| |
| |||||||
Log-Analyse und Auswertung: Java-Virus JAVA/Stutter.EWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
30.06.2011, 18:12
| #16 |
 |  Java-Virus JAVA/Stutter.E hier das log von GMER Teil 1: Code:
ATTFilter GMER 1.0.15.15640 - hxxp://www.gmer.net
Rootkit scan 2011-06-30 18:30:15
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 TOSHIBA_MK8037GSX rev.DL240D
Running: ybbjneht.exe; Driver: C:\Users\***\AppData\Local\Temp\pxldipob.sys
---- System - GMER 1.0.15 ----
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwAlpcConnectPort [0x8E4B1570]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwAlpcCreatePort [0x8E4B1E46]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwConnectPort [0x8E4B0FC6]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwCreateFile [0x8E4AA884]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwCreateKey [0x8E4CBFA8]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwCreatePort [0x8E4B1AD0]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwCreateProcess [0x8E4C5E42]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwCreateProcessEx [0x8E4C626A]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwCreateSection [0x8E4D06FE]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwCreateWaitablePort [0x8E4B1C2E]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwDeleteFile [0x8E4AB5B4]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwDeleteKey [0x8E4CDA50]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwDeleteValueKey [0x8E4CD346]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwDuplicateObject [0x8E4C4C26]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwLoadKey [0x8E4CE41A]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwLoadKey2 [0x8E4CE658]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwLoadKeyEx [0x8E4CEB0A]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwOpenFile [0x8E4AB16C]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwOpenProcess [0x8E4C8358]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwOpenThread [0x8E4C7F46]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwRenameKey [0x8E4CF4E0]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwReplaceKey [0x8E4CEDD4]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwRequestWaitReplyPort [0x8E4B0B5E]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwRestoreKey [0x8E4CFF40]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwSecureConnectPort [0x8E4B1292]
SSDT 8DED6A63 ZwSetContextThread
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwSetInformationFile [0x8E4AB9BE]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwSetSecurityObject [0x8E4CFA68]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwSetValueKey [0x8E4CCA6A]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwSystemDebugControl [0x8E4C6F66]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwTerminateProcess [0x8E4C6C96]
SSDT \SystemRoot\system32\DRIVERS\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwCreateUserProcess [0x8E4C66DE]
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!KeSetEvent + 13D 81CDF8A0 8 Bytes [70, 15, 4B, 8E, 46, 1E, 4B, ...]
.text ntkrnlpa.exe!KeSetEvent + 1C1 81CDF924 4 Bytes CALL CCDDBFAA
.text ntkrnlpa.exe!KeSetEvent + 1D9 81CDF93C 4 Bytes [84, A8, 4A, 8E]
.text ntkrnlpa.exe!KeSetEvent + 1E9 81CDF94C 4 Bytes [A8, BF, 4C, 8E]
.text ntkrnlpa.exe!KeSetEvent + 205 81CDF968 12 Bytes [D0, 1A, 4B, 8E, 42, 5E, 4C, ...]
.text ...
? C:\Windows\system32\Drivers\PROCEXP113.SYS Das System kann die angegebene Datei nicht finden. !
? C:\Users\***\AppData\Local\Temp\catchme.sys Das System kann die angegebene Datei nicht finden. !
---- User code sections - GMER 1.0.15 ----
.text C:\Windows\system32\svchost.exe[416] ntdll.dll!NtAccessCheckByType 779A4044 5 Bytes JMP 20C78791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[416] ntdll.dll!NtAlpcImpersonateClientOfPort 779A4214 5 Bytes JMP 20C78DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[416] ntdll.dll!NtImpersonateClientOfPort 779A49E4 5 Bytes JMP 20C78D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[416] ntdll.dll!NtSetInformationProcess 779A5324 5 Bytes JMP 20C789AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[416] kernel32.dll!OpenProcess 778A7267 5 Bytes JMP 20C7846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[416] ADVAPI32.dll!ImpersonateNamedPipeClient 76B43A48 5 Bytes JMP 20C78E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[416] ADVAPI32.dll!SetThreadToken 76B58E21 5 Bytes JMP 20C79036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[416] USER32.dll!FindWindowA 76269D76 5 Bytes JMP 20C7828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[416] USER32.dll!FindWindowW 7627A441 5 Bytes JMP 20C7825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\wininit.exe[496] ntdll.dll!NtAccessCheckByType 779A4044 5 Bytes JMP 20C78791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\wininit.exe[496] ntdll.dll!NtAlpcImpersonateClientOfPort 779A4214 5 Bytes JMP 20C78DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\wininit.exe[496] ntdll.dll!NtImpersonateClientOfPort 779A49E4 5 Bytes JMP 20C78D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\wininit.exe[496] ntdll.dll!NtSetInformationProcess 779A5324 5 Bytes JMP 20C789AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\wininit.exe[496] kernel32.dll!OpenProcess 778A7267 5 Bytes JMP 20C7846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\wininit.exe[496] ADVAPI32.dll!ImpersonateNamedPipeClient 76B43A48 5 Bytes JMP 20C78E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\wininit.exe[496] ADVAPI32.dll!SetThreadToken 76B58E21 5 Bytes JMP 20C79036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\wininit.exe[496] USER32.dll!FindWindowA 76269D76 5 Bytes JMP 20C7828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\wininit.exe[496] USER32.dll!FindWindowW 7627A441 5 Bytes JMP 20C7825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\services.exe[564] ntdll.dll!NtAccessCheckByType 779A4044 5 Bytes JMP 20C78791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\services.exe[564] ntdll.dll!NtAlpcImpersonateClientOfPort 779A4214 5 Bytes JMP 20C78DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\services.exe[564] ntdll.dll!NtImpersonateClientOfPort 779A49E4 5 Bytes JMP 20C78D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\services.exe[564] ntdll.dll!NtSetInformationProcess 779A5324 5 Bytes JMP 20C789AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\services.exe[564] kernel32.dll!OpenProcess 778A7267 5 Bytes JMP 20C7846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\services.exe[564] ADVAPI32.dll!ImpersonateNamedPipeClient 76B43A48 5 Bytes JMP 20C78E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\services.exe[564] ADVAPI32.dll!SetThreadToken 76B58E21 5 Bytes JMP 20C79036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\services.exe[564] USER32.dll!FindWindowA 76269D76 5 Bytes JMP 20C7828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\services.exe[564] USER32.dll!FindWindowW 7627A441 5 Bytes JMP 20C7825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\lsass.exe[584] ntdll.dll!NtAccessCheckByType 779A4044 5 Bytes JMP 20C78791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\lsass.exe[584] ntdll.dll!NtAlpcImpersonateClientOfPort 779A4214 5 Bytes JMP 20C78DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\lsass.exe[584] ntdll.dll!NtImpersonateClientOfPort 779A49E4 5 Bytes JMP 20C78D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\lsass.exe[584] ntdll.dll!NtSetInformationProcess 779A5324 5 Bytes JMP 20C789AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\lsass.exe[584] ADVAPI32.dll!ImpersonateNamedPipeClient 76B43A48 5 Bytes JMP 20C78E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\lsass.exe[584] ADVAPI32.dll!SetThreadToken 76B58E21 5 Bytes JMP 20C79036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\lsass.exe[584] USER32.dll!FindWindowA 76269D76 5 Bytes JMP 20C7828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\lsass.exe[584] USER32.dll!FindWindowW 7627A441 5 Bytes JMP 20C7825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\lsm.exe[592] ntdll.dll!NtAccessCheckByType 779A4044 5 Bytes JMP 20C78791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\lsm.exe[592] ntdll.dll!NtAlpcImpersonateClientOfPort 779A4214 5 Bytes JMP 20C78DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\lsm.exe[592] ntdll.dll!NtImpersonateClientOfPort 779A49E4 5 Bytes JMP 20C78D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\lsm.exe[592] ntdll.dll!NtSetInformationProcess 779A5324 5 Bytes JMP 20C789AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\lsm.exe[592] kernel32.dll!OpenProcess 778A7267 5 Bytes JMP 20C7846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\lsm.exe[592] ADVAPI32.dll!ImpersonateNamedPipeClient 76B43A48 5 Bytes JMP 20C78E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\lsm.exe[592] ADVAPI32.dll!SetThreadToken 76B58E21 5 Bytes JMP 20C79036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\lsm.exe[592] USER32.dll!FindWindowA 76269D76 5 Bytes JMP 20C7828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\lsm.exe[592] USER32.dll!FindWindowW 7627A441 5 Bytes JMP 20C7825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\SearchIndexer.exe[652] ntdll.dll!NtAccessCheckByType 779A4044 5 Bytes JMP 20C78791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\SearchIndexer.exe[652] ntdll.dll!NtAlpcImpersonateClientOfPort 779A4214 5 Bytes JMP 20C78DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\SearchIndexer.exe[652] ntdll.dll!NtImpersonateClientOfPort 779A49E4 5 Bytes JMP 20C78D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\SearchIndexer.exe[652] ntdll.dll!NtSetInformationProcess 779A5324 5 Bytes JMP 20C789AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\SearchIndexer.exe[652] kernel32.dll!OpenProcess 778A7267 5 Bytes JMP 20C7846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\SearchIndexer.exe[652] ADVAPI32.dll!ImpersonateNamedPipeClient 76B43A48 5 Bytes JMP 20C78E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\SearchIndexer.exe[652] ADVAPI32.dll!SetThreadToken 76B58E21 5 Bytes JMP 20C79036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\SearchIndexer.exe[652] USER32.dll!FindWindowA 76269D76 5 Bytes JMP 20C7828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\SearchIndexer.exe[652] USER32.dll!FindWindowW 7627A441 5 Bytes JMP 20C7825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[772] ntdll.dll!NtAccessCheckByType 779A4044 5 Bytes JMP 20C78791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[772] ntdll.dll!NtAlpcImpersonateClientOfPort 779A4214 5 Bytes JMP 20C78DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[772] ntdll.dll!NtImpersonateClientOfPort 779A49E4 5 Bytes JMP 20C78D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[772] ntdll.dll!NtSetInformationProcess 779A5324 5 Bytes JMP 20C789AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[772] kernel32.dll!OpenProcess 778A7267 5 Bytes JMP 20C7846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[772] ADVAPI32.dll!ImpersonateNamedPipeClient 76B43A48 5 Bytes JMP 20C78E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[772] ADVAPI32.dll!SetThreadToken 76B58E21 5 Bytes JMP 20C79036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[772] USER32.dll!FindWindowA 76269D76 5 Bytes JMP 20C7828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[772] USER32.dll!FindWindowW 7627A441 5 Bytes JMP 20C7825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[816] ntdll.dll!NtAccessCheckByType 779A4044 5 Bytes JMP 20C78791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[816] ntdll.dll!NtAlpcImpersonateClientOfPort 779A4214 5 Bytes JMP 20C78DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[816] ntdll.dll!NtImpersonateClientOfPort 779A49E4 5 Bytes JMP 20C78D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[816] ntdll.dll!NtSetInformationProcess 779A5324 5 Bytes JMP 20C789AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[816] kernel32.dll!OpenProcess 778A7267 5 Bytes JMP 20C7846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[816] ADVAPI32.dll!ImpersonateNamedPipeClient 76B43A48 5 Bytes JMP 20C78E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[816] ADVAPI32.dll!SetThreadToken 76B58E21 5 Bytes JMP 20C79036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[816] USER32.dll!FindWindowA 76269D76 5 Bytes JMP 20C7828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[816] USER32.dll!FindWindowW 7627A441 5 Bytes JMP 20C7825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[888] ntdll.dll!NtAccessCheckByType 779A4044 5 Bytes JMP 20C78791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[888] ntdll.dll!NtAlpcImpersonateClientOfPort 779A4214 5 Bytes JMP 20C78DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[888] ntdll.dll!NtImpersonateClientOfPort 779A49E4 5 Bytes JMP 20C78D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[888] ntdll.dll!NtSetInformationProcess 779A5324 5 Bytes JMP 20C789AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[888] kernel32.dll!OpenProcess 778A7267 5 Bytes JMP 20C7846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[888] ADVAPI32.dll!ImpersonateNamedPipeClient 76B43A48 5 Bytes JMP 20C78E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[888] ADVAPI32.dll!SetThreadToken 76B58E21 5 Bytes JMP 20C79036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[888] USER32.dll!FindWindowA 76269D76 5 Bytes JMP 20C7828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[888] USER32.dll!FindWindowW 7627A441 5 Bytes JMP 20C7825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[1004] ntdll.dll!NtAccessCheckByType 779A4044 5 Bytes JMP 20C78791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[1004] ntdll.dll!NtAlpcImpersonateClientOfPort 779A4214 5 Bytes JMP 20C78DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[1004] ntdll.dll!NtImpersonateClientOfPort 779A49E4 5 Bytes JMP 20C78D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[1004] ntdll.dll!NtSetInformationProcess 779A5324 5 Bytes JMP 20C789AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[1004] kernel32.dll!OpenProcess 778A7267 5 Bytes JMP 20C7846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[1004] ADVAPI32.dll!ImpersonateNamedPipeClient 76B43A48 5 Bytes JMP 20C78E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[1004] ADVAPI32.dll!SetThreadToken 76B58E21 5 Bytes JMP 20C79036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[1004] USER32.dll!FindWindowA 76269D76 5 Bytes JMP 20C7828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[1004] USER32.dll!FindWindowW 7627A441 5 Bytes JMP 20C7825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[1084] ntdll.dll!NtAccessCheckByType 779A4044 5 Bytes JMP 20C78791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[1084] ntdll.dll!NtAlpcImpersonateClientOfPort 779A4214 5 Bytes JMP 20C78DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[1084] ntdll.dll!NtImpersonateClientOfPort 779A49E4 5 Bytes JMP 20C78D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[1084] ntdll.dll!NtSetInformationProcess 779A5324 5 Bytes JMP 20C789AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[1084] kernel32.dll!OpenProcess 778A7267 5 Bytes JMP 20C7846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[1084] ADVAPI32.dll!ImpersonateNamedPipeClient 76B43A48 5 Bytes JMP 20C78E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[1084] ADVAPI32.dll!SetThreadToken 76B58E21 5 Bytes JMP 20C79036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[1084] USER32.dll!FindWindowA 76269D76 5 Bytes JMP 20C7828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\System32\svchost.exe[1084] USER32.dll!FindWindowW 7627A441 5 Bytes JMP 20C7825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1100] ntdll.dll!NtAccessCheckByType 779A4044 5 Bytes JMP 20C78791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1100] ntdll.dll!NtAlpcImpersonateClientOfPort 779A4214 5 Bytes JMP 20C78DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1100] ntdll.dll!NtImpersonateClientOfPort 779A49E4 5 Bytes JMP 20C78D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1100] ntdll.dll!NtSetInformationProcess 779A5324 5 Bytes JMP 20C789AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1100] kernel32.dll!OpenProcess 778A7267 5 Bytes JMP 20C7846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1100] ADVAPI32.dll!ImpersonateNamedPipeClient 76B43A48 5 Bytes JMP 20C78E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1100] ADVAPI32.dll!SetThreadToken 76B58E21 5 Bytes JMP 20C79036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1100] USER32.dll!FindWindowA 76269D76 5 Bytes JMP 20C7828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1100] USER32.dll!FindWindowW 7627A441 5 Bytes JMP 20C7825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1244] ntdll.dll!NtAccessCheckByType 779A4044 5 Bytes JMP 20C78791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1244] ntdll.dll!NtAlpcImpersonateClientOfPort 779A4214 5 Bytes JMP 20C78DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1244] ntdll.dll!NtImpersonateClientOfPort 779A49E4 5 Bytes JMP 20C78D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1244] ntdll.dll!NtSetInformationProcess 779A5324 5 Bytes JMP 20C789AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1244] kernel32.dll!OpenProcess 778A7267 5 Bytes JMP 20C7846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1244] ADVAPI32.dll!ImpersonateNamedPipeClient 76B43A48 5 Bytes JMP 20C78E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1244] ADVAPI32.dll!SetThreadToken 76B58E21 5 Bytes JMP 20C79036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1244] USER32.dll!FindWindowA 76269D76 5 Bytes JMP 20C7828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1244] USER32.dll!FindWindowW 7627A441 5 Bytes JMP 20C7825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe[1256] ntdll.dll!NtAccessCheckByType 779A4044 5 Bytes JMP 20C78791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe[1256] ntdll.dll!NtAlpcImpersonateClientOfPort 779A4214 5 Bytes JMP 20C78DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe[1256] ntdll.dll!NtImpersonateClientOfPort 779A49E4 5 Bytes JMP 20C78D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe[1256] ntdll.dll!NtSetInformationProcess 779A5324 5 Bytes JMP 20C789AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe[1256] kernel32.dll!OpenProcess 778A7267 5 Bytes JMP 20C7846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe[1256] USER32.dll!FindWindowA 76269D76 5 Bytes JMP 20C7828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe[1256] USER32.dll!FindWindowW 7627A441 5 Bytes JMP 20C7825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe[1256] ADVAPI32.dll!ImpersonateNamedPipeClient 76B43A48 5 Bytes JMP 20C78E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe[1256] ADVAPI32.dll!SetThreadToken 76B58E21 5 Bytes JMP 20C79036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1388] ntdll.dll!NtAccessCheckByType 779A4044 5 Bytes JMP 20C78791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1388] ntdll.dll!NtAlpcImpersonateClientOfPort 779A4214 5 Bytes JMP 20C78DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1388] ntdll.dll!NtImpersonateClientOfPort 779A49E4 5 Bytes JMP 20C78D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1388] ntdll.dll!NtSetInformationProcess 779A5324 5 Bytes JMP 20C789AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1388] kernel32.dll!OpenProcess 778A7267 5 Bytes JMP 20C7846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1388] ADVAPI32.dll!ImpersonateNamedPipeClient 76B43A48 5 Bytes JMP 20C78E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1388] ADVAPI32.dll!SetThreadToken 76B58E21 5 Bytes JMP 20C79036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1388] USER32.dll!FindWindowA 76269D76 5 Bytes JMP 20C7828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1388] USER32.dll!FindWindowW 7627A441 5 Bytes JMP 20C7825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\CheckPoint\ZAForceField\ForceField.exe[1544] ntdll.dll!NtAccessCheckByType 779A4044 5 Bytes JMP 20C78791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\CheckPoint\ZAForceField\ForceField.exe[1544] ntdll.dll!NtAlpcImpersonateClientOfPort 779A4214 5 Bytes JMP 20C78DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\CheckPoint\ZAForceField\ForceField.exe[1544] ntdll.dll!NtImpersonateClientOfPort 779A49E4 5 Bytes JMP 20C78D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\CheckPoint\ZAForceField\ForceField.exe[1544] ntdll.dll!NtSetInformationProcess 779A5324 5 Bytes JMP 20C789AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\CheckPoint\ZAForceField\ForceField.exe[1544] kernel32.dll!SetUnhandledExceptionFilter 7788A84F 5 Bytes JMP 209B37DD C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWDMP.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\CheckPoint\ZAForceField\ForceField.exe[1544] kernel32.dll!OpenProcess 778A7267 5 Bytes JMP 20C7846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\CheckPoint\ZAForceField\ForceField.exe[1544] USER32.dll!FindWindowA 76269D76 5 Bytes JMP 20C7828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\CheckPoint\ZAForceField\ForceField.exe[1544] USER32.dll!FindWindowW 7627A441 5 Bytes JMP 20C7825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\CheckPoint\ZAForceField\ForceField.exe[1544] ADVAPI32.dll!ImpersonateNamedPipeClient 76B43A48 5 Bytes JMP 20C78E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\CheckPoint\ZAForceField\ForceField.exe[1544] ADVAPI32.dll!SetThreadToken 76B58E21 5 Bytes JMP 20C79036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1704] ntdll.dll!NtAccessCheckByType 779A4044 5 Bytes JMP 20C78791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1704] ntdll.dll!NtAlpcImpersonateClientOfPort 779A4214 5 Bytes JMP 20C78DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1704] ntdll.dll!NtImpersonateClientOfPort 779A49E4 5 Bytes JMP 20C78D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1704] ntdll.dll!NtSetInformationProcess 779A5324 5 Bytes JMP 20C789AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1704] kernel32.dll!OpenProcess 778A7267 5 Bytes JMP 20C7846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1704] ADVAPI32.dll!ImpersonateNamedPipeClient 76B43A48 5 Bytes JMP 20C78E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1704] ADVAPI32.dll!SetThreadToken 76B58E21 5 Bytes JMP 20C79036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1704] USER32.dll!FindWindowA 76269D76 5 Bytes JMP 20C7828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1704] USER32.dll!FindWindowW 7627A441 5 Bytes JMP 20C7825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe[1756] kernel32.dll!OpenProcess 778A7267 5 Bytes JMP 20C7846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe[1756] USER32.dll!IsWindowUnicode + 37 762690B5 5 Bytes JMP 20C79270 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\System32\spoolsv.exe[1836] ntdll.dll!NtAccessCheckByType 779A4044 5 Bytes JMP 20C78791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\System32\spoolsv.exe[1836] ntdll.dll!NtAlpcImpersonateClientOfPort 779A4214 5 Bytes JMP 20C78DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\System32\spoolsv.exe[1836] ntdll.dll!NtImpersonateClientOfPort 779A49E4 5 Bytes JMP 20C78D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\System32\spoolsv.exe[1836] ntdll.dll!NtSetInformationProcess 779A5324 5 Bytes JMP 20C789AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\System32\spoolsv.exe[1836] kernel32.dll!OpenProcess 778A7267 5 Bytes JMP 20C7846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\System32\spoolsv.exe[1836] ADVAPI32.dll!ImpersonateNamedPipeClient 76B43A48 5 Bytes JMP 20C78E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\System32\spoolsv.exe[1836] ADVAPI32.dll!SetThreadToken 76B58E21 5 Bytes JMP 20C79036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\System32\spoolsv.exe[1836] USER32.dll!FindWindowA 76269D76 5 Bytes JMP 20C7828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\System32\spoolsv.exe[1836] USER32.dll!FindWindowW 7627A441 5 Bytes JMP 20C7825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1872] ntdll.dll!NtAccessCheckByType 779A4044 5 Bytes JMP 20C78791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1872] ntdll.dll!NtAlpcImpersonateClientOfPort 779A4214 5 Bytes JMP 20C78DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1872] ntdll.dll!NtImpersonateClientOfPort 779A49E4 5 Bytes JMP 20C78D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1872] ntdll.dll!NtSetInformationProcess 779A5324 5 Bytes JMP 20C789AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1872] kernel32.dll!OpenProcess 778A7267 5 Bytes JMP 20C7846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1872] ADVAPI32.dll!ImpersonateNamedPipeClient 76B43A48 5 Bytes JMP 20C78E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1872] ADVAPI32.dll!SetThreadToken 76B58E21 5 Bytes JMP 20C79036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1872] USER32.dll!FindWindowA 76269D76 5 Bytes JMP 20C7828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\svchost.exe[1872] USER32.dll!FindWindowW 7627A441 5 Bytes JMP 20C7825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\taskeng.exe[2000] ntdll.dll!NtAccessCheckByType 779A4044 5 Bytes JMP 20C78791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\taskeng.exe[2000] ntdll.dll!NtAlpcImpersonateClientOfPort 779A4214 5 Bytes JMP 20C78DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\taskeng.exe[2000] ntdll.dll!NtImpersonateClientOfPort 779A49E4 5 Bytes JMP 20C78D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\taskeng.exe[2000] ntdll.dll!NtSetInformationProcess 779A5324 5 Bytes JMP 20C789AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\taskeng.exe[2000] kernel32.dll!OpenProcess 778A7267 5 Bytes JMP 20C7846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\taskeng.exe[2000] ADVAPI32.dll!ImpersonateNamedPipeClient 76B43A48 5 Bytes JMP 20C78E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\taskeng.exe[2000] ADVAPI32.dll!SetThreadToken 76B58E21 5 Bytes JMP 20C79036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\taskeng.exe[2000] USER32.dll!FindWindowA 76269D76 5 Bytes JMP 20C7828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\taskeng.exe[2000] USER32.dll!FindWindowW 7627A441 5 Bytes JMP 20C7825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Users\***\Desktop\ybbjneht.exe[2552] ntdll.dll!NtAccessCheckByType 779A4044 5 Bytes JMP 20C78791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Users\***\Desktop\ybbjneht.exe[2552] ntdll.dll!NtAlpcImpersonateClientOfPort 779A4214 5 Bytes JMP 20C78DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Users\***\Desktop\ybbjneht.exe[2552] ntdll.dll!NtImpersonateClientOfPort 779A49E4 5 Bytes JMP 20C78D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Users\***\Desktop\ybbjneht.exe[2552] ntdll.dll!NtSetInformationProcess 779A5324 5 Bytes JMP 20C789AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Users\***\Desktop\ybbjneht.exe[2552] kernel32.dll!OpenProcess 778A7267 5 Bytes JMP 20C7846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Users\***\Desktop\ybbjneht.exe[2552] USER32.dll!FindWindowA 76269D76 5 Bytes JMP 20C7828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Users\***\Desktop\ybbjneht.exe[2552] USER32.dll!FindWindowW 7627A441 5 Bytes JMP 20C7825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Users\***\Desktop\ybbjneht.exe[2552] ADVAPI32.dll!ImpersonateNamedPipeClient 76B43A48 5 Bytes JMP 20C78E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Users\***\Desktop\ybbjneht.exe[2552] ADVAPI32.dll!SetThreadToken 76B58E21 5 Bytes JMP 20C79036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\Explorer.exe[2632] ntdll.dll!NtAccessCheckByType 779A4044 5 Bytes JMP 20C78791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\Explorer.exe[2632] ntdll.dll!NtAlpcImpersonateClientOfPort 779A4214 5 Bytes JMP 20C78DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\Explorer.exe[2632] ntdll.dll!NtImpersonateClientOfPort 779A49E4 5 Bytes JMP 20C78D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\Explorer.exe[2632] ntdll.dll!NtSetInformationProcess 779A5324 5 Bytes JMP 20C789AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\Explorer.exe[2632] kernel32.dll!OpenProcess 778A7267 5 Bytes JMP 20C7846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\Explorer.exe[2632] ADVAPI32.dll!ImpersonateNamedPipeClient 76B43A48 5 Bytes JMP 20C78E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\Explorer.exe[2632] ADVAPI32.dll!SetThreadToken 76B58E21 5 Bytes JMP 20C79036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\Explorer.exe[2632] USER32.dll!FindWindowA 76269D76 5 Bytes JMP 20C7828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\Explorer.exe[2632] USER32.dll!FindWindowW 7627A441 5 Bytes JMP 20C7825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[3240] ntdll.dll!NtAccessCheckByType 779A4044 5 Bytes JMP 20C78791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[3240] ntdll.dll!NtAlpcImpersonateClientOfPort 779A4214 5 Bytes JMP 20C78DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[3240] ntdll.dll!NtImpersonateClientOfPort 779A49E4 5 Bytes JMP 20C78D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[3240] ntdll.dll!NtSetInformationProcess 779A5324 5 Bytes JMP 20C789AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[3240] kernel32.dll!OpenProcess 778A7267 5 Bytes JMP 20C7846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[3240] USER32.dll!FindWindowA 76269D76 5 Bytes JMP 20C7828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[3240] USER32.dll!FindWindowW 7627A441 5 Bytes JMP 20C7825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[3240] ADVAPI32.dll!ImpersonateNamedPipeClient 76B43A48 5 Bytes JMP 20C78E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[3240] ADVAPI32.dll!SetThreadToken 76B58E21 5 Bytes JMP 20C79036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe[3336] ntdll.dll!NtAccessCheckByType 779A4044 5 Bytes JMP 20C78791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe[3336] ntdll.dll!NtAlpcImpersonateClientOfPort 779A4214 5 Bytes JMP 20C78DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe[3336] ntdll.dll!NtImpersonateClientOfPort 779A49E4 5 Bytes JMP 20C78D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe[3336] ntdll.dll!NtSetInformationProcess 779A5324 5 Bytes JMP 20C789AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe[3336] kernel32.dll!OpenProcess 778A7267 5 Bytes JMP 20C7846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe[3336] USER32.dll!FindWindowA 76269D76 5 Bytes JMP 20C7828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe[3336] USER32.dll!FindWindowW 7627A441 5 Bytes JMP 20C7825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe[3336] ADVAPI32.dll!ImpersonateNamedPipeClient 76B43A48 5 Bytes JMP 20C78E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe[3336] ADVAPI32.dll!SetThreadToken 76B58E21 5 Bytes JMP 20C79036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe[3344] ntdll.dll!NtAccessCheckByType 779A4044 5 Bytes JMP 20C78791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe[3344] ntdll.dll!NtAlpcImpersonateClientOfPort 779A4214 5 Bytes JMP 20C78DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe[3344] ntdll.dll!NtImpersonateClientOfPort 779A49E4 5 Bytes JMP 20C78D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe[3344] ntdll.dll!NtSetInformationProcess 779A5324 5 Bytes JMP 20C789AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe[3344] kernel32.dll!OpenProcess 778A7267 5 Bytes JMP 20C7846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe[3344] USER32.dll!FindWindowA 76269D76 5 Bytes JMP 20C7828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe[3344] USER32.dll!FindWindowW 7627A441 5 Bytes JMP 20C7825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe[3344] ADVAPI32.dll!ImpersonateNamedPipeClient 76B43A48 5 Bytes JMP 20C78E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe[3344] ADVAPI32.dll!SetThreadToken 76B58E21 5 Bytes JMP 20C79036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Users\***\***\Programme\ZoneAlarm\ZoneAlarm\Update3\ZoneAlarm\zlclient.exe[3372] ntdll.dll!NtAccessCheckByType 779A4044 5 Bytes JMP 20C78791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Users\***\***\Programme\ZoneAlarm\ZoneAlarm\Update3\ZoneAlarm\zlclient.exe[3372] ntdll.dll!NtAlpcImpersonateClientOfPort 779A4214 5 Bytes JMP 20C78DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Users\***\***\Programme\ZoneAlarm\ZoneAlarm\Update3\ZoneAlarm\zlclient.exe[3372] ntdll.dll!NtImpersonateClientOfPort 779A49E4 5 Bytes JMP 20C78D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Users\***\***\Programme\ZoneAlarm\ZoneAlarm\Update3\ZoneAlarm\zlclient.exe[3372] ntdll.dll!NtSetInformationProcess 779A5324 5 Bytes JMP 20C789AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Users\***\***\Programme\ZoneAlarm\ZoneAlarm\Update3\ZoneAlarm\zlclient.exe[3372] kernel32.dll!OpenProcess 778A7267 5 Bytes JMP 20C7846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Users\***\***\Programme\ZoneAlarm\ZoneAlarm\Update3\ZoneAlarm\zlclient.exe[3372] USER32.dll!FindWindowA 76269D76 5 Bytes JMP 20C7828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Users\***\***\Programme\ZoneAlarm\ZoneAlarm\Update3\ZoneAlarm\zlclient.exe[3372] USER32.dll!FindWindowW 7627A441 5 Bytes JMP 20C7825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Users\***\***\Programme\ZoneAlarm\ZoneAlarm\Update3\ZoneAlarm\zlclient.exe[3372] ADVAPI32.dll!ImpersonateNamedPipeClient 76B43A48 5 Bytes JMP 20C78E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Users\***\***\Programme\ZoneAlarm\ZoneAlarm\Update3\ZoneAlarm\zlclient.exe[3372] ADVAPI32.dll!SetThreadToken 76B58E21 5 Bytes JMP 20C79036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3416] ntdll.dll!NtAccessCheckByType 779A4044 5 Bytes JMP 20C78791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3416] ntdll.dll!NtAlpcImpersonateClientOfPort 779A4214 5 Bytes JMP 20C78DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3416] ntdll.dll!NtImpersonateClientOfPort 779A49E4 5 Bytes JMP 20C78D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3416] ntdll.dll!NtSetInformationProcess 779A5324 5 Bytes JMP 20C789AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3416] kernel32.dll!OpenProcess 778A7267 5 Bytes JMP 20C7846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3416] ADVAPI32.dll!ImpersonateNamedPipeClient 76B43A48 5 Bytes JMP 20C78E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3416] ADVAPI32.dll!SetThreadToken 76B58E21 5 Bytes JMP 20C79036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3416] USER32.dll!FindWindowA 76269D76 5 Bytes JMP 20C7828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3416] USER32.dll!FindWindowW 7627A441 5 Bytes JMP 20C7825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3464] ntdll.dll!NtAccessCheckByType 779A4044 5 Bytes JMP 20C78791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3464] ntdll.dll!NtAlpcImpersonateClientOfPort 779A4214 5 Bytes JMP 20C78DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3464] ntdll.dll!NtImpersonateClientOfPort 779A49E4 5 Bytes JMP 20C78D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3464] ntdll.dll!NtSetInformationProcess 779A5324 5 Bytes JMP 20C789AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3464] kernel32.dll!OpenProcess 778A7267 5 Bytes JMP 20C7846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3464] ADVAPI32.dll!ImpersonateNamedPipeClient 76B43A48 5 Bytes JMP 20C78E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3464] ADVAPI32.dll!SetThreadToken 76B58E21 5 Bytes JMP 20C79036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3464] USER32.dll!FindWindowA 76269D76 5 Bytes JMP 20C7828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3464] USER32.dll!FindWindowW 7627A441 5 Bytes JMP 20C7825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3552] ntdll.dll!NtAccessCheckByType 779A4044 5 Bytes JMP 20C78791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3552] ntdll.dll!NtAlpcImpersonateClientOfPort 779A4214 5 Bytes JMP 20C78DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3552] ntdll.dll!NtImpersonateClientOfPort 779A49E4 5 Bytes JMP 20C78D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3552] ntdll.dll!NtSetInformationProcess 779A5324 5 Bytes JMP 20C789AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3552] kernel32.dll!OpenProcess 778A7267 5 Bytes JMP 20C7846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3552] ADVAPI32.dll!ImpersonateNamedPipeClient 76B43A48 5 Bytes JMP 20C78E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3552] ADVAPI32.dll!SetThreadToken 76B58E21 5 Bytes JMP 20C79036 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3552] USER32.dll!FindWindowA 76269D76 5 Bytes JMP 20C7828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3552] USER32.dll!FindWindowW 7627A441 5 Bytes JMP 20C7825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\wuauclt.exe[4072] ntdll.dll!NtAccessCheckByType 779A4044 5 Bytes JMP 20C78791 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\wuauclt.exe[4072] ntdll.dll!NtAlpcImpersonateClientOfPort 779A4214 5 Bytes JMP 20C78DD9 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\wuauclt.exe[4072] ntdll.dll!NtImpersonateClientOfPort 779A49E4 5 Bytes JMP 20C78D58 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\wuauclt.exe[4072] ntdll.dll!NtSetInformationProcess 779A5324 5 Bytes JMP 20C789AB C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\wuauclt.exe[4072] kernel32.dll!OpenProcess 778A7267 5 Bytes JMP 20C7846C C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\wuauclt.exe[4072] USER32.dll!FindWindowA 76269D76 5 Bytes JMP 20C7828F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\wuauclt.exe[4072] USER32.dll!FindWindowW 7627A441 5 Bytes JMP 20C7825A C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\wuauclt.exe[4072] ADVAPI32.dll!ImpersonateNamedPipeClient 76B43A48 5 Bytes JMP 20C78E5D C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
.text C:\Windows\system32\wuauclt.exe[4072] ADVAPI32.dll!SetThreadToken
|
|
30.06.2011, 18:13
| #17 |
| | Java-Virus JAVA/Stutter.E hier log von GMER Teil 2:
__________________Code:
ATTFilter ---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\Windows\system32\svchost.exe[416] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C7835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
IAT C:\Windows\system32\wininit.exe[496] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C7835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
IAT C:\Windows\system32\services.exe[564] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C7835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
IAT C:\Windows\system32\lsass.exe[584] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C7835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
IAT C:\Windows\system32\lsm.exe[592] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C7835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
IAT C:\Windows\system32\SearchIndexer.exe[652] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C7835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
IAT C:\Windows\system32\svchost.exe[772] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C7835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
IAT C:\Windows\System32\svchost.exe[816] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C7835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
IAT C:\Windows\system32\svchost.exe[888] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C7835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
IAT C:\Windows\System32\svchost.exe[1004] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C7835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
IAT C:\Windows\System32\svchost.exe[1084] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C7835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
IAT C:\Windows\system32\svchost.exe[1100] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C7835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
IAT C:\Windows\system32\svchost.exe[1244] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C7835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
IAT C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe[1256] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C7835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
IAT C:\Windows\system32\svchost.exe[1388] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C7835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
IAT C:\Windows\system32\svchost.exe[1704] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C7835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
IAT C:\Windows\System32\spoolsv.exe[1836] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C7835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
IAT C:\Windows\system32\svchost.exe[1872] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C7835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
IAT C:\Windows\system32\taskeng.exe[2000] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C7835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
IAT C:\Users\***\Desktop\ybbjneht.exe[2552] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C7835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
IAT C:\Windows\Explorer.exe[2632] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C7835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
IAT C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[3240] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C7835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
IAT C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe[3336] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C7835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
IAT C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe[3344] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C7835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
IAT C:\Program Files\Common Files\Java\Java Update\jusched.exe[3416] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C7835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
IAT C:\Program Files\Windows Media Player\wmpnscfg.exe[3464] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C7835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
IAT C:\Program Files\Windows Media Player\wmpnetwk.exe[3552] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C7835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
IAT C:\Windows\system32\wuauclt.exe[4072] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [20C7835C] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm Browser Security/Check Point Software Technologies)
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation)
---- EOF - GMER 1.0.15 ----
|
|
30.06.2011, 19:48
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Java-Virus JAVA/Stutter.E Leg dir bitte mal ein neues Benutzerkonto mit Adminrechten über die Systesteuerung an.
__________________Melde dich ab, log dich im neuen Konto an und probier dort noch die Systemsteuerung aufzurufen.
__________________ |
|
01.07.2011, 00:03
| #19 |
| | Java-Virus JAVA/Stutter.E habe mit "control userpasswords2" über den ausführen-befehl ein neues admin-benutzerkonto angelegt, neu gestartet, dort eingeloggt und die systemsteuerung geht. kann anhand der log-dateien ein oder das problem eingekreist werden? vielen dank und viele grüße. |
|
01.07.2011, 09:05
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Java-Virus JAVA/Stutter.E Deinstallier bitte erstmal ZoneAlarm und aktiviere die Windows-Firewall. Bisher hab ich aber noch keinen Hinweis, warum die Systemsteuerung in deinem normal verwendeten Benutzer nicht funktioniert. Weitere Hinweise auf Schädlinge hab ich nicht, vllt ist einfach nur das Benutzerprofil zerschossen.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
01.07.2011, 09:44
| #21 |
| | Java-Virus JAVA/Stutter.E vielen dank schon mal. das andere ist, dass sich der Regenschirm im Icon meiner Startmenüleiste nicht öffnen lässt. irgendwas ist da, sonst hätte avira ja nicht den stutter.e gemeldet. ich erledige jetzt deine vorschläge. das komische ist, dass ich nichts im internet zu dem stutter.e-virus finde. es gibt verschiedene stutter viren und eine minimale stutter.e-virus beschreibung, aber mehr nicht. |
|
01.07.2011, 10:17
| #22 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Java-Virus JAVA/Stutter.EZitat:
Und ich betone nochmal, dass die Logs bisher unauffällig sind, bis auf den Müll im JavaCache 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
01.07.2011, 10:45
| #23 |
| | Java-Virus JAVA/Stutter.E wie kann ich den müll im javacache löschen? windows firewall ist eingeschalten. wie kann ich gut zonealarm unter vista löschen. habe jetzt alle ZA-deinstall.exe durchgeführt. |
|
01.07.2011, 10:57
| #24 | ||
| /// Winkelfunktion /// TB-Süch-Tiger™ | Java-Virus JAVA/Stutter.EZitat:
Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
01.07.2011, 11:25
| #25 |
| | Java-Virus JAVA/Stutter.E sorry, ich steh auf dem schlauch. ich habe keine ahnung, wie ich manuell den Ordner leere, bzw. wo ich die anleitung zum löschen von java in CCleaner finde. ZA: ich hab da mehrere update-varianten auf meinem rechner. za ist deinstalliert, aber der ordner vom ersten update ist noch da. den lösch ich dann auch einfach, denn die deinstall-routine von diesem ordner geht nicht mehr. |
|
01.07.2011, 12:26
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Java-Virus JAVA/Stutter.E Die ANleitung war allgemein für den CCleaner das ist doch im entsprechenden Artikel! Da gibt es keine extra Anleitung zum Haken setzen, du musst doch nur den Haken setzen wie o.g. bei Anwedungen => Sun Java!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
01.07.2011, 13:45
| #27 |
| | Java-Virus JAVA/Stutter.E okay, habe mit CCleaner den Javacache gelöscht. außerdem alles Zonealarm gelöscht was es gab. avira-schirm und systemsteuerung gehen nicht. kann man herausfinden, ob da doch noch mehr ist? vielleicht ist stutter.e noch nicht genau bekannt? viele grüße und vielen dank! |
|
01.07.2011, 13:47
| #28 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Java-Virus JAVA/Stutter.EZitat:
Nimm Avast oder MSE
__________________ Logfiles bitte immer in CODE-Tags posten |
|
01.07.2011, 13:51
| #29 |
| | Java-Virus JAVA/Stutter.E . irgendwie hab ich das gefühl, dass ich mich mit meinen fragen dusselig rede, sorry: kann man herausfinden, ob da noch mehr ist? vielleicht ist stutter.e noch nicht genau bekannt? nochmals ganz vielen dank für die mühe! . Geändert von kabuschi (01.07.2011 um 14:03 Uhr) |
|
01.07.2011, 14:10
| #30 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Java-Virus JAVA/Stutter.EZitat:
Du musst dir darüber im Klaren sein, dass es keine 100% Sicherheit gibt und du ein System nicht garantiert bereinigen kannst. Also wenn du panische Angst hast da könnte immer noch irgendwas sein musst du auch konsequenterweise das System plätten, alle Partition löschen, neu erstellen, formatieren und eine Neuinstallation von Windows durchführen. Nur dann hast du die Garantie, jeden etwaigen Schädling erwischt zu haben.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Java-Virus JAVA/Stutter.E |
| adware.yabector, aktiv, antivir, beseitigen, erkennen, fenster, geöffnete, java-virus, java/stutter.e, nicht mehr, nicht mehr öffnen, quarantäne, rückmeldung, stutter.e, systems, systemsteuerung, virus, weißes, weißes fenster, öffnen |
Linear-Darstellung
