721700FE-7F0E-49C5-BDED-CA92B7CB1245} "Camera Stream Client Control Object" - ? - C:\WINDOWS\Downloaded Program Files\DcsCliCtrl.dll / hxxp://admin:@10.0.1.101/dcsclictrl.cab
{0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} "CKAVWebScan Object" - "Kaspersky Lab" - C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll / hxxp://www.kaspersky.com/kos/german/partner/de/kavwebscan_unicode.cab
{4871A87A-BFDD-4106-8153-FFDE2BAC2967} "DLM Control" - "Akamai Technologies, Inc." - C:\WINDOWS\DOWNLO~1\DOWNLO~1.OCX / hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab
{E008A543-CEFB-4559-912F-C27C2B89F13B} "Domino Web Access 7 Control" - "IBM Corporation" - C:\WINDOWS\Downloaded Program Files\dwa7W.dll / hxxp://www.webmail.drk.de/dwa7W.cab
{C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} "EPUImageControl Class" - "eBay, Inc." - C:\WINDOWS\Downloaded Program Files\EPUWALcontrol.dll / hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-27-0.cab
{BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} "F-Secure Online Scanner 3.3" - "F-Secure Corporation" - C:\WINDOWS\Downloaded Program Files\fscax.dll / hxxp://support.f-secure.com/ols/fscax.cab
{22492231-AEF0-49FC-9180-CE8969AB1273} "F-Secure Online Scanner Launcher" - "F-Secure Corporation" - C:\WINDOWS\DOWNLO~1\FSLAUN~1.DLL / hxxp://download.sp.f-secure.com/ols/f-secure-rtm/resources/fslauncher.cab
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_14" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_14.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} "Java Plug-in 1.6.0_14" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_14.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_14" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_14.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
{02BCC737-B171-4746-94C9-0D8A0B2C0089} "Microsoft Office Template and Media Control" - "Microsoft Corporation" - C:\WINDOWS\Downloaded Program Files\IEAWSDC.DLL / hxxp://office.microsoft.com/templates/ieawsdc.cab
{4A026B12-94F3-4D2F-A468-96AA55DE20A5} "NetCamPlayerWeb11g Control" - "Sercomm" - C:\WINDOWS\DOWNLO~1\NETCAM~1.OCX / hxxp://10.0.1.102/img/NetCamPlayerWeb11g.ocx
{D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\WINDOWS\system32\Macromed\Flash\Flash10k.ocx / hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
{215B8138-A3CF-44C5-803F-8226143CFC0A} "Trend Micro ActiveX Scan Agent 6.6" - "Trend Micro Inc." - C:\WINDOWS\Downloaded Program Files\Housecall_ActiveX.dll / hxxp://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
{5ED80217-570B-4DA9-BF44-BE107C0EC166} "Windows Live Safety Center Base Module" - "Microsoft Corporation" - C:\WINDOWS\Downloaded Program Files\wlscBase.dll / hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6770.cab
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} "{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}" - ? - (File not found | COM-object registry key not found) / hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars )-----
{182EC0BE-5110-49C8-A062-BEB1D02A220B} "Adobe PDF" - "Adobe Systems Incorporated" - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{4248FE82-7FCB-46AC-B270-339F08212110} "&Virtuelle Tastatur" - "Kaspersky Lab ZAO" - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
"@btrez.dll,-4015" - ? - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm
{2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} "ClsidExtension" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~4\INetRepl.dll
{53707962-6F74-2D53-2644-206D7942484F} "ClsidExtension" - "Safer Networking Limited" - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
{2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} "Create Mobile Favorite" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~4\INetRepl.dll
"Exec" - ? - C:\WINDOWS\bdoscandel.exe (File found, but it contains no detailed information)
{CCF151D8-D089-449F-A5A4-D9909053F20F} "Li&nks untersuchen" - "Kaspersky Lab ZAO" - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
{86529161-034E-4F8A-88D2-3C625E612E04} "Run WinHTTrack" - ? - C:\Programme\WinHTTrack\WinHTTrackIEBar.dll
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
<binary data> "Adobe PDF" - "Adobe Systems Incorporated" - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{AE7CD045-E861-484f-8273-0445EE161910} "Adobe PDF Conversion Toolbar Helper" - "Adobe Systems Incorporated" - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} "Adobe PDF Reader" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
{E33CF602-D945-461A-83F0-819F76A199F8} "FilterBHO Class" - "Kaspersky Lab ZAO" - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} "IEVkbdBHO Class" - "Kaspersky Lab ZAO" - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jp2ssv.dll
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} "SingleInstance Class" - "Yahoo! Inc" - C:\Programme\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
{53707962-6F74-2D53-2644-206D7942484F} "Spybot-S&D IE Protection" - "Safer Networking Limited" - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
[LSA Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )-----
"Notification packages" - "UPEK Inc." - C:\WINDOWS\system32\psqlpwd.dll
[Logon]
-----( %UserProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\andreas.WIR\Startmenü\Programme\Autostart\desktop.ini
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"H/PC Connection Agent" - "Microsoft Corporation" - "C:\Programme\Microsoft ActiveSync\wcescomm.exe"
"SpybotSD TeaTimer" - "Safer-Networking Ltd." - C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
-----( HKLM\SOFTWARE\Policies\Microsoft\Windows\System\Scripts\Shutdown )-----
"0" - ? - C:\Programme\Index.dat Suite\IDSuite.exe\IDSuite.exe (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"ACTray" - "Lenovo " - C:\Programme\ThinkPad\ConnectUtilities\ACTray.exe
"AVP" - "Kaspersky Lab ZAO" - "C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe"
"AwaySch" - "Lenovo Group Limited" - C:\Programme\Lenovo\AwayTask\AwaySch.EXE
"EZEJMNAP" - "Lenovo Group Ltd." - C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
"LENOVO.TPFNF6R" - "Lenovo Group Limited" - C:\Programme\Lenovo\HOTKEY\TPFNF6R.exe
"LPManager" - "Lenovo Group Limited" - C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
"Message Center Plus" - ? - C:\Programme\LENOVO\Message Center Plus\MCPLaunch.exe /start
"PSQLLauncher" - "UPEK Inc." - "C:\Programme\ThinkVantage Fingerprint Software\launcher.exe" /startup
"PWRMGRTR" - "Lenovo Group Limited" - rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
"TPHOTKEY" - "Lenovo Group Limited" - C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe
"TPKMAPHELPER" - "Lenovo" - C:\Programme\ThinkPad\Utilities\TpKmapAp.exe -helper
"TpShocks" - "Lenovo." - TpShocks.exe
[Network Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order )-----
"IntelNetProvCredMan" - "Intel Corporation" - c:\windows\system32\netprovcredman.dll
[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"Adobe PDF Port" - "Adobe Systems Incorporated." - C:\WINDOWS\system32\AdobePDF.dll
"Bluetooth-Druckeranschluss" - "Broadcom Corporation." - C:\WINDOWS\system32\bthcrp.dll
"pcAnywhere Remote Printing" - "Symantec Corporation" - C:\WINDOWS\system32\awmon.dll
[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
"Ac Profile Manager Service" (AcPrfMgrSvc) - "Lenovo " - C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
"Access Connections Main Service" (AcSvc) - "Lenovo " - C:\Programme\ThinkPad\ConnectUtilities\AcSvc.exe
"Acronis Scheduler2 Service" (AcrSch2Svc) - "Acronis" - C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe
"Anzeige am Bildschirm" (TPHKSVC) - "Lenovo Group Limited" - C:\Programme\LENOVO\HOTKEY\TPHKSVC.exe
"Apache2.2" (Apache2.2) - "Apache Software Foundation" - D:\_SHOP\xampp_mit_virtuemart\apache\bin\httpd.exe
"ASP.NET-Zustandsdienst" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
"Bluetooth Service" (btwdins) - "Broadcom Corporation." - C:\Programme\ThinkPad\Bluetooth Software\bin\btwdins.exe
"FileZilla Server" (FileZilla Server) - "FileZilla Project" - D:\_SHOP\xampp_mit_virtuemart\FileZillaFTP\FileZilla server.exe
"Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"IBM KCU Service" (TpKmpSVC) - ? - C:\WINDOWS\system32\TpKmpSVC.exe (File found, but it contains no detailed information)
"InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe
"Intel(R) PROSet/Wireless Event Log" (EvtEng) - "Intel Corporation" - C:\Programme\Intel\Wireless\Bin\EvtEng.exe
"Intel(R) PROSet/Wireless Registry Service" (RegSrvc) - "Intel Corporation" - C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
"Intel(R) PROSet/Wireless Service" (S24EventMonitor) - "Intel Corporation " - C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
"IPS-Basisservice" (IPSSVC) - "Lenovo Group Limited" - C:\WINDOWS\System32\IPSSVC.EXE
"Java Quick Starter" (JavaQuickStarterService) - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jqs.exe
"Kaspersky Anti-Virus Service" (AVP) - "Kaspersky Lab ZAO" - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
"Lenovo Microphone Mute" (LENOVO.MICMUTE) - "Lenovo Group Limited" - C:\Programme\LENOVO\HOTKEY\MICMUTE.exe
"Machine Debug Manager" (MDM) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"MySQL" (MySQL) - "MySQL AB" - D:\_SHOP\xampp_mit_virtuemart\mysql\bin\mysqld.exe
"pcAnywhere Host-Modul" (awhost32) - "Symantec Corporation" - C:\Programme\Symantec\pcAnywhere\awhost32.exe
"Power Manager DBC Service" (Power Manager DBC Service) - ? - C:\Programme\ThinkPad\Utilities\PWMDBSVC.exe
"System Update" (SUService) - "Lenovo Group Limited" - C:\Programme\Lenovo\System Update\SUService.exe
"ThinkPad HDD APS Logging Service" (TPHDEXLGSVC) - "Lenovo." - C:\WINDOWS\System32\TPHDEXLG.exe
"ThinkVantage Registry Monitor Service" (ThinkVantage Registry Monitor Service) - "Lenovo Group Limited" - C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe
"TVT Scheduler" (TVT Scheduler) - "Lenovo Group Limited" - C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe
"uvnc_service" (uvnc_service) - "UltraVNC" - C:\Programme\UltraVNC\WinVNC.exe
"VMware Authorization Service" (VMAuthdService) - "VMware, Inc." - C:\Programme\VMware\VMware Server\vmware-authd.exe
"VMware DHCP Service" (VMnetDHCP) - "VMware, Inc." - C:\WINDOWS\system32\vmnetdhcp.exe
"VMware Host Agent" (VMwareHostd) - ? - C:\Programme\VMware\VMware Server\vmware-hostd.exe (File found, but it contains no detailed information)
"VMware NAT Service" (VMware NAT Service) - "VMware, Inc." - C:\WINDOWS\system32\vmnat.exe
"VMware Server Web Access" (VMwareServerWebAccess) - "Apache Software Foundation" - C:\Programme\VMware\VMware Server\tomcat\bin\Tomcat6.exe
"VMware VSS Writer" (vmwriter) - "VMware, Inc." - C:\Programme\VMware\VMware Server\vmVssWriter.exe
"Windows CardSpace" (idsvc) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
"Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
"Windows Presentation Foundation Font Cache 4.0.0.0" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
[Winlogon]
-----( HKCU\Control Panel\IOProcs )-----
"MVB" - ? - mvfs32.dll (File not found)
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon )-----
"GinaDLL" - "UPEK Inc." - C:\WINDOWS\system32\vrlogon.dll
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )-----
"klogon" - "Kaspersky Lab ZAO" - C:\WINDOWS\system32\klogon.dll
"PCANotify" - "Symantec Corporation" - C:\WINDOWS\system32\PCANotify.dll
"psfus" - "UPEK Inc." - C:\WINDOWS\System32\psqlpwd.dll
"tpfnf2" - ? - C:\Programme\Lenovo\HOTKEY\notifyf2.dll (File found, but it contains no detailed information)
"WgaLogon" - "Microsoft Corporation" - C:\WINDOWS\system32\WgaLogon.dll
[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries )-----
"VMCI sockets DGRAM" - "VMware, Inc." - C:\Programme\VMware\VMware Server\vsocklib.dll
"VMCI sockets STREAM" - "VMware, Inc." - C:\Programme\VMware\VMware Server\vsocklib.dll
===[ Logfile end ]=========================================[ Logfile end ]===
--- --- ---
If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru |
