| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Beim Versuch Wiso Steuer 2011 zu deinstallieren werden alle Programme in Start gelöscht!Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
06.04.2013, 08:30
| #1 |
 |  Beim Versuch Wiso Steuer 2011 zu deinstallieren werden alle Programme in Start gelöscht! Hallo alle zusammen, ich brauche dringend Hilfe, da mein Laptop seit einigen Wochen komisch reagiert. Vor zwei Wochen habe ich versucht Wiso Steuer 2011 zu deinstallieren. Die Software ließ sich durch die dazugehörige CD bestens deinstallieren, doch gleich nach der Deinstallation verschwanden in Start nacheinander alle Programme. Ich habe dann eine Systemwiederherstellung auf meinen Laptop ausgeführt, doch dieser wirkte danach nur noch verlangsamter. Danach versuchte ich Wiso Steuer wieder zu deinstallieren, um mich zu vergewissern, dass die Software wirklich das Problem sei. Wie vermutet verschwanden nach der Deinstallation wieder alle meine Programme in Start. Diese waren auch nicht mehr im lokalen Datenträger (C  zu finden. Somit musste ich wieder das System wiederherstellen.Danach ließ ich Malwarebytes durchlaufen, doch es war nichts festzustellen. Ebenfalls konnte ich auch keine weiteren Programme installieren oder deinstallieren. Gestern Abend kam ich dann zufälligerweise auf Eure Website. Leider habe zu meinem Thema nichts gefunden. Kann aber auch an mir liegen, dass ich etwas übersehen habe, da ich zum ersten Mal an einem Forum teilnehme. Deswegen entschuldige ich mich auch schon im Voraus, falls ich etwas falsch gemacht haben sollte. Auf jeden Fall habe ich dann noch einige Versuche unternommen, wie ComboFix, AdwCleaner, TDSSkiller durch geführt. Leider weiß ich bis jetzt noch nicht, ob ich überhaupt ein Virus habe oder ob es an meinem Windowssystem liegt. Ebenfalls bin ich mir nicht sicher, ob Wiso Steuer 2011 wirklich das Problem ist. Ich habe einige Daten für Sie: System: Microsoft Windows XP Home Edition Version 2002 Service Pack 3 Hergestellt und unterstützt von: ASUS EeePC ________________________________________________________________ Ich habe dann defogger runtergeladen und auf den Disable-Button geklickt. Habe dann OTL von Oldtimer runtergeladen und OTL.txt und Extra.txt auf meinem Desktop gespeichert. Dann habe ich GMER laufen lassen und Gmer.txt ebenfalls auf meinem Desktop gespeichert. Jetzt habe ich hier das problem, dass alle drei log-Dateien (vor allem Gmer.txt) zu groß sind und ich diese hier nicht als Anhänge einfügen kann. Gibt es da eine Möglichkeit diese zu komprimieren? Wenn ja wie? _______________________________________________________ Im Anhang werdet ihr jedoch die log-Dateien für ComboFix, AdwCleaner, TDSSkiller finden. Ich hoffe, dass diese nützlich sein können. Anhang 52671 Anhang 52672 Anhang 52673 Anhang 52674 Anhang 52675 Anhang 52676 Anhang 52677 Anhang 52678 Anhang 52679 Anhang 52680 Anhang 52681 Anhang 52682 _________________________________________________________ Ist das in Ordnung, wie ich die Sachen aufgelistet habe? Benötigen Sie weitere Infos? Ich hoffe wirklich, dass Sie mir weiterhelfen können, da ich echt verzweifelt bin! Vielen Dank schon mal im Voraus für Ihre Unterstützung. Viele Grüße pizzi_81 |
|
09.04.2013, 14:47
| #2 | ||
| /// TB-Ausbilder   | Beim Versuch Wiso Steuer 2011 zu deinstallieren werden alle Programme in Start gelöscht! Hi,
__________________entschuldige bitte die Verspätung. Besteht das Problem weiterhin? Zitat:
Zitat:
__________________ |
|
09.04.2013, 16:36
| #3 | ||
| | Beim Versuch Wiso Steuer 2011 zu deinstallieren werden alle Programme in Start gelöscht! Hi,
__________________vielen Dank für Deine Antwort :-) Kein Problem wegen der Verspätung, das ist sehr gut nachzuvollziehen bei den vielen Anfragen, die ihr bekommt. Also das Problem besteht weiterhin. Ich deinstalliere Wiso Steuer schon gar nicht mehr, da ich dann immer das System wiederherstellen muss. Das nimmt mir immer ein Haufen Zeit weg, die ich momentan nicht habe, da ich meine Bachelorarbeit schreiben muss. Jetzt macht mittlerweile auch Microsoft Word 2010 Probleme. Wenn ich eine zu große Datei aufmache, oder ein eigenes Word-Dokument erstelle, stürzt Word mitten beim Schreiben. In vielen Fällen gehen mir immer wieder Sätze/Texte verloren, weil Word nicht alles gespeichert hat beim Abstürzen. Zitat:
Zitat:
 In 7zip oder WinRar kann ich es auch nicht komprimieren. Gibt es da eine andere Möglichkeit? Nochmals vielen Dank für Deine Unterstützung und viele Grüße. pizzi_81 |
|
09.04.2013, 16:42
| #4 |
| /// TB-Ausbilder | Beim Versuch Wiso Steuer 2011 zu deinstallieren werden alle Programme in Start gelöscht! Hi, das mit dem Treiber ist nicht gravierend. Können wir uns später darum kümmern. Zuerst die Logs. Kannst du deren Inhalt grad direkt hier innerhalb von Codetags in den Thread einfügen? So: [code]Inhalt Logfile[/code].) Wenn nicht alle Logs in denselben Post passen, dann auf einzelne Posts verteilen.
__________________ cheers, Leo |
|
09.04.2013, 17:39
| #5 |
| | Beim Versuch Wiso Steuer 2011 zu deinstallieren werden alle Programme in Start gelöscht! Ok, ich versuche es! Hier erst einmal OTL.txt Code:
ATTFilter OTL logfile created on: 05.04.2013 16:08:07 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Cristina Stefania\Eigene Dateien\Downloads Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1,99 Gb Total Physical Memory | 1,56 Gb Available Physical Memory | 78,33% Memory free 3,33 Gb Paging File | 2,76 Gb Available in Paging File | 82,83% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 72,06 Gb Total Space | 35,56 Gb Free Space | 49,34% Space Free | Partition Type: NTFS Drive D: | 72,05 Gb Total Space | 71,46 Gb Free Space | 99,17% Space Free | Partition Type: NTFS Drive G: | 7,39 Gb Total Space | 7,13 Gb Free Space | 96,43% Space Free | Partition Type: FAT32 Drive K: | 931,51 Gb Total Space | 816,43 Gb Free Space | 87,65% Space Free | Partition Type: NTFS Computer Name: CRISTINA | User Name: Cristina Stefania | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.04.05 16:07:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Cristina Stefania\Eigene Dateien\Downloads\OTL.exe PRC - [2013.04.05 11:33:28 | 003,089,856 | ---- | M] (Emsisoft GmbH) -- C:\Programme\Emsisoft Anti-Malware\a2service.exe PRC - [2013.03.08 12:00:44 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe PRC - [2013.01.27 12:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Security Client\MsMpEng.exe PRC - [2013.01.27 12:11:06 | 000,947,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Security Client\msseces.exe PRC - [2012.10.19 15:51:08 | 000,395,200 | ---- | M] (Eastman Kodak Company) -- C:\Programme\Kodak\AiO\Center\EKAiOHostService.exe PRC - [2012.10.15 12:58:24 | 002,844,608 | ---- | M] (Eastman Kodak Company) -- C:\Programme\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe PRC - [2012.10.15 12:58:22 | 000,779,200 | ---- | M] (Eastman Kodak Company) -- C:\Programme\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe PRC - [2012.10.11 16:15:04 | 000,108,544 | ---- | M] (Eastman Kodak Company) -- C:\Programme\Kodak\KODAK Share Button App\Listener.exe PRC - [2012.10.02 13:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2011.10.03 08:30:32 | 000,098,304 | ---- | M] (Firebird Project) -- C:\Programme\Firebird\Firebird_2_5\bin\fbguard.exe PRC - [2011.10.03 08:30:20 | 003,764,224 | ---- | M] (Firebird Project) -- C:\Programme\Firebird\Firebird_2_5\bin\fbserver.exe PRC - [2011.07.06 20:25:20 | 000,332,432 | ---- | M] (Expert System S.p.A.) -- C:\Programme\Duden\Duden-Rechtschreibprüfung\DKTray.exe PRC - [2011.07.01 12:27:00 | 010,200,240 | ---- | M] (Bibliographisches Institut GmbH) -- C:\Programme\Duden\Duden-Bibliothek\dudenbib.exe PRC - [2009.04.16 19:46:30 | 000,630,784 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Programme\EeePC\ACPI\AsAcpiSvr.exe PRC - [2009.04.16 18:58:54 | 000,118,784 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Programme\EeePC\ACPI\AsTray.exe PRC - [2009.03.25 10:43:40 | 000,376,832 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Programme\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe PRC - [2009.03.13 16:15:02 | 000,098,304 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Programme\EeePC\ACPI\AsEPCMon.exe PRC - [2008.04.14 14:00:00 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007.11.26 14:54:22 | 001,629,480 | ---- | M] (Nero AG) -- C:\Programme\Nero\Nero 7\InCD\NBHGui.exe PRC - [2007.11.26 14:54:12 | 001,554,728 | ---- | M] (Nero AG) -- C:\Programme\Nero\Nero 7\InCD\InCDsrv.exe PRC - [2007.11.26 14:54:02 | 001,057,064 | ---- | M] (Nero AG) -- C:\Programme\Nero\Nero 7\InCD\InCD.exe PRC - [2007.09.17 09:36:18 | 001,377,576 | ---- | M] (Nero AG) -- C:\Programme\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe ========== Modules (No Company Name) ========== MOD - [2013.03.08 12:00:38 | 003,069,848 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll MOD - [2013.02.13 18:27:55 | 000,298,496 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Inkjet.Automation\8b01c45039261ef4150bb6b270d1c74f\Inkjet.Automation.ni.dll MOD - [2013.02.13 18:27:49 | 000,095,744 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Inkjet.DeviceSettin#\d4eee885eacc8998377fbdd51c5609a0\Inkjet.DeviceSettings.ni.dll MOD - [2013.02.13 18:27:48 | 000,236,544 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Inkjet.Localization\25656dffe9a855c247bb288f2d204d9f\Inkjet.Localization.ni.dll MOD - [2013.02.13 18:27:46 | 000,302,592 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Inkjet.Utilities\b7b3b0789757a620eda5338bef36c381\Inkjet.Utilities.ni.dll MOD - [2013.02.13 18:27:44 | 000,890,880 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Inkjet.Hardware\463e4575df85e896c197618b4c073def\Inkjet.Hardware.ni.dll MOD - [2013.02.13 18:27:34 | 000,107,008 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Inkjet.Diagnostics\decf9d95c3df2ef822e0c48d1efba8c8\Inkjet.Diagnostics.ni.dll MOD - [2013.02.13 18:23:43 | 001,712,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\024c898ad1ccfde466d033c0a08d0564\Microsoft.VisualBasic.ni.dll MOD - [2013.02.13 18:16:40 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ba12e418b906593b7c9c18f971f36bf9\System.Windows.Forms.ni.dll MOD - [2013.02.13 18:07:53 | 013,198,336 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\de3e6b59e3949f8086973d53518a9ecb\System.Windows.Forms.ni.dll MOD - [2013.01.10 21:31:11 | 000,161,792 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.EKAiO2SDKLib\9fe9ee3a09926aa88b59f266ddcc192f\Interop.EKAiO2SDKLib.ni.dll MOD - [2013.01.10 21:31:07 | 000,179,712 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Inkjet.Statistics\83d36c5c44a800ec1880ea8a9b7bd7db\Inkjet.Statistics.ni.dll MOD - [2013.01.10 21:31:03 | 000,078,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Inkjet.Configuration\f2554db13b4f250f3e005f6a1b0b9d06\Inkjet.Configuration.ni.dll MOD - [2013.01.10 21:29:45 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\32b515633fcbcc6dad09b9dd09f2fc2f\System.Runtime.Remoting.ni.dll MOD - [2013.01.10 21:13:38 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d7a2248a76f0e94d56c92c5bf96f5175\System.Runtime.Remoting.ni.dll MOD - [2013.01.10 21:12:50 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\96b7a0136e9e72e8f4eb0230c20766d2\System.Configuration.ni.dll MOD - [2013.01.10 21:02:06 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll MOD - [2013.01.10 21:00:58 | 001,593,856 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7782f356a838c403b4a8e9c80df5a577\System.Drawing.ni.dll MOD - [2013.01.10 20:55:45 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll MOD - [2013.01.10 20:54:37 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll MOD - [2013.01.09 23:14:29 | 000,980,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\197761bb3230bf9d4f540305dcf6717c\System.Configuration.ni.dll MOD - [2013.01.09 23:13:30 | 001,667,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\8ba0620535aa28d509b9397500b7d530\System.Drawing.ni.dll MOD - [2013.01.09 23:12:44 | 005,618,176 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\3d6d9da56c9f607615b55d6742d8427d\System.Xml.ni.dll MOD - [2013.01.09 23:12:25 | 009,093,120 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\c182d7a0bd88caf2cddccb7491a5fa6e\System.ni.dll MOD - [2013.01.09 23:12:03 | 014,412,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll MOD - [2012.12.18 16:28:26 | 000,301,056 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU MOD - [2011.07.01 12:37:40 | 000,116,736 | ---- | M] () -- C:\Programme\Duden\Duden-Rechtschreibprüfung\MBControls.dll MOD - [2008.04.14 14:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll ========== Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt) SRV - [2013.04.05 11:33:28 | 003,089,856 | ---- | M] (Emsisoft GmbH) [Auto | Running] -- C:\Programme\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware) SRV - [2013.03.25 03:00:46 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.03.08 12:00:40 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.01.27 12:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV - [2012.10.19 17:14:08 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.10.19 15:51:08 | 000,395,200 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Programme\Kodak\AiO\Center\EKAiOHostService.exe -- (Kodak AiO Network Discovery Service) SRV - [2012.10.15 12:58:22 | 000,779,200 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Programme\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe -- (Kodak AiO Status Monitor Service) SRV - [2012.10.02 13:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2011.10.03 08:30:32 | 000,098,304 | ---- | M] (Firebird Project) [Auto | Running] -- C:\Programme\Firebird\Firebird_2_5\bin\fbguard.exe -- (FirebirdGuardianDefaultInstance) SRV - [2011.10.03 08:30:20 | 003,764,224 | ---- | M] (Firebird Project) [On_Demand | Running] -- C:\Programme\Firebird\Firebird_2_5\bin\fbserver.exe -- (FirebirdServerDefaultInstance) SRV - [2011.07.01 11:46:40 | 000,014,848 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\OpenVPN\bin\openvpnserv.exe -- (OpenVPNService) SRV - [2010.01.09 21:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2010.01.09 21:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2007.11.26 14:54:12 | 001,554,728 | ---- | M] (Nero AG) [Auto | Running] -- C:\Programme\Nero\Nero 7\InCD\InCDsrv.exe -- (InCDsrv) SRV - [2007.06.27 18:04:00 | 000,279,848 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService) SRV - [2006.11.03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MsMpEng.exe -- (WinDefend) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\PCASp50.sys -- (PCASp50) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOKUME~1\CRISTI~1\LOKALE~1\Temp\catchme.sys -- (catchme) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\btwusb.sys -- (BTWUSB) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwhid.sys -- (btwhid) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwdndis.sys -- (BTWDNDIS) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btport.sys -- (BTDriver) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\btaudio.sys -- (btaudio) DRV - [2013.04.05 11:33:50 | 000,022,056 | ---- | M] (Emsisoft GmbH) [Kernel | System | Running] -- C:\Programme\Emsisoft Anti-Malware\a2ddax86.sys -- (A2DDA) DRV - [2012.04.30 17:45:28 | 000,054,072 | ---- | M] (Emsisoft GmbH) [File_System | On_Demand | Stopped] -- C:\Programme\Emsisoft Anti-Malware\a2accx86.sys -- (a2acc) DRV - [2011.07.01 11:46:40 | 000,026,624 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tap0901.sys -- (tap0901) DRV - [2010.04.28 08:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr) DRV - [2009.11.04 17:59:38 | 000,102,528 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2009.04.27 13:26:44 | 005,074,944 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - [2009.04.20 10:38:18 | 000,232,872 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SRS_PremiumSound_i386.sys -- (SRS_PremiumSound_Service) DRV - [2009.03.13 23:05:26 | 001,528,928 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416) DRV - [2009.03.02 07:03:47 | 000,038,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1c51x86.sys -- (L1c) DRV - [2008.11.19 10:21:28 | 000,039,040 | ---- | M] (GenesysLogic Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\uvclf.sys -- (uvclf) DRV - [2008.08.05 14:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2008.04.08 15:59:28 | 000,010,752 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASUSACPI.SYS -- (AsusACPI) DRV - [2007.11.26 14:54:12 | 000,038,440 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDRm.sys -- (incdrm) DRV - [2007.11.26 14:54:12 | 000,036,776 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDPass.sys -- (InCDPass) DRV - [2007.11.26 14:54:12 | 000,016,040 | ---- | M] (Nero AG) [Recognizer | System | Unknown] -- C:\WINDOWS\System32\drivers\InCDrec.sys -- (InCDrec) DRV - [2007.11.26 14:54:02 | 000,118,952 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\InCDfs.sys -- (InCDfs) DRV - [2006.01.04 09:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 18 57 0E 72 82 31 CE 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultthis.engineName: "Search" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "about:home" FF - prefs.js..extensions.enabledAddons: %7BACAA314B-EEBA-48e4-AD47-84E31C44796C%7D:4.2.1.9 FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0037-ABCDEFFEDCBA%7D:6.0.37 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2 FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {4B3803EA-5230-4DC3-A7FC-33638F3D3542}:1.3 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0}:2.7.2.0 FF - prefs.js..extensions.enabledItems: wrc@avast.com:7.0.1451 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}:6.0.30 FF - prefs.js..extensions.enabledItems: {40c3cc16-7269-4b32-9531-17f2950fb06f}:3.6.0.10 FF - prefs.js..extensions.enabledItems: {7e111a5c-3d11-4f56-9463-5310c3c69025}:3.8.0.8 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@digitalpublishing.de/dpLaunch: H:\digital publishing\LAUNCHER_12_999999\nplaunch.dll File not found FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_39: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\plugin2\npjp2.dll File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Programme\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Programme\Yahoo!\Common\npyaxmpb.dll File not found FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Programme\Java\jre6\lib\deploy\jqs\ff FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Programme\Mozilla Firefox\components [2013.03.08 12:00:45 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2013.03.08 11:59:16 | 000,000,000 | ---D | M] [2009.07.25 10:32:05 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Cristina Stefania\Anwendungsdaten\Mozilla\Extensions [2013.04.05 15:22:56 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Cristina Stefania\Anwendungsdaten\Mozilla\Firefox\Profiles\tbshqzeq.default\extensions [2010.05.05 13:58:38 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Cristina Stefania\Anwendungsdaten\Mozilla\Firefox\Profiles\tbshqzeq.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2013.02.11 12:58:00 | 000,197,603 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Cristina Stefania\Anwendungsdaten\Mozilla\Firefox\Profiles\tbshqzeq.default\extensions\ftdownloader2@ftdownloader.com.xpi [2012.12.12 00:02:50 | 000,036,098 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Cristina Stefania\Anwendungsdaten\Mozilla\Firefox\Profiles\tbshqzeq.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2013.03.08 11:58:59 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2013.03.08 11:58:56 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013.03.08 11:58:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013.03.08 11:58:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013.03.08 11:58:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2013.03.08 12:00:45 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll [2013.01.13 16:10:12 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml [2013.01.13 16:10:12 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml [2013.01.13 16:10:12 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml [2013.01.13 16:10:12 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml [2013.01.13 16:10:12 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml [2013.01.13 16:10:12 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2013.04.04 22:28:03 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - No CLSID value found. O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found. O2 - BHO: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No CLSID value found. O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found. O2 - BHO: (no name) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - No CLSID value found. O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AsusACPIServer] C:\Programme\EeePC\ACPI\AsAcpiSvr.exe (ASUSTeK Computer Inc.) O4 - HKLM..\Run: [AsusEPCMonitor] C:\Programme\EeePC\ACPI\AsEPCMon.exe (ASUSTeK Computer Inc.) O4 - HKLM..\Run: [AsusTray] C:\Programme\EeePC\ACPI\AsTray.exe (ASUSTeK Computer Inc.) O4 - HKLM..\Run: [Conime] C:\WINDOWS\system32\conime.exe (Microsoft Corporation) O4 - HKLM..\Run: [EKStatusMonitor] C:\Programme\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe (Eastman Kodak Company) O4 - HKLM..\Run: [emsisoft anti-malware] C:\Programme\Emsisoft Anti-Malware\a2guard.exe (Emsisoft GmbH) O4 - HKLM..\Run: [InCD] C:\Programme\Nero\Nero 7\InCD\InCD.exe (Nero AG) O4 - HKLM..\Run: [KodakShareButtonApp] C:\Programme\Kodak\KODAK Share Button App\Listener.exe (Eastman Kodak Company) O4 - HKLM..\Run: [LanguageShortcut] C:\Programme\CyberLink\PowerDVD\Language\Language.exe () O4 - HKLM..\Run: [MSC] C:\Programme\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [NBKeyScan] C:\Programme\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe (Nero AG) O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [SecurDisc] C:\Programme\Nero\Nero 7\InCD\NBHGui.exe (Nero AG) O4 - HKLM..\Run: [SynAsusAcpi] C:\Programme\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated) O4 - HKCU..\Run: [Duden Korrektor SysTray] C:\Programme\Duden\Duden-Rechtschreibprüfung\DKTray.exe (Expert System S.p.A.) O4 - HKCU..\Run: [KGShareApp] C:\Programme\Kodak\KODAK Share Button App\KGShare_App.exe (Eastman Kodak Company) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\ SuperHybridEngine.lnk = C:\Programme\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe (ASUSTeK Computer Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Senden an &Bluetooth-Gerät... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm File not found O8 - Extra context menu item: Senden an Bluetooth - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm File not found O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O15 - HKCU\..Trusted Domains: microsoft.com ([update] https in Trusted sites) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1347658605125 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8A1397AD-E916-4D91-9095-D3D9B0039754}: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Cristina Stefania\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Cristina Stefania\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Programme\Windows Defender\MpShHook.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.05.13 21:41:50 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013.04.05 15:30:28 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Cristina Stefania\Recent [2013.04.05 14:11:39 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2013.04.05 10:47:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Emsisoft Anti-Malware [2013.04.05 10:44:38 | 000,000,000 | ---D | C] -- C:\Programme\Emsisoft Anti-Malware [2013.04.05 10:44:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Cristina Stefania\Eigene Dateien\Anti-Malware [2013.04.05 10:10:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp [2013.04.05 02:37:10 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine [2013.04.05 02:26:31 | 000,000,000 | ---D | C] -- C:\Programme\Windows Defender [2013.04.05 00:12:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2013.04.04 23:16:49 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8 [2013.04.04 22:02:44 | 000,000,000 | RHSD | C] -- C:\cmdcons [2013.04.04 21:59:00 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2013.04.04 21:59:00 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2013.04.04 21:59:00 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2013.04.04 21:59:00 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2013.04.04 21:58:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\PCHealth [2013.04.04 21:57:18 | 000,000,000 | ---D | C] -- C:\Qoobox [2013.04.04 21:56:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt [2013.03.25 22:21:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Duden [2013.03.25 22:19:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\Fonts\License [2013.03.25 22:18:35 | 000,000,000 | ---D | C] -- C:\Programme\Duden [2013.03.25 20:14:00 | 000,000,000 | ---D | C] -- C:\Programme\Windows Installer Clean Up [2013.03.25 03:33:27 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Security Client [2013.03.25 02:28:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Glary Utilities [2013.03.25 01:15:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\java [2013.03.25 01:14:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\WISO Steuer 2011 [2013.03.25 01:14:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\UN.CO.VER [2013.03.25 01:14:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Freemake [2013.03.25 01:14:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\CPUID [2013.03.25 01:14:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Any Video Converter [2013.03.25 01:14:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\AnvSoft [2013.03.25 01:14:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\EPSON [2013.03.25 01:14:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\CyberLink DVD Suite [2013.03.25 01:14:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\CCleaner [2013.03.25 01:14:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ASUS [2013.03.25 01:14:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Firebird 2.5 (Win32) [2013.03.25 01:14:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\EPSON Scan [2013.03.25 01:14:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\EPSON PRINT Image Framer [2013.03.25 01:14:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\EPSON Creativity Suite [2013.03.25 01:14:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware [2013.03.25 01:14:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Kodak [2013.03.25 01:14:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\IncrediMail [2013.03.25 01:14:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\NAVIGON [2013.03.25 01:14:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Works [2013.03.25 01:14:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Silverlight [2013.03.25 01:14:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Office [2013.03.25 01:14:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Skype [2013.03.25 01:14:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\PrintProjects [2013.03.25 01:14:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\OpenVPN [2013.03.25 01:14:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Nero 7 Essentials [2013.03.25 01:14:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\WinRAR [2013.03.25 01:14:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Windows PowerShell 1.0 [2013.03.25 01:14:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Windows Live [2013.03.25 01:14:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VideoLAN [2013.03.25 01:14:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Video Related Programs [2013.03.25 01:09:20 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner [2013.03.25 00:33:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Cristina Stefania\Anwendungsdaten\Dropbox(3) [2013.03.24 23:53:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Cristina Stefania\Anwendungsdaten\Dropbox(2) [2013.03.24 20:30:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Datei-Wiederherstellung [2013.03.24 19:11:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Cristina Stefania\Anwendungsdaten\GlarySoft [2013.03.24 18:57:07 | 000,000,000 | ---D | C] -- C:\Programme\Glary Utilities [2013.03.22 13:46:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Cristina Stefania\Eigene Dateien\Steuer [2013.03.22 09:09:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Cristina Stefania\Lokale Einstellungen\Anwendungsdaten\Sun [2013.03.21 16:51:05 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java(2) [2013.03.20 17:02:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Cristina Stefania\Anwendungsdaten\ESET [2013.03.08 11:58:18 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.04.05 16:02:47 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\Cristina Stefania\defogger_reenable [2013.04.05 16:00:24 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013.04.05 15:35:45 | 000,000,386 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job [2013.04.05 15:30:05 | 000,531,010 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2013.04.05 15:30:05 | 000,505,868 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013.04.05 15:30:05 | 000,107,220 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2013.04.05 15:30:05 | 000,089,714 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2013.04.05 15:25:41 | 000,000,330 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize.job [2013.04.05 15:25:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013.04.05 10:47:31 | 000,000,738 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Emsisoft Anti-Malware.lnk [2013.04.05 02:29:50 | 000,000,322 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job [2013.04.05 02:23:13 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013.04.05 02:21:05 | 005,155,328 | ---- | M] () -- C:\Dokumente und Einstellungen\Cristina Stefania\Desktop\windowsdefender.msi [2013.04.05 00:24:17 | 000,000,442 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{E34867DB-A108-43B1-9F1F-2C4BEDBD1394}.job [2013.04.04 22:28:03 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2013.04.04 22:02:49 | 000,000,328 | RHS- | M] () -- C:\boot.ini [2013.04.04 20:19:33 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\wavepadShakeIcon.job [2013.04.04 11:35:49 | 000,000,625 | ---- | M] () -- C:\Dokumente und Einstellungen\Cristina Stefania\Desktop\RegCleaner.lnk [2013.03.25 03:34:16 | 000,001,912 | ---- | M] () -- C:\WINDOWS\epplauncher.mif [2013.03.25 02:28:26 | 000,000,713 | ---- | M] () -- C:\Dokumente und Einstellungen\Cristina Stefania\Desktop\Glary Utilities.lnk [2013.03.22 14:19:11 | 000,002,154 | ---- | M] () -- C:\Dokumente und Einstellungen\Cristina Stefania\Anwendungsdaten\SAS7_000.DAT [2013.03.07 23:24:59 | 000,008,628 | ---- | M] () -- C:\Dokumente und Einstellungen\Cristina Stefania\Desktop\images.jpeg [2013.03.07 09:07:13 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.04.05 16:02:47 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Cristina Stefania\defogger_reenable [2013.04.05 10:47:31 | 000,000,738 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Emsisoft Anti-Malware.lnk [2013.04.05 02:29:45 | 000,000,322 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job [2013.04.05 02:26:38 | 000,001,085 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Windows Defender.lnk [2013.04.05 02:20:51 | 005,155,328 | ---- | C] () -- C:\Dokumente und Einstellungen\Cristina Stefania\Desktop\windowsdefender.msi [2013.04.05 00:20:40 | 000,000,442 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{E34867DB-A108-43B1-9F1F-2C4BEDBD1394}.job [2013.04.04 22:02:49 | 000,000,212 | ---- | C] () -- C:\Boot.bak [2013.04.04 22:02:46 | 000,262,448 | RHS- | C] () -- C:\cmldr [2013.04.04 21:59:00 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe [2013.04.04 21:59:00 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe [2013.04.04 21:59:00 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2013.04.04 21:59:00 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2013.04.04 21:59:00 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2013.04.04 20:19:33 | 000,000,298 | ---- | C] () -- C:\WINDOWS\tasks\wavepadShakeIcon.job [2013.04.04 11:35:48 | 000,000,625 | ---- | C] () -- C:\Dokumente und Einstellungen\Cristina Stefania\Desktop\RegCleaner.lnk [2013.03.25 20:14:01 | 000,002,343 | ---- | C] () -- C:\Dokumente und Einstellungen\Cristina Stefania\Startmenü\Programme\Windows Install Clean Up.lnk [2013.03.25 03:33:57 | 000,001,678 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Security Essentials.lnk [2013.03.25 02:28:26 | 000,000,713 | ---- | C] () -- C:\Dokumente und Einstellungen\Cristina Stefania\Desktop\Glary Utilities.lnk [2013.03.24 18:57:54 | 000,000,330 | ---- | C] () -- C:\WINDOWS\tasks\GlaryInitialize.job [2013.03.20 21:20:12 | 000,000,386 | -H-- | C] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job [2013.03.07 23:24:52 | 000,008,628 | ---- | C] () -- C:\Dokumente und Einstellungen\Cristina Stefania\Desktop\images.jpeg [2013.03.07 09:07:13 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk [2012.11.08 18:10:43 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2012.11.08 18:10:43 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2012.10.15 10:50:08 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\EKaio2WiaCoInstRes.dll [2012.09.24 14:31:08 | 000,001,119 | ---- | C] () -- C:\WINDOWS\System32\EKaio2WiaCoInst.ini [2012.08.27 02:27:37 | 000,001,769 | ---- | C] () -- C:\WINDOWS\Language_trs.ini [2012.07.01 14:11:30 | 000,000,053 | ---- | C] () -- C:\Dokumente und Einstellungen\Cristina Stefania\Anwendungsdaten\mbam.context.scan [2012.04.24 21:41:56 | 000,001,411 | ---- | C] () -- C:\Dokumente und Einstellungen\Cristina Stefania\Anwendungsdaten\fotobuch.xml [2012.04.24 21:40:11 | 000,192,570 | ---- | C] () -- C:\Dokumente und Einstellungen\Cristina Stefania\Anwendungsdaten\fotobuch-tcache.xml [2012.04.24 21:40:10 | 000,035,916 | ---- | C] () -- C:\Dokumente und Einstellungen\Cristina Stefania\Anwendungsdaten\fotobuch-cache7.xml [2012.02.16 16:57:33 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012.02.14 18:36:40 | 000,067,806 | ---- | C] () -- C:\Dokumente und Einstellungen\Cristina Stefania\Anwendungsdaten\WavePad.dmp [2012.01.22 17:36:19 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys [2011.08.23 16:34:14 | 000,002,154 | ---- | C] () -- C:\Dokumente und Einstellungen\Cristina Stefania\Anwendungsdaten\SAS7_000.DAT [2011.08.15 23:08:51 | 000,043,672 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\dudenbib.wav [2011.08.02 22:09:30 | 000,000,065 | ---- | C] () -- C:\WINDOWS\FISHUI.INI [2011.08.01 21:42:16 | 000,299,008 | ---- | C] () -- C:\WINDOWS\System32\LAME_MP3.dll [2011.08.01 21:42:05 | 000,065,024 | ---- | C] () -- C:\WINDOWS\IFinst26.exe [2011.06.15 17:32:06 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Cristina Stefania\Anwendungsdaten\StyleChecker.license [2011.01.26 23:30:40 | 000,298,182 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-3460552087-306301718-1229869036-1006-0.dat [2010.11.02 01:09:00 | 000,330,938 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat [2009.10.16 15:08:03 | 000,000,032 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ezsid.dat [2009.07.25 15:57:28 | 000,003,092 | ---- | C] () -- C:\Dokumente und Einstellungen\Cristina Stefania\Anwendungsdaten\wklnhst.dat [2009.07.25 15:53:54 | 000,000,141 | ---- | C] () -- C:\Dokumente und Einstellungen\Cristina Stefania\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat ========== ZeroAccess Check ========== [2009.05.13 22:39:26 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2009.03.03 01:10:15 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2010.12.10 23:01:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Alwil Software [2010.12.10 22:46:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVG10 [2010.12.03 23:16:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\avg9 [2010.01.28 21:13:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\bbc [2012.12.12 16:43:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Buhl Data Service GmbH [2010.12.03 23:23:29 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Common Files [2009.07.26 17:01:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Lite [2012.09.23 18:58:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DFX [2012.01.07 12:42:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Duden [2009.08.02 19:35:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Electronic Arts [2012.06.16 20:29:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Gibraltar [2011.04.22 13:42:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IM [2011.04.22 13:37:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IncrediMail [2010.12.03 23:14:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MFAData [2012.09.01 11:35:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NCH Swift Sound [2011.08.23 15:25:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Nuance [2009.12.11 15:38:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Oberon Media [2012.07.01 18:57:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PCRx [2011.04.22 13:41:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Photo Notifier and Animation Creator [2012.11.02 18:44:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PrintProjects [2009.12.11 15:39:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sandlot Games [2012.07.09 22:01:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SecTaskMan [2012.01.07 15:16:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SpywareTerminator2012Upgrade [2012.06.16 19:44:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Swiss Academic Software [2009.08.09 21:22:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software [2010.01.20 23:25:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\UDL [2012.10.30 14:22:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Visan [2012.07.09 23:04:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Vodafone [2009.05.13 22:29:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Wireless LAN Card [2009.08.09 21:21:32 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{55A29068-F2CE-456C-9148-C869879E2357} [2012.01.02 22:17:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1} [2012.01.11 17:20:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{A0559A84-0A11-425F-BFFC-532378694B25} [2013.01.13 18:19:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{C585085B-79A8-423C-B04B-77DD30E9C195} [2010.01.07 01:41:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Cristina Stefania\Anwendungsdaten\AnvSoft [2011.02.21 18:04:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Cristina Stefania\Anwendungsdaten\Any Video Converter [2012.08.04 12:40:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Cristina Stefania\Anwendungsdaten\Audacity [2012.12.11 23:48:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Cristina Stefania\Anwendungsdaten\Buhl Data Service [2011.08.20 15:52:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Cristina Stefania\Anwendungsdaten\DataCast [2013.03.25 01:09:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Cristina Stefania\Anwendungsdaten\Dropbox(2) [2013.03.25 01:04:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Cristina Stefania\Anwendungsdaten\Dropbox(3) [2012.08.28 23:45:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Cristina Stefania\Anwendungsdaten\Duden [2013.02.11 15:08:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Cristina Stefania\Anwendungsdaten\DVDVideoSoft [2013.04.04 12:29:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Cristina Stefania\Anwendungsdaten\ElevatedDiagnostics [2010.09.15 13:47:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Cristina Stefania\Anwendungsdaten\EPSON [2013.03.20 17:02:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Cristina Stefania\Anwendungsdaten\ESET [2012.04.24 21:40:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Cristina Stefania\Anwendungsdaten\Fotobuch-Vorlagen [2013.03.24 19:40:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Cristina Stefania\Anwendungsdaten\GlarySoft [2011.07.01 21:56:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Cristina Stefania\Anwendungsdaten\NCH Swift Sound [2011.01.20 22:18:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Cristina Stefania\Anwendungsdaten\Power Sound Editor Free [2011.08.18 17:29:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Cristina Stefania\Anwendungsdaten\Speak-A-Message [2012.06.16 20:29:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Cristina Stefania\Anwendungsdaten\Swiss Academic Software [2011.12.29 20:47:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Cristina Stefania\Anwendungsdaten\Temp [2009.07.27 12:22:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Cristina Stefania\Anwendungsdaten\Template [2011.01.27 18:13:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Cristina Stefania\Anwendungsdaten\Uniblue [2012.11.02 18:44:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Cristina Stefania\Anwendungsdaten\Visan ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 05.04.2013 16:08:07 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Cristina Stefania\Eigene Dateien\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,99 Gb Total Physical Memory | 1,56 Gb Available Physical Memory | 78,33% Memory free
3,33 Gb Paging File | 2,76 Gb Available in Paging File | 82,83% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 72,06 Gb Total Space | 35,56 Gb Free Space | 49,34% Space Free | Partition Type: NTFS
Drive D: | 72,05 Gb Total Space | 71,46 Gb Free Space | 99,17% Space Free | Partition Type: NTFS
Drive G: | 7,39 Gb Total Space | 7,13 Gb Free Space | 96,43% Space Free | Partition Type: FAT32
Drive K: | 931,51 Gb Total Space | 816,43 Gb Free Space | 87,65% Space Free | Partition Type: NTFS
Computer Name: CRISTINA | User Name: Cristina Stefania | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"5353:UDP" = 5353:UDP:*:Disabled:Bonjour Port 5353
"9322:TCP" = 9322:TCP:*:Enabled:EKDiscovery
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\Messenger\msmsgs.exe" = C:\Programme\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Programme\Microsoft Office\Office14\ONENOTE.EXE" = C:\Programme\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote -- (Microsoft Corporation)
"C:\Programme\Microsoft Office\Office14\OUTLOOK.EXE" = C:\Programme\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Programme\Kodak\AiO\Center\AiOHomeCenter.exe" = C:\Programme\Kodak\AiO\Center\AiOHomeCenter.exe:*:Enabled:Kodak.AiO.HomeCenter -- (Eastman Kodak Company)
"C:\Programme\Kodak\AiO\Center\Kodak.Statistics.exe" = C:\Programme\Kodak\AiO\Center\Kodak.Statistics.exe:*:Enabled:Kodak.AiO.Statistics -- (Eastman Kodak Company)
"C:\Programme\Kodak\AiO\Center\NetworkPrinterDiscovery.exe" = C:\Programme\Kodak\AiO\Center\NetworkPrinterDiscovery.exe:*:Enabled:Kodak.AiO.SetupUtility -- (Eastman Kodak Company)
"C:\Programme\Kodak\AiO\Firmware\KodakAiOUpdater.exe" = C:\Programme\Kodak\AiO\Firmware\KodakAiOUpdater.exe:*:Enabled:Kodak.AiO.FwUpdater -- (Eastman Kodak Company)
"C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kodak\Installer\Setup.exe" = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kodak\Installer\Setup.exe:*:Enabled:Kodak.AiO.Installer -- (Eastman Kodak Company)
"C:\Programme\Skype\Phone\Skype.exe" = C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Programme\Microsoft AutoRoute\AutoRoute Express Europa 98\AutoRoute Express EUR 98.exe" = C:\Programme\Microsoft AutoRoute\AutoRoute Express Europa 98\AutoRoute Express EUR 98.exe:*:Enabled:AutoRoute Express Europa 98 -- (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02F0B8AE-7501-4333-AFBE-6BAABFEC7637}" = WISO Steuer 2011
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0F9F096B-9EF0-43A2-91C8-4613835312F7}" = Z-defragRAM
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{1526AF0F-C293-4383-8143-139A618FE4EA}" = Client Windows Rights Management con Service Pack 2
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{19F5658D-92E8-4A08-8657-D38ABB1574B2}" = Asus ACPI Driver
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 39
"{27EF8E7F-88D1-4ec5-ADE2-7E447FDF114E}" = Kodak AIO Printer
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{314F6D08-A8B7-11D8-8446-0050BA1D384D}" = EPSON Image Clip Palette
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{390DD8BB-BB57-4942-A029-2D913E4E9D74}" = Microsoft Security Client
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F7A9E82-5A85-4119-A8A5-7D840A0F76DC}" = Photo Notifier and Animation Creator
"{3FB39BED-37C8-4E60-8E02-315B8C2B07E3}" = USB2.0 UVC Camera Device
"{45B3A3BD-F90D-48FE-A147-D74878A51031}" = Nero 7 Essentials
"{45C5C113-AD43-414B-867D-7C0AF54276CB}" = Duden-Rechtschreibprüfung PLUS
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{47BACF74-5A07-48BD-BADB-A769550F0F5A}" = FontResizer
"{48B41C3A-9A92-4B81-B653-C97FEB85C910}" = C4USelfUpdater
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56BA241F-580C-43D2-8403-947241AAE633}" = center
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate for Eee PC
"{5DA7BC15-18D3-41A0-9F59-838DA3EAEF17}" = EPSON Easy Photo Print
"{6333FC29-BFE5-4024-AC78-958A1A7555D1}" = EeeSplendid
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{88F08F98-12BC-4613-81A2-8F9B88CFC73E}" = Super Hybrid Engine
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Azurewave Wireless LAN Card
"{90110410-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90140000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 14
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{A8D93648-9F7F-407D-915C-62044644C3DA}" = MSI to redistribute MS VS2005 CRT libraries
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Deutsch
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B90450DF-E781-46FD-B1F1-0C86DA40E443}" = PIF DESIGNER
"{B9BDA46B-2E17-4F43-9D7A-9B1E09A0A4D8}" = Data Sync
"{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1" = Emsisoft Anti-Malware
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BE90CE58-41DE-4708-9291-A9D1D49B1031}" = SecurDisc Viewer
"{BE94C681-68E2-4561-8ABC-8D2E799168B4}" = essentials
"{BFBCF96F-7361-486A-965C-54B17AC35421}" = ocr
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C72CA49A-9237-4810-8449-45DA3BD26D64}" = EzMessenger
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D92FF8EB-BD77-40AE-B68B-A6BFC6F8661D}" = Windows Live Family Safety
"{DA5BDB2A-12F0-4343-8351-21AAEB293990}" = PreReq
"{E0F274B7-592B-4669-8FB8-8D9825A09858}" = KODAK All-in-One Software
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E86BC406-944E-41F6-ADE6-2C136734C96B}" = EPSON File Manager
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EC905264-BCFE-423B-9C42-C3A106266790}" = SP2 compatibilità versioni precedenti Client Windows Rights Management
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{EF53BFAB-4C10-40DB-A82D-9B07111715C6}" = aioscnnr
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5930CDE-2FF5-4A8D-9DBD-3177C816D4A9}" = KODAK Share-Tastenanwendung
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"CCleaner" = CCleaner
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"Eee Docking_is1" = Eee Docking 1.3.1.0
"EeePC1005HA" = EeePC1005HA Screen Saver
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"EPSON Scanner" = EPSON Scan
"ESDX4800_4200 Benutzerhandbuch" = ESDX4800_4200 Benutzerhandbuch
"FBDBServer_2_5_is1" = Firebird 2.5.1.26351 (Win32)
"Glary Utilities_is1" = Glary Utilities 2.54.0.1758
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft AutoRoute Express EUR" = Microsoft AutoRoute Express Europa 98
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 19.0.2 (x86 de)" = Mozilla Firefox 19.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NAVIGON Fresh" = NAVIGON Fresh 3.2.0
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"OpenVPN" = OpenVPN 2.2.1
"PhotoStage" = PhotoStage Slideshow Producer
"PrintProjects" = PrintProjects
"Switch" = Switch Audiodatei-Konverter
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 1.1.9
"WavePad" = WavePad Audiobearbeitungs-Software
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 (32-Bit)
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 04.04.2013 05:28:49 | Computer Name = CRISTINA | Source = MsiInstaller | ID = 11310
Description = Product: ESET NOD32 Antivirus -- Fehler 1310. Fehler beim Schreiben
in Datei: C:\Programme\ESET\ESET NOD32 Antivirus\callmsi.exe. Systemfehler 0.
Überprüfen Sie, ob Sie auf das Verzeichnis zugreifen können.
Error - 04.04.2013 15:58:36 | Computer Name = CRISTINA | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 unspecified, P2 hardeningtelemetry, P3 hardeningtelemetrydisablertp,
P4 4.2.223.0, P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10
NIL.
Error - 04.04.2013 20:21:29 | Computer Name = CRISTINA | Source = MsiInstaller | ID = 11327
Description = Produkt: Windows Defender -- Fehler 1327. Ungültiges Laufwerk: K:\
Error - 05.04.2013 03:57:12 | Computer Name = CRISTINA | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 unspecified, P2 hardeningtelemetry, P3 hardeningtelemetrydisablertp,
P4 4.2.223.0, P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10
NIL.
[ System Events ]
Error - 05.04.2013 03:50:32 | Computer Name = CRISTINA | Source = PlugPlayManager | ID = 11
Description = Das Gerät "Root\LEGACY_EPFWTDIR\0000" wurde ohne vorbereitende Maßnahmen
vom System entfernt.
Error - 05.04.2013 03:51:04 | Computer Name = CRISTINA | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "netman"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
Error - 05.04.2013 03:51:12 | Computer Name = CRISTINA | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 05.04.2013 03:52:13 | Computer Name = CRISTINA | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Server" wurde mit folgendem Fehler beendet: %%2
Error - 05.04.2013 03:52:13 | Computer Name = CRISTINA | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%2
Error - 05.04.2013 03:56:11 | Computer Name = CRISTINA | Source = Service Control Manager | ID = 7034
Description = Dienst "Skype C2C Service" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 05.04.2013 09:17:23 | Computer Name = CRISTINA | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Server" wurde mit folgendem Fehler beendet: %%2
Error - 05.04.2013 09:17:23 | Computer Name = CRISTINA | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%2
Error - 05.04.2013 09:25:43 | Computer Name = CRISTINA | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Server" wurde mit folgendem Fehler beendet: %%2
Error - 05.04.2013 09:25:43 | Computer Name = CRISTINA | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%2
< End of report >
Code:
ATTFilter OTL Extras logfile created on: 05.04.2013 16:08:07 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Cristina Stefania\Eigene Dateien\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,99 Gb Total Physical Memory | 1,56 Gb Available Physical Memory | 78,33% Memory free
3,33 Gb Paging File | 2,76 Gb Available in Paging File | 82,83% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 72,06 Gb Total Space | 35,56 Gb Free Space | 49,34% Space Free | Partition Type: NTFS
Drive D: | 72,05 Gb Total Space | 71,46 Gb Free Space | 99,17% Space Free | Partition Type: NTFS
Drive G: | 7,39 Gb Total Space | 7,13 Gb Free Space | 96,43% Space Free | Partition Type: FAT32
Drive K: | 931,51 Gb Total Space | 816,43 Gb Free Space | 87,65% Space Free | Partition Type: NTFS
Computer Name: CRISTINA | User Name: Cristina Stefania | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"5353:UDP" = 5353:UDP:*:Disabled:Bonjour Port 5353
"9322:TCP" = 9322:TCP:*:Enabled:EKDiscovery
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\Messenger\msmsgs.exe" = C:\Programme\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Programme\Microsoft Office\Office14\ONENOTE.EXE" = C:\Programme\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote -- (Microsoft Corporation)
"C:\Programme\Microsoft Office\Office14\OUTLOOK.EXE" = C:\Programme\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Programme\Kodak\AiO\Center\AiOHomeCenter.exe" = C:\Programme\Kodak\AiO\Center\AiOHomeCenter.exe:*:Enabled:Kodak.AiO.HomeCenter -- (Eastman Kodak Company)
"C:\Programme\Kodak\AiO\Center\Kodak.Statistics.exe" = C:\Programme\Kodak\AiO\Center\Kodak.Statistics.exe:*:Enabled:Kodak.AiO.Statistics -- (Eastman Kodak Company)
"C:\Programme\Kodak\AiO\Center\NetworkPrinterDiscovery.exe" = C:\Programme\Kodak\AiO\Center\NetworkPrinterDiscovery.exe:*:Enabled:Kodak.AiO.SetupUtility -- (Eastman Kodak Company)
"C:\Programme\Kodak\AiO\Firmware\KodakAiOUpdater.exe" = C:\Programme\Kodak\AiO\Firmware\KodakAiOUpdater.exe:*:Enabled:Kodak.AiO.FwUpdater -- (Eastman Kodak Company)
"C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kodak\Installer\Setup.exe" = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kodak\Installer\Setup.exe:*:Enabled:Kodak.AiO.Installer -- (Eastman Kodak Company)
"C:\Programme\Skype\Phone\Skype.exe" = C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Programme\Microsoft AutoRoute\AutoRoute Express Europa 98\AutoRoute Express EUR 98.exe" = C:\Programme\Microsoft AutoRoute\AutoRoute Express Europa 98\AutoRoute Express EUR 98.exe:*:Enabled:AutoRoute Express Europa 98 -- (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02F0B8AE-7501-4333-AFBE-6BAABFEC7637}" = WISO Steuer 2011
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0F9F096B-9EF0-43A2-91C8-4613835312F7}" = Z-defragRAM
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{1526AF0F-C293-4383-8143-139A618FE4EA}" = Client Windows Rights Management con Service Pack 2
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{19F5658D-92E8-4A08-8657-D38ABB1574B2}" = Asus ACPI Driver
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 39
"{27EF8E7F-88D1-4ec5-ADE2-7E447FDF114E}" = Kodak AIO Printer
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{314F6D08-A8B7-11D8-8446-0050BA1D384D}" = EPSON Image Clip Palette
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{390DD8BB-BB57-4942-A029-2D913E4E9D74}" = Microsoft Security Client
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F7A9E82-5A85-4119-A8A5-7D840A0F76DC}" = Photo Notifier and Animation Creator
"{3FB39BED-37C8-4E60-8E02-315B8C2B07E3}" = USB2.0 UVC Camera Device
"{45B3A3BD-F90D-48FE-A147-D74878A51031}" = Nero 7 Essentials
"{45C5C113-AD43-414B-867D-7C0AF54276CB}" = Duden-Rechtschreibprüfung PLUS
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{47BACF74-5A07-48BD-BADB-A769550F0F5A}" = FontResizer
"{48B41C3A-9A92-4B81-B653-C97FEB85C910}" = C4USelfUpdater
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56BA241F-580C-43D2-8403-947241AAE633}" = center
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate for Eee PC
"{5DA7BC15-18D3-41A0-9F59-838DA3EAEF17}" = EPSON Easy Photo Print
"{6333FC29-BFE5-4024-AC78-958A1A7555D1}" = EeeSplendid
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{88F08F98-12BC-4613-81A2-8F9B88CFC73E}" = Super Hybrid Engine
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Azurewave Wireless LAN Card
"{90110410-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90140000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 14
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{A8D93648-9F7F-407D-915C-62044644C3DA}" = MSI to redistribute MS VS2005 CRT libraries
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Deutsch
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B90450DF-E781-46FD-B1F1-0C86DA40E443}" = PIF DESIGNER
"{B9BDA46B-2E17-4F43-9D7A-9B1E09A0A4D8}" = Data Sync
"{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1" = Emsisoft Anti-Malware
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BE90CE58-41DE-4708-9291-A9D1D49B1031}" = SecurDisc Viewer
"{BE94C681-68E2-4561-8ABC-8D2E799168B4}" = essentials
"{BFBCF96F-7361-486A-965C-54B17AC35421}" = ocr
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C72CA49A-9237-4810-8449-45DA3BD26D64}" = EzMessenger
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D92FF8EB-BD77-40AE-B68B-A6BFC6F8661D}" = Windows Live Family Safety
"{DA5BDB2A-12F0-4343-8351-21AAEB293990}" = PreReq
"{E0F274B7-592B-4669-8FB8-8D9825A09858}" = KODAK All-in-One Software
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E86BC406-944E-41F6-ADE6-2C136734C96B}" = EPSON File Manager
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EC905264-BCFE-423B-9C42-C3A106266790}" = SP2 compatibilità versioni precedenti Client Windows Rights Management
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{EF53BFAB-4C10-40DB-A82D-9B07111715C6}" = aioscnnr
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5930CDE-2FF5-4A8D-9DBD-3177C816D4A9}" = KODAK Share-Tastenanwendung
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"CCleaner" = CCleaner
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"Eee Docking_is1" = Eee Docking 1.3.1.0
"EeePC1005HA" = EeePC1005HA Screen Saver
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"EPSON Scanner" = EPSON Scan
"ESDX4800_4200 Benutzerhandbuch" = ESDX4800_4200 Benutzerhandbuch
"FBDBServer_2_5_is1" = Firebird 2.5.1.26351 (Win32)
"Glary Utilities_is1" = Glary Utilities 2.54.0.1758
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft AutoRoute Express EUR" = Microsoft AutoRoute Express Europa 98
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 19.0.2 (x86 de)" = Mozilla Firefox 19.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NAVIGON Fresh" = NAVIGON Fresh 3.2.0
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"OpenVPN" = OpenVPN 2.2.1
"PhotoStage" = PhotoStage Slideshow Producer
"PrintProjects" = PrintProjects
"Switch" = Switch Audiodatei-Konverter
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 1.1.9
"WavePad" = WavePad Audiobearbeitungs-Software
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 (32-Bit)
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 04.04.2013 05:28:49 | Computer Name = CRISTINA | Source = MsiInstaller | ID = 11310
Description = Product: ESET NOD32 Antivirus -- Fehler 1310. Fehler beim Schreiben
in Datei: C:\Programme\ESET\ESET NOD32 Antivirus\callmsi.exe. Systemfehler 0.
Überprüfen Sie, ob Sie auf das Verzeichnis zugreifen können.
Error - 04.04.2013 15:58:36 | Computer Name = CRISTINA | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 unspecified, P2 hardeningtelemetry, P3 hardeningtelemetrydisablertp,
P4 4.2.223.0, P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10
NIL.
Error - 04.04.2013 20:21:29 | Computer Name = CRISTINA | Source = MsiInstaller | ID = 11327
Description = Produkt: Windows Defender -- Fehler 1327. Ungültiges Laufwerk: K:\
Error - 05.04.2013 03:57:12 | Computer Name = CRISTINA | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 unspecified, P2 hardeningtelemetry, P3 hardeningtelemetrydisablertp,
P4 4.2.223.0, P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10
NIL.
[ System Events ]
Error - 05.04.2013 03:50:32 | Computer Name = CRISTINA | Source = PlugPlayManager | ID = 11
Description = Das Gerät "Root\LEGACY_EPFWTDIR\0000" wurde ohne vorbereitende Maßnahmen
vom System entfernt.
Error - 05.04.2013 03:51:04 | Computer Name = CRISTINA | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "netman"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
Error - 05.04.2013 03:51:12 | Computer Name = CRISTINA | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 05.04.2013 03:52:13 | Computer Name = CRISTINA | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Server" wurde mit folgendem Fehler beendet: %%2
Error - 05.04.2013 03:52:13 | Computer Name = CRISTINA | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%2
Error - 05.04.2013 03:56:11 | Computer Name = CRISTINA | Source = Service Control Manager | ID = 7034
Description = Dienst "Skype C2C Service" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 05.04.2013 09:17:23 | Computer Name = CRISTINA | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Server" wurde mit folgendem Fehler beendet: %%2
Error - 05.04.2013 09:17:23 | Computer Name = CRISTINA | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%2
Error - 05.04.2013 09:25:43 | Computer Name = CRISTINA | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Server" wurde mit folgendem Fehler beendet: %%2
Error - 05.04.2013 09:25:43 | Computer Name = CRISTINA | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%2
< End of report >
|
|
09.04.2013, 17:49
| #6 |
| | Beim Versuch Wiso Steuer 2011 zu deinstallieren werden alle Programme in Start gelöscht! Sorry!!! Hab mich vertan. Hier das Gmer.txt in mehreren Teilen geteilt: GMER 2.1.19163 - hxxp://www.gmer.net Rootkit scan 2013-04-05 20:22:11 Windows 5.1.2600 Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 Hitachi_ rev.FB2O 149,05GB Running: gmer_2.1.19163(1).exe; Driver: C:\DOKUME~1\CRISTI~1\LOKALE~1\Temp\fxldqpoc.sys ---- System - GMER 2.1 ---- SSDT \WINDOWS\system32\ntkrnlpa.exe ZwAcceptConnectPort [0x805A4638] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwAccessCheck [0x805F12E0] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwAccessCheckAndAuditAlarm [0x805F4B16] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwAccessCheckByType [0x805F1312] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwAccessCheckByTypeAndAuditAlarm [0x805F4B50] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwAccessCheckByTypeResultList [0x805F1348] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwAccessCheckByTypeResultListAndAuditAlarm [0x805F4B94] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwAccessCheckByTypeResultListAndAuditAlarmByHandle [0x805F4BD8] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwAddAtom [0x80615D76] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwAddBootEntry [0x80616FDA] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwAdjustGroupsToken [0x805EC6DE] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwAdjustPrivilegesToken [0x805EC336] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwAlertResumeThread [0x805D4BDC] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwAlertThread [0x805D4B8C] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwAllocateLocallyUniqueId [0x8061639C] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwAllocateUserPhysicalPages [0x805B5FBE] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwAllocateUuids [0x806159B8] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwAllocateVirtualMemory [0x805A8AC2] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwAreMappedFilesTheSame [0x805B05D2] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwAssignProcessToJobObject [0x805D66A0] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwCallbackReturn [0x805018F8] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwCancelDeviceWakeupRequest [0x805C8678] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwCancelIoFile [0x80576B04] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwCancelTimer [0x80538C7E] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwClearEvent [0x8060EF86] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwClose [0x805BC538] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwCloseObjectAuditAlarm [0x805F5050] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwCompactKeys [0x80623D30] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwCompareTokens [0x805F9564] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwCompleteConnectPort [0x805A4D26] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwCompressKey [0x80623F84] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwConnectPort [0x805A45D8] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwContinue [0x80544F34] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwCreateDebugObject [0x80642ACC] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwCreateDirectoryObject [0x805BE4E8] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwCreateEvent [0x8060EFD6] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwCreateEventPair [0x80617320] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwCreateFile [0x805790A2] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwCreateIoCompletion [0x80578A80] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwCreateJobObject [0x805D5664] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwCreateJobSet [0x805D539C] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwCreateKey [0x80624160] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwCreateMailslotFile [0x805791B0] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwCreateMutant [0x80617718] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwCreateNamedPipeFile [0x805790DC] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwCreatePagingFile [0x805AB9F6] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwCreatePort [0x805A50F4] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwCreateProcess [0x805D1250] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwCreateProcessEx [0x805D119A] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwCreateProfile [0x80617B38] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwCreateSection [0x805AB3D0] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwCreateSemaphore [0x806150D6] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwCreateSymbolicLinkObject [0x805C3A02] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwCreateThread [0x805D1038] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwCreateTimer [0x80616FE8] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwCreateToken [0x805F990C] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwCreateWaitablePort [0x805A5118] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwDebugActiveProcess [0x80643BA8] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwDebugContinue [0x80643CF8] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwDelayExecution [0x806169FA] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwDeleteAtom [0x8061622C] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwDeleteFile [0x80576C4A] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwDeleteKey [0x806245FC] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwDeleteObjectAuditAlarm [0x805F515C] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwDeleteValueKey [0x806247CC] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwDeviceIoControlFile [0x80579268] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwDisplayString [0x80613054] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwDuplicateObject [0x805BE010] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwDuplicateToken [0x805ED58C] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwEnumerateKey [0x806249AC] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwEnumerateSystemEnvironmentValuesEx [0x80616A9C] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwEnumerateValueKey [0x80624C16] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwExtendSection [0x805B3CDE] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwFilterToken [0x805ED738] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwFindAtom [0x80615FE0] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwFlushBuffersFile [0x80576D16] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwFlushInstructionCache [0x805B6852] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwFlushKey [0x80624E80] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwFlushVirtualMemory [0x805AC724] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwFlushWriteBuffer [0x805B67F4] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwFreeUserPhysicalPages [0x805B6360] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwFreeVirtualMemory [0x805B2FBA] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwFsControlFile [0x8057929C] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwGetContextThread [0x805D2A0A] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwGetDevicePowerState [0x805C869A] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwGetPlugPlayEvent [0x8059914E] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwGetWriteWatch [0x805211FE] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwImpersonateAnonymousToken [0x805F9258] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwImpersonateClientOfPort [0x805A5182] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwImpersonateThread [0x805D7860] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwInitializeRegistry [0x806222A2] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwInitiatePowerAction [0x805C8472] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwIsProcessInJob [0x805D5260] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwIsSystemResumeAutomatic [0x805C8686] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwListenPort [0x805A538E] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwLoadDriver [0x80584172] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwLoadKey [0x80626384] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwLoadKey2 [0x80625F90] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwLockFile [0x805792D0] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwLockProductActivationKeys [0x80613646] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwLockRegistryKey [0x80624030] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwLockVirtualMemory [0x805B695A] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwMakePermanentObject [0x805BE2DE] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwMakeTemporaryObject [0x805BC5DC] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwMapUserPhysicalPages [0x805B541E] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwMapUserPhysicalPagesScatter [0x805B596E] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwMapViewOfSection [0x805B2042] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwNotifyChangeDirectoryFile [0x80579EE8] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwNotifyChangeKey [0x8062634E] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwNotifyChangeMultipleKeys [0x80624F82] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwOpenDirectoryObject [0x805BE5BA] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwOpenEvent [0x8060F0D6] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwOpenEventPair [0x806173F8] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwOpenFile [0x8057A1A0] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwOpenIoCompletion [0x80578B58] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwOpenJobObject [0x805D57EA] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwOpenKey [0x8062553E] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwOpenMutant [0x806177F0] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwOpenObjectAuditAlarm [0x805F4C1E] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwOpenProcess [0x805CB456] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwOpenProcessToken [0x805EDF26] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwOpenProcessTokenEx [0x805EDB8A] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwOpenSection [0x805AA3F4] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwOpenSemaphore [0x806151D0] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwOpenSymbolicLinkObject [0x805C3BE8] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwOpenThread [0x805CB6E2] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwOpenThreadToken [0x805EDF44] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwOpenThreadTokenEx [0x805EDCFA] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwOpenTimer [0x8061710A] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwPlugPlayControl [0x80645D9A] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwPowerInformation [0x805C9508] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwPrivilegeCheck [0x805F830A] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwPrivilegeObjectAuditAlarm [0x805F3F30] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwPrivilegedServiceAuditAlarm [0x805F411C] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwProtectVirtualMemory [0x805B8426] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwPulseEvent [0x8060F18E] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwQueryAttributesFile [0x80576EF4] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwQueryDebugFilterState [0x8053FC6E] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwQueryDefaultLocale [0x80610D80] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwQueryDefaultUILanguage [0x806119E0] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwQueryDirectoryFile [0x80579E82] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwQueryDirectoryObject [0x805BE65A] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwQueryEaFile [0x8057A1D0] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwQueryEvent [0x8060F256] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwQueryFullAttributesFile [0x80577048] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwQueryInformationAtom [0x80616254] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwQueryInformationFile [0x8057AA3C] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwQueryInformationJobObject [0x805D5CBC] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwQueryInformationPort [0x805A53EC] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwQueryInformationProcess [0x805CCFAA] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwQueryInformationThread [0x805CBBD8] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwQueryInformationToken [0x805EE024] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwQueryInstallUILanguage [0x8061117E] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwQueryIntervalProfile [0x80617FBA] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwQueryIoCompletion [0x80578C00] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwQueryKey [0x80625880] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwQueryMultipleValueKey [0x806232AE] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwQueryMutant [0x80617898] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwQueryObject [0x805C52D4] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwQueryOpenSubKeys [0x8062395A] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwQueryPerformanceCounter [0x80618048] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwQueryQuotaInformationFile [0x8057B81E] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwQuerySection [0x805B85E8] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwQuerySecurityObject [0x805C00A2] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwQuerySemaphore [0x80615288] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwQuerySymbolicLinkObject [0x805C3C88] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwQuerySystemEnvironmentValue [0x80616AB8] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwQuerySystemEnvironmentValueEx [0x80616A8E] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwQuerySystemInformation [0x80611A60] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwQuerySystemTime [0x80613220] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwQueryTimer [0x806171C2] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwQueryTimerResolution [0x806132B2] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwQueryValueKey [0x80622384] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwQueryVirtualMemory [0x805B8C76] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwQueryVolumeInformationFile [0x8057BD08] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwQueueApcThread [0x805D2756] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwRaiseException [0x80544F7C] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwRaiseHardError [0x80614EFA] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwReadFile [0x8057C4A8] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwReadFileScatter [0x8057CA12] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwReadRequestData [0x805A5E74] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwReadVirtualMemory [0x805B42CA] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwRegisterThreadTerminatePort [0x805D1870] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwReleaseMutant [0x806179D0] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwReleaseSemaphore [0x806153B8] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwRemoveIoCompletion [0x80578EF8] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwRemoveProcessDebug [0x80643C78] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwRenameKey [0x80623B82] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwReplaceKey [0x80626234] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwReplyPort [0x805A54F4] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwReplyWaitReceivePort [0x805A64BC] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwReplyWaitReceivePortEx [0x805A5EC4] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwReplyWaitReplyPort [0x805A57DE] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwRequestDeviceWakeup [0x805C860A] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwRequestPort [0x805A2A52] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwRequestWaitReplyPort [0x805A2D7E] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwRequestWakeupLatency [0x805C8418] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwResetEvent [0x8060F368] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwResetWriteWatch [0x805216E6] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwRestoreKey [0x80625B40] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwResumeProcess [0x805D4B36] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwResumeThread [0x805D4A18] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwSaveKey [0x80625C3C] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwSaveKeyEx [0x80625D22] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwSaveMergedKeys [0x80625E4A] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwSecureConnectPort [0x805A3D6C] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwSetContextThread [0x805D2C1A] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwSetDebugFilterState [0x80646930] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwSetDefaultHardErrorPort [0x80614DA4] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwSetDefaultLocale [0x80610ED0] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwSetDefaultUILanguage [0x80611742] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwSetEaFile [0x8057A6E4] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwSetEvent [0x8060F428] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwSetEventBoostPriority [0x8060F4F2] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwSetHighEventPair [0x806176B4] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwSetHighWaitLowEventPair [0x806175E4] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwSetInformationDebugObject [0x80643642] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwSetInformationFile [0x8057B02E] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwSetInformationJobObject [0x805D69CA] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwSetInformationKey [0x80622E7A] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwSetInformationObject [0x805C484A] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwSetInformationProcess [0x805CDEA0] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwSetInformationThread [0x805CC124] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwSetInformationToken [0x805FA686] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwSetIntervalProfile [0x80617B1C] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwSetIoCompletion [0x80578E96] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwSetLdtEntries [0x805D3962] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwSetLowEventPair [0x80617650] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwSetLowWaitHighEventPair [0x80617578] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwSetQuotaInformationFile [0x8057B7FC] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwSetSecurityObject [0x805C0636] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwSetSystemEnvironmentValue [0x80616D3C] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwSetSystemInformation [0x8060FD8E] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwSetSystemPowerState [0x80653E18] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwSetSystemTime [0x80614528] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwSetThreadExecutionState [0x805C832C] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwSetTimer [0x80538E0E] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwSetTimerResolution [0x806139FA] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwSetUuidSeed [0x8061586E] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwSetValueKey [0x806226D2] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwSetVolumeInformationFile [0x8057C112] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwShutdownSystem [0x80613018] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwSignalAndWaitForSingleObject [0x805267DC] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwStartProfile [0x80617D66] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwStopProfile [0x80617F10] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwSuspendProcess [0x805D4AE0] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwSuspendThread [0x805D4952] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwSystemDebugControl [0x80618134] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwTerminateJobObject [0x805D755E] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwTerminateProcess [0x805D22D8] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwTerminateThread [0x805D24D2] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwTestAlert [0x805D4CA0] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwTraceEvent [0x805351AE] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwTranslateFilePath [0x80616AAA] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwUnloadDriver [0x80584306] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwUnloadKey [0x806229FC] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwUnloadKeyEx [0x80622C1E] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwUnlockFile [0x80579674] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwUnlockVirtualMemory [0x805B6EE8] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwUnmapViewOfSection [0x805B2E50] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwVdmControl [0x805FBA3E] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwWaitForDebugEvent [0x806433AA] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwWaitForMultipleObjects [0x805C07EC] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwWaitForSingleObject [0x805C0702] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwWaitHighEventPair [0x80617514] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwWaitLowEventPair [0x806174B0] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwWriteFile [0x8057CF10] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwWriteFileGather [0x8057D4F4] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwWriteRequestData [0x805A5E9C] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwWriteVirtualMemory [0x805B43D4] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwYieldExecution [0x80504B5C] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwCreateKeyedEvent [0x8061858C] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwOpenKeyedEvent [0x80618676] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwReleaseKeyedEvent [0x80618728] SSDT \WINDOWS\system32\ntkrnlpa.exe ZwWaitForKeyedEvent [0x80618984] SSDT \WINDOWS\system32\ntkrnlpa.exe |
|
09.04.2013, 17:50
| #7 |
| | Beim Versuch Wiso Steuer 2011 zu deinstallieren werden alle Programme in Start gelöscht! weiter zu Gmer.txt: Code:
ATTFilter INT 0x00 \WINDOWS\system32\ntkrnlpa.exe 80542250
INT 0x01 \WINDOWS\system32\ntkrnlpa.exe 805423CC
INT 0x03 \WINDOWS\system32\ntkrnlpa.exe 805427E0
INT 0x04 \WINDOWS\system32\ntkrnlpa.exe 80542960
INT 0x05 \WINDOWS\system32\ntkrnlpa.exe 80542AC0
INT 0x06 \WINDOWS\system32\ntkrnlpa.exe 80542C34
INT 0x07 \WINDOWS\system32\ntkrnlpa.exe 805432AC
INT 0x09 \WINDOWS\system32\ntkrnlpa.exe 805436B0
INT 0x0A \WINDOWS\system32\ntkrnlpa.exe 805437D0
INT 0x0B \WINDOWS\system32\ntkrnlpa.exe 80543910
INT 0x0C \WINDOWS\system32\ntkrnlpa.exe 80543B70
INT 0x0D \WINDOWS\system32\ntkrnlpa.exe 80543E5C
INT 0x0E \WINDOWS\system32\ntkrnlpa.exe 80544570
INT 0x0F \WINDOWS\system32\ntkrnlpa.exe 805448A8
INT 0x10 \WINDOWS\system32\ntkrnlpa.exe 805449C8
INT 0x11 \WINDOWS\system32\ntkrnlpa.exe 80544B04
INT 0x12 \WINDOWS\system32\ntkrnlpa.exe 805448A8
INT 0x13 \WINDOWS\system32\ntkrnlpa.exe 80544C6C
INT 0x14 \WINDOWS\system32\ntkrnlpa.exe 805448A8
INT 0x15 \WINDOWS\system32\ntkrnlpa.exe 805448A8
INT 0x16 \WINDOWS\system32\ntkrnlpa.exe 805448A8
INT 0x17 \WINDOWS\system32\ntkrnlpa.exe 805448A8
INT 0x18 \WINDOWS\system32\ntkrnlpa.exe 805448A8
INT 0x19 \WINDOWS\system32\ntkrnlpa.exe 805448A8
INT 0x1A \WINDOWS\system32\ntkrnlpa.exe 805448A8
INT 0x1B \WINDOWS\system32\ntkrnlpa.exe 805448A8
INT 0x1C \WINDOWS\system32\ntkrnlpa.exe 805448A8
INT 0x1D \WINDOWS\system32\ntkrnlpa.exe 805448A8
INT 0x1E \WINDOWS\system32\ntkrnlpa.exe 805448A8
INT 0x1F \WINDOWS\system32\hal.dll 806E810C
INT 0x2A \WINDOWS\system32\ntkrnlpa.exe 80541A7E
INT 0x2B \WINDOWS\system32\ntkrnlpa.exe 80541B80
INT 0x2C \WINDOWS\system32\ntkrnlpa.exe 80541D30
INT 0x2D \WINDOWS\system32\ntkrnlpa.exe 805426BC
INT 0x2E \WINDOWS\system32\ntkrnlpa.exe 80541501
INT 0x2F \WINDOWS\system32\ntkrnlpa.exe 805448A8
INT 0x30 \WINDOWS\system32\ntkrnlpa.exe 80540BC0
INT 0x31 \WINDOWS\system32\ntkrnlpa.exe 80540BCA
INT 0x32 \WINDOWS\system32\ntkrnlpa.exe 80540BD4
INT 0x33 \WINDOWS\system32\ntkrnlpa.exe 80540BDE
INT 0x34 \WINDOWS\system32\ntkrnlpa.exe 80540BE8
INT 0x35 \WINDOWS\system32\ntkrnlpa.exe 80540BF2
INT 0x36 \WINDOWS\system32\ntkrnlpa.exe 80540BFC
INT 0x37 \WINDOWS\system32\hal.dll 806E7864
INT 0x38 \WINDOWS\system32\ntkrnlpa.exe 80540C10
INT 0x39 \WINDOWS\system32\ntkrnlpa.exe 80540C1A
INT 0x3A \WINDOWS\system32\ntkrnlpa.exe 80540C24
INT 0x3B \WINDOWS\system32\ntkrnlpa.exe 80540C2E
INT 0x3C \WINDOWS\system32\ntkrnlpa.exe 80540C38
INT 0x3D \WINDOWS\system32\hal.dll 806E8E2C
INT 0x3E \WINDOWS\system32\ntkrnlpa.exe 80540C4C
INT 0x3F \WINDOWS\system32\ntkrnlpa.exe 80540C56
INT 0x40 \WINDOWS\system32\ntkrnlpa.exe 80540C60
INT 0x41 \WINDOWS\system32\hal.dll 806E8C88
INT 0x42 \WINDOWS\system32\ntkrnlpa.exe 80540C74
INT 0x43 \WINDOWS\system32\ntkrnlpa.exe 80540C7E
INT 0x44 \WINDOWS\system32\ntkrnlpa.exe 80540C88
INT 0x45 \WINDOWS\system32\ntkrnlpa.exe 80540C92
INT 0x46 \WINDOWS\system32\ntkrnlpa.exe 80540C9C
INT 0x47 \WINDOWS\system32\ntkrnlpa.exe 80540CA6
INT 0x48 \WINDOWS\system32\ntkrnlpa.exe 80540CB0
INT 0x49 \WINDOWS\system32\ntkrnlpa.exe 80540CBA
INT 0x4A \WINDOWS\system32\ntkrnlpa.exe 80540CC4
INT 0x4B \WINDOWS\system32\ntkrnlpa.exe 80540CCE
INT 0x4C \WINDOWS\system32\ntkrnlpa.exe 80540CD8
INT 0x4D \WINDOWS\system32\ntkrnlpa.exe 80540CE2
INT 0x4E \WINDOWS\system32\ntkrnlpa.exe 80540CEC
INT 0x4F \WINDOWS\system32\ntkrnlpa.exe 80540CF6
INT 0x50 \WINDOWS\system32\hal.dll 806E793C
INT 0x51 \WINDOWS\system32\ntkrnlpa.exe 80540D0A
INT 0x52 \WINDOWS\system32\ntkrnlpa.exe 80540D14
INT 0x53 \WINDOWS\system32\ntkrnlpa.exe 80540D1E
INT 0x54 \WINDOWS\system32\ntkrnlpa.exe 80540D28
INT 0x55 \WINDOWS\system32\ntkrnlpa.exe 80540D32
INT 0x56 \WINDOWS\system32\ntkrnlpa.exe 80540D3C
INT 0x57 \WINDOWS\system32\ntkrnlpa.exe 80540D46
INT 0x58 \WINDOWS\system32\ntkrnlpa.exe 80540D50
INT 0x59 \WINDOWS\system32\ntkrnlpa.exe 80540D5A
INT 0x5A \WINDOWS\system32\ntkrnlpa.exe 80540D64
INT 0x5B \WINDOWS\system32\ntkrnlpa.exe 80540D6E
INT 0x5C \WINDOWS\system32\ntkrnlpa.exe 80540D78
INT 0x5D \WINDOWS\system32\ntkrnlpa.exe 80540D82
INT 0x5E \WINDOWS\system32\ntkrnlpa.exe 80540D8C
INT 0x5F \WINDOWS\system32\ntkrnlpa.exe 80540D96
INT 0x60 \WINDOWS\system32\ntkrnlpa.exe 80540DA0
INT 0x61 \WINDOWS\system32\ntkrnlpa.exe 80540DAA
INT 0x62 atapi.sys B9F3567E
INT 0x63 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS B884DCB8
INT 0x64 \WINDOWS\system32\ntkrnlpa.exe 80540DC8
INT 0x65 \WINDOWS\system32\ntkrnlpa.exe 80540DD2
INT 0x66 \WINDOWS\system32\ntkrnlpa.exe 80540DDC
INT 0x67 \WINDOWS\system32\ntkrnlpa.exe 80540DE6
INT 0x68 \WINDOWS\system32\ntkrnlpa.exe 80540DF0
INT 0x69 \WINDOWS\system32\ntkrnlpa.exe 80540DFA
INT 0x6A \WINDOWS\system32\ntkrnlpa.exe 80540E04
INT 0x6B \WINDOWS\system32\ntkrnlpa.exe 80540E0E
INT 0x6C \WINDOWS\system32\ntkrnlpa.exe 80540E18
INT 0x6D \WINDOWS\system32\ntkrnlpa.exe 80540E22
INT 0x6E \WINDOWS\system32\ntkrnlpa.exe 80540E2C
INT 0x6F \WINDOWS\system32\ntkrnlpa.exe 80540E36
INT 0x70 \WINDOWS\system32\ntkrnlpa.exe 80540E40
INT 0x71 \WINDOWS\system32\ntkrnlpa.exe 80540E4A
INT 0x72 \WINDOWS\system32\ntkrnlpa.exe 80540E54
INT 0x73 \WINDOWS\system32\ntkrnlpa.exe 80540E5E
INT 0x74 \WINDOWS\system32\ntkrnlpa.exe 80540E68
INT 0x75 \WINDOWS\system32\ntkrnlpa.exe 80540E72
INT 0x76 \WINDOWS\system32\ntkrnlpa.exe 80540E7C
INT 0x77 \WINDOWS\system32\ntkrnlpa.exe 80540E86
INT 0x78 \WINDOWS\system32\ntkrnlpa.exe 80540E90
INT 0x79 \WINDOWS\system32\ntkrnlpa.exe 80540E9A
INT 0x7A \WINDOWS\system32\ntkrnlpa.exe 80540EA4
INT 0x7B \WINDOWS\system32\ntkrnlpa.exe 80540EAE
INT 0x7C \WINDOWS\system32\ntkrnlpa.exe 80540EB8
INT 0x7D \WINDOWS\system32\ntkrnlpa.exe 80540EC2
INT 0x7E \WINDOWS\system32\ntkrnlpa.exe 80540ECC
INT 0x7F \WINDOWS\system32\ntkrnlpa.exe 80540ED6
INT 0x80 \WINDOWS\system32\ntkrnlpa.exe 80540EE0
INT 0x81 \WINDOWS\system32\ntkrnlpa.exe 80540EEA
INT 0x82 \WINDOWS\system32\ntkrnlpa.exe 80540EF4
INT 0x83 NDIS.sys B9D2CE10
INT 0x84 \WINDOWS\system32\ntkrnlpa.exe 80540F08
INT 0x85 \WINDOWS\system32\ntkrnlpa.exe 80540F12
INT 0x86 \WINDOWS\system32\ntkrnlpa.exe 80540F1C
INT 0x87 \WINDOWS\system32\ntkrnlpa.exe 80540F26
INT 0x88 \WINDOWS\system32\ntkrnlpa.exe 80540F30
INT 0x89 \WINDOWS\system32\ntkrnlpa.exe 80540F3A
INT 0x8A \WINDOWS\system32\ntkrnlpa.exe 80540F44
INT 0x8B \WINDOWS\system32\ntkrnlpa.exe 80540F4E
INT 0x8C \WINDOWS\system32\ntkrnlpa.exe 80540F58
INT 0x8D \WINDOWS\system32\ntkrnlpa.exe 80540F62
INT 0x8E \WINDOWS\system32\ntkrnlpa.exe 80540F6C
INT 0x8F \WINDOWS\system32\ntkrnlpa.exe 80540F76
INT 0x90 \WINDOWS\system32\ntkrnlpa.exe 80540F80
INT 0x91 \WINDOWS\system32\ntkrnlpa.exe 80540F8A
INT 0x92 \WINDOWS\system32\ntkrnlpa.exe 80540F94
INT 0x93 \SystemRoot\system32\DRIVERS\i8042prt.sys BA1B8495
INT 0x94 \SystemRoot\system32\DRIVERS\HDAudBus.sys B8826DFC
INT 0x95 \WINDOWS\system32\ntkrnlpa.exe 80540FB2
INT 0x96 \WINDOWS\system32\ntkrnlpa.exe 80540FBC
INT 0x97 \WINDOWS\system32\ntkrnlpa.exe 80540FC6
INT 0x98 \WINDOWS\system32\ntkrnlpa.exe 80540FD0
INT 0x99 \WINDOWS\system32\ntkrnlpa.exe 80540FDA
INT 0x9A \WINDOWS\system32\ntkrnlpa.exe 80540FE4
INT 0x9B \WINDOWS\system32\ntkrnlpa.exe 80540FEE
INT 0x9C \WINDOWS\system32\ntkrnlpa.exe 80540FF8
INT 0x9D \WINDOWS\system32\ntkrnlpa.exe 80541002
INT 0x9E \WINDOWS\system32\ntkrnlpa.exe 8054100C
INT 0x9F \WINDOWS\system32\ntkrnlpa.exe 80541016
INT 0xA0 \WINDOWS\system32\ntkrnlpa.exe 80541020
INT 0xA1 \WINDOWS\system32\ntkrnlpa.exe 8054102A
INT 0xA2 \WINDOWS\system32\ntkrnlpa.exe 80541034
INT 0xA3 \SystemRoot\system32\DRIVERS\i8042prt.sys BA1BFC90
INT 0xA4 \SystemRoot\system32\DRIVERS\USBPORT.SYS B86A4E54
INT 0xA5 \WINDOWS\system32\ntkrnlpa.exe 80541052
INT 0xA6 \WINDOWS\system32\ntkrnlpa.exe 8054105C
INT 0xA7 \WINDOWS\system32\ntkrnlpa.exe 80541066
INT 0xA8 \WINDOWS\system32\ntkrnlpa.exe 80541070
INT 0xA9 \WINDOWS\system32\ntkrnlpa.exe 8054107A
INT 0xAA \WINDOWS\system32\ntkrnlpa.exe 80541084
INT 0xAB \WINDOWS\system32\ntkrnlpa.exe 8054108E
INT 0xAC \WINDOWS\system32\ntkrnlpa.exe 80541098
INT 0xAD \WINDOWS\system32\ntkrnlpa.exe 805410A2
INT 0xAE \WINDOWS\system32\ntkrnlpa.exe 805410AC
INT 0xAF \WINDOWS\system32\ntkrnlpa.exe 805410B6
INT 0xB0 \WINDOWS\system32\ntkrnlpa.exe 805410C0
INT 0xB1 ACPI.sys B9F8331E
INT 0xB2 \WINDOWS\system32\ntkrnlpa.exe 805410D4
INT 0xB3 \WINDOWS\system32\ntkrnlpa.exe 805410DE
INT 0xB4 iaStor.sys B9E999D6
INT 0xB5 \WINDOWS\system32\ntkrnlpa.exe 805410F2
INT 0xB6 \WINDOWS\system32\ntkrnlpa.exe 805410FC
INT 0xB7 \WINDOWS\system32\ntkrnlpa.exe 80541106
INT 0xB8 \WINDOWS\system32\ntkrnlpa.exe 80541110
INT 0xB9 \WINDOWS\system32\ntkrnlpa.exe 8054111A
INT 0xBA \WINDOWS\system32\ntkrnlpa.exe 80541124
INT 0xBB \WINDOWS\system32\ntkrnlpa.exe 8054112E
INT 0xBC \WINDOWS\system32\ntkrnlpa.exe 80541138
INT 0xBD \WINDOWS\system32\ntkrnlpa.exe 80541142
INT 0xBE \WINDOWS\system32\ntkrnlpa.exe 8054114C
INT 0xBF \WINDOWS\system32\ntkrnlpa.exe 80541156
INT 0xC0 \WINDOWS\system32\ntkrnlpa.exe 80541160
INT 0xC1 \WINDOWS\system32\hal.dll 806E7AC0
INT 0xC2 \WINDOWS\system32\ntkrnlpa.exe 80541174
INT 0xC3 \WINDOWS\system32\ntkrnlpa.exe 8054117E
INT 0xC4 \WINDOWS\system32\ntkrnlpa.exe 80541188
INT 0xC5 \WINDOWS\system32\ntkrnlpa.exe 80541192
INT 0xC6 \WINDOWS\system32\ntkrnlpa.exe 8054119C
INT 0xC7 \WINDOWS\system32\ntkrnlpa.exe 805411A6
INT 0xC8 \WINDOWS\system32\ntkrnlpa.exe 805411B0
INT 0xC9 \WINDOWS\system32\ntkrnlpa.exe 805411BA
INT 0xCA \WINDOWS\system32\ntkrnlpa.exe 805411C4
INT 0xCB \WINDOWS\system32\ntkrnlpa.exe 805411CE
INT 0xCC \WINDOWS\system32\ntkrnlpa.exe 805411D8
INT 0xCD \WINDOWS\system32\ntkrnlpa.exe 805411E2
INT 0xCE \WINDOWS\system32\ntkrnlpa.exe 805411EC
INT 0xCF \WINDOWS\system32\ntkrnlpa.exe 805411F6
INT 0xD0 \WINDOWS\system32\ntkrnlpa.exe 80541200
INT 0xD1 \WINDOWS\system32\hal.dll 806E72A0
INT 0xD2 \WINDOWS\system32\ntkrnlpa.exe 80541214
INT 0xD3 \WINDOWS\system32\ntkrnlpa.exe 8054121E
INT 0xD4 \WINDOWS\system32\ntkrnlpa.exe 80541228
INT 0xD5 \WINDOWS\system32\ntkrnlpa.exe 80541232
INT 0xD6 \WINDOWS\system32\ntkrnlpa.exe 8054123C
INT 0xD7 \WINDOWS\system32\ntkrnlpa.exe 80541246
INT 0xD8 \WINDOWS\system32\ntkrnlpa.exe 80541250
INT 0xD9 \WINDOWS\system32\ntkrnlpa.exe 8054125A
INT 0xDA \WINDOWS\system32\ntkrnlpa.exe 80541264
INT 0xDB \WINDOWS\system32\ntkrnlpa.exe 8054126E
INT 0xDC \WINDOWS\system32\ntkrnlpa.exe 80541278
INT 0xDD \WINDOWS\system32\ntkrnlpa.exe 80541282
INT 0xDE \WINDOWS\system32\ntkrnlpa.exe 8054128C
INT 0xDF \WINDOWS\system32\ntkrnlpa.exe 80541296
INT 0xE0 \WINDOWS\system32\ntkrnlpa.exe 805412A0
INT 0xE1 \WINDOWS\system32\hal.dll 806E8048
INT 0xE2 \WINDOWS\system32\ntkrnlpa.exe 805412B4
INT 0xE3 \WINDOWS\system32\hal.dll 806E7DAC
INT 0xE4 \WINDOWS\system32\ntkrnlpa.exe 805412C8
INT 0xE5 \WINDOWS\system32\ntkrnlpa.exe 805412D2
INT 0xE6 \WINDOWS\system32\ntkrnlpa.exe 805412DC
INT 0xE7 \WINDOWS\system32\ntkrnlpa.exe 805412E6
INT 0xE8 \WINDOWS\system32\ntkrnlpa.exe 805412F0
INT 0xE9 \WINDOWS\system32\ntkrnlpa.exe 805412FA
INT 0xEA \WINDOWS\system32\ntkrnlpa.exe 80541304
INT 0xEB \WINDOWS\system32\ntkrnlpa.exe 8054130E
INT 0xEC \WINDOWS\system32\ntkrnlpa.exe 80541318
INT 0xED \WINDOWS\system32\ntkrnlpa.exe 80541322
INT 0xEE \WINDOWS\system32\ntkrnlpa.exe 80541329
INT 0xEF \WINDOWS\system32\ntkrnlpa.exe 80541330
INT 0xF0 \WINDOWS\system32\ntkrnlpa.exe 80541337
INT 0xF1 \WINDOWS\system32\ntkrnlpa.exe 8054133E
INT 0xF2 \WINDOWS\system32\ntkrnlpa.exe 80541345
INT 0xF3 \WINDOWS\system32\ntkrnlpa.exe 8054134C
INT 0xF4 \WINDOWS\system32\ntkrnlpa.exe 80541353
INT 0xF5 \WINDOWS\system32\ntkrnlpa.exe 8054135A
INT 0xF6 \WINDOWS\system32\ntkrnlpa.exe 80541361
INT 0xF7 \WINDOWS\system32\ntkrnlpa.exe 80541368
INT 0xF8 \WINDOWS\system32\ntkrnlpa.exe 8054136F
INT 0xF9 \WINDOWS\system32\ntkrnlpa.exe 80541376
INT 0xFA \WINDOWS\system32\ntkrnlpa.exe 8054137D
INT 0xFB \WINDOWS\system32\ntkrnlpa.exe 80541384
INT 0xFC \WINDOWS\system32\ntkrnlpa.exe 8054138B
INT 0xFD \WINDOWS\system32\hal.dll 806E85A8
INT 0xFE \WINDOWS\system32\hal.dll 806E8748
INT 0xFF \WINDOWS\system32\ntkrnlpa.exe 805413A0
|
|
09.04.2013, 17:51
| #8 |
| | Beim Versuch Wiso Steuer 2011 zu deinstallieren werden alle Programme in Start gelöscht! ..... Code:
ATTFilter SYSENTER \WINDOWS\system32\ntkrnlpa.exe 805415D0
---- Kernel code sections - GMER 2.1 ----
.text ntkrnlpa.exe!KeReleaseInStackQueuedSpinLockFromDpcLevel + C72 805417CA 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 2BE 80545D3E 18 Bytes [E0, 25, 7F, FF, FF, FF, 0F, ...]
.text ntkrnlpa.exe!KiDispatchInterrupt + 2D6 80545D56 1 Byte [00]
.text ntkrnlpa.exe!RtlPrefetchMemoryNonTemporal 80546744 1 Byte [90]
.text hal.dll!HalBeginSystemInterrupt + 972 806E98DA 3 Bytes [01, 0E, 38]
.text hal.dll!HalBeginSystemInterrupt + 978 806E98E0 2 Bytes [04, 0E] {ADD AL, 0xe}
.text hal.dll!HalBeginSystemInterrupt + 97C 806E98E4 4 Bytes [03, 7E, 80, 5E] {ADD EDI, [ESI-0x80]; POP ESI}
.text hal.dll!HalBeginSystemInterrupt + 982 806E98EA 1 Byte [03]
.text hal.dll!HalBeginSystemInterrupt + 982 806E98EA 3 Bytes [03, 00, 38]
.text ...
---- User code sections - GMER 2.1 ----
.text C:\Programme\Emsisoft Anti-Malware\a2service.exe[192] a2service.exe!ExceptionManager 00406394 4 Bytes JMP 004B34A4 C:\Programme\Emsisoft Anti-Malware\a2service.exe
.text C:\Programme\Emsisoft Anti-Malware\a2service.exe[192] a2service.exe!ExceptionManager + 47784 004FA1B4 5 Bytes JMP 004B2C40 C:\Programme\Emsisoft Anti-Malware\a2service.exe
.text C:\Programme\Emsisoft Anti-Malware\a2service.exe[192] a2service.exe!ExceptionManager + 47994 004FA3C4 5 Bytes JMP 004B2CB4 C:\Programme\Emsisoft Anti-Malware\a2service.exe
.text C:\Programme\Emsisoft Anti-Malware\a2service.exe[192] a2service.exe!ExceptionManager + 83CCC 005366FC 3 Bytes [34, 13, 4B] {XOR AL, 0x13; DEC EBX}
.text C:\Programme\Emsisoft Anti-Malware\a2service.exe[192] a2service.exe!ExceptionManager + 858F8 00538328 5 Bytes JMP 004B33C0 C:\Programme\Emsisoft Anti-Malware\a2service.exe
.text ...
.itext C:\Programme\Emsisoft Anti-Malware\a2service.exe[192] C:\Programme\Emsisoft Anti-Malware\a2service.exe entry point in ".itext" section [0x00652870]
.text C:\Programme\Emsisoft Anti-Malware\a2service.exe[192] quarantine.dll!PackSubmitFileEx 01666524 4 Bytes JMP 01712D98 C:\Programme\Emsisoft Anti-Malware\quarantine.dll
.text C:\Programme\Emsisoft Anti-Malware\a2service.exe[192] quarantine.dll!ExceptionManager + BE5D4 017D08F8 5 Bytes JMP 01712534 C:\Programme\Emsisoft Anti-Malware\quarantine.dll
.text C:\Programme\Emsisoft Anti-Malware\a2service.exe[192] quarantine.dll!ExceptionManager + BE7E4 017D0B08 5 Bytes JMP 017125A8 C:\Programme\Emsisoft Anti-Malware\quarantine.dll
.text C:\Programme\Emsisoft Anti-Malware\a2service.exe[192] quarantine.dll!PackSubmitFileEx + 5C0 01836D00 3 Bytes [74, 43, 71]
.itext C:\Programme\Emsisoft Anti-Malware\a2service.exe[192] C:\Programme\Emsisoft Anti-Malware\quarantine.dll entry point in ".itext" section [0x0183F450]
.text C:\Programme\Emsisoft Anti-Malware\a2service.exe[192] a2update.dll!GetDatabaseStatus 043062F0 4 Bytes JMP 043B3198 C:\Programme\Emsisoft Anti-Malware\a2update.dll
.text C:\Programme\Emsisoft Anti-Malware\a2service.exe[192] a2update.dll!ExceptionManager + C7058 0447977C 5 Bytes JMP 043B2934 C:\Programme\Emsisoft Anti-Malware\a2update.dll
.text C:\Programme\Emsisoft Anti-Malware\a2service.exe[192] a2update.dll!ExceptionManager + C7268 0447998C 5 Bytes JMP 043B29A8 C:\Programme\Emsisoft Anti-Malware\a2update.dll
.text C:\Programme\Emsisoft Anti-Malware\a2service.exe[192] a2update.dll!ExceptionManager + 169E48 0451C56C 5 Bytes JMP 043B3168 C:\Programme\Emsisoft Anti-Malware\a2update.dll
.text C:\Programme\Emsisoft Anti-Malware\a2service.exe[192] a2update.dll!GetDatabaseStatus + B4B8 04555A5C 3 Bytes [74, 47, 3B]
.itext C:\Programme\Emsisoft Anti-Malware\a2service.exe[192] C:\Programme\Emsisoft Anti-Malware\a2update.dll entry point in ".itext" section [0x04561010]
.text C:\Programme\Kodak\AiO\Center\EKAiOHostService.exe[1628] MSOXMLMF.DLL!DllGetClassObject 40331B9C 4 Bytes [4F, A3, 97, C2]
UPX1 C:\Dokumente und Einstellungen\Cristina Stefania\Eigene Dateien\Downloads\gmer_2.1.19163(1).exe[3068] C:\Dokumente und Einstellungen\Cristina Stefania\Eigene Dateien\Downloads\gmer_2.1.19163(1).exe entry point in "UPX1" section [0x004DA9E0]
---- Devices - GMER 2.1 ----
Device \FileSystem\Ntfs \Ntfs Ntfs.sys
Device \FileSystem\Ntfs \Ntfs ntkrnlpa.exe
Device \FileSystem\Ntfs \Ntfs ntkrnlpa.exe
Device \FileSystem\Fastfat \FatCdrom Fastfat.SYS
Device \FileSystem\Fastfat \FatCdrom ntkrnlpa.exe
Device \FileSystem\Fastfat \FatCdrom ntkrnlpa.exe
Device \FileSystem\Mup \Dfs Mup.sys
Device \FileSystem\Mup \Dfs Mup.sys
Device \FileSystem\InCDfs \InCDFsDisk InCDFs.sys
Device \FileSystem\InCDfs \InCDFsDisk ntkrnlpa.exe
Device \Driver\KSecDD \Device\KsecDD KSecDD.sys
Device \Driver\KSecDD \Device\KsecDD ntkrnlpa.exe
Device \Driver\NDIS \Device\Ndis NDIS.sys
Device \Driver\WudfPf \Device\WUDFLpcDevice WudfPf.sys
Device \Driver\Beep \Device\Beep Beep.SYS
Device \Driver\Beep \Device\Beep ntkrnlpa.exe
Device \Driver\PnpManager \Device\00000032 ntkrnlpa.exe
Device \Driver\PnpManager \Device\00000032 ntkrnlpa.exe
Device \Device\{CE6D63C7-8B22-4539-AF26-62392CF47B14}
Device \Driver\tap0901 \Device\{40434074-66A0-4B57-8921-D2524AE3CCF7}.tap NDIS.sys
Device \Device\00000025
Device \Device\00000019
Device \FileSystem\NetBIOS \Device\Netbios netbios.sys
Device \FileSystem\NetBIOS \Device\Netbios ntkrnlpa.exe
Device \Driver\PnpManager \Device\00000033 ntkrnlpa.exe
Device \Driver\PnpManager \Device\00000033 ntkrnlpa.exe
Device \Device\00000026
Device \Driver\Tcpip \Device\Ip tcpip.sys
Device \Driver\swenum \Device\KSENUM#00000001 swenum.sys
Device \Driver\swenum \Device\KSENUM#00000001 ntkrnlpa.exe
Device \Device\00000034
Device \Driver\TermDD \Device\RDP_CONSOLE0 termdd.sys
Device \Device\00000040
Device \Device\00000027
Device \Driver\swenum \Device\KSENUM#00000002 swenum.sys
Device \Driver\swenum \Device\KSENUM#00000002 ntkrnlpa.exe
Device \Driver\Kbdclass \Device\KeyboardClass0 kbdclass.sys
Device \Driver\Kbdclass \Device\KeyboardClass0 ntkrnlpa.exe
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 wdf01000.sys
Device \Device\{562B9F4D-C843-4373-B743-5A10D23D410B}
Device \Driver\Fips \Device\Fips Fips.SYS
Device \Driver\Fips \Device\Fips ntkrnlpa.exe
Device \Device\Video0
Device \Driver\PnpManager \Device\00000035 ntkrnlpa.exe
Device \Driver\PnpManager \Device\00000035 ntkrnlpa.exe
Device \Driver\TermDD \Device\RDP_CONSOLE1 termdd.sys
Device \Driver\Wdf01000 \Device\KMDF0 wdf01000.sys
Device \Driver\Wdf01000 \Device\KMDF0 ntkrnlpa.exe
Device \Driver\ACPI \Device\00000041 ACPI.sys
Device \Device\00000028
Device \Driver\NetBT \Device\NetBT_Tcpip_{40434074-66A0-4B57-8921-D2524AE3CCF7} netbt.sys
Device \Driver\NetBT \Device\NetBT_Tcpip_{40434074-66A0-4B57-8921-D2524AE3CCF7} ntkrnlpa.exe
Device \Driver\Kbdclass \Device\KeyboardClass1 kbdclass.sys
Device \Driver\Kbdclass \Device\KeyboardClass1 ntkrnlpa.exe
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 wdf01000.sys
Device \Driver\NDProxy \Device\NDProxy NDProxy.SYS
Device \Driver\NDProxy \Device\NDProxy ntkrnlpa.exe
Device \Driver\WudfPf \Device\ProcessManagement WudfPf.sys
Device \Driver\PnpManager \Device\00000036 ntkrnlpa.exe
Device \Driver\PnpManager \Device\00000036 ntkrnlpa.exe
Device \Device\Video1
Device \Driver\ACPI \Device\00000042 ACPI.sys
Device \Device\00000029
Device \Driver\PnpManager \Device\00000037 ntkrnlpa.exe
Device \Driver\PnpManager \Device\00000037 ntkrnlpa.exe
Device \Device\Video2
Device \Driver\Mouclass \Device\PointerClass0 mouclass.sys
Device \Driver\Mouclass \Device\PointerClass0 ntkrnlpa.exe
Device \Device\00000050
Device \Driver\ACPI \Device\00000043 ACPI.sys
Device \Device\0000000a
Device \Driver\PnpManager \Device\00000038 ntkrnlpa.exe
Device \Driver\PnpManager \Device\00000038 ntkrnlpa.exe
Device \Driver\L1c \Device\{F8271020-D672-4316-A5D0-3467F3CEBB30} NDIS.sys
Device \Device\Video3
Device \Driver\Compbatt \Device\CompositeBattery compbatt.sys
Device \Driver\Compbatt \Device\CompositeBattery ntkrnlpa.exe
Device \Driver\usbehci \Device\USBPDO-0 USBPORT.SYS
Device \Driver\usbehci \Device\USBPDO-0 ntkrnlpa.exe
Device \Driver\Mouclass \Device\PointerClass1 mouclass.sys
Device \Driver\Mouclass \Device\PointerClass1 ntkrnlpa.exe
Device \Driver\CmBatt \Device\AcAdapter CmBatt.sys
Device \Driver\CmBatt \Device\AcAdapter ntkrnlpa.exe
Device \Device\00000051
Device \Driver\ACPI \Device\00000044 ACPI.sys
Device \Device\0000000b
Device \Driver\WMIxWDM \Device\WMIDataDevice ntkrnlpa.exe
Device \Driver\WMIxWDM \Device\WMIDataDevice ntkrnlpa.exe
Device \Device\Video4
Device \Driver\usbuhci \Device\USBPDO-1 USBPORT.SYS
Device \Driver\usbuhci \Device\USBPDO-1 ntkrnlpa.exe
Device \Driver\ACPI \Device\00000052 ACPI.sys
Device \Driver\ACPI \Device\00000045 ACPI.sys
Device \FileSystem\RAW \Device\RawTape ntkrnlpa.exe
Device \FileSystem\RAW \Device\RawTape ntkrnlpa.exe
Device \Device\00000039
Device \Device\0000000c
Device \FileSystem\MRxDAV \Device\WebDavRedirector mrxdav.sys
Device \FileSystem\MRxDAV \Device\WebDavRedirector ntkrnlpa.exe
Device \Driver\usbuhci \Device\USBPDO-2 USBPORT.SYS
Device \Driver\usbuhci \Device\USBPDO-2 ntkrnlpa.exe
Device \Driver\ACPI \Device\00000053 ACPI.sys
Device \Device\NTPNP_PCI0000
Device \Driver\ACPI \Device\00000046 ACPI.sys
Device \Device\0000001a
Device \Device\0000000d
Device \Driver\usbuhci \Device\USBPDO-3 USBPORT.SYS
Device \Driver\usbuhci \Device\USBPDO-3 ntkrnlpa.exe
Device \Driver\PCI \Device\NTPNP_PCI0001 ntkrnlpa.exe
Device \Driver\PCI \Device\NTPNP_PCI0001 pci.sys
Device \Device\00000060
Device \Driver\ACPI \Device\00000054 ACPI.sys
Device \Device\00000047
Device \Device\0000001b
Device \Device\0000000e
Device \Driver\RasAcd \Device\RasAcd rasacd.sys
Device \Driver\RasAcd \Device\RasAcd ntkrnlpa.exe
Device \Driver\IpNat \Device\IPNAT ipnat.sys
Device \Driver\IpNat \Device\IPNAT ntkrnlpa.exe
Device \Driver\PSched \Device\PSched NDIS.sys
Device \Driver\usbuhci \Device\USBPDO-4 USBPORT.SYS
Device \Driver\usbuhci \Device\USBPDO-4 ntkrnlpa.exe
Device \Driver\PCI \Device\NTPNP_PCI0002 ntkrnlpa.exe
Device \Driver\PCI \Device\NTPNP_PCI0002 pci.sys
Device \Device\00000061
Device \Driver\ACPI \Device\00000055 ACPI.sys
Device \Device\00000048
Device \Device\0000001c
Device \Device\0000000f
Device \Driver\InCDPass \Device\INCD_PSEUDO_DEVICE InCDPass.sys
Device \Driver\Tcpip \Device\Tcp tcpip.sys
AttachedDevice \Driver\Tcpip \Device\Tcp fssfltr_tdi.sys
Device \Driver\ACPI \Device\00000049 ACPI.sys
Device \Driver\usbhub \Device\USBPDO-5 usbhub.sys
Device \Driver\usbhub \Device\USBPDO-5 ntkrnlpa.exe
Device \Driver\PCI \Device\NTPNP_PCI0010 ntkrnlpa.exe
Device \Driver\PCI \Device\NTPNP_PCI0010 pci.sys
Device \Driver\ACPI \Device\00000062 ACPI.sys
Device \Driver\ACPI \Device\00000056 ACPI.sys
Device \Driver\PCI \Device\NTPNP_PCI0003 ntkrnlpa.exe
Device \Driver\PCI \Device\NTPNP_PCI0003 pci.sys
Device \Device\0000001d
Device \Device\USBPDO-6
Device \Driver\usbhub \Device\00000070 usbhub.sys
Device \Driver\usbhub \Device\00000070 ntkrnlpa.exe
Device \Driver\PCI \Device\NTPNP_PCI0011 ntkrnlpa.exe
Device \Driver\PCI \Device\NTPNP_PCI0011 pci.sys
Device \Device\00000063
Device \Driver\ACPI \Device\00000057 ACPI.sys
Device \Device\NTPNP_PCI0004
Device \Device\0000002a
Device \Device\0000001e
Device \Driver\Ftdisk \Device\HarddiskVolume1 ftdisk.sys
Device \Driver\Ftdisk \Device\HarddiskVolume1 ntkrnlpa.exe
Device \Device\MpKsl0db1657a
Device \Device\Http\Filter
Device \Device\Http\AppPool
Device \Device\Http\Control
Device \Driver\usbhub \Device\USBPDO-7 usbhub.sys
Device \Driver\usbhub \Device\USBPDO-7 ntkrnlpa.exe
Device \Driver\usbhub \Device\00000071 usbhub.sys
Device \Driver\usbhub \Device\00000071 ntkrnlpa.exe
Device \Device\i
Device \Driver\ACPI \Device\00000058 ACPI.sys
Device \Driver\Cdrom \Device\CdRom0 CLASSPNP.SYS
Device \Driver\Cdrom \Device\CdRom0 ntkrnlpa.exe
Device \Driver\Ftdisk \Device\HarddiskVolume2 ftdisk.sys
Device \Driver\Ftdisk \Device\HarddiskVolume2 ntkrnlpa.exe
Device \Driver\TermDD \Device\Termdd termdd.sys
Device \Driver\sysaudio \Device\sysaudio ks.sys
Device \Driver\sysaudio \Device\sysaudio ntkrnlpa.exe
Device \Driver\sysaudio \Device\sysaudio sysaudio.sys
Device \Driver\usbhub \Device\USBPDO-8 usbhub.sys
Device \Driver\usbhub \Device\USBPDO-8 ntkrnlpa.exe
Device \Driver\usbstor \Device\00000072 USBSTOR.SYS
Device \Driver\usbstor \Device\00000072 ntkrnlpa.exe
Device \FileSystem\Rdbss \Device\FsWrap rdbss.sys
Device \FileSystem\Rdbss \Device\FsWrap ntkrnlpa.exe
Device \Driver\PSched \Device\{A3D7D324-8972-42C4-AF21-5CD1916D6B5E} NDIS.sys
Device \Driver\PnpManager \Device\0000002c ntkrnlpa.exe
Device \Driver\PnpManager \Device\0000002c ntkrnlpa.exe
Device \Driver\isapnp \Device\00000059 isapnp.sys
Device \Driver\isapnp \Device\00000059 ntkrnlpa.exe
Device \Driver\PCI \Device\NTPNP_PCI0013 ntkrnlpa.exe
Device \Driver\PCI \Device\NTPNP_PCI0013 pci.sys
Device \Driver\iaStor \Device\Ide\iaStor0 iaStor.sys
Device \Driver\iaStor \Device\Ide\iaStor0 ntkrnlpa.exe
Device \Driver\atapi \Device\Ide\IdePort0 atapi.sys
Device \Driver\atapi \Device\Ide\IdePort0 ntkrnlpa.exe
Device \Driver\PCIIde \Device\Ide\PciIde0Channel0-0 ntkrnlpa.exe
Device \Driver\PCIIde \Device\Ide\PciIde0Channel0-0 PCIIDEX.SYS
Device \Driver\iaStor \Device\Ide\IAAStorageDevice-0 iaStor.sys
Device \Driver\iaStor \Device\Ide\IAAStorageDevice-0 ntkrnlpa.exe
Device \Device\Ide\PciIde0
Device \Driver\usbstor \Device\00000073 USBSTOR.SYS
Device \Driver\usbstor \Device\00000073 ntkrnlpa.exe
Device \Driver\Ftdisk \Device\HarddiskVolume3 ftdisk.sys
Device \Driver\Ftdisk \Device\HarddiskVolume3 ntkrnlpa.exe
Device \Driver\PCI \Device\NTPNP_PCI0007 ntkrnlpa.exe
Device \Driver\PCI \Device\NTPNP_PCI0007 pci.sys
Device \Driver\PnpManager \Device\0000002d ntkrnlpa.exe
Device \Driver\PnpManager \Device\0000002d ntkrnlpa.exe
Device \Driver\RasPppoe \Device\{AE9F4677-C0A3-4D28-B898-42FC2787570A} NDIS.sys
Device \Driver\ACPI \Device\00000066 ACPI.sys
Device \Driver\fssfltr \Device\fssfltr fssfltr_tdi.sys
Device \Driver\fssfltr \Device\fssfltr ntkrnlpa.exe
Device \Driver\Ftdisk \Device\HarddiskVolume4 ftdisk.sys
Device \Driver\Ftdisk \Device\HarddiskVolume4 ntkrnlpa.exe
Device \Driver\PCI \Device\NTPNP_PCI0008 ntkrnlpa.exe
Device \Driver\PCI \Device\NTPNP_PCI0008 pci.sys
Device \Driver\PnpManager \Device\0000002e ntkrnlpa.exe
Device \Driver\PnpManager \Device\0000002e ntkrnlpa.exe
Device \Driver\PCI \Device\NTPNP_PCI0015 ntkrnlpa.exe
Device \Driver\PCI \Device\NTPNP_PCI0015 pci.sys
Device \Driver\ACPIEC \Device\ACPIEC ACPIEC.sys
Device \Driver\ACPIEC \Device\ACPIEC ntkrnlpa.exe
Device \Driver\Ftdisk \Device\HarddiskVolume5 ftdisk.sys
Device \Driver\Ftdisk \Device\HarddiskVolume5 ntkrnlpa.exe
Device \Driver\usbhub \Device\USBPDO-10 usbhub.sys
Device \Driver\usbhub \Device\USBPDO-10 ntkrnlpa.exe
Device \Driver\PCI \Device\NTPNP_PCI0016 ntkrnlpa.exe
Device \Driver\PCI \Device\NTPNP_PCI0016 pci.sys
Device \Driver\usbstor \Device\00000075 USBSTOR.SYS
Device \Driver\usbstor \Device\00000075 ntkrnlpa.exe
Device \Driver\PCI \Device\NTPNP_PCI0009 ntkrnlpa.exe
Device \Driver\PCI \Device\NTPNP_PCI0009 pci.sys
Device \Driver\PnpManager \Device\0000002f ntkrnlpa.exe
Device \Driver\PnpManager \Device\0000002f ntkrnlpa.exe
Device \Driver\CmBatt \Device\ControlMethodBattery0 CmBatt.sys
Device \Driver\CmBatt \Device\ControlMethodBattery0 ntkrnlpa.exe
Device \Driver\ACPI \Device\00000068 ACPI.sys
Device \Driver\ACPI_HAL \Device\0000003c ntkrnlpa.exe
Device \Driver\ACPI_HAL \Device\0000003c hal.dll
Device \Driver\usbstor \Device\00000076 USBSTOR.SYS
Device \Driver\usbstor \Device\00000076 ntkrnlpa.exe
Device \Driver\usbstor \Device\00000077 USBSTOR.SYS
Device \Driver\usbstor \Device\00000077 ntkrnlpa.exe
Device \Driver\NetBT \Device\NetBt_Wins_Export netbt.sys
Device \Driver\NetBT \Device\NetBt_Wins_Export ntkrnlpa.exe
Device \Driver\uvclf \Device\GeneUVCCamera uvclf.sys
Device \Driver\ACPI \Device\0000004a ACPI.sys
Device \Driver\NetBT \Device\NetBT_Tcpip_{F8271020-D672-4316-A5D0-3467F3CEBB30} netbt.sys
Device \Driver\NetBT \Device\NetBT_Tcpip_{F8271020-D672-4316-A5D0-3467F3CEBB30} ntkrnlpa.exe
Device \FileSystem\InCDfs \Device\InCDfsComm InCDFs.sys
Device \FileSystem\InCDfs \Device\InCDfsComm ntkrnlpa.exe
Device \Driver\NetBT \Device\NetbiosSmb netbt.sys
Device \Driver\NetBT \Device\NetbiosSmb ntkrnlpa.exe
Device \Driver\usbstor \Device\00000079 USBSTOR.SYS
Device \Driver\usbstor \Device\00000079 ntkrnlpa.exe
Device \Driver\incdrm \Device\MrwR00000000 InCDRm.sys
Device \Driver\ACPI \Device\0000004c ACPI.sys
Device \Driver\PSched \Device\{480A841B-7C6A-4197-9F50-21CDBDE1B85D} NDIS.sys
Device \Driver\PptpMiniport \Device\{96A48542-C076-4565-87C5-5EB86DE26403} NDIS.sys
Device \Driver\MountMgr \Device\MountPointManager MountMgr.sys
Device \Driver\MountMgr \Device\MountPointManager ntkrnlpa.exe
Device \Driver\A2DDA \Device\A2 Direct Disk Access a2ddax86.sys
Device \Driver\PSched \Device\{7315CDAC-4977-4429-8303-C6B787BD14C6} NDIS.sys
Device \Driver\ACPI \Device\0000004e ACPI.sys
Device \Driver\Wanarp \Device\WANARP wanarp.sys
Device \FileSystem\Mup \Device\Mup Mup.sys
Device \FileSystem\Mup \Device\Mup Mup.sys
Device \Driver\Tcpip \Device\Udp tcpip.sys
Device \Driver\ACPI \Device\0000005d ACPI.sys
Device \Device\Harddisk0\DP(3)0x24075a7a00-0x138c9fc00+3
Device \Driver\Disk \Device\Harddisk0\DR0 CLASSPNP.SYS
Device \Driver\Disk \Device\Harddisk0\DR0 ntkrnlpa.exe
Device \Device\Harddisk0\DP(2)0x1203ebfe00-0x12036e7c00+2
Device \Device\Harddisk0\DP(1)0x7e00-0x1203eb8000+1
Device \Device\Harddisk0\DP(4)0x2540247600-0x2f10c00+4
Device \Driver\Tcpip \Device\RawIp tcpip.sys
Device \Driver\ACPI \Device\0000005e ACPI.sys
Device \Driver\usbhub \Device\0000006a usbhub.sys
Device \Driver\usbhub \Device\0000006a ntkrnlpa.exe
Device \Driver\NdisWan \Device\NdisWanIp NDIS.sys
Device \Driver\Disk \Device\Harddisk1\DR5 CLASSPNP.SYS
Device \Driver\Disk \Device\Harddisk1\DR5 ntkrnlpa.exe
Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+8 CLASSPNP.SYS
Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+8 ntkrnlpa.exe
Device \Driver\ACPI \Device\0000005f ACPI.sys
Device \FileSystem\RAW \Device\RawDisk ntkrnlpa.exe
Device \FileSystem\RAW \Device\RawDisk ntkrnlpa.exe
Device \Driver\PnpManager \Device\00000002 ntkrnlpa.exe
Device \Driver\PnpManager \Device\00000002 ntkrnlpa.exe
Device \Device\Harddisk2\DP(1)0x7e00-0xe8e0dae200+9
Device \Driver\Disk \Device\Harddisk2\DR6 CLASSPNP.SYS
Device \Driver\Disk \Device\Harddisk2\DR6 ntkrnlpa.exe
Device \Driver\fxldqpoc \Device\fxldqpoc fxldqpoc.sys
Device \Driver\fxldqpoc \Device\fxldqpoc ntkrnlpa.exe
Device \Driver\usbuhci \Device\USBFDO-0 USBPORT.SYS
Device \Driver\usbuhci \Device\USBFDO-0 ntkrnlpa.exe
Device \Driver\Null \Device\Null Null.SYS
Device \Driver\Null \Device\Null ntkrnlpa.exe
Device \Driver\PnpManager \Device\00000003 ntkrnlpa.exe
Device \Driver\PnpManager \Device\00000003 ntkrnlpa.exe
Device \Driver\IPSec \Device\IPSEC ipsec.sys
Device \Driver\IPSec \Device\IPSEC ntkrnlpa.exe
Device \Driver\SynTP \Device\0000007a wdf01000.sys
Device \Driver\usbuhci \Device\USBFDO-1 USBPORT.SYS
Device \Driver\usbuhci \Device\USBFDO-1 ntkrnlpa.exe
Device \Driver\usbhub \Device\0000006d usbhub.sys
Device \Driver\usbhub \Device\0000006d ntkrnlpa.exe
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver mrxsmb.sys
Device \Driver\NdisTapi \Device\NdisTapi ndistapi.sys
Device \Driver\NdisTapi \Device\NdisTapi ntkrnlpa.exe
Device \Driver\NdisWan \Device\NdisWan NDIS.sys
Device \Driver\Tcpip \Device\IPMULTICAST tcpip.sys
Device \Driver\usbuhci \Device\USBFDO-2 USBPORT.SYS
Device \Driver\usbuhci \Device\USBFDO-2 ntkrnlpa.exe
Device \Driver\usbhub \Device\0000006e usbhub.sys
Device \Driver\usbhub \Device\0000006e ntkrnlpa.exe
Device \FileSystem\MRxSmb \Device\LanmanRedirector mrxsmb.sys
Device \Driver\Gpc \Device\Gpc msgpc.sys
Device \Driver\usbhub \Device\0000006f usbhub.sys
Device \Driver\usbhub \Device\0000006f ntkrnlpa.exe
Device \Driver\usbuhci \Device\USBFDO-3 USBPORT.SYS
Device \Driver\usbuhci \Device\USBFDO-3 ntkrnlpa.exe
Device \FileSystem\Npfs \Device\NamedPipe Npfs.SYS
Device \FileSystem\Npfs \Device\NamedPipe ntkrnlpa.exe
Device \Driver\InCDPass \Device\INCDPASS_REAL_DEVICE00000001 InCDPass.sys
Device \Driver\usbehci \Device\USBFDO-4 USBPORT.SYS
Device \Driver\usbehci \Device\USBFDO-4 ntkrnlpa.exe
Device \Driver\Ftdisk \Device\FtControl ftdisk.sys
Device \Driver\Ftdisk \Device\FtControl ntkrnlpa.exe
Device \Driver\AsusACPI \Device\ASUSACPI ASUSACPI.sys
Device \Driver\AsusACPI \Device\ASUSACPI ntkrnlpa.exe
Device \FileSystem\Msfs \Device\Mailslot Msfs.SYS
Device \FileSystem\Msfs \Device\Mailslot ntkrnlpa.exe
Device \Driver\L1c \Device\Oceanus.00 NDIS.sys
Device \Driver\AFD \Device\Afd afd.sys
Device \Driver\Ndisuio \Device\Ndisuio ndisuio.sys
Device \Driver\Ndisuio \Device\Ndisuio ntkrnlpa.exe
Device \FileSystem\RAW \Device\RawCdRom ntkrnlpa.exe
Device \FileSystem\RAW \Device\RawCdRom ntkrnlpa.exe
Device \Driver\tap0901 \Device\{40434074-66A0-4B57-8921-D2524AE3CCF7} NDIS.sys
Device \FileSystem\Mup \Device\WinDfs\Root Mup.sys
Device \FileSystem\Mup \Device\WinDfs\Root Mup.sys
Device \FileSystem\Fastfat \Fat Fastfat.SYS
Device \FileSystem\Fastfat \Fat ntkrnlpa.exe
Device \FileSystem\Fastfat \Fat ntkrnlpa.exe
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys
Device \FileSystem\InCDfs \GLOBAL??\BsUDF InCDFs.sys
Device \FileSystem\InCDfs \GLOBAL??\BsUDF ntkrnlpa.exe
Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer Fs_Rec.SYS
Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer ntkrnlpa.exe
Device \FileSystem\Filters\FltMgrMsg
Device \FileSystem\Filters\SystemRestore
Device \FileSystem\FltMgr \FileSystem\Filters\FltMgr fltmgr.sys
Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer Fs_Rec.SYS
Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer ntkrnlpa.exe
Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer Fs_Rec.SYS
Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer ntkrnlpa.exe
Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer Fs_Rec.SYS
Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer ntkrnlpa.exe
Device \FileSystem\y
Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer Fs_Rec.SYS
Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer ntkrnlpa.exe
Device \FileSystem\Cdfs \Cdfs Cdfs.SYS
Device \FileSystem\Cdfs \Cdfs ntkrnlpa.exe
Device \FileSystem\Cdfs \Cdfs ntkrnlpa.exe
|
|
09.04.2013, 17:52
| #9 |
| | Beim Versuch Wiso Steuer 2011 zu deinstallieren werden alle Programme in Start gelöscht! ..... Code:
ATTFilter ---- Trace I/O - GMER 2.1 ----
Trace ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll iaStor.sys ffffffff804d7000
Trace 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a7a0650] 8a7a0650
Trace 3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> \Device\00000068[0x8a78f2c8] 8a78f2c8
Trace 5 ACPI.sys[b9f7e620] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x8a237028] 8a237028
---- Modules - GMER 2.1 ----
Module \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation SIGNED)(2008-04-14 07:30:06) 804D7000-806E6000 (2158592 bytes)
Module \WINDOWS\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation SIGNED)(2008-04-14 00:01:30) 806E6000-80706D00 (134400 bytes)
Module \WINDOWS\system32\KDCOM.DLL (Kernel Debugger HW Extension DLL/Microsoft Corporation SIGNED)(2009-05-13 19:29:23) BA5A8000-BA5AA000 (8192 bytes)
Module \WINDOWS\system32\BOOTVID.dll (VGA Boot Driver/Microsoft Corporation SIGNED)(2009-05-13 19:29:18) BA4B8000-BA4BB000 (12288 bytes)
Module ACPI.sys (ACPI-Treiber für NT/Microsoft Corporation SIGNED)(2008-04-14 07:19:04) B9F78000-B9FA7000 (192512 bytes)
Module \WINDOWS\system32\DRIVERS\WMILIB.SYS (WMILIB WMI support library Dll/Microsoft Corporation SIGNED)(2009-05-13 19:29:31) BA5AA000-BA5AC000 (8192 bytes)
Module pci.sys (NT-Plug & Play PCI-Enumerator/Microsoft Corporation SIGNED)(2008-04-14 07:32:14) B9F67000-B9F78000 (69632 bytes)
Module isapnp.sys (PNP-ISA-Bustreiber/Microsoft Corporation SIGNED)(2008-04-14 07:28:04) BA0A8000-BA0B2000 (40960 bytes)
Module compbatt.sys (Composite Battery Driver/Microsoft Corporation SIGNED)(2009-05-13 20:37:54) BA4BC000-BA4BF000 (12288 bytes)
Module \WINDOWS\system32\DRIVERS\BATTC.SYS (Battery Class Driver/Microsoft Corporation SIGNED)(2009-05-13 20:37:54) BA4C0000-BA4C4000 (16384 bytes)
Module pciide.sys (Allgemeiner PCI IDE Bustreiber/Microsoft Corporation SIGNED)(2001-08-18 04:30:42) BA670000-BA671000 (4096 bytes)
Module \WINDOWS\system32\DRIVERS\PCIIDEX.SYS (PCI IDE Bus Driver Extension/Microsoft Corporation SIGNED)(2008-04-14 00:10:30) BA328000-BA32F000 (28672 bytes)
Module MountMgr.sys (Mount Manager/Microsoft Corporation SIGNED)(2009-05-13 19:29:24) BA0B8000-BA0C3000 (45056 bytes)
Module ftdisk.sys (FT-Datenträgertreiber/Microsoft Corporation SIGNED)(2001-08-18 04:32:48) B9F48000-B9F67000 (126976 bytes)
Module PartMgr.sys (Partition Manager/Microsoft Corporation SIGNED)(2009-05-13 19:29:27) BA330000-BA335000 (20480 bytes)
Module ACPIEC.sys (ACPI Embedded Controllertreiber/Microsoft Corporation SIGNED)(2001-08-18 04:18:12) BA4C4000-BA4C7000 (12288 bytes)
Module \WINDOWS\system32\DRIVERS\OPRGHDLR.SYS (ACPI Operation Registration Driver/Microsoft Corporation SIGNED)(2001-08-17 13:57:56) BA671000-BA672000 (4096 bytes)
Module VolSnap.sys (Volumeschattenkopie-Treiber/Microsoft Corporation SIGNED)(2009-05-13 19:29:30) BA0C8000-BA0D6000 (57344 bytes)
Module atapi.sys (IDE/ATAPI Port Driver/Microsoft Corporation SIGNED)(2008-04-14 00:10:32) B9F30000-B9F48000 (98304 bytes)
Module iaStor.sys (Intel Matrix Storage Manager driver - ia32/Intel Corporation SIGNED)(2009-05-13 19:29:39) B9E56000-B9F30000 (892928 bytes)
Module disk.sys (PnP Disk Driver/Microsoft Corporation SIGNED)(2008-04-14 00:10:48) BA0D8000-BA0E1000 (36864 bytes)
Module \WINDOWS\system32\DRIVERS\CLASSPNP.SYS (SCSI Class System Dll/Microsoft Corporation SIGNED)(2009-05-13 19:29:19) BA0E8000-BA0F5000 (53248 bytes)
Module fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation SIGNED)(2009-05-13 19:40:07) B9E36000-B9E56000 (131072 bytes)
Module sr.sys (Dateisystemfilter-Treiber der Systemwiederherstellung/Microsoft Corporation SIGNED)(2009-05-13 19:40:06) B9E24000-B9E36000 (73728 bytes)
Module MpFilter.sys (Microsoft antimalware file system filter driver/Microsoft Corporation SIGNED)(2013-01-20 14:59:04) B9DF8000-B9E24000 (180224 bytes)
Module KSecDD.sys (Kernel Security Support Provider Interface/Microsoft Corporation SIGNED)(2009-05-13 19:29:23) B9DE1000-B9DF8000 (94208 bytes)
Module WudfPf.sys (Windows Driver Foundation - User-mode Driver Framework Platform Driver/Microsoft Corporation SIGNED)(2006-09-28 16:55:50) B9DCE000-B9DE1000 (77824 bytes)
Module Ntfs.sys (NT File System Driver/Microsoft Corporation SIGNED)(2009-05-13 19:29:26) B9D41000-B9DCE000 (577536 bytes)
Module NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation SIGNED)(2009-05-13 19:29:25) B9D14000-B9D41000 (184320 bytes)
Module Mup.sys (Multiple UNC Provider driver/Microsoft Corporation SIGNED)(2009-05-13 19:29:25) B9CFA000-B9D14000 (106496 bytes)
Module \SystemRoot\system32\DRIVERS\intelppm.sys (Prozessorgerätetreiber/Microsoft Corporation SIGNED)(2008-04-14 07:27:22) BA198000-BA1A2000 (40960 bytes)
Module \SystemRoot\system32\DRIVERS\igxpmp32.sys (Intel Graphics Miniport Driver/Intel Corporation SIGNED)(2009-05-13 20:17:49) B8860000-B8DF6000 (5857280 bytes)
Module \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS (Video Port Driver/Microsoft Corporation SIGNED)(2009-05-13 19:29:30) B884C000-B8860000 (81920 bytes)
Module \SystemRoot\system32\DRIVERS\HDAudBus.sys (High Definition Audio Bus Driver v1.0a/Windows (R) Server 2003 DDK provider SIGNED)(2008-04-13 22:06:06) B8824000-B884C000 (163840 bytes)
Module \SystemRoot\system32\DRIVERS\l1c51x86.sys (Atheros AR8131/AR8132 PCI-E Ethernet Controller ndis miniport driver/Atheros Communications, Inc. SIGNED)(2009-04-28 01:59:09) BA1A8000-BA1B6000 (57344 bytes)
Module \SystemRoot\system32\DRIVERS\usbuhci.sys (UHCI USB Miniport Driver/Microsoft Corporation SIGNED)(2008-04-14 00:15:36) BA3D8000-BA3DE000 (24576 bytes)
Module \SystemRoot\system32\DRIVERS\USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation SIGNED)(2008-04-14 00:15:38) B868A000-B86AE000 (147456 bytes)
Module \SystemRoot\system32\DRIVERS\usbehci.sys (EHCI eUSB Miniport Driver/Microsoft Corporation SIGNED)(2008-04-14 00:15:36) BA3E0000-BA3E8000 (32768 bytes)
Module \SystemRoot\system32\DRIVERS\i8042prt.sys (i8042-Anschlusstreiber/Microsoft Corporation SIGNED)(2008-04-14 07:25:36) BA1B8000-BA1C5000 (53248 bytes)
Module \SystemRoot\system32\DRIVERS\kbdclass.sys (Tastaturklassentreiber/Microsoft Corporation SIGNED)(2008-04-14 07:28:38) BA3E8000-BA3EF000 (28672 bytes)
Module \SystemRoot\system32\DRIVERS\SynTP.sys (Synaptics Touchpad Driver/Synaptics Incorporated SIGNED)(2009-05-13 20:31:35) B8658000-B868A000 (204800 bytes)
Module \SystemRoot\system32\DRIVERS\USBD.SYS (Universal Serial Bus Driver/Microsoft Corporation SIGNED)(2001-08-17 14:03:02) BA5E4000-BA5E6000 (8192 bytes)
Module \SystemRoot\system32\DRIVERS\WDFLDR.SYS (Kernel Mode Driver Framework Loader/Microsoft Corporation SIGNED)(2008-03-27 14:27:48) BA1C8000-BA1D6000 (57344 bytes)
Module \SystemRoot\System32\Drivers\wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation SIGNED)(2008-03-27 14:27:46) B85E7000-B8658000 (462848 bytes)
Module \SystemRoot\system32\DRIVERS\mouclass.sys (Mausklassentreiber/Microsoft Corporation SIGNED)(2008-04-14 07:19:38) BA3F0000-BA3F6000 (24576 bytes)
Module \SystemRoot\system32\DRIVERS\CmBatt.sys (Control Method Battery Driver/Microsoft Corporation SIGNED)(2009-05-13 20:37:53) B9CAE000-B9CB2000 (16384 bytes)
Module \SystemRoot\system32\DRIVERS\ASUSACPI.sys (ASUS ACPI Device Driver/ASUSTeK Computer Inc. SIGNED)(2009-05-13 20:31:08) B9CAA000-B9CAD000 (12288 bytes)
Module \SystemRoot\system32\DRIVERS\serscan.sys (Serieller Bildverarbeitungs-Gerätetreiber/Microsoft Corporation SIGNED)(2012-01-02 22:57:38) BA5E6000-BA5E8000 (8192 bytes)
Module \SystemRoot\system32\DRIVERS\audstub.sys (AudStub Driver/Microsoft Corporation SIGNED)(2009-05-13 20:38:37) BA7D3000-BA7D4000 (4096 bytes)
Module \SystemRoot\system32\DRIVERS\rasl2tp.sys (RAS L2TP mini-port/call-manager driver/Microsoft Corporation SIGNED)(2009-05-13 19:29:27) BA1D8000-BA1E5000 (53248 bytes)
Module \SystemRoot\system32\DRIVERS\ndistapi.sys (NDIS 3.0 connection wrapper driver/Microsoft Corporation SIGNED)(2009-05-13 19:29:25) B9CA6000-B9CA9000 (12288 bytes)
Module \SystemRoot\system32\DRIVERS\ndiswan.sys (MS PPP Framing Driver (Strong Encryption)/Microsoft Corporation SIGNED)(2009-05-13 19:29:25) B85D0000-B85E7000 (94208 bytes)
Module \SystemRoot\system32\DRIVERS\raspppoe.sys (RAS PPPoE mini-port/call-manager driver/Microsoft Corporation SIGNED)(2009-05-13 19:29:27) BA1E8000-BA1F3000 (45056 bytes)
Module \SystemRoot\system32\DRIVERS\raspptp.sys (Peer-to-Peer Tunneling Protocol/Microsoft Corporation SIGNED)(2009-05-13 19:29:27) BA1F8000-BA204000 (49152 bytes)
Module \SystemRoot\system32\DRIVERS\TDI.SYS (TDI Wrapper/Microsoft Corporation SIGNED)(2009-05-13 19:29:30) BA3F8000-BA3FD000 (20480 bytes)
Module \SystemRoot\system32\DRIVERS\psched.sys (MS QoS Packet Scheduler/Microsoft Corporation SIGNED)(2009-05-13 19:29:27) B85BF000-B85D0000 (69632 bytes)
Module \SystemRoot\system32\DRIVERS\msgpc.sys (MS General Packet Classifier/Microsoft Corporation SIGNED)(2009-05-13 19:29:24) BA208000-BA211000 (36864 bytes)
Module \SystemRoot\system32\DRIVERS\ptilink.sys (Parallel Technologies DirectParallel IO Library/Parallel Technologies, Inc. SIGNED)(2009-05-13 19:29:27) BA400000-BA405000 (20480 bytes)
Module \SystemRoot\system32\DRIVERS\raspti.sys (PTI DirectParallel(R) mini-port/call-manager driver/Microsoft Corporation SIGNED)(2009-05-13 19:29:27) BA408000-BA40D000 (20480 bytes)
Module \SystemRoot\system32\DRIVERS\tap0901.sys (TAP-Win32 Virtual Network Driver/The OpenVPN Project)(2010-08-20 20:08:46) BA218000-BA223000 (45056 bytes)
Module \SystemRoot\system32\DRIVERS\termdd.sys (Terminal Server Driver/Microsoft Corporation SIGNED)(2009-05-13 19:39:06) BA228000-BA232000 (40960 bytes)
Module \SystemRoot\system32\DRIVERS\swenum.sys (Plug and Play Software Device Enumerator/Microsoft Corporation SIGNED)(2008-04-14 00:09:54) BA5E8000-BA5EA000 (8192 bytes)
Module \SystemRoot\system32\DRIVERS\ks.sys (Kernel CSA Library/Microsoft Corporation SIGNED)(2008-04-14 00:46:38) B859C000-B85BF000 (143360 bytes)
Module \SystemRoot\system32\DRIVERS\mssmbios.sys (System Management BIOS Driver/Microsoft Corporation SIGNED)(2008-04-14 00:06:48) B9C9A000-B9C9E000 (16384 bytes)
Module \SystemRoot\System32\Drivers\NDProxy.SYS (NDIS Proxy/Microsoft Corporation SIGNED)(2009-05-13 19:29:25) BA238000-BA242000 (40960 bytes)
Module \SystemRoot\system32\DRIVERS\usbhub.sys (Default Hub Driver for USB/Microsoft Corporation SIGNED)(2008-04-14 00:15:38) A0BCD000-A0BDC000 (61440 bytes)
Module \SystemRoot\system32\drivers\RtkHDAud.sys (Realtek(r) High Definition Audio Function Driver/Realtek Semiconductor Corp. SIGNED)(2009-05-13 20:26:55) 9EB2B000-9F02D000 (5251072 bytes)
Module \SystemRoot\system32\drivers\portcls.sys (Port Class (Class Driver for Port/Miniport Devices)/Microsoft Corporation SIGNED)(2009-05-13 20:18:49) 9EB07000-9EB2B000 (147456 bytes)
Module \SystemRoot\system32\drivers\drmk.sys (Microsoft Kernel DRM Descrambler Filter/Microsoft Corporation SIGNED)(2009-05-13 20:18:48) A0BBD000-A0BCC000 (61440 bytes)
Module \SystemRoot\System32\Drivers\Fs_Rec.SYS (File System Recognizer Driver/Microsoft Corporation SIGNED)(2009-05-13 19:29:22) BA638000-BA63A000 (8192 bytes)
Module \SystemRoot\System32\Drivers\Null.SYS (NULL Driver/Microsoft Corporation SIGNED)(2009-05-13 19:29:26) BA7A4000-BA7A5000 (4096 bytes)
Module \SystemRoot\System32\Drivers\Beep.SYS (BEEP Driver/Microsoft Corporation SIGNED)(2009-05-13 19:29:18) BA63A000-BA63C000 (8192 bytes)
Module \SystemRoot\System32\drivers\vga.sys (VGA/Super VGA Video Driver/Microsoft Corporation SIGNED)(2009-05-13 19:29:30) A5EC3000-A5EC9000 (24576 bytes)
Module \SystemRoot\System32\Drivers\mnmdd.SYS (Frame buffer simulator/Microsoft Corporation SIGNED)(2009-05-13 19:29:35) BA63C000-BA63E000 (8192 bytes)
Module \SystemRoot\System32\DRIVERS\RDPCDD.sys (RDP Miniport/Microsoft Corporation SIGNED)(2009-05-13 19:29:27) BA63E000-BA640000 (8192 bytes)
Module \SystemRoot\System32\Drivers\InCDrec.SYS (InCD File System Recognizer/Nero AG SIGNED)(2007-11-26 12:54:12) A7FC4000-A7FC7000 (12288 bytes)
Module \SystemRoot\system32\drivers\InCDFs.sys (InCD File System Driver/Nero AG SIGNED)(2007-11-26 12:54:02) 9EA3B000-9EA57000 (114688 bytes)
Module \SystemRoot\System32\Drivers\Msfs.SYS (Mailslot driver/Microsoft Corporation SIGNED)(2009-05-13 19:29:24) A5EBB000-A5EC0000 (20480 bytes)
Module \SystemRoot\System32\Drivers\Npfs.SYS (NPFS Driver/Microsoft Corporation SIGNED)(2009-05-13 19:29:26) A5EB3000-A5EBB000 (32768 bytes)
Module \SystemRoot\system32\DRIVERS\rasacd.sys (RAS Automatic Connection Driver/Microsoft Corporation SIGNED)(2009-05-13 19:29:27) A7FC0000-A7FC3000 (12288 bytes)
Module \SystemRoot\system32\DRIVERS\ipsec.sys (IPSec Driver/Microsoft Corporation SIGNED)(2009-05-13 19:29:23) 9E9D8000-9E9EB000 (77824 bytes)
Module \SystemRoot\system32\DRIVERS\tcpip.sys (TCP/IP Protocol Driver/Microsoft Corporation SIGNED)(2009-05-13 19:29:30) 9E97F000-9E9D8000 (364544 bytes)
Module \SystemRoot\system32\DRIVERS\netbt.sys (MBT Transport driver/Microsoft Corporation SIGNED)(2009-05-13 19:29:26) 9E957000-9E97F000 (163840 bytes)
Module \SystemRoot\system32\DRIVERS\ipnat.sys (IP Network Address Translator/Microsoft Corporation SIGNED)(2009-05-13 19:29:23) 9E931000-9E957000 (155648 bytes)
Module \SystemRoot\System32\drivers\ws2ifsl.sys (Winsock2 IFS Layer/Microsoft Corporation SIGNED)(2009-05-13 19:29:31) A7FB4000-A7FB7000 (12288 bytes)
Module \SystemRoot\System32\drivers\afd.sys (Ancillary Function Driver for WinSock/Microsoft Corporation SIGNED)(2009-05-13 19:29:18) 9E90F000-9E931000 (139264 bytes)
Module \SystemRoot\system32\DRIVERS\netbios.sys (NetBIOS interface driver/Microsoft Corporation SIGNED)(2009-05-13 19:29:26) A0B8D000-A0B96000 (36864 bytes)
Module \SystemRoot\system32\DRIVERS\rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation SIGNED)(2009-05-13 19:29:27) 9E8E4000-9E90F000 (176128 bytes)
Module \SystemRoot\system32\DRIVERS\mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation SIGNED)(2009-05-13 19:29:24) 9E84C000-9E8BC000 (458752 bytes)
Module \SystemRoot\system32\drivers\InCDPass.sys (Ahead RW Filter Driver/Nero AG SIGNED)(2007-11-26 12:54:12) A5EAB000-A5EB3000 (32768 bytes)
Module \SystemRoot\System32\Drivers\Fips.SYS (FIPS-Verschlüsselungstreiber/Microsoft Corporation SIGNED)(2009-05-13 19:29:22) A0B4D000-A0B58000 (45056 bytes)
Module \??\C:\Programme\Emsisoft_Anti-Malware\a2ddax86.sys (Emsisoft Direct Disk Access Support Driver/Emsisoft GmbH SIGNED)(2013-04-05 08:45:52) 9EA9B000-9EA9F000 (16384 bytes)
Module \SystemRoot\system32\DRIVERS\uvclf.sys (uvclf.sys/GenesysLogic Technologies, Inc. SIGNED)(2009-04-28 05:47:12) 9E37F000-9E389000 (40960 bytes)
Module \SystemRoot\System32\Drivers\usbvideo.sys (USB Video Class Driver/Microsoft Corporation SIGNED)(2009-05-13 20:38:29) 9C718000-9C736000 (122880 bytes)
Module \SystemRoot\system32\DRIVERS\USBSTOR.SYS (USB Mass Storage Class Driver/Microsoft Corporation SIGNED)(2008-04-14 00:15:40) 9EA13000-9EA1A000 (28672 bytes)
Module \SystemRoot\system32\DRIVERS\wanarp.sys (MS Remote Access and Routing ARP Driver/Microsoft Corporation SIGNED)(2009-05-13 19:29:31) 986D7000-986E0000 (36864 bytes)
Module \SystemRoot\system32\DRIVERS\imapi.sys (IMAPI Kernel Driver/Microsoft Corporation SIGNED)(2008-04-14 00:11:00) 986C7000-986D2000 (45056 bytes)
Module \SystemRoot\system32\DRIVERS\cdrom.sys (SCSI CD-ROM Driver/Microsoft Corporation SIGNED)(2008-04-14 00:10:48) 986B7000-986C7000 (65536 bytes)
Module \SystemRoot\system32\DRIVERS\redbook.sys (Redbook-Audiofiltertreiber/Microsoft Corporation SIGNED)(2009-05-13 20:38:16) 986A7000-986B6000 (61440 bytes)
Module \SystemRoot\system32\drivers\InCDRm.sys (Nero MRW Filter Driver/Nero AG SIGNED)(2007-11-26 12:54:12) 98697000-986A0000 (36864 bytes)
Module \SystemRoot\System32\Drivers\dump_iaStor.sys 97A86000-97B60000 (892928 bytes)
Module \SystemRoot\System32\win32k.sys (Mehrbenutzer-Win32-Treiber/Microsoft Corporation SIGNED)(2009-05-13 19:29:31) BF800000-BF9C8000 (1867776 bytes)
Module \SystemRoot\System32\drivers\Dxapi.sys (DirectX API Driver/Microsoft Corporation SIGNED)(2009-05-13 19:29:21) 984BC000-984BF000 (12288 bytes)
Module \SystemRoot\System32\watchdog.sys (Watchdog Driver/Microsoft Corporation SIGNED)(2009-05-13 19:29:31) 9EA33000-9EA38000 (20480 bytes)
Module \SystemRoot\System32\drivers\dxg.sys (DirectX Graphics Driver/Microsoft Corporation SIGNED)(2008-04-14 00:08:30) BF000000-BF012000 (73728 bytes)
Module \SystemRoot\System32\drivers\dxgthk.sys (DirectX Graphics Driver Thunk/Microsoft Corporation SIGNED)(2009-05-13 19:29:21) BA776000-BA777000 (4096 bytes)
Module \SystemRoot\System32\igxpgd32.dll (Intel Graphics 2D Driver/Intel Corporation SIGNED)(2009-05-13 20:17:48) BF024000-BF04F000 (176128 bytes)
Module \SystemRoot\System32\igxprd32.dll (Intel Graphics 2D Rotation Driver/Intel Corporation SIGNED)(2009-05-13 20:17:50) BF012000-BF024000 (73728 bytes)
Module \SystemRoot\System32\igxpdv32.DLL (Component GHAL Driver/Intel Corporation SIGNED)(2009-05-13 20:17:49) BF04F000-BF1E7000 (1671168 bytes)
Module \SystemRoot\System32\igxpdx32.DLL (DirectDraw(R) Driver for Intel(R) Graphics Technology/Intel Corporation SIGNED)(2009-05-13 20:17:47) BF1E7000-BF47A000 (2699264 bytes)
Module \SystemRoot\System32\ATMFD.DLL (Windows NT OpenType/Type 1 Font Driver/Adobe Systems Incorporated SIGNED)(2009-05-13 19:29:18) BF47A000-BF4C1000 (290816 bytes)
Module \SystemRoot\system32\DRIVERS\fssfltr_tdi.sys (Family Safety Filter Driver (TDI)/Microsoft Corporation SIGNED)(2009-05-13 21:14:10) B8E4C000-B8E58000 (49152 bytes)
Module \SystemRoot\system32\DRIVERS\ndisuio.sys (NDIS User mode I/O Driver/Microsoft Corporation SIGNED)(2008-04-14 00:26:00) 984B8000-984BC000 (16384 bytes)
Module \SystemRoot\System32\Drivers\Fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation SIGNED)(2009-05-13 19:29:22) 97A3A000-97A5E000 (147456 bytes)
Module \SystemRoot\system32\DRIVERS\mrxdav.sys (Windows NT WebDav Minirdr/Microsoft Corporation SIGNED)(2009-05-13 19:29:24) 97995000-979C2000 (184320 bytes)
Module \SystemRoot\system32\drivers\wdmaud.sys (MMSYSTEM Wave/Midi API mapper/Microsoft Corporation SIGNED)(2009-05-13 20:19:04) 97930000-97945000 (86016 bytes)
Module \SystemRoot\system32\drivers\sysaudio.sys (System Audio WDM Filter/Microsoft Corporation SIGNED)(2009-05-13 20:18:58) 98078000-98087000 (61440 bytes)
Module \SystemRoot\System32\Drivers\Cdfs.SYS (CD-ROM File System Driver/Microsoft Corporation SIGNED)(2009-05-13 19:29:19) BA2D8000-BA2E8000 (65536 bytes)
Module \SystemRoot\System32\Drivers\HTTP.sys (HTTP Protocol Stack/Microsoft Corporation SIGNED)(2008-04-14 00:23:54) 9725F000-972A0000 (266240 bytes)
Module \??\C:\DOKUME~1\CRISTI~1\LOKALE~1\Temp\fxldqpoc.sys (GMER) 96B43000-96B5D000 (106496 bytes)
Module \??\C:\Dokumente_und_Einstellungen\All_Users\Anwendungsdaten\Microsoft\Microsoft_Antimalware\Definition_Updates\{83D0F746-FE37-498C-AE7E-474ABA607FCB}\MpKsl0db1657a.sys (KSLDriver/Microsoft Corporation SIGNED)(2013-04-05 14:32:27) 9E9FB000-9EA01000 (24576 bytes)
Module \SystemRoot\system32\drivers\kmixer.sys 96B18000-96B43000 (176128 bytes)
Module \WINDOWS\system32\ntdll.dll (DLL für NT-Layer/Microsoft Corporation SIGNED)(2009-05-13 19:29:26) 7C910000-7C9C9000 (757760 bytes)
Code:
ATTFilter ---- Processes - GMER 2.1 ---- Process System Idle 0 Process System 4 Process C:\Programme\Emsisoft Anti-Malware\a2service.exe (Emsisoft Anti-Malware Service/Emsisoft GmbH SIGNED)(2013-04-05 08:45:11) 192 Library C:\Programme\Emsisoft Anti-Malware\a2service.exe 0x00400000 Library C:\WINDOWS\system32\ntdll.dll 0x7C910000 Library C:\WINDOWS\system32\kernel32.dll 0x7C800000 Library C:\WINDOWS\system32\oleaut32.dll 0x770F0000 Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000 Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000 Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000 Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000 Library C:\WINDOWS\system32\USER32.dll 0x7E360000 Library C:\WINDOWS\system32\msvcrt.dll 0x77BE0000 Library C:\WINDOWS\system32\ole32.dll 0x774B0000 Library C:\WINDOWS\system32\msimg32.dll 0x76320000 Library C:\WINDOWS\system32\version.dll 0x77BD0000 Library C:\WINDOWS\system32\shell32.dll 0x7E670000 Library C:\WINDOWS\system32\SHLWAPI.dll 0x77F40000 Library C:\WINDOWS\system32\comctl32.dll 0x5D450000 Library C:\WINDOWS\system32\winspool.drv 0x72F70000 Library C:\WINDOWS\system32\sfc.dll 0x76B60000 Library C:\WINDOWS\system32\sfc_os.dll 0x76C20000 Library C:\WINDOWS\system32\WINTRUST.dll 0x76BF0000 Library C:\WINDOWS\system32\CRYPT32.dll 0x77A50000 Library C:\WINDOWS\system32\MSASN1.dll 0x77AF0000 Library C:\WINDOWS\system32\IMAGEHLP.dll 0x76C50000 Library C:\WINDOWS\system32\iphlpapi.dll 0x76D20000 Library C:\WINDOWS\system32\WS2_32.dll 0x71A10000 Library C:\WINDOWS\system32\WS2HELP.dll 0x71A00000 Library C:\Programme\Emsisoft Anti-Malware\a2engine.dll 0x10000000 Library C:\Programme\Emsisoft Anti-Malware\bdcore.dll 0x00340000 Library C:\WINDOWS\system32\PSAPI.DLL 0x76BB0000 Library C:\WINDOWS\system32\IMM32.DLL 0x76330000 Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll 0x773A0000 Library C:\WINDOWS\system32\wsock32.dll 0x71A30000 Library C:\WINDOWS\system32\mswsock.dll 0x719B0000 Library C:\Programme\Emsisoft Anti-Malware\quarantine.dll 0x01660000 Library C:\WINDOWS\system32\wtsapi32.dll 0x76F10000 Library C:\WINDOWS\system32\WINSTA.dll 0x76300000 Library C:\WINDOWS\system32\NETAPI32.dll 0x597D0000 Library C:\WINDOWS\system32\userenv.dll 0x76620000 Library C:\Programme\Emsisoft Anti-Malware\a2core32.dll 0x010D0000 Library C:\Programme\Emsisoft Anti-Malware\a2dix86.dll 0x14000000 Library C:\WINDOWS\system32\FLTLIB.DLL 0x5E160000 Library C:\Programme\Emsisoft Anti-Malware\a2update.dll 0x04300000 Library C:\PROGRAMME\EMSISOFT ANTI-MALWARE\a2WSC.dll 0x04E70000 Library C:\WINDOWS\system32\CLBCATQ.DLL 0x76F90000 Library C:\WINDOWS\system32\COMRes.dll 0x77010000 Library C:\WINDOWS\system32\wbem\wbemprox.dll 0x74E70000 Library C:\WINDOWS\system32\wbem\wbemcomn.dll 0x75210000 Library C:\WINDOWS\system32\NTMARTA.DLL 0x77660000 Library C:\WINDOWS\system32\SAMLIB.dll 0x71B70000 Library C:\WINDOWS\system32\WLDAP32.dll 0x76F20000 Library C:\WINDOWS\system32\uxtheme.dll 0x5B0F0000 Library C:\WINDOWS\system32\xpsp2res.dll 0x05160000 Library C:\WINDOWS\system32\wbem\wbemsvc.dll 0x74E50000 Library C:\WINDOWS\system32\wbem\fastprox.dll 0x75620000 Library C:\WINDOWS\system32\MSVCP60.dll 0x76020000 Library C:\WINDOWS\system32\NTDSAPI.dll 0x76750000 Library C:\WINDOWS\system32\DNSAPI.dll 0x76EE0000 Process C:\WINDOWS\System32\alg.exe (Application Layer Gateway Service/Microsoft Corporation SIGNED)(2009-05-13 19:29:18) 256 Library C:\WINDOWS\System32\alg.exe 0x01000000 Library C:\WINDOWS\system32\ntdll.dll 0x7C910000 Library C:\WINDOWS\system32\kernel32.dll 0x7C800000 Library C:\WINDOWS\system32\msvcrt.dll 0x77BE0000 Library C:\WINDOWS\System32\ATL.DLL 0x76AD0000 Library C:\WINDOWS\system32\USER32.dll 0x7E360000 Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000 Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000 Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000 Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000 Library C:\WINDOWS\system32\ole32.dll 0x774B0000 Library C:\WINDOWS\system32\OLEAUT32.dll 0x770F0000 Library C:\WINDOWS\System32\WSOCK32.dll 0x71A30000 Library C:\WINDOWS\System32\WS2_32.dll 0x71A10000 Library C:\WINDOWS\System32\WS2HELP.dll 0x71A00000 Library C:\WINDOWS\System32\MSWSOCK.DLL 0x719B0000 Library C:\WINDOWS\System32\ShimEng.dll 0x5CF00000 Library C:\WINDOWS\AppPatch\AcGenral.DLL 0x6FD90000 Library C:\WINDOWS\System32\WINMM.dll 0x76AF0000 Library C:\WINDOWS\System32\MSACM32.dll 0x77BB0000 Library C:\WINDOWS\system32\VERSION.dll 0x77BD0000 Library C:\WINDOWS\system32\SHELL32.dll 0x7E670000 Library C:\WINDOWS\system32\SHLWAPI.dll 0x77F40000 Library C:\WINDOWS\system32\USERENV.dll 0x76620000 Library C:\WINDOWS\System32\UxTheme.dll 0x5B0F0000 Library C:\WINDOWS\system32\IMM32.DLL 0x76330000 Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll 0x773A0000 Library C:\WINDOWS\system32\comctl32.dll 0x5D450000 Library C:\WINDOWS\System32\CLBCATQ.DLL 0x76F90000 Library C:\WINDOWS\System32\COMRes.dll 0x77010000 Library C:\WINDOWS\System32\xpsp2res.dll 0x00740000 Library C:\WINDOWS\system32\hnetcfg.dll 0x66710000 Library C:\WINDOWS\System32\wshtcpip.dll 0x719F0000 Process C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation SIGNED)(2009-05-13 19:29:30) 332 Library C:\WINDOWS\system32\svchost.exe 0x01000000 Library C:\WINDOWS\system32\ntdll.dll 0x7C910000 Library C:\WINDOWS\system32\kernel32.dll 0x7C800000 Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000 Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000 Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000 Library C:\WINDOWS\system32\ShimEng.dll 0x5CF00000 Library C:\WINDOWS\AppPatch\AcGenral.DLL 0x6FD90000 Library C:\WINDOWS\system32\USER32.dll 0x7E360000 Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000 Library C:\WINDOWS\system32\WINMM.dll 0x76AF0000 Library C:\WINDOWS\system32\ole32.dll 0x774B0000 Library C:\WINDOWS\system32\msvcrt.dll 0x77BE0000 Library C:\WINDOWS\system32\OLEAUT32.dll 0x770F0000 Library C:\WINDOWS\system32\MSACM32.dll 0x77BB0000 Library C:\WINDOWS\system32\VERSION.dll 0x77BD0000 Library C:\WINDOWS\system32\SHELL32.dll 0x7E670000 Library C:\WINDOWS\system32\SHLWAPI.dll 0x77F40000 Library C:\WINDOWS\system32\USERENV.dll 0x76620000 Library C:\WINDOWS\system32\UxTheme.dll 0x5B0F0000 Library C:\WINDOWS\system32\IMM32.DLL 0x76330000 Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll 0x773A0000 Library C:\WINDOWS\system32\comctl32.dll 0x5D450000 Library c:\windows\system32\dnsrslvr.dll 0x76720000 Library c:\windows\system32\DNSAPI.dll 0x76EE0000 Library c:\windows\system32\WS2_32.dll 0x71A10000 Library c:\windows\system32\WS2HELP.dll 0x71A00000 Library c:\windows\system32\iphlpapi.dll 0x76D20000 Library C:\WINDOWS\system32\rsaenh.dll 0x68000000 Library C:\WINDOWS\system32\mswsock.dll 0x719B0000 Library C:\WINDOWS\system32\hnetcfg.dll 0x66710000 Library C:\WINDOWS\System32\wshtcpip.dll 0x719F0000 Process C:\Programme\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe (Status Monitor SDK for KODAK AiO Printer (32-Bit Intel(R) Pentium(TM) 4 Optimized Build)/Eastman Kodak Company SIGNED)(2012-10-15 10:58:22) 420 Library C:\Programme\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe 0x00400000 Library C:\WINDOWS\system32\ntdll.dll 0x7C910000 Library C:\WINDOWS\system32\kernel32.dll 0x7C800000 Library C:\WINDOWS\system32\USER32.dll 0x7E360000 Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000 Library C:\WINDOWS\system32\WINSPOOL.DRV 0x72F70000 Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000 Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000 Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000 Library C:\WINDOWS\system32\msvcrt.dll 0x77BE0000 Library C:\WINDOWS\system32\SHELL32.dll 0x7E670000 Library C:\WINDOWS\system32\SHLWAPI.dll 0x77F40000 Library C:\WINDOWS\system32\ole32.dll 0x774B0000 Library C:\WINDOWS\system32\OLEAUT32.dll 0x770F0000 Library C:\WINDOWS\system32\PSAPI.DLL 0x76BB0000 Library C:\WINDOWS\system32\WTSAPI32.dll 0x76F10000 Library C:\WINDOWS\system32\WINSTA.dll 0x76300000 Library C:\WINDOWS\system32\NETAPI32.dll 0x597D0000 Library C:\WINDOWS\system32\USERENV.dll 0x76620000 Library C:\WINDOWS\system32\IMM32.DLL 0x76330000 Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll 0x773A0000 Library C:\WINDOWS\system32\comctl32.dll 0x5D450000 Library C:\WINDOWS\system32\uxtheme.dll 0x5B0F0000 Library C:\WINDOWS\system32\xpsp2res.dll 0x00990000 Library C:\WINDOWS\system32\CLBCATQ.DLL 0x76F90000 Library C:\WINDOWS\system32\COMRes.dll 0x77010000 Library C:\WINDOWS\system32\VERSION.dll 0x77BD0000 Library C:\WINDOWS\system32\msi.dll 0x3FDE0000 Library C:\WINDOWS\system32\SXS.DLL 0x76970000 Library C:\WINDOWS\system32\msxml3.dll 0x74900000 |
|
09.04.2013, 17:54
| #10 |
| | Beim Versuch Wiso Steuer 2011 zu deinstallieren werden alle Programme in Start gelöscht! ..... Code:
ATTFilter Process C:\WINDOWS\system32\spoolsv.exe (Spooler SubSystem App/Microsoft Corporation SIGNED)(2009-05-13 19:29:29) 444
Library C:\WINDOWS\system32\spoolsv.exe 0x01000000
Library C:\WINDOWS\system32\ntdll.dll 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll 0x7C800000
Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000
Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000
Library C:\WINDOWS\system32\USER32.dll 0x7E360000
Library C:\WINDOWS\system32\msvcrt.dll 0x77BE0000
Library C:\WINDOWS\system32\ShimEng.dll 0x5CF00000
Library C:\WINDOWS\AppPatch\AcGenral.DLL 0x6FD90000
Library C:\WINDOWS\system32\WINMM.dll 0x76AF0000
Library C:\WINDOWS\system32\ole32.dll 0x774B0000
Library C:\WINDOWS\system32\OLEAUT32.dll 0x770F0000
Library C:\WINDOWS\system32\MSACM32.dll 0x77BB0000
Library C:\WINDOWS\system32\VERSION.dll 0x77BD0000
Library C:\WINDOWS\system32\SHELL32.dll 0x7E670000
Library C:\WINDOWS\system32\SHLWAPI.dll 0x77F40000
Library C:\WINDOWS\system32\USERENV.dll 0x76620000
Library C:\WINDOWS\system32\UxTheme.dll 0x5B0F0000
Library C:\WINDOWS\system32\IMM32.DLL 0x76330000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll 0x773A0000
Library C:\WINDOWS\system32\comctl32.dll 0x5D450000
Library C:\WINDOWS\system32\SPOOLSS.DLL 0x74250000
Library C:\WINDOWS\system32\WS2_32.dll 0x71A10000
Library C:\WINDOWS\system32\WS2HELP.dll 0x71A00000
Library C:\WINDOWS\system32\DNSAPI.dll 0x76EE0000
Library C:\WINDOWS\system32\iphlpapi.dll 0x76D20000
Library C:\WINDOWS\system32\rasadhlp.dll 0x76F80000
Library C:\WINDOWS\system32\localspl.dll 0x75E60000
Library C:\WINDOWS\system32\sfc_os.dll 0x76C20000
Library C:\WINDOWS\system32\WINTRUST.dll 0x76BF0000
Library C:\WINDOWS\system32\CRYPT32.dll 0x77A50000
Library C:\WINDOWS\system32\MSASN1.dll 0x77AF0000
Library C:\WINDOWS\system32\IMAGEHLP.dll 0x76C50000
Library C:\WINDOWS\system32\winspool.drv 0x72F70000
Library C:\WINDOWS\system32\netapi32.dll 0x597D0000
Library C:\WINDOWS\system32\cnbjmon.dll 0x74200000
Library C:\WINDOWS\system32\E_FLMADE.DLL 0x50400000
Library C:\WINDOWS\system32\EKAiO2MON.dll 0x10000000
Library C:\WINDOWS\system32\PSAPI.DLL 0x76BB0000
Library C:\WINDOWS\system32\WTSAPI32.dll 0x76F10000
Library C:\WINDOWS\system32\WINSTA.dll 0x76300000
Library C:\WINDOWS\system32\mdimon.dll 0x00990000
Library C:\WINDOWS\system32\msi.dll 0x3FDE0000
Library C:\WINDOWS\system32\pjlmon.dll 0x741E0000
Library C:\WINDOWS\system32\tcpmon.dll 0x72390000
Library C:\WINDOWS\system32\tcpmib.dll 0x71FC0000
Library C:\WINDOWS\system32\WSOCK32.dll 0x71A30000
Library C:\WINDOWS\system32\mgmtapi.dll 0x71FB0000
Library C:\WINDOWS\system32\snmpapi.dll 0x71EF0000
Library C:\WINDOWS\system32\wsnmp32.dll 0x71FA0000
Library C:\WINDOWS\system32\usbmon.dll 0x72380000
Library C:\WINDOWS\System32\spool\PRTPROCS\W32X86\EKAiO2PPR.dll 0x00D90000
Library C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll 0x009A0000
Library C:\WINDOWS\System32\spool\PRTPROCS\W32X86\filterpipelineprintproc.dll 0x3F420000
Library C:\WINDOWS\System32\mswsock.dll 0x719B0000
Library C:\WINDOWS\System32\winrnr.dll 0x76F70000
Library C:\WINDOWS\system32\WLDAP32.dll 0x76F20000
Library C:\WINDOWS\system32\win32spl.dll 0x76550000
Library C:\WINDOWS\system32\NETRAP.dll 0x71C00000
Library C:\WINDOWS\system32\NTDSAPI.dll 0x76750000
Library C:\WINDOWS\system32\CLBCATQ.DLL 0x76F90000
Library C:\WINDOWS\system32\COMRes.dll 0x77010000
Library C:\WINDOWS\system32\xpsp2res.dll 0x01010000
Library C:\WINDOWS\system32\inetpp.dll 0x74270000
Library C:\WINDOWS\system32\SXS.DLL 0x76970000
Library C:\WINDOWS\system32\msxml3.dll 0x74900000
Library C:\WINDOWS\system32\hnetcfg.dll 0x66710000
Library C:\WINDOWS\System32\wshtcpip.dll 0x719F0000
Process C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation SIGNED)(2009-05-13 19:29:30) 520
Library C:\WINDOWS\system32\svchost.exe 0x01000000
Library C:\WINDOWS\system32\ntdll.dll 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll 0x7C800000
Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000
Library C:\WINDOWS\system32\ShimEng.dll 0x5CF00000
Library C:\WINDOWS\AppPatch\AcGenral.DLL 0x6FD90000
Library C:\WINDOWS\system32\USER32.dll 0x7E360000
Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000
Library C:\WINDOWS\system32\WINMM.dll 0x76AF0000
Library C:\WINDOWS\system32\ole32.dll 0x774B0000
Library C:\WINDOWS\system32\msvcrt.dll 0x77BE0000
Library C:\WINDOWS\system32\OLEAUT32.dll 0x770F0000
Library C:\WINDOWS\system32\MSACM32.dll 0x77BB0000
Library C:\WINDOWS\system32\VERSION.dll 0x77BD0000
Library C:\WINDOWS\system32\SHELL32.dll 0x7E670000
Library C:\WINDOWS\system32\SHLWAPI.dll 0x77F40000
Library C:\WINDOWS\system32\USERENV.dll 0x76620000
Library C:\WINDOWS\system32\UxTheme.dll 0x5B0F0000
Library C:\WINDOWS\system32\IMM32.DLL 0x76330000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll 0x773A0000
Library C:\WINDOWS\system32\comctl32.dll 0x5D450000
Library C:\WINDOWS\system32\NTMARTA.DLL 0x77660000
Library C:\WINDOWS\system32\SAMLIB.dll 0x71B70000
Library C:\WINDOWS\system32\WLDAP32.dll 0x76F20000
Library C:\WINDOWS\system32\xpsp2res.dll 0x00630000
Library c:\windows\system32\lmhsvc.dll 0x74BC0000
Library c:\windows\system32\iphlpapi.dll 0x76D20000
Library c:\windows\system32\WS2_32.dll 0x71A10000
Library c:\windows\system32\WS2HELP.dll 0x71A00000
Library c:\windows\system32\ssdpsrv.dll 0x76910000
Library C:\WINDOWS\system32\hnetcfg.dll 0x66710000
Library C:\WINDOWS\system32\CLBCATQ.DLL 0x76F90000
Library C:\WINDOWS\system32\COMRes.dll 0x77010000
Library C:\WINDOWS\system32\mswsock.dll 0x719B0000
Library C:\WINDOWS\System32\wshtcpip.dll 0x719F0000
Library C:\WINDOWS\system32\rsaenh.dll 0x68000000
Library C:\WINDOWS\system32\httpapi.dll 0x67A10000
Library C:\WINDOWS\system32\WINHTTP.dll 0x4D5C0000
Process C:\Programme\CyberLink\Shared Files\RichVideo.exe(2011-07-31 19:39:45) 692
Library C:\Programme\CyberLink\Shared Files\RichVideo.exe 0x00400000
Library C:\WINDOWS\system32\ntdll.dll 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll 0x7C800000
Library C:\WINDOWS\system32\MSVCRT.dll 0x77BE0000
Library C:\WINDOWS\system32\USER32.dll 0x7E360000
Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000
Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000
Library C:\WINDOWS\system32\SHELL32.dll 0x7E670000
Library C:\WINDOWS\system32\SHLWAPI.dll 0x77F40000
Library C:\WINDOWS\system32\ole32.dll 0x774B0000
Library C:\WINDOWS\system32\OLEAUT32.dll 0x770F0000
Library C:\WINDOWS\system32\WINMM.dll 0x76AF0000
Library C:\WINDOWS\system32\IMM32.DLL 0x76330000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll 0x773A0000
Library C:\WINDOWS\system32\comctl32.dll 0x5D450000
Library C:\WINDOWS\system32\uxtheme.dll 0x5B0F0000
Library C:\WINDOWS\system32\xpsp2res.dll 0x00AB0000
Library C:\WINDOWS\system32\CLBCATQ.DLL 0x76F90000
Library C:\WINDOWS\system32\COMRes.dll 0x77010000
Library C:\WINDOWS\system32\VERSION.dll 0x77BD0000
Process C:\WINDOWS\System32\smss.exe (Windows NT-Sitzungs-Manager/Microsoft Corporation SIGNED)(2009-05-13 19:29:28) 988
Library C:\WINDOWS\System32\smss.exe 0x48580000
Library C:\WINDOWS\system32\ntdll.dll 0x7C910000
Process C:\WINDOWS\Explorer.EXE (Windows Explorer/Microsoft Corporation SIGNED)(2009-05-13 19:29:22) 1028
Library C:\WINDOWS\Explorer.EXE 0x01000000
Library C:\WINDOWS\system32\ntdll.dll 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll 0x7C800000
Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000
Library C:\WINDOWS\system32\BROWSEUI.dll 0x75F20000
Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000
Library C:\WINDOWS\system32\USER32.dll 0x7E360000
Library C:\WINDOWS\system32\msvcrt.dll 0x77BE0000
Library C:\WINDOWS\system32\ole32.dll 0x774B0000
Library C:\WINDOWS\system32\SHLWAPI.dll 0x77F40000
Library C:\WINDOWS\system32\OLEAUT32.dll 0x770F0000
Library C:\WINDOWS\system32\SHDOCVW.dll 0x7E1E0000
Library C:\WINDOWS\system32\CRYPT32.dll 0x77A50000
Library C:\WINDOWS\system32\MSASN1.dll 0x77AF0000
Library C:\WINDOWS\system32\CRYPTUI.dll 0x76880000
Library C:\WINDOWS\system32\NETAPI32.dll 0x597D0000
Library C:\WINDOWS\system32\VERSION.dll 0x77BD0000
Library C:\WINDOWS\system32\WININET.dll 0x408B0000
Library C:\WINDOWS\system32\Normaliz.dll 0x00400000
Library C:\WINDOWS\system32\urlmon.dll 0x452E0000
Library C:\WINDOWS\system32\iertutil.dll 0x40F50000
Library C:\WINDOWS\system32\WINTRUST.dll 0x76BF0000
Library C:\WINDOWS\system32\IMAGEHLP.dll 0x76C50000
Library C:\WINDOWS\system32\WLDAP32.dll 0x76F20000
Library C:\WINDOWS\system32\SHELL32.dll 0x7E670000
Library C:\WINDOWS\system32\UxTheme.dll 0x5B0F0000
Library C:\WINDOWS\system32\ShimEng.dll 0x5CF00000
Library C:\WINDOWS\AppPatch\AcGenral.DLL 0x6FD90000
Library C:\WINDOWS\system32\WINMM.dll 0x76AF0000
Library C:\WINDOWS\system32\MSACM32.dll 0x77BB0000
Library C:\WINDOWS\system32\USERENV.dll 0x76620000
Library C:\WINDOWS\system32\IMM32.DLL 0x76330000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll 0x773A0000
Library C:\WINDOWS\system32\comctl32.dll 0x5D450000
Library C:\WINDOWS\system32\msctfime.ime 0x75250000
Library C:\WINDOWS\system32\appHelp.dll 0x77B10000
Library C:\WINDOWS\system32\CLBCATQ.DLL 0x76F90000
Library C:\WINDOWS\system32\COMRes.dll 0x77010000
Library C:\WINDOWS\System32\cscui.dll 0x779F0000
Library C:\WINDOWS\System32\CSCDLL.dll 0x765A0000
Library C:\WINDOWS\system32\themeui.dll 0x5B9B0000
Library C:\WINDOWS\system32\MSIMG32.dll 0x76320000
Library C:\WINDOWS\system32\xpsp2res.dll 0x01100000
Library C:\WINDOWS\system32\msutb.dll 0x60010000
Library C:\WINDOWS\system32\MSCTF.dll 0x746A0000
Library C:\WINDOWS\system32\SAMLIB.dll 0x71B70000
Library C:\WINDOWS\system32\LINKINFO.dll 0x76930000
Library C:\WINDOWS\system32\ntshrui.dll 0x76940000
Library C:\WINDOWS\system32\ATL.DLL 0x76AD0000
Library C:\WINDOWS\system32\msi.dll 0x3FDE0000
Library C:\WINDOWS\system32\SETUPAPI.dll 0x778F0000
Library C:\WINDOWS\system32\ieframe.dll 0x41140000
Library C:\WINDOWS\system32\NETSHELL.dll 0x763A0000
Library C:\WINDOWS\system32\credui.dll 0x76BC0000
Library C:\WINDOWS\system32\dot3api.dll 0x5F8F0000
Library C:\WINDOWS\system32\rtutils.dll 0x76E40000
Library C:\WINDOWS\system32\dot3dlg.dll 0x71260000
Library C:\WINDOWS\system32\OneX.DLL 0x72760000
Library C:\WINDOWS\system32\WTSAPI32.dll 0x76F10000
Library C:\WINDOWS\system32\WINSTA.dll 0x76300000
Library C:\WINDOWS\system32\eappcfg.dll 0x6DB40000
Library C:\WINDOWS\system32\MSVCP60.dll 0x76020000
Library C:\WINDOWS\system32\eappprxy.dll 0x47700000
Library C:\WINDOWS\system32\iphlpapi.dll 0x76D20000
Library C:\WINDOWS\system32\WS2_32.dll 0x71A10000
Library C:\WINDOWS\system32\WS2HELP.dll 0x71A00000
Library C:\PROGRA~1\WIFD1F~1\MpShHook.dll 0x5F800000
Library C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll 0x78130000
Library C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCP80.dll 0x7C420000
Library C:\WINDOWS\system32\rsaenh.dll 0x68000000
Library C:\WINDOWS\system32\webcheck.dll 0x00CF0000
Library C:\WINDOWS\system32\MLANG.dll 0x75DC0000
Library C:\WINDOWS\system32\stobject.dll 0x765C0000
Library C:\WINDOWS\system32\BatMeter.dll 0x74A70000
Library C:\WINDOWS\system32\POWRPROF.dll 0x74A50000
Library C:\WINDOWS\system32\WPDShServiceObj.dll 0x164A0000
Library C:\WINDOWS\system32\WINHTTP.dll 0x4D5C0000
Library C:\WINDOWS\system32\mydocs.dll 0x723A0000
Library C:\WINDOWS\system32\PortableDeviceTypes.dll 0x109C0000
Library C:\WINDOWS\system32\PortableDeviceApi.dll 0x10930000
Library C:\WINDOWS\system32\wdmaud.drv 0x72C90000
Library C:\WINDOWS\system32\msacm32.drv 0x72C80000
Library C:\WINDOWS\system32\midimap.dll 0x77BA0000
Library C:\WINDOWS\system32\WZCSAPI.DLL 0x72FA0000
Library C:\WINDOWS\system32\MPR.dll 0x71A80000
Library C:\WINDOWS\System32\drprov.dll 0x75F00000
Library C:\WINDOWS\System32\ntlanman.dll 0x71B90000
Library C:\WINDOWS\System32\NETUI0.dll 0x71C50000
Library C:\WINDOWS\System32\NETUI1.dll 0x71C10000
Library C:\WINDOWS\System32\NETRAP.dll 0x71C00000
Library C:\WINDOWS\System32\davclnt.dll 0x75F10000
Library C:\WINDOWS\system32\browselc.dll 0x71600000
Library C:\WINDOWS\system32\DUSER.dll 0x6C670000
Library C:\WINDOWS\system32\MSGINA.dll 0x75910000
Library C:\WINDOWS\system32\ODBC32.dll 0x745D0000
Library C:\WINDOWS\system32\comdlg32.dll 0x76350000
Library C:\WINDOWS\system32\odbcint.dll 0x1F840000
Library C:\WINDOWS\system32\sti.dll 0x73B10000
Library C:\WINDOWS\system32\CFGMGR32.dll 0x74A60000
Library C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll 0x10000000
Library C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCP90.dll 0x78480000
Library C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCR90.dll 0x78520000
Library C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU 0x03900000
Library C:\WINDOWS\system32\shdoclc.dll 0x71800000
Library C:\WINDOWS\system32\msxml3.dll 0x74900000
Library C:\WINDOWS\system32\wzcdlg.dll 0x4F4A0000
Process C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation SIGNED)(2009-05-13 19:29:30) 1064
Library C:\WINDOWS\system32\svchost.exe 0x01000000
Library C:\WINDOWS\system32\ntdll.dll 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll 0x7C800000
Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000
Library C:\WINDOWS\system32\ShimEng.dll 0x5CF00000
Library C:\WINDOWS\AppPatch\AcGenral.DLL 0x6FD90000
Library C:\WINDOWS\system32\USER32.dll 0x7E360000
Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000
Library C:\WINDOWS\system32\WINMM.dll 0x76AF0000
Library C:\WINDOWS\system32\ole32.dll 0x774B0000
Library C:\WINDOWS\system32\msvcrt.dll 0x77BE0000
Library C:\WINDOWS\system32\OLEAUT32.dll 0x770F0000
Library C:\WINDOWS\system32\MSACM32.dll 0x77BB0000
Library C:\WINDOWS\system32\VERSION.dll 0x77BD0000
Library C:\WINDOWS\system32\SHELL32.dll 0x7E670000
Library C:\WINDOWS\system32\SHLWAPI.dll 0x77F40000
Library C:\WINDOWS\system32\USERENV.dll 0x76620000
Library C:\WINDOWS\system32\UxTheme.dll 0x5B0F0000
Library C:\WINDOWS\system32\IMM32.DLL 0x76330000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll 0x773A0000
Library C:\WINDOWS\system32\comctl32.dll 0x5D450000
Library C:\WINDOWS\system32\NTMARTA.DLL 0x77660000
Library C:\WINDOWS\system32\SAMLIB.dll 0x71B70000
Library C:\WINDOWS\system32\WLDAP32.dll 0x76F20000
Library C:\WINDOWS\system32\xpsp2res.dll 0x00630000
Library c:\windows\system32\webclnt.dll 0x5AA50000
Library C:\WINDOWS\system32\WININET.dll 0x408B0000
Library C:\WINDOWS\system32\Normaliz.dll 0x00950000
Library C:\WINDOWS\system32\urlmon.dll 0x452E0000
Library C:\WINDOWS\system32\iertutil.dll 0x40F50000
Library c:\windows\system32\WS2_32.dll 0x71A10000
Library c:\windows\system32\WS2HELP.dll 0x71A00000
|
|
09.04.2013, 17:55
| #11 |
| | Beim Versuch Wiso Steuer 2011 zu deinstallieren werden alle Programme in Start gelöscht! .... Code:
ATTFilter Process C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation SIGNED)(2009-05-13 19:29:30) 1204
Library C:\WINDOWS\system32\svchost.exe 0x01000000
Library C:\WINDOWS\system32\ntdll.dll 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll 0x7C800000
Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000
Library C:\WINDOWS\system32\ShimEng.dll 0x5CF00000
Library C:\WINDOWS\AppPatch\AcGenral.DLL 0x6FD90000
Library C:\WINDOWS\system32\USER32.dll 0x7E360000
Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000
Library C:\WINDOWS\system32\WINMM.dll 0x76AF0000
Library C:\WINDOWS\system32\ole32.dll 0x774B0000
Library C:\WINDOWS\system32\msvcrt.dll 0x77BE0000
Library C:\WINDOWS\system32\OLEAUT32.dll 0x770F0000
Library C:\WINDOWS\system32\MSACM32.dll 0x77BB0000
Library C:\WINDOWS\system32\VERSION.dll 0x77BD0000
Library C:\WINDOWS\system32\SHELL32.dll 0x7E670000
Library C:\WINDOWS\system32\SHLWAPI.dll 0x77F40000
Library C:\WINDOWS\system32\USERENV.dll 0x76620000
Library C:\WINDOWS\system32\UxTheme.dll 0x5B0F0000
Library C:\WINDOWS\system32\IMM32.DLL 0x76330000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll 0x773A0000
Library C:\WINDOWS\system32\comctl32.dll 0x5D450000
Library C:\WINDOWS\system32\NTMARTA.DLL 0x77660000
Library C:\WINDOWS\system32\SAMLIB.dll 0x71B70000
Library C:\WINDOWS\system32\WLDAP32.dll 0x76F20000
Library C:\WINDOWS\system32\xpsp2res.dll 0x008B0000
Library c:\windows\system32\qmgr.dll 0x5AF90000
Library c:\windows\system32\CRYPT32.dll 0x77A50000
Library c:\windows\system32\MSASN1.dll 0x77AF0000
Library c:\windows\system32\iphlpapi.dll 0x76D20000
Library c:\windows\system32\WS2_32.dll 0x71A10000
Library c:\windows\system32\WS2HELP.dll 0x71A00000
Library C:\WINDOWS\system32\MPR.dll 0x71A80000
Library c:\windows\system32\SHFOLDER.dll 0x76730000
Library c:\windows\system32\WTSAPI32.dll 0x76F10000
Library c:\windows\system32\WINSTA.dll 0x76300000
Library c:\windows\system32\NETAPI32.dll 0x597D0000
Library c:\windows\system32\WINHTTP.dll 0x4D5C0000
Library C:\WINDOWS\system32\mswsock.dll 0x719B0000
Library C:\WINDOWS\system32\hnetcfg.dll 0x66710000
Library C:\WINDOWS\System32\wshtcpip.dll 0x719F0000
Library C:\WINDOWS\system32\msctfime.ime 0x75250000
Library C:\WINDOWS\system32\netman.dll 0x77CD0000
Library C:\WINDOWS\system32\MPRAPI.dll 0x76D00000
Library C:\WINDOWS\system32\ACTIVEDS.dll 0x77C90000
Library C:\WINDOWS\system32\adsldpc.dll 0x76DD0000
Library C:\WINDOWS\system32\ATL.DLL 0x76AD0000
Library C:\WINDOWS\system32\rtutils.dll 0x76E40000
Library C:\WINDOWS\system32\SETUPAPI.dll 0x778F0000
Library C:\WINDOWS\system32\netshell.dll 0x763A0000
Library C:\WINDOWS\system32\credui.dll 0x76BC0000
Library C:\WINDOWS\system32\dot3api.dll 0x5F8F0000
Library C:\WINDOWS\system32\dot3dlg.dll 0x71260000
Library C:\WINDOWS\system32\OneX.DLL 0x72760000
Library C:\WINDOWS\system32\eappcfg.dll 0x6DB40000
Library C:\WINDOWS\system32\MSVCP60.dll 0x76020000
Library C:\WINDOWS\system32\eappprxy.dll 0x47700000
Library C:\WINDOWS\system32\RASAPI32.dll 0x76EA0000
Library C:\WINDOWS\system32\rasman.dll 0x76E50000
Library C:\WINDOWS\system32\TAPI32.dll 0x76E70000
Library C:\WINDOWS\system32\WININET.dll 0x408B0000
Library C:\WINDOWS\system32\Normaliz.dll 0x00F30000
Library C:\WINDOWS\system32\urlmon.dll 0x452E0000
Library C:\WINDOWS\system32\iertutil.dll 0x40F50000
Library C:\WINDOWS\system32\WZCSAPI.DLL 0x72FA0000
Library C:\WINDOWS\system32\WZCSvc.DLL 0x7DB20000
Library C:\WINDOWS\system32\WMI.dll 0x76CF0000
Library C:\WINDOWS\system32\DHCPCSVC.DLL 0x7D4C0000
Library C:\WINDOWS\system32\DNSAPI.dll 0x76EE0000
Library C:\WINDOWS\system32\EapolQec.dll 0x745C0000
Library C:\WINDOWS\system32\QUtil.dll 0x61900000
Library C:\WINDOWS\system32\ESENT.dll 0x5E200000
Library C:\WINDOWS\system32\msv1_0.dll 0x77C40000
Library C:\WINDOWS\system32\cryptdll.dll 0x76740000
Library C:\WINDOWS\system32\CLBCATQ.DLL 0x76F90000
Library C:\WINDOWS\system32\COMRes.dll 0x77010000
Library C:\WINDOWS\system32\qmgrprxy.dll 0x5E190000
Process C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation SIGNED)(2009-05-13 19:29:30) 1256
Library C:\WINDOWS\system32\svchost.exe 0x01000000
Library C:\WINDOWS\system32\ntdll.dll 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll 0x7C800000
Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000
Library C:\WINDOWS\system32\ShimEng.dll 0x5CF00000
Library C:\WINDOWS\AppPatch\AcGenral.DLL 0x6FD90000
Library C:\WINDOWS\system32\USER32.dll 0x7E360000
Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000
Library C:\WINDOWS\system32\WINMM.dll 0x76AF0000
Library C:\WINDOWS\system32\ole32.dll 0x774B0000
Library C:\WINDOWS\system32\msvcrt.dll 0x77BE0000
Library C:\WINDOWS\system32\OLEAUT32.dll 0x770F0000
Library C:\WINDOWS\system32\MSACM32.dll 0x77BB0000
Library C:\WINDOWS\system32\VERSION.dll 0x77BD0000
Library C:\WINDOWS\system32\SHELL32.dll 0x7E670000
Library C:\WINDOWS\system32\SHLWAPI.dll 0x77F40000
Library C:\WINDOWS\system32\USERENV.dll 0x76620000
Library C:\WINDOWS\system32\UxTheme.dll 0x5B0F0000
Library C:\WINDOWS\system32\IMM32.DLL 0x76330000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll 0x773A0000
Library C:\WINDOWS\system32\comctl32.dll 0x5D450000
Library c:\windows\system32\wiaservc.dll 0x75B50000
Library c:\windows\system32\CFGMGR32.dll 0x74A60000
Library c:\windows\system32\setupapi.DLL 0x778F0000
Library c:\windows\system32\mscms.dll 0x73AA0000
Library c:\windows\system32\WINSPOOL.DRV 0x72F70000
Library c:\windows\system32\WINSTA.dll 0x76300000
Library c:\windows\system32\NETAPI32.dll 0x597D0000
Library C:\WINDOWS\system32\xpsp2res.dll 0x00680000
Library C:\WINDOWS\system32\CLBCATQ.DLL 0x76F90000
Library C:\WINDOWS\system32\COMRes.dll 0x77010000
Library C:\WINDOWS\system32\WINTRUST.dll 0x76BF0000
Library C:\WINDOWS\system32\CRYPT32.dll 0x77A50000
Library C:\WINDOWS\system32\MSASN1.dll 0x77AF0000
Library C:\WINDOWS\system32\IMAGEHLP.dll 0x76C50000
Library C:\WINDOWS\system32\kodak\kds_aio5000\ekaio2wia.dll 0x70100000
Library C:\WINDOWS\system32\WS2_32.dll 0x71A10000
Library C:\WINDOWS\system32\WS2HELP.dll 0x71A00000
Library C:\WINDOWS\system32\PSAPI.DLL 0x76BB0000
Library C:\WINDOWS\system32\Iphlpapi.dll 0x76D20000
Library C:\WINDOWS\system32\wiavusd.dll 0x5A820000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\gdiplus.dll 0x4EBA0000
Library C:\WINDOWS\system32\SHFOLDER.dll 0x76730000
Library C:\WINDOWS\system32\actxprxy.dll 0x71CC0000
Library C:\WINDOWS\system32\sti.dll 0x73B10000
Process C:\Programme\Firebird\Firebird_2_5\bin\fbguard.exe (Firebird SQL Server/Firebird Project)(2012-07-29 06:05:15) 1264
Library C:\Programme\Firebird\Firebird_2_5\bin\fbguard.exe 0x00400000
Library C:\WINDOWS\system32\ntdll.dll 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll 0x7C800000
Library C:\WINDOWS\system32\COMCTL32.dll 0x5D450000
Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000
Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000
Library C:\WINDOWS\system32\USER32.dll 0x7E360000
Library C:\WINDOWS\system32\VERSION.dll 0x77BD0000
Library C:\WINDOWS\system32\SHELL32.dll 0x7E670000
Library C:\WINDOWS\system32\msvcrt.dll 0x77BE0000
Library C:\WINDOWS\system32\SHLWAPI.dll 0x77F40000
Library C:\Programme\Firebird\Firebird_2_5\bin\fbclient.dll 0x10000000
Library C:\WINDOWS\system32\WS2_32.dll 0x71A10000
Library C:\WINDOWS\system32\WS2HELP.dll 0x71A00000
Library C:\WINDOWS\system32\MPR.dll 0x71A80000
Library C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll 0x78130000
Library C:\WINDOWS\system32\IMM32.DLL 0x76330000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll 0x773A0000
Process C:\WINDOWS\system32\wuauclt.exe (Windows Update/Microsoft Corporation SIGNED)(2009-05-13 19:40:13) 1360
Library C:\WINDOWS\system32\wuauclt.exe 0x00400000
Library C:\WINDOWS\system32\ntdll.dll 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll 0x7C800000
Library C:\WINDOWS\system32\msvcrt.dll 0x77BE0000
Library C:\WINDOWS\system32\ole32.dll 0x774B0000
Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000
Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000
Library C:\WINDOWS\system32\USER32.dll 0x7E360000
Library C:\WINDOWS\system32\OLEAUT32.dll 0x770F0000
Library C:\WINDOWS\system32\SHLWAPI.dll 0x77F40000
Library C:\WINDOWS\system32\ShimEng.dll 0x5CF00000
Library C:\WINDOWS\AppPatch\AcGenral.DLL 0x6FD90000
Library C:\WINDOWS\system32\WINMM.dll 0x76AF0000
Library C:\WINDOWS\system32\MSACM32.dll 0x77BB0000
Library C:\WINDOWS\system32\VERSION.dll 0x77BD0000
Library C:\WINDOWS\system32\SHELL32.dll 0x7E670000
Library C:\WINDOWS\system32\USERENV.dll 0x76620000
Library C:\WINDOWS\system32\UxTheme.dll 0x5B0F0000
Library C:\WINDOWS\system32\IMM32.DLL 0x76330000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll 0x773A0000
Library C:\WINDOWS\system32\wucltui.dll 0x507E0000
Library C:\WINDOWS\system32\MSIMG32.dll 0x76320000
Library C:\WINDOWS\system32\Cabinet.dll 0x750D0000
Library C:\WINDOWS\system32\CRYPT32.dll 0x77A50000
Library C:\WINDOWS\system32\MSASN1.dll 0x77AF0000
Library C:\WINDOWS\system32\WINTRUST.dll 0x76BF0000
Library C:\WINDOWS\system32\IMAGEHLP.dll 0x76C50000
Library C:\WINDOWS\system32\MSCTF.dll 0x746A0000
Library C:\WINDOWS\system32\CLBCATQ.DLL 0x76F90000
Library C:\WINDOWS\system32\COMRes.dll 0x77010000
Library C:\WINDOWS\system32\xpsp2res.dll 0x00A70000
Library C:\WINDOWS\system32\wups2.dll 0x50F00000
Library C:\WINDOWS\system32\wuaucpl.cpl 0x508E0000
Library C:\WINDOWS\system32\mucltui.dll 0x509E0000
Process C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation SIGNED)(2009-05-13 19:29:30) 1424
Library C:\WINDOWS\system32\svchost.exe 0x01000000
Library C:\WINDOWS\system32\ntdll.dll 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll 0x7C800000
Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000
Library C:\WINDOWS\system32\ShimEng.dll 0x5CF00000
Library C:\WINDOWS\AppPatch\AcGenral.DLL 0x6FD90000
Library C:\WINDOWS\system32\USER32.dll 0x7E360000
Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000
Library C:\WINDOWS\system32\WINMM.dll 0x76AF0000
Library C:\WINDOWS\system32\ole32.dll 0x774B0000
Library C:\WINDOWS\system32\msvcrt.dll 0x77BE0000
Library C:\WINDOWS\system32\OLEAUT32.dll 0x770F0000
Library C:\WINDOWS\system32\MSACM32.dll 0x77BB0000
Library C:\WINDOWS\system32\VERSION.dll 0x77BD0000
Library C:\WINDOWS\system32\SHELL32.dll 0x7E670000
Library C:\WINDOWS\system32\SHLWAPI.dll 0x77F40000
Library C:\WINDOWS\system32\USERENV.dll 0x76620000
Library C:\WINDOWS\system32\UxTheme.dll 0x5B0F0000
Library C:\WINDOWS\system32\IMM32.DLL 0x76330000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll 0x773A0000
Library C:\WINDOWS\system32\comctl32.dll 0x5D450000
Library C:\WINDOWS\system32\NTMARTA.DLL 0x77660000
Library C:\WINDOWS\system32\SAMLIB.dll 0x71B70000
Library C:\WINDOWS\system32\WLDAP32.dll 0x76F20000
Library c:\windows\system32\rpcss.dll 0x76A30000
Library c:\windows\system32\WS2_32.dll 0x71A10000
Library c:\windows\system32\WS2HELP.dll 0x71A00000
Library C:\WINDOWS\system32\xpsp2res.dll 0x006B0000
Library C:\WINDOWS\system32\CLBCATQ.DLL 0x76F90000
Library C:\WINDOWS\system32\COMRes.dll 0x77010000
Library C:\WINDOWS\system32\WTSAPI32.dll 0x76F10000
Library C:\WINDOWS\system32\WINSTA.dll 0x76300000
Library C:\WINDOWS\system32\NETAPI32.dll 0x597D0000
Library C:\WINDOWS\system32\msv1_0.dll 0x77C40000
Library C:\WINDOWS\system32\cryptdll.dll 0x76740000
Library C:\WINDOWS\system32\iphlpapi.dll 0x76D20000
Library C:\WINDOWS\system32\Apphelp.dll 0x77B10000
Library c:\windows\system32\termsrv.dll 0x761D0000
Library c:\windows\system32\ICAAPI.dll 0x74EF0000
Library c:\windows\system32\SETUPAPI.dll 0x778F0000
Library c:\windows\system32\WINTRUST.dll 0x76BF0000
Library c:\windows\system32\CRYPT32.dll 0x77A50000
Library c:\windows\system32\MSASN1.dll 0x77AF0000
Library C:\WINDOWS\system32\IMAGEHLP.dll 0x76C50000
Library c:\windows\system32\AUTHZ.dll 0x77690000
Library c:\windows\system32\mstlsapi.dll 0x75090000
Library c:\windows\system32\ACTIVEDS.dll 0x77C90000
Library c:\windows\system32\adsldpc.dll 0x76DD0000
Library c:\windows\system32\ATL.DLL 0x76AD0000
Library C:\WINDOWS\system32\REGAPI.dll 0x76B70000
Library C:\WINDOWS\system32\rsaenh.dll 0x68000000
Process C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation SIGNED)(2009-05-13 19:29:30) 1432
Library C:\WINDOWS\system32\svchost.exe 0x01000000
Library C:\WINDOWS\system32\ntdll.dll 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll 0x7C800000
Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000
Library C:\WINDOWS\system32\ShimEng.dll 0x5CF00000
Library C:\WINDOWS\AppPatch\AcGenral.DLL 0x6FD90000
Library C:\WINDOWS\system32\USER32.dll 0x7E360000
Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000
Library C:\WINDOWS\system32\WINMM.dll 0x76AF0000
Library C:\WINDOWS\system32\ole32.dll 0x774B0000
Library C:\WINDOWS\system32\msvcrt.dll 0x77BE0000
Library C:\WINDOWS\system32\OLEAUT32.dll 0x770F0000
Library C:\WINDOWS\system32\MSACM32.dll 0x77BB0000
Library C:\WINDOWS\system32\VERSION.dll 0x77BD0000
Library C:\WINDOWS\system32\SHELL32.dll 0x7E670000
Library C:\WINDOWS\system32\SHLWAPI.dll 0x77F40000
Library C:\WINDOWS\system32\USERENV.dll 0x76620000
Library C:\WINDOWS\system32\UxTheme.dll 0x5B0F0000
Library C:\WINDOWS\system32\IMM32.DLL 0x76330000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll 0x773A0000
Library C:\WINDOWS\system32\comctl32.dll 0x5D450000
Library c:\windows\system32\rpcss.dll 0x76A30000
Library c:\windows\system32\WS2_32.dll 0x71A10000
Library c:\windows\system32\WS2HELP.dll 0x71A00000
Library C:\WINDOWS\system32\xpsp2res.dll 0x006B0000
Library C:\WINDOWS\system32\rsaenh.dll 0x68000000
Library C:\WINDOWS\system32\mswsock.dll 0x719B0000
Library C:\WINDOWS\system32\hnetcfg.dll 0x66710000
Library C:\WINDOWS\System32\wshtcpip.dll 0x719F0000
Library C:\WINDOWS\system32\DNSAPI.dll 0x76EE0000
Library C:\WINDOWS\system32\iphlpapi.dll 0x76D20000
Library C:\WINDOWS\System32\winrnr.dll 0x76F70000
Library C:\WINDOWS\system32\WLDAP32.dll 0x76F20000
Library C:\WINDOWS\system32\rasadhlp.dll 0x76F80000
Library C:\WINDOWS\system32\CLBCATQ.DLL 0x76F90000
Library C:\WINDOWS\system32\COMRes.dll 0x77010000
Process C:\Programme\Nero\Nero 7\InCD\InCDsrv.exe (incdsrv/Nero AG SIGNED)(2007-11-26 12:54:12) 1460
Library C:\Programme\Nero\Nero 7\InCD\InCDsrv.exe 0x01000000
Library C:\WINDOWS\system32\ntdll.dll 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll 0x7C800000
Library C:\Programme\Nero\Nero 7\InCD\MSVCR71.dll 0x7C340000
Library C:\WINDOWS\system32\USER32.dll 0x7E360000
Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000
Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000
Library C:\Programme\Nero\Nero 7\InCD\MSVCP71.dll 0x7C3A0000
Library C:\WINDOWS\system32\IMM32.DLL 0x76330000
Library C:\Programme\Gemeinsame Dateien\Ahead\Lib\AdvrCntr2.dll 0x10000000
Library C:\WINDOWS\system32\WININET.dll 0x408B0000
Library C:\WINDOWS\system32\msvcrt.dll 0x77BE0000
Library C:\WINDOWS\system32\SHLWAPI.dll 0x77F40000
Library C:\WINDOWS\system32\Normaliz.dll 0x00730000
Library C:\WINDOWS\system32\urlmon.dll 0x452E0000
Library C:\WINDOWS\system32\ole32.dll 0x774B0000
Library C:\WINDOWS\system32\OLEAUT32.dll 0x770F0000
Library C:\WINDOWS\system32\iertutil.dll 0x40F50000
Library C:\WINDOWS\system32\comdlg32.dll 0x76350000
Library C:\WINDOWS\system32\COMCTL32.dll 0x5D450000
Library C:\WINDOWS\system32\SHELL32.dll 0x7E670000
Library C:\WINDOWS\system32\WINSPOOL.DRV 0x72F70000
Library C:\WINDOWS\system32\VERSION.dll 0x77BD0000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll 0x773A0000
Library C:\WINDOWS\system32\Faultrep.dll 0x69900000
Library C:\WINDOWS\system32\USERENV.dll 0x76620000
Library C:\WINDOWS\system32\WINSTA.dll 0x76300000
Library C:\WINDOWS\system32\NETAPI32.dll 0x597D0000
Library C:\WINDOWS\system32\WTSAPI32.dll 0x76F10000
Library C:\WINDOWS\system32\SETUPAPI.dll 0x778F0000
Library C:\Programme\Gemeinsame Dateien\Ahead\Lib\DriveLocker.dll 0x00900000
Library C:\Programme\Nero\Nero 7\InCD\incdshx.dll 0x1C000000
Library C:\Programme\Nero\Nero 7\InCD\MFC71.DLL 0x7C140000
Library C:\WINDOWS\system32\uxtheme.dll 0x5B0F0000
|
|
09.04.2013, 17:58
| #12 |
| | Beim Versuch Wiso Steuer 2011 zu deinstallieren werden alle Programme in Start gelöscht! .... Code:
ATTFilter Process C:\Programme\Microsoft Security Client\MsMpEng.exe (Antimalware Service Executable/Microsoft Corporation SIGNED)(2013-01-27 10:11:46) 1572
Library C:\Programme\Microsoft Security Client\MsMpEng.exe 0x00400000
Library C:\WINDOWS\system32\ntdll.dll 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll 0x7C800000
Library C:\Programme\Microsoft Security Client\mpsvc.dll 0x5C800000
Library C:\WINDOWS\system32\msvcrt.dll 0x77BE0000
Library C:\WINDOWS\system32\OLEAUT32.dll 0x770F0000
Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000
Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000
Library C:\WINDOWS\system32\USER32.dll 0x7E360000
Library C:\WINDOWS\system32\ole32.dll 0x774B0000
Library C:\WINDOWS\system32\WTSAPI32.dll 0x76F10000
Library C:\WINDOWS\system32\WINSTA.dll 0x76300000
Library C:\WINDOWS\system32\NETAPI32.dll 0x597D0000
Library C:\WINDOWS\system32\USERENV.dll 0x76620000
Library C:\Programme\Microsoft Security Client\mpclient.dll 0x5B800000
Library C:\WINDOWS\system32\WINTRUST.dll 0x76BF0000
Library C:\WINDOWS\system32\CRYPT32.dll 0x77A50000
Library C:\WINDOWS\system32\MSASN1.dll 0x77AF0000
Library C:\WINDOWS\system32\IMAGEHLP.dll 0x76C50000
Library C:\WINDOWS\system32\VERSION.dll 0x77BD0000
Library C:\WINDOWS\system32\IMM32.DLL 0x76330000
Library C:\WINDOWS\system32\SHLWAPI.dll 0x77F40000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll 0x773A0000
Library C:\WINDOWS\system32\comctl32.dll 0x5D450000
Library C:\WINDOWS\system32\rsaenh.dll 0x68000000
Library C:\WINDOWS\system32\NTMARTA.DLL 0x77660000
Library C:\WINDOWS\system32\SAMLIB.dll 0x71B70000
Library C:\WINDOWS\system32\WLDAP32.dll 0x76F20000
Library C:\Programme\Microsoft Security Client\mprtp.dll 0x5E800000
Library C:\WINDOWS\system32\FLTLIB.DLL 0x5E160000
Library C:\WINDOWS\system32\psapi.dll 0x76BB0000
Library C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{83D0F746-FE37-498C-AE7E-474ABA607FCB}\mpengine.dll 0x5A100000
Library C:\WINDOWS\system32\WS2_32.dll 0x71A10000
Library C:\WINDOWS\system32\WS2HELP.dll 0x71A00000
Library C:\WINDOWS\system32\CLBCATQ.DLL 0x76F90000
Library C:\WINDOWS\system32\COMRes.dll 0x77010000
Library C:\WINDOWS\system32\xpsp2res.dll 0x08E00000
Library C:\WINDOWS\system32\uxtheme.dll 0x5B0F0000
Library C:\WINDOWS\system32\cryptnet.dll 0x76580000
Library C:\WINDOWS\system32\SensApi.dll 0x72240000
Library C:\WINDOWS\system32\WINHTTP.dll 0x4D5C0000
Library C:\WINDOWS\system32\Cabinet.dll 0x750D0000
Library C:\WINDOWS\system32\setupapi.dll 0x778F0000
Library C:\WINDOWS\system32\cfgmgr32.dll 0x74A60000
Library C:\WINDOWS\system32\Apphelp.dll 0x77B10000
Process C:\WINDOWS\system32\csrss.exe (Client Server Runtime Process/Microsoft Corporation SIGNED)(2009-05-13 19:29:19) 1604
Library C:\WINDOWS\system32\csrss.exe 0x4A680000
Library C:\WINDOWS\system32\ntdll.dll 0x7C910000
Library C:\WINDOWS\system32\CSRSRV.dll 0x75AE0000
Library C:\WINDOWS\system32\basesrv.dll 0x75AF0000
Library C:\WINDOWS\system32\winsrv.dll 0x75B00000
Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000
Library C:\WINDOWS\system32\KERNEL32.dll 0x7C800000
Library C:\WINDOWS\system32\USER32.dll 0x7E360000
Library C:\WINDOWS\system32\sxs.dll 0x76970000
Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000
Process C:\Programme\Kodak\AiO\Center\EKAiOHostService.exe (EKAiOHostService Module for Kodak AiO Printers/Eastman Kodak Company SIGNED)(2012-10-19 13:51:08) 1628
Library C:\Programme\Kodak\AiO\Center\EKAiOHostService.exe 0x00400000
Library C:\WINDOWS\system32\ntdll.dll 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll 0x7C800000
Library C:\WINDOWS\system32\VERSION.dll 0x77BD0000
Library C:\WINDOWS\system32\WTSAPI32.dll 0x76F10000
Library C:\WINDOWS\system32\msvcrt.dll 0x77BE0000
Library C:\WINDOWS\system32\WINSTA.dll 0x76300000
Library C:\WINDOWS\system32\NETAPI32.dll 0x597D0000
Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000
Library C:\WINDOWS\system32\USER32.dll 0x7E360000
Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000
Library C:\WINDOWS\system32\COMDLG32.dll 0x76350000
Library C:\WINDOWS\system32\COMCTL32.dll 0x5D450000
Library C:\WINDOWS\system32\SHELL32.dll 0x7E670000
Library C:\WINDOWS\system32\SHLWAPI.dll 0x77F40000
Library C:\WINDOWS\system32\WINSPOOL.DRV 0x72F70000
Library C:\WINDOWS\system32\ole32.dll 0x774B0000
Library C:\WINDOWS\system32\OLEAUT32.dll 0x770F0000
Library C:\WINDOWS\system32\CRYPT32.dll 0x77A50000
Library C:\WINDOWS\system32\MSASN1.dll 0x77AF0000
Library C:\WINDOWS\system32\WS2_32.dll 0x71A10000
Library C:\WINDOWS\system32\WS2HELP.dll 0x71A00000
Library C:\WINDOWS\system32\IPHLPAPI.DLL 0x76D20000
Library C:\WINDOWS\system32\PSAPI.DLL 0x76BB0000
Library C:\WINDOWS\system32\IMM32.DLL 0x76330000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll 0x773A0000
Library C:\WINDOWS\system32\uxtheme.dll 0x5B0F0000
Library C:\WINDOWS\system32\DNSAPI.dll 0x76EE0000
Library C:\WINDOWS\system32\rasadhlp.dll 0x76F80000
Library C:\WINDOWS\system32\xpsp2res.dll 0x00890000
Library C:\WINDOWS\system32\NTMARTA.DLL 0x77660000
Library C:\WINDOWS\system32\SAMLIB.dll 0x71B70000
Library C:\WINDOWS\system32\WLDAP32.dll 0x76F20000
Library C:\WINDOWS\system32\CLBCATQ.DLL 0x76F90000
Library C:\WINDOWS\system32\COMRes.dll 0x77010000
Library C:\WINDOWS\system32\msxml6.dll 0x40640000
Library C:\WINDOWS\system32\WININET.dll 0x408B0000
Library C:\WINDOWS\system32\Normaliz.dll 0x01100000
Library C:\WINDOWS\system32\urlmon.dll 0x452E0000
Library C:\WINDOWS\system32\iertutil.dll 0x40F50000
Library C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE14\MSOXMLMF.DLL 0x40330000
Library C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCR90.dll 0x78520000
Library C:\WINDOWS\System32\mswsock.dll 0x719B0000
Library C:\WINDOWS\System32\winrnr.dll 0x76F70000
Library C:\WINDOWS\system32\hnetcfg.dll 0x66710000
Library C:\WINDOWS\System32\wshtcpip.dll 0x719F0000
Library C:\WINDOWS\system32\mscoree.dll 0x79000000
Library C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll 0x603B0000
Library C:\WINDOWS\system32\sxs.dll 0x76970000
Library C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\clr.dll 0x79140000
Library C:\WINDOWS\system32\MSVCR100_CLR0400.dll 0x79060000
Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll 0x79880000
Library C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\culture.dll 0x60340000
Library C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll 0x60930000
Library C:\WINDOWS\system32\rsaenh.dll 0x68000000
Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\c182d7a0bd88caf2cddccb7491a5fa6e\System.ni.dll 0x7A830000
Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Inkjet.Automation\8b01c45039261ef4150bb6b270d1c74f\Inkjet.Automation.ni.dll 0x31000000
Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Inkjet.Utilities\b7b3b0789757a620eda5338bef36c381\Inkjet.Utilities.ni.dll 0x04B60000
Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Inkjet.Configuration\f2554db13b4f250f3e005f6a1b0b9d06\Inkjet.Configuration.ni.dll 0x04BB0000
Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\3d6d9da56c9f607615b55d6742d8427d\System.Xml.ni.dll 0x69720000
Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Inkjet.Diagnostics\decf9d95c3df2ef822e0c48d1efba8c8\Inkjet.Diagnostics.ni.dll 0x04BD0000
Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\197761bb3230bf9d4f540305dcf6717c\System.Configuration.ni.dll 0x60C90000
Library C:\WINDOWS\system32\shfolder.dll 0x76730000
Library C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\diasymreader.dll 0x5E0D0000
Library C:\Programme\Kodak\AiO\Center\Logger.dll 0x10000000
Library C:\WINDOWS\system32\WINMM.dll 0x76AF0000
Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\8ba0620535aa28d509b9397500b7d530\System.Drawing.ni.dll 0x7B1A0000
Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\de3e6b59e3949f8086973d53518a9ecb\System.Windows.Forms.ni.dll 0x7B350000
Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Inkjet.Localization\25656dffe9a855c247bb288f2d204d9f\Inkjet.Localization.ni.dll 0x04C80000
Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\32b515633fcbcc6dad09b9dd09f2fc2f\System.Runtime.Remoting.ni.dll 0x66380000
Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Inkjet.Statistics\83d36c5c44a800ec1880ea8a9b7bd7db\Inkjet.Statistics.ni.dll 0x04E20000
Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Inkjet.Hardware\463e4575df85e896c197618b4c073def\Inkjet.Hardware.ni.dll 0x04E50000
Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Inkjet.DeviceSettin#\d4eee885eacc8998377fbdd51c5609a0\Inkjet.DeviceSettings.ni.dll 0x05030000
Library C:\WINDOWS\system32\msv1_0.dll 0x77C40000
Library C:\WINDOWS\system32\cryptdll.dll 0x76740000
Library C:\WINDOWS\system32\USERENV.dll 0x76620000
Library C:\WINDOWS\system32\appHelp.dll 0x77B10000
Library C:\WINDOWS\System32\cscui.dll 0x779F0000
Library C:\WINDOWS\System32\CSCDLL.dll 0x765A0000
Library C:\WINDOWS\system32\SETUPAPI.dll 0x778F0000
Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.EKAiO2SDKLib\9fe9ee3a09926aa88b59f266ddcc192f\Interop.EKAiO2SDKLib.ni.dll 0x05730000
Library C:\WINDOWS\system32\msi.dll 0x3FDE0000
Process C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation SIGNED)(2009-05-13 19:29:30) 1664
Library C:\WINDOWS\System32\svchost.exe 0x01000000
Library C:\WINDOWS\system32\ntdll.dll 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll 0x7C800000
Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000
Library C:\WINDOWS\System32\ShimEng.dll 0x5CF00000
Library C:\WINDOWS\AppPatch\AcGenral.DLL 0x6FD90000
Library C:\WINDOWS\system32\USER32.dll 0x7E360000
Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000
Library C:\WINDOWS\System32\WINMM.dll 0x76AF0000
Library C:\WINDOWS\system32\ole32.dll 0x774B0000
Library C:\WINDOWS\system32\msvcrt.dll 0x77BE0000
Library C:\WINDOWS\system32\OLEAUT32.dll 0x770F0000
Library C:\WINDOWS\System32\MSACM32.dll 0x77BB0000
Library C:\WINDOWS\system32\VERSION.dll 0x77BD0000
Library C:\WINDOWS\system32\SHELL32.dll 0x7E670000
Library C:\WINDOWS\system32\SHLWAPI.dll 0x77F40000
Library C:\WINDOWS\system32\USERENV.dll 0x76620000
Library C:\WINDOWS\System32\UxTheme.dll 0x5B0F0000
Library C:\WINDOWS\system32\IMM32.DLL 0x76330000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll 0x773A0000
Library C:\WINDOWS\system32\comctl32.dll 0x5D450000
Library C:\WINDOWS\System32\NTMARTA.DLL 0x77660000
Library C:\WINDOWS\System32\SAMLIB.dll 0x71B70000
Library C:\WINDOWS\system32\WLDAP32.dll 0x76F20000
Library C:\WINDOWS\System32\xpsp2res.dll 0x00630000
Library c:\windows\system32\shsvcs.dll 0x776B0000
Library C:\WINDOWS\System32\WINSTA.dll 0x76300000
Library C:\WINDOWS\System32\NETAPI32.dll 0x597D0000
Library C:\WINDOWS\System32\rsaenh.dll 0x68000000
Library c:\windows\system32\dhcpcsvc.dll 0x7D4C0000
Library c:\windows\system32\DNSAPI.dll 0x76EE0000
Library c:\windows\system32\WS2_32.dll 0x71A10000
Library c:\windows\system32\WS2HELP.dll 0x71A00000
Library c:\windows\system32\iphlpapi.dll 0x76D20000
Library c:\windows\system32\wzcsvc.dll 0x7DB20000
Library c:\windows\system32\rtutils.dll 0x76E40000
Library c:\windows\system32\WMI.dll 0x76CF0000
Library c:\windows\system32\CRYPT32.dll 0x77A50000
Library c:\windows\system32\MSASN1.dll 0x77AF0000
Library c:\windows\system32\EapolQec.dll 0x745C0000
Library c:\windows\system32\ATL.DLL 0x76AD0000
Library c:\windows\system32\QUtil.dll 0x61900000
Library c:\windows\system32\MSVCP60.dll 0x76020000
Library c:\windows\system32\dot3api.dll 0x5F8F0000
Library c:\windows\system32\WTSAPI32.dll 0x76F10000
Library c:\windows\system32\ESENT.dll 0x5E200000
Library C:\WINDOWS\System32\CLBCATQ.DLL 0x76F90000
Library C:\WINDOWS\System32\COMRes.dll 0x77010000
Library C:\WINDOWS\System32\rastls.dll 0x7D4F0000
Library C:\WINDOWS\System32\CRYPTUI.dll 0x76880000
Library C:\WINDOWS\system32\WININET.dll 0x408B0000
Library C:\WINDOWS\system32\Normaliz.dll 0x00E90000
Library C:\WINDOWS\system32\urlmon.dll 0x452E0000
Library C:\WINDOWS\system32\iertutil.dll 0x40F50000
Library C:\WINDOWS\System32\WINTRUST.dll 0x76BF0000
Library C:\WINDOWS\system32\IMAGEHLP.dll 0x76C50000
Library C:\WINDOWS\System32\MPRAPI.dll 0x76D00000
Library C:\WINDOWS\System32\ACTIVEDS.dll 0x77C90000
Library C:\WINDOWS\System32\adsldpc.dll 0x76DD0000
Library C:\WINDOWS\System32\SETUPAPI.dll 0x778F0000
Library C:\WINDOWS\System32\RASAPI32.dll 0x76EA0000
Library C:\WINDOWS\System32\rasman.dll 0x76E50000
Library C:\WINDOWS\System32\TAPI32.dll 0x76E70000
Library C:\WINDOWS\System32\SCHANNEL.dll 0x767A0000
Library C:\WINDOWS\System32\WinSCard.dll 0x72360000
Library C:\WINDOWS\System32\PSAPI.DLL 0x76BB0000
Library C:\WINDOWS\System32\raschap.dll 0x76CA0000
Library C:\WINDOWS\system32\msv1_0.dll 0x77C40000
Library C:\WINDOWS\System32\cryptdll.dll 0x76740000
Library C:\WINDOWS\System32\WZCSAPI.DLL 0x72FA0000
Library c:\windows\system32\schedsvc.dll 0x76B20000
Library c:\windows\system32\NTDSAPI.dll 0x76750000
Library C:\WINDOWS\System32\MSIDLE.DLL 0x74ED0000
Library c:\windows\system32\audiosrv.dll 0x70DC0000
Library c:\windows\system32\wkssvc.dll 0x76E00000
Library c:\windows\system32\cryptsvc.dll 0x76CD0000
Library c:\windows\system32\certcli.dll 0x752D0000
Library c:\windows\system32\ersvc.dll 0x74F00000
Library c:\windows\system32\es.dll 0x776E0000
Library c:\windows\pchealth\helpctr\binaries\pchsvc.dll 0x74EC0000
Library c:\windows\system32\hidserv.dll 0x68D80000
Library c:\windows\system32\HID.DLL 0x68D90000
Library c:\windows\system32\srvsvc.dll 0x75010000
Library c:\windows\system32\netman.dll 0x77CD0000
Library c:\windows\system32\netshell.dll 0x763A0000
Library c:\windows\system32\credui.dll 0x76BC0000
Library c:\windows\system32\dot3dlg.dll 0x71260000
Library c:\windows\system32\OneX.DLL 0x72760000
Library c:\windows\system32\eappcfg.dll 0x6DB40000
Library c:\windows\system32\eappprxy.dll 0x47700000
Library c:\windows\system32\seclogon.dll 0x73C90000
Library c:\windows\system32\sens.dll 0x72260000
Library C:\WINDOWS\System32\SXS.DLL 0x76970000
Library c:\windows\system32\srsvc.dll 0x75120000
Library c:\windows\system32\POWRPROF.dll 0x74A50000
Library c:\windows\system32\trkwks.dll 0x74FF0000
Library c:\windows\system32\w32time.dll 0x76770000
Library c:\windows\system32\wbem\wmisvc.dll 0x4F110000
Library C:\WINDOWS\system32\VSSAPI.DLL 0x75360000
Library c:\windows\system32\wuauserv.dll 0x50000000
Library C:\WINDOWS\system32\wuaueng.dll 0x50040000
Library C:\WINDOWS\System32\WINSPOOL.DRV 0x72F70000
Library C:\WINDOWS\System32\WINHTTP.dll 0x4D5C0000
Library C:\WINDOWS\System32\Cabinet.dll 0x750D0000
Library C:\WINDOWS\System32\mspatcha.dll 0x604A0000
Library C:\WINDOWS\system32\mswsock.dll 0x719B0000
Library C:\WINDOWS\System32\hnetcfg.dll 0x66710000
Library c:\windows\system32\ipnathlp.dll 0x668D0000
Library c:\windows\system32\AUTHZ.dll 0x77690000
Library C:\WINDOWS\System32\wshtcpip.dll 0x719F0000
Library c:\windows\system32\wscsvc.dll 0x4C170000
Library c:\windows\system32\msi.dll 0x3FDE0000
Library C:\WINDOWS\system32\wbem\wbemcomn.dll 0x75210000
Library C:\WINDOWS\System32\sfc.dll 0x76B60000
Library C:\WINDOWS\System32\sfc_os.dll 0x76C20000
Library C:\WINDOWS\system32\wbem\wbemcore.dll 0x76260000
Library C:\WINDOWS\system32\wbem\esscli.dll 0x75290000
Library C:\WINDOWS\system32\wbem\FastProx.dll 0x75620000
Library C:\WINDOWS\system32\wbem\wbemsvc.dll 0x74E50000
Library C:\WINDOWS\system32\wbem\wmiutils.dll 0x74FA0000
Library C:\WINDOWS\system32\Apphelp.dll 0x77B10000
Library C:\WINDOWS\system32\wbem\repdrvfs.dll 0x75180000
Library C:\WINDOWS\system32\comsvcs.dll 0x76090000
Library C:\WINDOWS\system32\colbact.DLL 0x750B0000
Library C:\WINDOWS\system32\MTXCLU.DLL 0x75070000
Library C:\WINDOWS\system32\WSOCK32.dll 0x71A30000
Library C:\WINDOWS\System32\CLUSAPI.DLL 0x76D60000
Library C:\WINDOWS\System32\RESUTILS.DLL 0x75030000
Library C:\WINDOWS\system32\wbem\wmiprvsd.dll 0x42160000
Library C:\WINDOWS\system32\NCObjAPI.DLL 0x5FB60000
Library C:\WINDOWS\system32\wbem\wbemess.dll 0x75310000
Library C:\WINDOWS\system32\wbem\ncprov.dll 0x5FB30000
Library C:\WINDOWS\system32\wups2.dll 0x50F00000
Library C:\WINDOWS\system32\upnp.dll 0x76DA0000
Library C:\WINDOWS\system32\SSDPAPI.dll 0x74E80000
Library C:\WINDOWS\system32\netcfgx.dll 0x75580000
Library C:\WINDOWS\System32\rasmans.dll 0x7DEE0000
Library C:\WINDOWS\System32\WINIPSEC.DLL 0x742E0000
Library C:\WINDOWS\System32\rasadhlp.dll 0x76F80000
Library c:\windows\system32\tapisrv.dll 0x73350000
Library C:\WINDOWS\System32\rastapi.dll 0x75490000
Library C:\WINDOWS\System32\unimdm.tsp 0x58030000
Library C:\WINDOWS\System32\uniplat.dll 0x71F90000
Library C:\WINDOWS\System32\kmddsp.tsp 0x580B0000
Library C:\WINDOWS\System32\ndptsp.tsp 0x58090000
Library C:\WINDOWS\System32\ipconf.tsp 0x580C0000
Library C:\WINDOWS\System32\h323.tsp 0x580E0000
Library C:\WINDOWS\System32\hidphone.tsp 0x580D0000
Library C:\WINDOWS\System32\rasppp.dll 0x721D0000
Library C:\WINDOWS\System32\ntlsapi.dll 0x72420000
Library C:\WINDOWS\system32\kerberos.dll 0x71C70000
Library C:\WINDOWS\System32\RASQEC.DLL 0x4DB70000
Library C:\WINDOWS\System32\RASDLG.dll 0x754D0000
Library C:\WINDOWS\system32\msxml3.dll 0x74900000
Library C:\WINDOWS\system32\qmgrprxy.dll 0x5E190000
Library C:\WINDOWS\System32\dssenh.dll 0x68100000
|
|
09.04.2013, 17:58
| #13 |
| | Beim Versuch Wiso Steuer 2011 zu deinstallieren werden alle Programme in Start gelöscht! .... Code:
ATTFilter Process C:\WINDOWS\system32\winlogon.exe (Windows NT-Anmeldung/Microsoft Corporation SIGNED)(2009-05-13 19:29:31) 1748
Library C:\WINDOWS\system32\winlogon.exe 0x01000000
Library C:\WINDOWS\system32\ntdll.dll 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll 0x7C800000
Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000
Library C:\WINDOWS\system32\AUTHZ.dll 0x77690000
Library C:\WINDOWS\system32\msvcrt.dll 0x77BE0000
Library C:\WINDOWS\system32\CRYPT32.dll 0x77A50000
Library C:\WINDOWS\system32\MSASN1.dll 0x77AF0000
Library C:\WINDOWS\system32\USER32.dll 0x7E360000
Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000
Library C:\WINDOWS\system32\NDdeApi.dll 0x758E0000
Library C:\WINDOWS\system32\PROFMAP.dll 0x758D0000
Library C:\WINDOWS\system32\NETAPI32.dll 0x597D0000
Library C:\WINDOWS\system32\USERENV.dll 0x76620000
Library C:\WINDOWS\system32\PSAPI.DLL 0x76BB0000
Library C:\WINDOWS\system32\REGAPI.dll 0x76B70000
Library C:\WINDOWS\system32\SETUPAPI.dll 0x778F0000
Library C:\WINDOWS\system32\VERSION.dll 0x77BD0000
Library C:\WINDOWS\system32\WINSTA.dll 0x76300000
Library C:\WINDOWS\system32\WINTRUST.dll 0x76BF0000
Library C:\WINDOWS\system32\IMAGEHLP.dll 0x76C50000
Library C:\WINDOWS\system32\WS2_32.dll 0x71A10000
Library C:\WINDOWS\system32\WS2HELP.dll 0x71A00000
Library C:\WINDOWS\system32\IMM32.DLL 0x76330000
Library C:\WINDOWS\system32\MSGINA.dll 0x75910000
Library C:\WINDOWS\system32\COMCTL32.dll 0x5D450000
Library C:\WINDOWS\system32\ODBC32.dll 0x745D0000
Library C:\WINDOWS\system32\comdlg32.dll 0x76350000
Library C:\WINDOWS\system32\SHELL32.dll 0x7E670000
Library C:\WINDOWS\system32\SHLWAPI.dll 0x77F40000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll 0x773A0000
Library C:\WINDOWS\system32\odbcint.dll 0x1F840000
Library C:\WINDOWS\system32\SHSVCS.dll 0x776B0000
Library C:\WINDOWS\system32\sfc.dll 0x76B60000
Library C:\WINDOWS\system32\sfc_os.dll 0x76C20000
Library C:\WINDOWS\system32\ole32.dll 0x774B0000
Library C:\WINDOWS\system32\Apphelp.dll 0x77B10000
Library C:\WINDOWS\system32\msctfime.ime 0x75250000
Library C:\WINDOWS\system32\WINSCARD.DLL 0x72360000
Library C:\WINDOWS\system32\WTSAPI32.dll 0x76F10000
Library C:\WINDOWS\system32\sxs.dll 0x76970000
Library C:\WINDOWS\system32\WINMM.dll 0x76AF0000
Library C:\WINDOWS\system32\uxtheme.dll 0x5B0F0000
Library C:\WINDOWS\system32\cscdll.dll 0x765A0000
Library C:\WINDOWS\System32\dimsntfy.dll 0x47120000
Library C:\WINDOWS\system32\WlNotify.dll 0x758F0000
Library C:\WINDOWS\system32\MPR.dll 0x71A80000
Library C:\WINDOWS\system32\WINSPOOL.DRV 0x72F70000
Library C:\WINDOWS\system32\rsaenh.dll 0x68000000
Library C:\WINDOWS\system32\SAMLIB.dll 0x71B70000
Library C:\WINDOWS\system32\msv1_0.dll 0x77C40000
Library C:\WINDOWS\system32\cryptdll.dll 0x76740000
Library C:\WINDOWS\system32\iphlpapi.dll 0x76D20000
Library C:\WINDOWS\system32\cscui.dll 0x779F0000
Library C:\WINDOWS\system32\xpsp2res.dll 0x012C0000
Library C:\WINDOWS\system32\NTMARTA.DLL 0x77660000
Library C:\WINDOWS\system32\WLDAP32.dll 0x76F20000
Library C:\WINDOWS\system32\wdmaud.drv 0x72C90000
Library C:\WINDOWS\system32\msacm32.drv 0x72C80000
Library C:\WINDOWS\system32\MSACM32.dll 0x77BB0000
Library C:\WINDOWS\system32\midimap.dll 0x77BA0000
Library C:\WINDOWS\system32\COMRes.dll 0x77010000
Library C:\WINDOWS\system32\OLEAUT32.dll 0x770F0000
Library C:\WINDOWS\system32\CLBCATQ.DLL 0x76F90000
Process C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation SIGNED)(2009-05-13 19:29:30) 1780
Library C:\WINDOWS\system32\svchost.exe 0x01000000
Library C:\WINDOWS\system32\ntdll.dll 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll 0x7C800000
Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000
Library C:\WINDOWS\system32\ShimEng.dll 0x5CF00000
Library C:\WINDOWS\AppPatch\AcGenral.DLL 0x6FD90000
Library C:\WINDOWS\system32\USER32.dll 0x7E360000
Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000
Library C:\WINDOWS\system32\WINMM.dll 0x76AF0000
Library C:\WINDOWS\system32\ole32.dll 0x774B0000
Library C:\WINDOWS\system32\msvcrt.dll 0x77BE0000
Library C:\WINDOWS\system32\OLEAUT32.dll 0x770F0000
Library C:\WINDOWS\system32\MSACM32.dll 0x77BB0000
Library C:\WINDOWS\system32\VERSION.dll 0x77BD0000
Library C:\WINDOWS\system32\SHELL32.dll 0x7E670000
Library C:\WINDOWS\system32\SHLWAPI.dll 0x77F40000
Library C:\WINDOWS\system32\USERENV.dll 0x76620000
Library C:\WINDOWS\system32\UxTheme.dll 0x5B0F0000
Library C:\WINDOWS\system32\IMM32.DLL 0x76330000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll 0x773A0000
Library C:\WINDOWS\system32\comctl32.dll 0x5D450000
Library c:\windows\system32\wudfsvc.dll 0x00670000
Library c:\windows\system32\SETUPAPI.dll 0x778F0000
Library c:\windows\system32\WUDFPlatform.dll 0x00680000
Library C:\WINDOWS\system32\WINTRUST.dll 0x76BF0000
Library C:\WINDOWS\system32\CRYPT32.dll 0x77A50000
Library C:\WINDOWS\system32\MSASN1.dll 0x77AF0000
Library C:\WINDOWS\system32\IMAGEHLP.dll 0x76C50000
Process C:\WINDOWS\system32\services.exe (Anwendung für Dienste und Controller/Microsoft Corporation SIGNED)(2009-05-13 19:29:28) 1832
Library C:\WINDOWS\system32\services.exe 0x01000000
Library C:\WINDOWS\system32\ntdll.dll 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll 0x7C800000
Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000
Library C:\WINDOWS\system32\msvcrt.dll 0x77BE0000
Library C:\WINDOWS\system32\NCObjAPI.DLL 0x5FB60000
Library C:\WINDOWS\system32\MSVCP60.dll 0x76020000
Library C:\WINDOWS\system32\SCESRV.dll 0x77B40000
Library C:\WINDOWS\system32\AUTHZ.dll 0x77690000
Library C:\WINDOWS\system32\USER32.dll 0x7E360000
Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000
Library C:\WINDOWS\system32\USERENV.dll 0x76620000
Library C:\WINDOWS\system32\umpnpmgr.dll 0x7DBB0000
Library C:\WINDOWS\system32\WINSTA.dll 0x76300000
Library C:\WINDOWS\system32\NETAPI32.dll 0x597D0000
Library C:\WINDOWS\system32\ShimEng.dll 0x5CF00000
Library C:\WINDOWS\AppPatch\AcAdProc.dll 0x47440000
Library C:\WINDOWS\system32\IMM32.DLL 0x76330000
Library C:\WINDOWS\system32\Apphelp.dll 0x77B10000
Library C:\WINDOWS\system32\VERSION.dll 0x77BD0000
Library C:\WINDOWS\system32\eventlog.dll 0x772D0000
Library C:\WINDOWS\system32\PSAPI.DLL 0x76BB0000
Library C:\WINDOWS\system32\WS2_32.dll 0x71A10000
Library C:\WINDOWS\system32\WS2HELP.dll 0x71A00000
Library C:\WINDOWS\system32\wtsapi32.dll 0x76F10000
Process C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation SIGNED)(2009-05-13 19:29:23) 1844
Library C:\WINDOWS\system32\lsass.exe 0x01000000
Library C:\WINDOWS\system32\ntdll.dll 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll 0x7C800000
Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000
Library C:\WINDOWS\system32\LSASRV.dll 0x753D0000
Library C:\WINDOWS\system32\MPR.dll 0x71A80000
Library C:\WINDOWS\system32\USER32.dll 0x7E360000
Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000
Library C:\WINDOWS\system32\MSASN1.dll 0x77AF0000
Library C:\WINDOWS\system32\msvcrt.dll 0x77BE0000
Library C:\WINDOWS\system32\NETAPI32.dll 0x597D0000
Library C:\WINDOWS\system32\NTDSAPI.dll 0x76750000
Library C:\WINDOWS\system32\DNSAPI.dll 0x76EE0000
Library C:\WINDOWS\system32\WS2_32.dll 0x71A10000
Library C:\WINDOWS\system32\WS2HELP.dll 0x71A00000
Library C:\WINDOWS\system32\WLDAP32.dll 0x76F20000
Library C:\WINDOWS\system32\SAMLIB.dll 0x71B70000
Library C:\WINDOWS\system32\SAMSRV.dll 0x743C0000
Library C:\WINDOWS\system32\cryptdll.dll 0x76740000
Library C:\WINDOWS\system32\ShimEng.dll 0x5CF00000
Library C:\WINDOWS\AppPatch\AcGenral.DLL 0x6FD90000
Library C:\WINDOWS\system32\WINMM.dll 0x76AF0000
Library C:\WINDOWS\system32\ole32.dll 0x774B0000
Library C:\WINDOWS\system32\OLEAUT32.dll 0x770F0000
Library C:\WINDOWS\system32\MSACM32.dll 0x77BB0000
Library C:\WINDOWS\system32\VERSION.dll 0x77BD0000
Library C:\WINDOWS\system32\SHELL32.dll 0x7E670000
Library C:\WINDOWS\system32\SHLWAPI.dll 0x77F40000
Library C:\WINDOWS\system32\USERENV.dll 0x76620000
Library C:\WINDOWS\system32\UxTheme.dll 0x5B0F0000
Library C:\WINDOWS\system32\IMM32.DLL 0x76330000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll 0x773A0000
Library C:\WINDOWS\system32\comctl32.dll 0x5D450000
Library C:\WINDOWS\system32\msprivs.dll 0x4D200000
Library C:\WINDOWS\system32\kerberos.dll 0x71C70000
Library C:\WINDOWS\system32\msv1_0.dll 0x77C40000
Library C:\WINDOWS\system32\iphlpapi.dll 0x76D20000
Library C:\WINDOWS\system32\netlogon.dll 0x74430000
Library C:\WINDOWS\system32\w32time.dll 0x76770000
Library C:\WINDOWS\system32\MSVCP60.dll 0x76020000
Library C:\WINDOWS\system32\schannel.dll 0x767A0000
Library C:\WINDOWS\system32\CRYPT32.dll 0x77A50000
Library C:\WINDOWS\system32\wdigest.dll 0x7F000000
Library C:\WINDOWS\system32\rsaenh.dll 0x68000000
Library C:\WINDOWS\system32\setupapi.dll 0x778F0000
Library C:\WINDOWS\system32\scecli.dll 0x7D520000
Library C:\WINDOWS\system32\ipsecsvc.dll 0x74350000
Library C:\WINDOWS\system32\AUTHZ.dll 0x77690000
Library C:\WINDOWS\system32\oakley.DLL 0x756C0000
Library C:\WINDOWS\system32\WINIPSEC.DLL 0x742E0000
Library C:\WINDOWS\system32\mswsock.dll 0x719B0000
Library C:\WINDOWS\system32\hnetcfg.dll 0x66710000
Library C:\WINDOWS\system32\pstorsvc.dll 0x74310000
Library C:\WINDOWS\system32\psbase.dll 0x74330000
Library C:\WINDOWS\System32\wshtcpip.dll 0x719F0000
Library C:\WINDOWS\system32\dssenh.dll 0x68100000
Process C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype C2C Service/Skype Technologies S.A. SIGNED)(2012-10-02 11:13:44) 1892
Library C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe 0x00400000
Library C:\WINDOWS\system32\ntdll.dll 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll 0x7C800000
Library C:\WINDOWS\system32\msi.dll 0x3FDE0000
Library C:\WINDOWS\system32\msvcrt.dll 0x77BE0000
Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000
Library C:\WINDOWS\system32\USER32.dll 0x7E360000
Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000
Library C:\WINDOWS\system32\ole32.dll 0x774B0000
Library C:\WINDOWS\system32\SHELL32.dll 0x7E670000
Library C:\WINDOWS\system32\SHLWAPI.dll 0x77F40000
Library C:\WINDOWS\system32\IPHLPAPI.DLL 0x76D20000
Library C:\WINDOWS\system32\WS2_32.dll 0x71A10000
Library C:\WINDOWS\system32\WS2HELP.dll 0x71A00000
Library C:\WINDOWS\system32\WINTRUST.dll 0x76BF0000
Library C:\WINDOWS\system32\CRYPT32.dll 0x77A50000
Library C:\WINDOWS\system32\MSASN1.dll 0x77AF0000
Library C:\WINDOWS\system32\IMAGEHLP.dll 0x76C50000
Library C:\WINDOWS\system32\WINHTTP.dll 0x4D5C0000
Library C:\WINDOWS\system32\VERSION.dll 0x77BD0000
Library C:\WINDOWS\system32\IMM32.DLL 0x76330000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll 0x773A0000
Library C:\WINDOWS\system32\comctl32.dll 0x5D450000
Library C:\WINDOWS\system32\uxtheme.dll 0x5B0F0000
Library C:\WINDOWS\system32\CLBCATQ.DLL 0x76F90000
Library C:\WINDOWS\system32\COMRes.dll 0x77010000
Library C:\WINDOWS\system32\OLEAUT32.dll 0x770F0000
Library C:\WINDOWS\system32\xpsp2res.dll 0x011F0000
Library C:\WINDOWS\system32\qmgrprxy.dll 0x5E190000
Process C:\WINDOWS\system32\hkcmd.exe (hkcmd Module/Intel Corporation SIGNED)(2009-05-13 20:17:48) 2148
Library C:\WINDOWS\system32\hkcmd.exe 0x00400000
Library C:\WINDOWS\system32\ntdll.dll 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll 0x7C800000
Library C:\WINDOWS\system32\hccutils.DLL 0x10000000
Library C:\WINDOWS\system32\USER32.dll 0x7E360000
Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000
Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000
Library C:\WINDOWS\system32\ole32.dll 0x774B0000
Library C:\WINDOWS\system32\msvcrt.dll 0x77BE0000
Library C:\WINDOWS\system32\OLEAUT32.dll 0x770F0000
Library C:\WINDOWS\system32\SHELL32.dll 0x7E670000
Library C:\WINDOWS\system32\SHLWAPI.dll 0x77F40000
Library C:\WINDOWS\system32\IMM32.DLL 0x76330000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll 0x773A0000
Library C:\WINDOWS\system32\comctl32.dll 0x5D450000
Library C:\WINDOWS\system32\uxtheme.dll 0x5B0F0000
Library C:\WINDOWS\system32\CLBCATQ.DLL 0x76F90000
Library C:\WINDOWS\system32\COMRes.dll 0x77010000
Library C:\WINDOWS\system32\VERSION.dll 0x77BD0000
Library C:\WINDOWS\system32\xpsp2res.dll 0x00960000
Library C:\WINDOWS\system32\igfxsrvc.dll 0x00F40000
Library C:\WINDOWS\system32\msctfime.ime 0x75250000
Library C:\WINDOWS\system32\igfxres.dll 0x00F80000
Library C:\WINDOWS\system32\MSCTF.dll 0x746A0000
Process C:\WINDOWS\system32\igfxtray.exe (igfxTray Module/Intel Corporation SIGNED)(2009-05-13 20:17:50) 2228
Library C:\WINDOWS\system32\igfxtray.exe 0x00400000
Library C:\WINDOWS\system32\ntdll.dll 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll 0x7C800000
Library C:\WINDOWS\system32\hccutils.DLL 0x10000000
Library C:\WINDOWS\system32\USER32.dll 0x7E360000
Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000
Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000
Library C:\WINDOWS\system32\ole32.dll 0x774B0000
Library C:\WINDOWS\system32\msvcrt.dll 0x77BE0000
Library C:\WINDOWS\system32\OLEAUT32.dll 0x770F0000
Library C:\WINDOWS\system32\SHELL32.dll 0x7E670000
Library C:\WINDOWS\system32\SHLWAPI.dll 0x77F40000
Library C:\WINDOWS\system32\IMM32.DLL 0x76330000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll 0x773A0000
Library C:\WINDOWS\system32\comctl32.dll 0x5D450000
Library C:\WINDOWS\system32\uxtheme.dll 0x5B0F0000
Library C:\WINDOWS\system32\msctfime.ime 0x75250000
Library C:\WINDOWS\system32\CLBCATQ.DLL 0x76F90000
Library C:\WINDOWS\system32\COMRes.dll 0x77010000
Library C:\WINDOWS\system32\VERSION.dll 0x77BD0000
Library C:\WINDOWS\system32\xpsp2res.dll 0x00970000
Library C:\WINDOWS\system32\igfxsrvc.dll 0x00F50000
Library C:\WINDOWS\system32\igfxres.dll 0x00F70000
Library C:\WINDOWS\system32\igfxress.dll 0x00FB0000
Library C:\WINDOWS\system32\MSCTF.dll 0x746A0000
Process C:\Programme\Kodak\KODAK Share Button App\Listener.exe (Camera detection stub/Eastman Kodak Company)(2012-10-11 14:15:04) 2344
Library C:\Programme\Kodak\KODAK Share Button App\Listener.exe 0x00400000
Library C:\WINDOWS\system32\ntdll.dll 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll 0x7C800000
Library C:\WINDOWS\system32\USER32.dll 0x7E360000
Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000
Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000
Library C:\WINDOWS\system32\SHELL32.dll 0x7E670000
Library C:\WINDOWS\system32\msvcrt.dll 0x77BE0000
Library C:\WINDOWS\system32\SHLWAPI.dll 0x77F40000
Library C:\WINDOWS\system32\ole32.dll 0x774B0000
Library C:\WINDOWS\system32\OLEAUT32.dll 0x770F0000
Library C:\WINDOWS\system32\CFGMGR32.dll 0x74A60000
Library C:\WINDOWS\system32\setupapi.dll 0x778F0000
Library C:\WINDOWS\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_92453bb7\ATL90.DLL 0x78E20000
Library C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCP90.dll 0x78480000
Library C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCR90.dll 0x78520000
Library C:\WINDOWS\system32\WTSAPI32.dll 0x76F10000
Library C:\WINDOWS\system32\WINSTA.dll 0x76300000
Library C:\WINDOWS\system32\NETAPI32.dll 0x597D0000
Library C:\WINDOWS\system32\USERENV.dll 0x76620000
Library C:\WINDOWS\system32\IMM32.DLL 0x76330000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll 0x773A0000
Library C:\WINDOWS\system32\comctl32.dll 0x5D450000
Library C:\WINDOWS\system32\uxtheme.dll 0x5B0F0000
Library C:\WINDOWS\system32\msctfime.ime 0x75250000
Library C:\WINDOWS\system32\xpsp2res.dll 0x00950000
Library C:\WINDOWS\system32\WINTRUST.dll 0x76BF0000
Library C:\WINDOWS\system32\CRYPT32.dll 0x77A50000
Library C:\WINDOWS\system32\MSASN1.dll 0x77AF0000
Library C:\WINDOWS\system32\IMAGEHLP.dll 0x76C50000
Library C:\WINDOWS\system32\CLBCATQ.DLL 0x76F90000
Library C:\WINDOWS\system32\COMRes.dll 0x77010000
Library C:\WINDOWS\system32\VERSION.dll 0x77BD0000
Library C:\WINDOWS\system32\MSCTF.dll 0x746A0000
|
|
09.04.2013, 17:59
| #14 |
| | Beim Versuch Wiso Steuer 2011 zu deinstallieren werden alle Programme in Start gelöscht! ..... Code:
ATTFilter Process C:\Programme\EeePC\ACPI\AsAcpiSvr.exe (Asus Eee PC ACPI Service/ASUSTeK Computer Inc.)(2009-05-13 20:31:07) 2388
Library C:\Programme\EeePC\ACPI\AsAcpiSvr.exe 0x00400000
Library C:\WINDOWS\system32\ntdll.dll 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll 0x7C800000
Library C:\WINDOWS\system32\USER32.dll 0x7E360000
Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000
Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000
Library C:\WINDOWS\system32\SHELL32.dll 0x7E670000
Library C:\WINDOWS\system32\msvcrt.dll 0x77BE0000
Library C:\WINDOWS\system32\SHLWAPI.dll 0x77F40000
Library C:\WINDOWS\system32\ole32.dll 0x774B0000
Library C:\WINDOWS\system32\OLEAUT32.dll 0x770F0000
Library C:\WINDOWS\system32\WINMM.dll 0x76AF0000
Library C:\WINDOWS\system32\WTSAPI32.dll 0x76F10000
Library C:\WINDOWS\system32\WINSTA.dll 0x76300000
Library C:\WINDOWS\system32\NETAPI32.dll 0x597D0000
Library C:\WINDOWS\system32\SETUPAPI.dll 0x778F0000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\gdiplus.dll 0x4EBA0000
Library C:\WINDOWS\system32\IMM32.DLL 0x76330000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll 0x773A0000
Library C:\WINDOWS\system32\comctl32.dll 0x5D450000
Library C:\WINDOWS\system32\uxtheme.dll 0x5B0F0000
Library C:\WINDOWS\system32\msctfime.ime 0x75250000
Library C:\WINDOWS\system32\WINTRUST.dll 0x76BF0000
Library C:\WINDOWS\system32\CRYPT32.dll 0x77A50000
Library C:\WINDOWS\system32\MSASN1.dll 0x77AF0000
Library C:\WINDOWS\system32\IMAGEHLP.dll 0x76C50000
Library C:\WINDOWS\system32\wdmaud.drv 0x72C90000
Library C:\WINDOWS\system32\msacm32.drv 0x72C80000
Library C:\WINDOWS\system32\MSACM32.dll 0x77BB0000
Library C:\WINDOWS\system32\midimap.dll 0x77BA0000
Library C:\WINDOWS\system32\CLBCATQ.DLL 0x76F90000
Library C:\WINDOWS\system32\COMRes.dll 0x77010000
Library C:\WINDOWS\system32\VERSION.dll 0x77BD0000
Library C:\WINDOWS\system32\xpsp2res.dll 0x00ED0000
Library C:\WINDOWS\system32\IGFXEXPS.DLL 0x10000000
Library C:\WINDOWS\system32\MSCTF.dll 0x746A0000
Process C:\WINDOWS\system32\igfxsrvc.exe (igfxsrvc Module/Intel Corporation SIGNED)(2009-05-13 20:17:48) 2396
Library C:\WINDOWS\system32\igfxsrvc.exe 0x00400000
Library C:\WINDOWS\system32\ntdll.dll 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll 0x7C800000
Library C:\WINDOWS\system32\USER32.dll 0x7E360000
Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000
Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000
Library C:\WINDOWS\system32\ole32.dll 0x774B0000
Library C:\WINDOWS\system32\msvcrt.dll 0x77BE0000
Library C:\WINDOWS\system32\OLEAUT32.dll 0x770F0000
Library C:\WINDOWS\system32\IMM32.DLL 0x76330000
Library C:\WINDOWS\system32\uxtheme.dll 0x5B0F0000
Library C:\WINDOWS\system32\CLBCATQ.DLL 0x76F90000
Library C:\WINDOWS\system32\COMRes.dll 0x77010000
Library C:\WINDOWS\system32\VERSION.dll 0x77BD0000
Library C:\WINDOWS\system32\xpsp2res.dll 0x00A20000
Library C:\WINDOWS\system32\igfxsrvc.dll 0x10000000
Library C:\WINDOWS\system32\igfxdev.dll 0x01100000
Library C:\WINDOWS\system32\NTMARTA.DLL 0x77660000
Library C:\WINDOWS\system32\SAMLIB.dll 0x71B70000
Library C:\WINDOWS\system32\WLDAP32.dll 0x76F20000
Library C:\WINDOWS\system32\MSCTF.dll 0x746A0000
Process C:\Programme\EeePC\ACPI\AsEPCMon.exe (AsEPCMon/ASUSTeK Computer Inc.)(2009-05-13 20:31:07) 2400
Library C:\Programme\EeePC\ACPI\AsEPCMon.exe 0x00400000
Library C:\WINDOWS\system32\ntdll.dll 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll 0x7C800000
Library C:\WINDOWS\system32\USER32.dll 0x7E360000
Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000
Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000
Library C:\WINDOWS\system32\IMM32.DLL 0x76330000
Library C:\WINDOWS\system32\uxtheme.dll 0x5B0F0000
Library C:\WINDOWS\system32\msvcrt.dll 0x77BE0000
Library C:\WINDOWS\system32\msctfime.ime 0x75250000
Library C:\WINDOWS\system32\ole32.dll 0x774B0000
Library C:\WINDOWS\system32\MSCTF.dll 0x746A0000
Process C:\Programme\EeePC\ACPI\AsTray.exe (Eee PC Tray Utility/ASUSTeK Computer Inc.)(2009-05-13 20:31:07) 2568
Library C:\Programme\EeePC\ACPI\AsTray.exe 0x00400000
Library C:\WINDOWS\system32\ntdll.dll 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll 0x7C800000
Library C:\WINDOWS\system32\USER32.dll 0x7E360000
Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000
Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000
Library C:\WINDOWS\system32\SHELL32.dll 0x7E670000
Library C:\WINDOWS\system32\msvcrt.dll 0x77BE0000
Library C:\WINDOWS\system32\SHLWAPI.dll 0x77F40000
Library C:\WINDOWS\system32\ole32.dll 0x774B0000
Library C:\WINDOWS\system32\OLEAUT32.dll 0x770F0000
Library C:\WINDOWS\system32\WTSAPI32.dll 0x76F10000
Library C:\WINDOWS\system32\WINSTA.dll 0x76300000
Library C:\WINDOWS\system32\NETAPI32.dll 0x597D0000
Library C:\WINDOWS\system32\SETUPAPI.dll 0x778F0000
Library C:\WINDOWS\system32\IMM32.DLL 0x76330000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll 0x773A0000
Library C:\WINDOWS\system32\comctl32.dll 0x5D450000
Library C:\WINDOWS\system32\uxtheme.dll 0x5B0F0000
Library C:\WINDOWS\system32\msctfime.ime 0x75250000
Library C:\WINDOWS\system32\WINTRUST.dll 0x76BF0000
Library C:\WINDOWS\system32\CRYPT32.dll 0x77A50000
Library C:\WINDOWS\system32\MSASN1.dll 0x77AF0000
Library C:\WINDOWS\system32\IMAGEHLP.dll 0x76C50000
Library C:\WINDOWS\system32\CLBCATQ.DLL 0x76F90000
Library C:\WINDOWS\system32\COMRes.dll 0x77010000
Library C:\WINDOWS\system32\VERSION.dll 0x77BD0000
Library C:\WINDOWS\system32\xpsp2res.dll 0x00B50000
Library C:\WINDOWS\system32\IGFXEXPS.DLL 0x10000000
Library C:\WINDOWS\system32\MSCTF.dll 0x746A0000
Process C:\Programme\Synaptics\SynTP\SynTPEnh.exe (Synaptics TouchPad Enhancements/Synaptics Incorporated SIGNED)(2009-05-13 20:31:35) 2608
Library C:\Programme\Synaptics\SynTP\SynTPEnh.exe 0x00400000
Library C:\WINDOWS\system32\ntdll.dll 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll 0x7C800000
Library C:\WINDOWS\system32\VERSION.dll 0x77BD0000
Library C:\WINDOWS\system32\WINMM.dll 0x76AF0000
Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000
Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000
Library C:\WINDOWS\system32\USER32.dll 0x7E360000
Library C:\WINDOWS\system32\PSAPI.DLL 0x76BB0000
Library C:\WINDOWS\system32\comdlg32.dll 0x76350000
Library C:\WINDOWS\system32\COMCTL32.dll 0x5D450000
Library C:\WINDOWS\system32\SHELL32.dll 0x7E670000
Library C:\WINDOWS\system32\msvcrt.dll 0x77BE0000
Library C:\WINDOWS\system32\SHLWAPI.dll 0x77F40000
Library C:\WINDOWS\system32\ole32.dll 0x774B0000
Library C:\WINDOWS\system32\OLEAUT32.dll 0x770F0000
Library C:\WINDOWS\system32\IMM32.DLL 0x76330000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll 0x773A0000
Library C:\WINDOWS\system32\uxtheme.dll 0x5B0F0000
Library C:\WINDOWS\system32\CLBCATQ.DLL 0x76F90000
Library C:\WINDOWS\system32\COMRes.dll 0x77010000
Library C:\WINDOWS\system32\SynCOM.dll 0x10000000
Library C:\WINDOWS\system32\msctfime.ime 0x75250000
Library C:\WINDOWS\system32\SynTPAPI.dll 0x63010000
Library C:\WINDOWS\system32\MSCTF.dll 0x746A0000
Process C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation SIGNED)(2009-05-13 19:29:30) 2628
Library C:\WINDOWS\System32\svchost.exe 0x01000000
Library C:\WINDOWS\system32\ntdll.dll 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll 0x7C800000
Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000
Library C:\WINDOWS\System32\ShimEng.dll 0x5CF00000
Library C:\WINDOWS\AppPatch\AcGenral.DLL 0x6FD90000
Library C:\WINDOWS\system32\USER32.dll 0x7E360000
Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000
Library C:\WINDOWS\System32\WINMM.dll 0x76AF0000
Library C:\WINDOWS\system32\ole32.dll 0x774B0000
Library C:\WINDOWS\system32\msvcrt.dll 0x77BE0000
Library C:\WINDOWS\system32\OLEAUT32.dll 0x770F0000
Library C:\WINDOWS\System32\MSACM32.dll 0x77BB0000
Library C:\WINDOWS\system32\VERSION.dll 0x77BD0000
Library C:\WINDOWS\system32\SHELL32.dll 0x7E670000
Library C:\WINDOWS\system32\SHLWAPI.dll 0x77F40000
Library C:\WINDOWS\system32\USERENV.dll 0x76620000
Library C:\WINDOWS\System32\UxTheme.dll 0x5B0F0000
Library C:\WINDOWS\system32\IMM32.DLL 0x76330000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll 0x773A0000
Library C:\WINDOWS\system32\comctl32.dll 0x5D450000
Library C:\WINDOWS\System32\NTMARTA.DLL 0x77660000
Library C:\WINDOWS\System32\SAMLIB.dll 0x71B70000
Library C:\WINDOWS\system32\WLDAP32.dll 0x76F20000
Library C:\WINDOWS\System32\xpsp2res.dll 0x00630000
Library c:\windows\system32\w3ssl.dll 0x5AE00000
Library C:\WINDOWS\System32\strmfilt.dll 0x66E40000
Library C:\WINDOWS\System32\CRYPT32.dll 0x77A50000
Library C:\WINDOWS\System32\MSASN1.dll 0x77AF0000
Library C:\WINDOWS\System32\HTTPAPI.dll 0x67A10000
Library C:\WINDOWS\System32\WS2_32.dll 0x71A10000
Library C:\WINDOWS\System32\WS2HELP.dll 0x71A00000
Process C:\Programme\Nero\Nero 7\InCD\NBHGui.exe (NBH/Nero AG SIGNED)(2007-11-26 12:54:22) 2676
Library C:\Programme\Nero\Nero 7\InCD\NBHGui.exe 0x01000000
Library C:\WINDOWS\system32\ntdll.dll 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll 0x7C800000
Library C:\Programme\Nero\Nero 7\InCD\MFC71.DLL 0x7C140000
Library C:\Programme\Nero\Nero 7\InCD\MSVCR71.dll 0x7C340000
Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000
Library C:\WINDOWS\system32\USER32.dll 0x7E360000
Library C:\WINDOWS\system32\SHLWAPI.dll 0x77F40000
Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000
Library C:\WINDOWS\system32\msvcrt.dll 0x77BE0000
Library C:\Programme\Nero\Nero 7\InCD\MSVCP71.dll 0x7C3A0000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\gdiplus.dll 0x4EBA0000
Library C:\WINDOWS\system32\ole32.dll 0x774B0000
Library C:\WINDOWS\system32\SHELL32.dll 0x7E670000
Library C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\COMCTL32.dll 0x773A0000
Library C:\WINDOWS\system32\OLEAUT32.dll 0x770F0000
Library C:\WINDOWS\system32\VERSION.dll 0x77BD0000
Library C:\WINDOWS\system32\PSAPI.DLL 0x76BB0000
Library C:\WINDOWS\system32\IMM32.DLL 0x76330000
Library C:\WINDOWS\system32\uxtheme.dll 0x5B0F0000
Library C:\Programme\Nero\Nero 7\InCD\NBHStr.dll 0x1C000000
Library C:\Programme\Nero\Nero 7\InCD\NBHApi.dll 0x009B0000
Library C:\WINDOWS\system32\msctfime.ime 0x75250000
Library C:\WINDOWS\system32\MSCTF.dll 0x746A0000
Process C:\Programme\Nero\Nero 7\InCD\InCD.exe (InCD/Nero AG SIGNED)(2007-11-26 12:54:02) 2696
Library C:\Programme\Nero\Nero 7\InCD\InCD.exe 0x01000000
Library C:\WINDOWS\system32\ntdll.dll 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll 0x7C800000
Library C:\Programme\Nero\Nero 7\InCD\MFC71.DLL 0x7C140000
Library C:\Programme\Nero\Nero 7\InCD\MSVCR71.dll 0x7C340000
Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000
Library C:\WINDOWS\system32\USER32.dll 0x7E360000
Library C:\WINDOWS\system32\SHLWAPI.dll 0x77F40000
Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000
Library C:\WINDOWS\system32\msvcrt.dll 0x77BE0000
Library C:\Programme\Nero\Nero 7\InCD\MSVCP71.dll 0x7C3A0000
Library C:\WINDOWS\system32\SHELL32.dll 0x7E670000
Library C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\COMCTL32.dll 0x773A0000
Library C:\WINDOWS\system32\ole32.dll 0x774B0000
Library C:\WINDOWS\system32\MSIMG32.dll 0x76320000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\gdiplus.dll 0x4EBA0000
Library C:\WINDOWS\system32\VERSION.dll 0x77BD0000
Library C:\WINDOWS\system32\IMM32.DLL 0x76330000
Library C:\WINDOWS\system32\uxtheme.dll 0x5B0F0000
Library C:\WINDOWS\system32\RICHED20.DLL 0x74DB0000
Library C:\WINDOWS\system32\msctfime.ime 0x75250000
Library C:\Programme\Nero\Nero 7\InCD\InCDgui.dll 0x1C000000
Library C:\WINDOWS\system32\OLEAUT32.dll 0x770F0000
Library C:\Programme\Gemeinsame Dateien\Ahead\Lib\AdvrCntr2.dll 0x10000000
Library C:\WINDOWS\system32\WININET.dll 0x408B0000
Library C:\WINDOWS\system32\Normaliz.dll 0x00C30000
Library C:\WINDOWS\system32\urlmon.dll 0x452E0000
Library C:\WINDOWS\system32\iertutil.dll 0x40F50000
Library C:\WINDOWS\system32\comdlg32.dll 0x76350000
Library C:\WINDOWS\system32\WINSPOOL.DRV 0x72F70000
Library C:\WINDOWS\system32\Faultrep.dll 0x69900000
Library C:\WINDOWS\system32\USERENV.dll 0x76620000
Library C:\WINDOWS\system32\WINSTA.dll 0x76300000
Library C:\WINDOWS\system32\NETAPI32.dll 0x597D0000
Library C:\WINDOWS\system32\WTSAPI32.dll 0x76F10000
Library C:\WINDOWS\system32\SETUPAPI.dll 0x778F0000
Library C:\WINDOWS\system32\CLBCATQ.DLL 0x76F90000
Library C:\WINDOWS\system32\COMRes.dll 0x77010000
Library C:\Programme\Gemeinsame Dateien\Ahead\Lib\ShellManager.dll 0x00ED0000
Library C:\Programme\Nero\Nero 7\InCD\InCDAPI2.dll 0x01450000
Library C:\WINDOWS\system32\MSCTF.dll 0x746A0000
Process C:\Programme\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe (Nero BackItUp/Nero AG SIGNED)(2007-09-17 07:36:18) 2744
Library C:\Programme\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe 0x00400000
Library C:\WINDOWS\system32\ntdll.dll 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll 0x7C800000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\gdiplus.dll 0x4EBA0000
Library C:\WINDOWS\system32\msvcrt.dll 0x77BE0000
Library C:\WINDOWS\system32\USER32.dll 0x7E360000
Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000
Library C:\WINDOWS\system32\ole32.dll 0x774B0000
Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000
Library C:\Programme\Nero\Nero 7\Nero BackItUp\MFC71U.DLL 0x7C250000
Library C:\Programme\Nero\Nero 7\Nero BackItUp\MSVCR71.dll 0x00340000
Library C:\WINDOWS\system32\SHLWAPI.dll 0x77F40000
Library C:\WINDOWS\system32\SHELL32.dll 0x7E670000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\COMCTL32.dll 0x773A0000
Library C:\WINDOWS\system32\OLEAUT32.dll 0x770F0000
Library C:\Programme\Nero\Nero 7\Nero BackItUp\MSVCP71.dll 0x7C3A0000
Library C:\WINDOWS\system32\VERSION.dll 0x77BD0000
Library C:\WINDOWS\system32\IMM32.DLL 0x76330000
Library C:\Programme\Nero\Nero 7\Nero BackItUp\NBRes.dll 0x10000000
Library C:\Programme\Nero\Nero 7\Nero BackItUp\BackItUp-DEU.NLS 0x00AE0000
Library C:\Programme\Nero\Nero 7\Nero BackItUp\PL2571.dll 0x00B90000
Library C:\WINDOWS\system32\CFGMGR32.dll 0x74A60000
Library C:\WINDOWS\system32\setupapi.dll 0x778F0000
Library C:\WINDOWS\system32\WINTRUST.dll 0x76BF0000
Library C:\WINDOWS\system32\CRYPT32.dll 0x77A50000
Library C:\WINDOWS\system32\MSASN1.dll 0x77AF0000
Library C:\WINDOWS\system32\IMAGEHLP.dll 0x76C50000
Library C:\Programme\Nero\Nero 7\Nero BackItUp\JMUsbDll.dll 0x00DA0000
Library C:\Programme\Nero\Nero 7\Nero BackItUp\PLX507.dll 0x00FB0000
Library C:\Programme\Nero\Nero 7\Nero BackItUp\sp216.dll 0x012E0000
Library C:\WINDOWS\system32\comdlg32.dll 0x76350000
Library C:\WINDOWS\system32\WINSPOOL.DRV 0x72F70000
Library C:\WINDOWS\system32\uxtheme.dll 0x5B0F0000
Library C:\WINDOWS\system32\msctfime.ime 0x75250000
Library C:\WINDOWS\system32\MSCTF.dll 0x746A0000
|
|
09.04.2013, 18:00
| #15 |
| | Beim Versuch Wiso Steuer 2011 zu deinstallieren werden alle Programme in Start gelöscht! .... Code:
ATTFilter Process C:\WINDOWS\RTHDCPL.EXE (Realtek HD Audio Control Panel/Realtek Semiconductor Corp. SIGNED)(2009-05-13 20:26:53) 2760
Library C:\WINDOWS\RTHDCPL.EXE 0x00400000
Library C:\WINDOWS\system32\ntdll.dll 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll 0x7C800000
Library C:\WINDOWS\system32\DSOUND.DLL 0x73E70000
Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000
Library C:\WINDOWS\system32\msvcrt.dll 0x77BE0000
Library C:\WINDOWS\system32\ole32.dll 0x774B0000
Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000
Library C:\WINDOWS\system32\USER32.dll 0x7E360000
Library C:\WINDOWS\system32\VERSION.dll 0x77BD0000
Library C:\WINDOWS\system32\WINMM.dll 0x76AF0000
Library C:\WINDOWS\system32\HHCTRL.OCX 0x7E400000
Library C:\WINDOWS\system32\SHELL32.dll 0x7E670000
Library C:\WINDOWS\system32\SHLWAPI.dll 0x77F40000
Library C:\WINDOWS\system32\COMCTL32.dll 0x5D450000
Library C:\WINDOWS\system32\OLEAUT32.dll 0x770F0000
Library C:\WINDOWS\system32\SETUPAPI.DLL 0x778F0000
Library C:\WINDOWS\system32\MPR.DLL 0x71A80000
Library C:\WINDOWS\system32\WINSPOOL.DRV 0x72F70000
Library C:\WINDOWS\system32\COMDLG32.DLL 0x76350000
Library C:\WINDOWS\system32\IMM32.DLL 0x76330000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll 0x773A0000
Library C:\WINDOWS\system32\mui\0007\HHCTRLui.dll 0x68DA0000
Library C:\WINDOWS\system32\uxtheme.dll 0x5B0F0000
Library C:\WINDOWS\system32\msctfime.ime 0x75250000
Library C:\WINDOWS\system32\WINTRUST.dll 0x76BF0000
Library C:\WINDOWS\system32\CRYPT32.dll 0x77A50000
Library C:\WINDOWS\system32\MSASN1.dll 0x77AF0000
Library C:\WINDOWS\system32\IMAGEHLP.dll 0x76C50000
Library C:\WINDOWS\system32\wdmaud.drv 0x72C90000
Library C:\WINDOWS\system32\msacm32.drv 0x72C80000
Library C:\WINDOWS\system32\MSACM32.dll 0x77BB0000
Library C:\WINDOWS\system32\midimap.dll 0x77BA0000
Library C:\WINDOWS\system32\MSCTF.dll 0x746A0000
Library C:\WINDOWS\system32\KsUser.dll 0x73E40000
Process C:\WINDOWS\system32\wscntfy.exe (Windows Security Center Notification App/Microsoft Corporation SIGNED)(2009-05-13 19:29:31) 3020
Library C:\WINDOWS\system32\wscntfy.exe 0x01000000
Library C:\WINDOWS\system32\ntdll.dll 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll 0x7C800000
Library C:\WINDOWS\system32\msvcrt.dll 0x77BE0000
Library C:\WINDOWS\system32\USER32.dll 0x7E360000
Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000
Library C:\WINDOWS\system32\SHELL32.dll 0x7E670000
Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000
Library C:\WINDOWS\system32\SHLWAPI.dll 0x77F40000
Library C:\WINDOWS\system32\IMM32.DLL 0x76330000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll 0x773A0000
Library C:\WINDOWS\system32\xpsp2res.dll 0x007C0000
Library C:\WINDOWS\system32\uxtheme.dll 0x5B0F0000
Library C:\WINDOWS\system32\MSCTF.dll 0x746A0000
Library C:\WINDOWS\system32\msctfime.ime 0x75250000
Library C:\WINDOWS\system32\ole32.dll 0x774B0000
Process C:\Dokumente und Einstellungen\Cristina Stefania\Eigene Dateien\Downloads\gmer_2.1.19163(1).exe(2013-04-05 14:32:13) 3068
Library C:\Dokumente und Einstellungen\Cristina Stefania\Eigene Dateien\Downloads\gmer_2.1.19163(1).exe 0x00400000
Library C:\WINDOWS\system32\ntdll.dll 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll 0x7C800000
Library C:\WINDOWS\system32\COMCTL32.DLL 0x5D450000
Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000
Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000
Library C:\WINDOWS\system32\USER32.dll 0x7E360000
Library C:\WINDOWS\system32\IMM32.DLL 0x76330000
Library C:\WINDOWS\system32\uxtheme.dll 0x5B0F0000
Library C:\WINDOWS\system32\msvcrt.dll 0x77BE0000
Library C:\WINDOWS\system32\MSCTF.dll 0x746A0000
Library C:\WINDOWS\system32\msctfime.ime 0x75250000
Library C:\WINDOWS\system32\ole32.dll 0x774B0000
Library C:\WINDOWS\system32\SHLWAPI.dll 0x77F40000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll 0x773A0000
Library C:\WINDOWS\system32\USERENV.dll 0x76620000
Library C:\WINDOWS\system32\version.dll 0x77BD0000
Library C:\WINDOWS\system32\WinTrust.dll 0x76BF0000
Library C:\WINDOWS\system32\CRYPT32.dll 0x77A50000
Library C:\WINDOWS\system32\MSASN1.dll 0x77AF0000
Library C:\WINDOWS\system32\IMAGEHLP.dll 0x76C50000
Library C:\WINDOWS\system32\xpsp2res.dll 0x02160000
Library C:\WINDOWS\system32\rsaenh.dll 0x68000000
Library C:\WINDOWS\system32\netapi32.dll 0x597D0000
Library C:\WINDOWS\system32\cryptnet.dll 0x76580000
Library C:\WINDOWS\system32\PSAPI.DLL 0x76BB0000
Library C:\WINDOWS\system32\SensApi.dll 0x72240000
Library C:\WINDOWS\system32\WINHTTP.dll 0x4D5C0000
Library C:\WINDOWS\system32\WLDAP32.dll 0x76F20000
Library C:\WINDOWS\system32\ws2_32.dll 0x71A10000
Library C:\WINDOWS\system32\WS2HELP.dll 0x71A00000
Library C:\WINDOWS\system32\mswsock.dll 0x719B0000
Library C:\WINDOWS\system32\hnetcfg.dll 0x66710000
Library C:\WINDOWS\System32\wshtcpip.dll 0x719F0000
Library C:\WINDOWS\system32\RASAPI32.DLL 0x76EA0000
Library C:\WINDOWS\system32\rasman.dll 0x76E50000
Library C:\WINDOWS\system32\TAPI32.dll 0x76E70000
Library C:\WINDOWS\system32\rtutils.dll 0x76E40000
Library C:\WINDOWS\system32\WINMM.dll 0x76AF0000
Library C:\WINDOWS\system32\msv1_0.dll 0x77C40000
Library C:\WINDOWS\system32\cryptdll.dll 0x76740000
Library C:\WINDOWS\system32\iphlpapi.dll 0x76D20000
Library C:\WINDOWS\system32\DNSAPI.dll 0x76EE0000
Library C:\WINDOWS\system32\rasadhlp.dll 0x76F80000
Process C:\Programme\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe (Status Monitor for KODAK AiO Printer (32-Bit Intel(R) Pentium(TM) 4 Optimized Build)/Eastman Kodak Company SIGNED)(2012-10-15 10:58:24) 3088
Library C:\Programme\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe 0x00400000
Library C:\WINDOWS\system32\ntdll.dll 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll 0x7C800000
Library C:\WINDOWS\system32\USER32.dll 0x7E360000
Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000
Library C:\WINDOWS\system32\MSIMG32.dll 0x76320000
Library C:\WINDOWS\system32\COMDLG32.dll 0x76350000
Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000
Library C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\COMCTL32.dll 0x773A0000
Library C:\WINDOWS\system32\msvcrt.dll 0x77BE0000
Library C:\WINDOWS\system32\SHLWAPI.dll 0x77F40000
Library C:\WINDOWS\system32\SHELL32.dll 0x7E670000
Library C:\WINDOWS\system32\WINSPOOL.DRV 0x72F70000
Library C:\WINDOWS\system32\oledlg.dll 0x74CB0000
Library C:\WINDOWS\system32\ole32.dll 0x774B0000
Library C:\WINDOWS\system32\OLEAUT32.dll 0x770F0000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\gdiplus.dll 0x4EBA0000
Library C:\WINDOWS\system32\WINMM.dll 0x76AF0000
Library C:\WINDOWS\system32\PSAPI.DLL 0x76BB0000
Library C:\WINDOWS\system32\UxTheme.dll 0x5B0F0000
Library C:\WINDOWS\system32\VERSION.dll 0x77BD0000
Library C:\WINDOWS\system32\WS2_32.dll 0x71A10000
Library C:\WINDOWS\system32\WS2HELP.dll 0x71A00000
Library C:\WINDOWS\system32\WTSAPI32.dll 0x76F10000
Library C:\WINDOWS\system32\WINSTA.dll 0x76300000
Library C:\WINDOWS\system32\NETAPI32.dll 0x597D0000
Library C:\WINDOWS\system32\USERENV.dll 0x76620000
Library C:\WINDOWS\system32\IMM32.DLL 0x76330000
Library C:\WINDOWS\system32\SETUPAPI.dll 0x778F0000
Library C:\WINDOWS\system32\appHelp.dll 0x77B10000
Library C:\WINDOWS\system32\CLBCATQ.DLL 0x76F90000
Library C:\WINDOWS\system32\COMRes.dll 0x77010000
Library C:\WINDOWS\system32\xpsp2res.dll 0x00EC0000
Library C:\WINDOWS\system32\msi.dll 0x3FDE0000
Library C:\WINDOWS\system32\SXS.DLL 0x76970000
Library C:\Programme\Kodak\AiO\StatusMonitor\EKStatusMonitor.Dll 0x10000000
Library C:\WINDOWS\system32\msctfime.ime 0x75250000
Library C:\WINDOWS\system32\msxml3.dll 0x74900000
Library C:\WINDOWS\system32\MSCTF.dll 0x746A0000
Process C:\WINDOWS\system32\igfxext.exe (igfxext Module/Intel Corporation SIGNED)(2009-05-13 20:17:49) 3132
Library C:\WINDOWS\system32\igfxext.exe 0x00400000
Library C:\WINDOWS\system32\ntdll.dll 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll 0x7C800000
Library C:\WINDOWS\system32\USER32.dll 0x7E360000
Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000
Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000
Library C:\WINDOWS\system32\ole32.dll 0x774B0000
Library C:\WINDOWS\system32\msvcrt.dll 0x77BE0000
Library C:\WINDOWS\system32\OLEAUT32.dll 0x770F0000
Library C:\WINDOWS\system32\IMM32.DLL 0x76330000
Library C:\WINDOWS\system32\uxtheme.dll 0x5B0F0000
Library C:\WINDOWS\system32\CLBCATQ.DLL 0x76F90000
Library C:\WINDOWS\system32\COMRes.dll 0x77010000
Library C:\WINDOWS\system32\VERSION.dll 0x77BD0000
Library C:\WINDOWS\system32\xpsp2res.dll 0x00A10000
Library C:\WINDOWS\system32\msctfime.ime 0x75250000
Library C:\WINDOWS\system32\igfxsrvc.dll 0x10000000
Library C:\WINDOWS\system32\IGFXEXPS.DLL 0x00FF0000
Library C:\WINDOWS\system32\MSCTF.dll 0x746A0000
Process C:\Programme\Duden\Duden-Rechtschreibprüfung\DKTray.exe (Duden Korrektor Tray Tool/Expert System S.p.A. SIGNED)(2011-07-06 18:25:20) 3204
Library C:\Programme\Duden\Duden-Rechtschreibprüfung\DKTray.exe 0x00400000
Library C:\WINDOWS\system32\ntdll.dll 0x7C910000
Library C:\WINDOWS\system32\mscoree.dll 0x79000000
Library C:\WINDOWS\system32\KERNEL32.dll 0x7C800000
Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000
Library C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll 0x603B0000
Library C:\WINDOWS\system32\SHLWAPI.dll 0x77F40000
Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000
Library C:\WINDOWS\system32\USER32.dll 0x7E360000
Library C:\WINDOWS\system32\msvcrt.dll 0x77BE0000
Library C:\WINDOWS\system32\IMM32.DLL 0x76330000
Library C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll 0x79E70000
Library C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll 0x78130000
Library C:\WINDOWS\system32\shell32.dll 0x7E670000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll 0x773A0000
Library C:\WINDOWS\system32\comctl32.dll 0x5D450000
Library C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll 0x790C0000
Library C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll 0x64020000
Library C:\WINDOWS\system32\WINTRUST.dll 0x76BF0000
Library C:\WINDOWS\system32\CRYPT32.dll 0x77A50000
Library C:\WINDOWS\system32\MSASN1.dll 0x77AF0000
Library C:\WINDOWS\system32\IMAGEHLP.dll 0x76C50000
Library C:\WINDOWS\system32\rsaenh.dll 0x68000000
Library C:\WINDOWS\system32\xpsp2res.dll 0x00EF0000
Library C:\WINDOWS\system32\uxtheme.dll 0x5B0F0000
Library C:\WINDOWS\system32\userenv.dll 0x76620000
Library C:\WINDOWS\system32\VERSION.dll 0x77BD0000
Library C:\WINDOWS\system32\netapi32.dll 0x597D0000
Library C:\WINDOWS\system32\cryptnet.dll 0x76580000
Library C:\WINDOWS\system32\PSAPI.DLL 0x76BB0000
Library C:\WINDOWS\system32\SensApi.dll 0x72240000
Library C:\WINDOWS\system32\WINHTTP.dll 0x4D5C0000
Library C:\WINDOWS\system32\WLDAP32.dll 0x76F20000
Library C:\WINDOWS\system32\ole32.dll 0x774B0000
Library C:\WINDOWS\system32\MSCTF.dll 0x746A0000
Library C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll 0x7A440000
Library C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\024c898ad1ccfde466d033c0a08d0564\Microsoft.VisualBasic.ni.dll 0x5E430000
Library C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll 0x79060000
Library C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7782f356a838c403b4a8e9c80df5a577\System.Drawing.ni.dll 0x7ADE0000
Library C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ba12e418b906593b7c9c18f971f36bf9\System.Windows.Forms.ni.dll 0x7AFD0000
Library C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d7a2248a76f0e94d56c92c5bf96f5175\System.Runtime.Remoting.ni.dll 0x67770000
Library C:\WINDOWS\system32\ws2_32.dll 0x71A10000
Library C:\WINDOWS\system32\WS2HELP.dll 0x71A00000
Library C:\WINDOWS\system32\mswsock.dll 0x719B0000
Library C:\WINDOWS\system32\hnetcfg.dll 0x66710000
Library C:\WINDOWS\System32\wshtcpip.dll 0x719F0000
Library C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\96b7a0136e9e72e8f4eb0230c20766d2\System.Configuration.ni.dll 0x64890000
Library C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll 0x637A0000
Library C:\WINDOWS\system32\msctfime.ime 0x75250000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\gdiplus.dll 0x4EBA0000
Library C:\WINDOWS\system32\oleaut32.dll 0x770F0000
Library C:\Programme\Duden\Duden-Rechtschreibprüfung\DKFx.dll 0x04180000
Library C:\Programme\Duden\Duden-Rechtschreibprüfung\MBControls.dll 0x04230000
Library C:\WINDOWS\system32\shfolder.dll 0x76730000
Library C:\Programme\Duden\Duden-Rechtschreibprüfung\dpf.dll 0x10000000
Library C:\Programme\Duden\Duden-Rechtschreibprüfung\SX.dll 0x04370000
Library C:\Programme\Duden\Duden-Rechtschreibprüfung\dle.dll 0x043F0000
Library C:\WINDOWS\system32\WSOCK32.dll 0x71A30000
Library C:\WINDOWS\system32\SETUPAPI.dll 0x778F0000
Library C:\WINDOWS\system32\appHelp.dll 0x77B10000
Library C:\WINDOWS\system32\CLBCATQ.DLL 0x76F90000
Library C:\WINDOWS\system32\COMRes.dll 0x77010000
Library C:\PROGRA~1\WIFD1F~1\MpShHook.dll 0x5F800000
Library C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCP80.dll 0x7C420000
Library C:\WINDOWS\system32\urlmon.dll 0x452E0000
Library C:\WINDOWS\system32\iertutil.dll 0x40F50000
Library C:\WINDOWS\system32\WININET.dll 0x408B0000
Library C:\WINDOWS\system32\Normaliz.dll 0x00ED0000
Code:
ATTFilter Process C:\WINDOWS\system32\ctfmon.exe (CTF Loader/Microsoft Corporation SIGNED)(2009-05-13 19:29:33) 3232
Library C:\WINDOWS\system32\ctfmon.exe 0x00400000
Library C:\WINDOWS\system32\ntdll.dll 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll 0x7C800000
Library C:\WINDOWS\system32\msvcrt.dll 0x77BE0000
Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000
Library C:\WINDOWS\system32\USER32.dll 0x7E360000
Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000
Library C:\WINDOWS\system32\MSCTF.dll 0x746A0000
Library C:\WINDOWS\system32\MSUTB.dll 0x60010000
Library C:\WINDOWS\system32\ShimEng.dll 0x5CF00000
Library C:\WINDOWS\AppPatch\AcGenral.DLL 0x6FD90000
Library C:\WINDOWS\system32\WINMM.dll 0x76AF0000
Library C:\WINDOWS\system32\ole32.dll 0x774B0000
Library C:\WINDOWS\system32\OLEAUT32.dll 0x770F0000
Library C:\WINDOWS\system32\MSACM32.dll 0x77BB0000
Library C:\WINDOWS\system32\VERSION.dll 0x77BD0000
Library C:\WINDOWS\system32\SHELL32.dll 0x7E670000
Library C:\WINDOWS\system32\SHLWAPI.dll 0x77F40000
Library C:\WINDOWS\system32\USERENV.dll 0x76620000
Library C:\WINDOWS\system32\UxTheme.dll 0x5B0F0000
Library C:\WINDOWS\system32\IMM32.DLL 0x76330000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll 0x773A0000
Library C:\WINDOWS\system32\msctfime.ime 0x75250000
Process C:\Programme\Duden\Duden-Bibliothek\dudenbib.exe (Duden-Bibliothek/Bibliographisches Institut GmbH SIGNED)(2011-07-01 10:27:00) 3280
Library C:\Programme\Duden\Duden-Bibliothek\dudenbib.exe 0x00400000
Library C:\WINDOWS\system32\ntdll.dll 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll 0x7C800000
Library C:\WINDOWS\system32\SETUPAPI.dll 0x778F0000
Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000
Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000
Library C:\WINDOWS\system32\USER32.dll 0x7E360000
Library C:\WINDOWS\system32\msvcrt.dll 0x77BE0000
Library C:\WINDOWS\system32\COMDLG32.dll 0x76350000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\COMCTL32.dll 0x773A0000
Library C:\WINDOWS\system32\SHLWAPI.dll 0x77F40000
Library C:\WINDOWS\system32\SHELL32.dll 0x7E670000
Library C:\WINDOWS\system32\OLEAUT32.dll 0x770F0000
Library C:\WINDOWS\system32\ole32.dll 0x774B0000
Library C:\WINDOWS\system32\IMM32.dll 0x76330000
Library C:\WINDOWS\system32\WINMM.dll 0x76AF0000
Library C:\WINDOWS\system32\WINSPOOL.DRV 0x72F70000
Library C:\WINDOWS\system32\WS2_32.dll 0x71A10000
Library C:\WINDOWS\system32\WS2HELP.dll 0x71A00000
Library C:\WINDOWS\system32\uxtheme.dll 0x5B0F0000
Library C:\WINDOWS\system32\MSCTF.dll 0x746A0000
Library C:\WINDOWS\system32\msctfime.ime 0x75250000
Library C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\UNIDRV.dll 0x7E490000
Library C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\UNIDRVUI.dll 0x7E5A0000
Library C:\WINDOWS\system32\VERSION.dll 0x77BD0000
Library C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\ekaio2rrs.dll 0x10000000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\gdiplus.dll 0x4EBA0000
Library C:\WINDOWS\system32\PSAPI.DLL 0x76BB0000
Library C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\ekaio2res.dll 0x50000000
Library C:\WINDOWS\system32\xpsp2res.dll 0x01A80000
Process C:\Programme\Microsoft Security Client\msseces.exe (Microsoft Security Client User Interface/Microsoft Corporation SIGNED)(2013-01-27 10:11:06) 3576
Library C:\Programme\Microsoft Security Client\msseces.exe 0x00400000
Library C:\WINDOWS\system32\ntdll.dll 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll 0x7C800000
Library C:\WINDOWS\system32\msvcrt.dll 0x77BE0000
Library C:\Programme\Microsoft Security Client\mpclient.dll 0x5B800000
Library C:\WINDOWS\system32\OLEAUT32.dll 0x770F0000
Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000
Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000
Library C:\WINDOWS\system32\USER32.dll 0x7E360000
Library C:\WINDOWS\system32\ole32.dll 0x774B0000
Library C:\WINDOWS\system32\WINTRUST.dll 0x76BF0000
Library C:\WINDOWS\system32\CRYPT32.dll 0x77A50000
Library C:\WINDOWS\system32\MSASN1.dll 0x77AF0000
Library C:\WINDOWS\system32\IMAGEHLP.dll 0x76C50000
Library C:\WINDOWS\system32\VERSION.dll 0x77BD0000
Library C:\WINDOWS\system32\USERENV.dll 0x76620000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\COMCTL32.dll 0x773A0000
Library C:\WINDOWS\system32\SHLWAPI.dll 0x77F40000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\gdiplus.dll 0x4EBA0000
Library C:\WINDOWS\system32\WININET.dll 0x408B0000
Library C:\WINDOWS\system32\Normaliz.dll 0x00280000
Library C:\WINDOWS\system32\urlmon.dll 0x452E0000
Library C:\WINDOWS\system32\iertutil.dll 0x40F50000
Library C:\WINDOWS\system32\WTSAPI32.dll 0x76F10000
Library C:\WINDOWS\system32\WINSTA.dll 0x76300000
Library C:\WINDOWS\system32\NETAPI32.dll 0x597D0000
Library C:\WINDOWS\system32\SHELL32.dll 0x7E670000
Library C:\WINDOWS\system32\COMDLG32.dll 0x76350000
Library C:\WINDOWS\system32\PSAPI.DLL 0x76BB0000
Library C:\WINDOWS\system32\IMM32.DLL 0x76330000
Library C:\WINDOWS\system32\uxtheme.dll 0x5B0F0000
Library C:\WINDOWS\system32\rsaenh.dll 0x68000000
Library C:\WINDOWS\system32\xpsp2res.dll 0x00CE0000
Library C:\Programme\Microsoft Security Client\EppManifest.dll 0x10000000
Library C:\WINDOWS\system32\CLBCATQ.DLL 0x76F90000
Library C:\WINDOWS\system32\COMRes.dll 0x77010000
Library C:\WINDOWS\system32\msxml3.dll 0x74900000
Library C:\WINDOWS\system32\MSFTEDIT.DLL 0x4B4D0000
Library C:\WINDOWS\system32\msctfime.ime 0x75250000
Library C:\Programme\Microsoft Security Client\SqmApi.dll 0x6C110000
Library C:\WINDOWS\system32\MSCTF.dll 0x746A0000
Library C:\Programme\Microsoft Security Client\MsMpCom.dll 0x65800000
Process C:\Programme\Mozilla Firefox\firefox.exe 3720
Process C:\Programme\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe (Eee Super Hybrid Engine/ASUSTeK Computer Inc.)(2009-05-13 20:35:46) 3732
Library C:\Programme\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe 0x00400000
Library C:\WINDOWS\system32\ntdll.dll 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll 0x7C800000
Library C:\WINDOWS\system32\USER32.dll 0x7E360000
Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000
Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000
Library C:\WINDOWS\system32\SHELL32.dll 0x7E670000
Library C:\WINDOWS\system32\msvcrt.dll 0x77BE0000
Library C:\WINDOWS\system32\SHLWAPI.dll 0x77F40000
Library C:\WINDOWS\system32\ole32.dll 0x774B0000
Library C:\WINDOWS\system32\OLEAUT32.dll 0x770F0000
Library C:\WINDOWS\system32\PSAPI.DLL 0x76BB0000
Library C:\WINDOWS\system32\IMM32.DLL 0x76330000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll 0x773A0000
Library C:\WINDOWS\system32\comctl32.dll 0x5D450000
Library C:\WINDOWS\system32\uxtheme.dll 0x5B0F0000
Library C:\WINDOWS\system32\MSCTF.dll 0x746A0000
Library C:\WINDOWS\system32\msctfime.ime 0x75250000
Library C:\WINDOWS\system32\CLBCATQ.DLL 0x76F90000
Library C:\WINDOWS\system32\COMRes.dll 0x77010000
Library C:\WINDOWS\system32\VERSION.dll 0x77BD0000
Library C:\WINDOWS\system32\xpsp2res.dll 0x00B60000
Library C:\WINDOWS\system32\IGFXEXPS.DLL 0x10000000
Process C:\Programme\Firebird\Firebird_2_5\bin\fbserver.exe (Firebird SQL Server/Firebird Project)(2012-07-29 06:05:15) 3840
Library C:\Programme\Firebird\Firebird_2_5\bin\fbserver.exe 0x00400000
Library C:\WINDOWS\system32\ntdll.dll 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll 0x7C800000
Library C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll 0x78130000
Library C:\WINDOWS\system32\msvcrt.dll 0x77BE0000
Library C:\WINDOWS\system32\WS2_32.dll 0x71A10000
Library C:\WINDOWS\system32\ADVAPI32.dll 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll 0x77FC0000
Library C:\WINDOWS\system32\WS2HELP.dll 0x71A00000
Library C:\WINDOWS\system32\MPR.dll 0x71A80000
Library C:\WINDOWS\system32\USER32.dll 0x7E360000
Library C:\WINDOWS\system32\GDI32.dll 0x77EF0000
Library C:\Programme\Firebird\Firebird_2_5\bin\icuuc30.dll 0x4A800000
Library C:\Programme\Firebird\Firebird_2_5\bin\icudt30.dll 0x4AD00000
Library C:\WINDOWS\system32\SHELL32.dll 0x7E670000
Library C:\WINDOWS\system32\SHLWAPI.dll 0x77F40000
Library C:\WINDOWS\system32\ole32.dll 0x774B0000
Library C:\WINDOWS\system32\COMCTL32.dll 0x5D450000
Library C:\WINDOWS\system32\IMM32.DLL 0x76330000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll 0x773A0000
Library C:\WINDOWS\system32\NTMARTA.DLL 0x77660000
Library C:\WINDOWS\system32\SAMLIB.dll 0x71B70000
Library C:\WINDOWS\system32\WLDAP32.dll 0x76F20000
Library C:\WINDOWS\System32\mswsock.dll 0x719B0000
Library C:\WINDOWS\system32\DNSAPI.dll 0x76EE0000
Library C:\WINDOWS\system32\iphlpapi.dll 0x76D20000
Library C:\WINDOWS\System32\winrnr.dll 0x76F70000
Library C:\WINDOWS\system32\rasadhlp.dll 0x76F80000
Library C:\WINDOWS\system32\hnetcfg.dll 0x66710000
Library C:\WINDOWS\System32\wshtcpip.dll 0x719F0000
|
|
| Themen zu Beim Versuch Wiso Steuer 2011 zu deinstallieren werden alle Programme in Start gelöscht! |
| brauche, combofix, datenträger, deinstallation, desktop, dringend, ebenfalls, falsch, forum, gelöscht, gmer, infos, laptop, malwarebytes, nicht mehr, nichts, problem, programme, software, start, systemwiederherstellung, thema, virus, wiso |
Linear-Darstellung
