Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Virus verschlüsselt Dateien - speichert Datei Howto_RESTORE_FILES.txt html Dateiendung .vvv

Virus verschlüsselt Dateien - speichert Datei Howto_RESTORE_FILES.txt html Dateiendung .vvv


Log-Analyse und Auswertung: Virus verschlüsselt Dateien - speichert Datei Howto_RESTORE_FILES.txt html Dateiendung .vvv

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 07.12.2015, 18:35   #1
robertjana
 
Virus verschlüsselt Dateien - speichert Datei Howto_RESTORE_FILES.txt html Dateiendung .vvv - Standard

und nun - der letzte Teil


Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-12-07 17:54:53
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 ST9500420AS rev.0003LVM1 465,76GB
Running: yfux8l27.exe; Driver: C:\Users\LAPTOP~1\AppData\Local\Temp\kxliypow.sys


---- User code sections - GMER 2.1 ----

.text  C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe[1808] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                0000000076b71401 2 bytes JMP 76d0b21b C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe[1808] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                  0000000076b71419 2 bytes JMP 76d0b346 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe[1808] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                0000000076b71431 2 bytes JMP 76d88fd1 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe[1808] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                0000000076b7144a 2 bytes CALL 76ce489d C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                           * 9
.text  C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe[1808] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                   0000000076b714dd 2 bytes JMP 76d888c4 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe[1808] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17            0000000076b714f5 2 bytes JMP 76d88aa0 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe[1808] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                   0000000076b7150d 2 bytes JMP 76d887ba C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe[1808] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17            0000000076b71525 2 bytes JMP 76d88b8a C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe[1808] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                  0000000076b7153d 2 bytes JMP 76cffca8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe[1808] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                       0000000076b71555 2 bytes JMP 76d068ef C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe[1808] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                0000000076b7156d 2 bytes JMP 76d89089 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe[1808] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                  0000000076b71585 2 bytes JMP 76d88bea C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe[1808] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                     0000000076b7159d 2 bytes JMP 76d8877e C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe[1808] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                  0000000076b715b5 2 bytes JMP 76cffd41 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe[1808] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                0000000076b715cd 2 bytes JMP 76d0b2dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe[1808] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20            0000000076b716b2 2 bytes JMP 76d88f4c C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe[1808] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31            0000000076b716bd 2 bytes JMP 76d88713 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe[2464] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17      0000000076b71401 2 bytes JMP 76d0b21b C:\Windows\syswow64\KERNEL32.dll
.text  C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe[2464] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17        0000000076b71419 2 bytes JMP 76d0b346 C:\Windows\syswow64\KERNEL32.dll
.text  C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe[2464] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17      0000000076b71431 2 bytes JMP 76d88fd1 C:\Windows\syswow64\KERNEL32.dll
.text  C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe[2464] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42      0000000076b7144a 2 bytes CALL 76ce489d C:\Windows\syswow64\KERNEL32.dll
.text  ...                                                                                                                                           * 9
.text  C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe[2464] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17         0000000076b714dd 2 bytes JMP 76d888c4 C:\Windows\syswow64\KERNEL32.dll
.text  C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe[2464] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17  0000000076b714f5 2 bytes JMP 76d88aa0 C:\Windows\syswow64\KERNEL32.dll
.text  C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe[2464] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17         0000000076b7150d 2 bytes JMP 76d887ba C:\Windows\syswow64\KERNEL32.dll
.text  C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe[2464] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17  0000000076b71525 2 bytes JMP 76d88b8a C:\Windows\syswow64\KERNEL32.dll
.text  C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe[2464] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17        0000000076b7153d 2 bytes JMP 76cffca8 C:\Windows\syswow64\KERNEL32.dll
.text  C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe[2464] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17             0000000076b71555 2 bytes JMP 76d068ef C:\Windows\syswow64\KERNEL32.dll
.text  C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe[2464] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17      0000000076b7156d 2 bytes JMP 76d89089 C:\Windows\syswow64\KERNEL32.dll
.text  C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe[2464] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17        0000000076b71585 2 bytes JMP 76d88bea C:\Windows\syswow64\KERNEL32.dll
.text  C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe[2464] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17           0000000076b7159d 2 bytes JMP 76d8877e C:\Windows\syswow64\KERNEL32.dll
.text  C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe[2464] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17        0000000076b715b5 2 bytes JMP 76cffd41 C:\Windows\syswow64\KERNEL32.dll
.text  C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe[2464] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17      0000000076b715cd 2 bytes JMP 76d0b2dc C:\Windows\syswow64\KERNEL32.dll
.text  C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe[2464] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20  0000000076b716b2 2 bytes JMP 76d88f4c C:\Windows\syswow64\KERNEL32.dll
.text  C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe[2464] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31  0000000076b716bd 2 bytes JMP 76d88713 C:\Windows\syswow64\KERNEL32.dll
.text  C:\Program Files (x86)\maxdome\DCBin\DCService.exe[3208] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                              0000000076b71401 2 bytes JMP 76d0b21b C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\maxdome\DCBin\DCService.exe[3208] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                0000000076b71419 2 bytes JMP 76d0b346 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\maxdome\DCBin\DCService.exe[3208] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                              0000000076b71431 2 bytes JMP 76d88fd1 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\maxdome\DCBin\DCService.exe[3208] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                              0000000076b7144a 2 bytes CALL 76ce489d C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                           * 9
.text  C:\Program Files (x86)\maxdome\DCBin\DCService.exe[3208] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                 0000000076b714dd 2 bytes JMP 76d888c4 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\maxdome\DCBin\DCService.exe[3208] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                          0000000076b714f5 2 bytes JMP 76d88aa0 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\maxdome\DCBin\DCService.exe[3208] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                 0000000076b7150d 2 bytes JMP 76d887ba C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\maxdome\DCBin\DCService.exe[3208] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                          0000000076b71525 2 bytes JMP 76d88b8a C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\maxdome\DCBin\DCService.exe[3208] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                0000000076b7153d 2 bytes JMP 76cffca8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\maxdome\DCBin\DCService.exe[3208] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                     0000000076b71555 2 bytes JMP 76d068ef C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\maxdome\DCBin\DCService.exe[3208] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                              0000000076b7156d 2 bytes JMP 76d89089 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\maxdome\DCBin\DCService.exe[3208] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                0000000076b71585 2 bytes JMP 76d88bea C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\maxdome\DCBin\DCService.exe[3208] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                   0000000076b7159d 2 bytes JMP 76d8877e C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\maxdome\DCBin\DCService.exe[3208] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                0000000076b715b5 2 bytes JMP 76cffd41 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\maxdome\DCBin\DCService.exe[3208] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                              0000000076b715cd 2 bytes JMP 76d0b2dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\maxdome\DCBin\DCService.exe[3208] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                          0000000076b716b2 2 bytes JMP 76d88f4c C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\maxdome\DCBin\DCService.exe[3208] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                          0000000076b716bd 2 bytes JMP 76d88713 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe[3424] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17          0000000076b71401 2 bytes JMP 76d0b21b C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe[3424] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17            0000000076b71419 2 bytes JMP 76d0b346 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe[3424] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17          0000000076b71431 2 bytes JMP 76d88fd1 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe[3424] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42          0000000076b7144a 2 bytes CALL 76ce489d C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                           * 9
.text  C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe[3424] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17             0000000076b714dd 2 bytes JMP 76d888c4 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe[3424] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17      0000000076b714f5 2 bytes JMP 76d88aa0 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe[3424] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17             0000000076b7150d 2 bytes JMP 76d887ba C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe[3424] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17      0000000076b71525 2 bytes JMP 76d88b8a C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe[3424] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17            0000000076b7153d 2 bytes JMP 76cffca8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe[3424] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                 0000000076b71555 2 bytes JMP 76d068ef C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe[3424] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17          0000000076b7156d 2 bytes JMP 76d89089 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe[3424] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17            0000000076b71585 2 bytes JMP 76d88bea C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe[3424] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17               0000000076b7159d 2 bytes JMP 76d8877e C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe[3424] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17            0000000076b715b5 2 bytes JMP 76cffd41 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe[3424] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17          0000000076b715cd 2 bytes JMP 76d0b2dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe[3424] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20      0000000076b716b2 2 bytes JMP 76d88f4c C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe[3424] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31      0000000076b716bd 2 bytes JMP 76d88713 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe[3580] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                0000000076b71401 2 bytes JMP 76d0b21b C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe[3580] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                  0000000076b71419 2 bytes JMP 76d0b346 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe[3580] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                0000000076b71431 2 bytes JMP 76d88fd1 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe[3580] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                0000000076b7144a 2 bytes CALL 76ce489d C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                           * 9
.text  C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe[3580] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                   0000000076b714dd 2 bytes JMP 76d888c4 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe[3580] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17            0000000076b714f5 2 bytes JMP 76d88aa0 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe[3580] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                   0000000076b7150d 2 bytes JMP 76d887ba C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe[3580] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17            0000000076b71525 2 bytes JMP 76d88b8a C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe[3580] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                  0000000076b7153d 2 bytes JMP 76cffca8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe[3580] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                       0000000076b71555 2 bytes JMP 76d068ef C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe[3580] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                0000000076b7156d 2 bytes JMP 76d89089 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe[3580] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                  0000000076b71585 2 bytes JMP 76d88bea C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe[3580] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                     0000000076b7159d 2 bytes JMP 76d8877e C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe[3580] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                  0000000076b715b5 2 bytes JMP 76cffd41 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe[3580] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                0000000076b715cd 2 bytes JMP 76d0b2dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe[3580] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20            0000000076b716b2 2 bytes JMP 76d88f4c C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe[3580] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31            0000000076b716bd 2 bytes JMP 76d88713 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe[3652] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                        0000000076b71401 2 bytes JMP 76d0b21b C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe[3652] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                          0000000076b71419 2 bytes JMP 76d0b346 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe[3652] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                        0000000076b71431 2 bytes JMP 76d88fd1 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe[3652] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                        0000000076b7144a 2 bytes CALL 76ce489d C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                           * 9
.text  C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe[3652] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                           0000000076b714dd 2 bytes JMP 76d888c4 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe[3652] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                    0000000076b714f5 2 bytes JMP 76d88aa0 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe[3652] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                           0000000076b7150d 2 bytes JMP 76d887ba C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe[3652] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                    0000000076b71525 2 bytes JMP 76d88b8a C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe[3652] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                          0000000076b7153d 2 bytes JMP 76cffca8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe[3652] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                               0000000076b71555 2 bytes JMP 76d068ef C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe[3652] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                        0000000076b7156d 2 bytes JMP 76d89089 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe[3652] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                          0000000076b71585 2 bytes JMP 76d88bea C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe[3652] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                             0000000076b7159d 2 bytes JMP 76d8877e C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe[3652] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                          0000000076b715b5 2 bytes JMP 76cffd41 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe[3652] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                        0000000076b715cd 2 bytes JMP 76d0b2dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe[3652] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                    0000000076b716b2 2 bytes JMP 76d88f4c C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe[3652] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                    0000000076b716bd 2 bytes JMP 76d88713 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\FreeCountdownTimer\FreeCountdownTimer.exe[5508] C:\Windows\syswow64\PSAPI.dll!GetModuleFileNameExW + 17                0000000076b71401 2 bytes JMP 76d0b21b C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\FreeCountdownTimer\FreeCountdownTimer.exe[5508] C:\Windows\syswow64\PSAPI.dll!EnumProcessModules + 17                  0000000076b71419 2 bytes JMP 76d0b346 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\FreeCountdownTimer\FreeCountdownTimer.exe[5508] C:\Windows\syswow64\PSAPI.dll!GetModuleInformation + 17                0000000076b71431 2 bytes JMP 76d88fd1 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\FreeCountdownTimer\FreeCountdownTimer.exe[5508] C:\Windows\syswow64\PSAPI.dll!GetModuleInformation + 42                0000000076b7144a 2 bytes CALL 76ce489d C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                           * 9
.text  C:\Program Files (x86)\FreeCountdownTimer\FreeCountdownTimer.exe[5508] C:\Windows\syswow64\PSAPI.dll!EnumDeviceDrivers + 17                   0000000076b714dd 2 bytes JMP 76d888c4 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\FreeCountdownTimer\FreeCountdownTimer.exe[5508] C:\Windows\syswow64\PSAPI.dll!GetDeviceDriverBaseNameA + 17            0000000076b714f5 2 bytes JMP 76d88aa0 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\FreeCountdownTimer\FreeCountdownTimer.exe[5508] C:\Windows\syswow64\PSAPI.dll!QueryWorkingSetEx + 17                   0000000076b7150d 2 bytes JMP 76d887ba C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\FreeCountdownTimer\FreeCountdownTimer.exe[5508] C:\Windows\syswow64\PSAPI.dll!GetDeviceDriverBaseNameW + 17            0000000076b71525 2 bytes JMP 76d88b8a C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\FreeCountdownTimer\FreeCountdownTimer.exe[5508] C:\Windows\syswow64\PSAPI.dll!GetModuleBaseNameW + 17                  0000000076b7153d 2 bytes JMP 76cffca8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\FreeCountdownTimer\FreeCountdownTimer.exe[5508] C:\Windows\syswow64\PSAPI.dll!EnumProcesses + 17                       0000000076b71555 2 bytes JMP 76d068ef C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\FreeCountdownTimer\FreeCountdownTimer.exe[5508] C:\Windows\syswow64\PSAPI.dll!GetProcessMemoryInfo + 17                0000000076b7156d 2 bytes JMP 76d89089 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\FreeCountdownTimer\FreeCountdownTimer.exe[5508] C:\Windows\syswow64\PSAPI.dll!GetPerformanceInfo + 17                  0000000076b71585 2 bytes JMP 76d88bea C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\FreeCountdownTimer\FreeCountdownTimer.exe[5508] C:\Windows\syswow64\PSAPI.dll!QueryWorkingSet + 17                     0000000076b7159d 2 bytes JMP 76d8877e C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\FreeCountdownTimer\FreeCountdownTimer.exe[5508] C:\Windows\syswow64\PSAPI.dll!GetModuleBaseNameA + 17                  0000000076b715b5 2 bytes JMP 76cffd41 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\FreeCountdownTimer\FreeCountdownTimer.exe[5508] C:\Windows\syswow64\PSAPI.dll!GetModuleFileNameExA + 17                0000000076b715cd 2 bytes JMP 76d0b2dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\FreeCountdownTimer\FreeCountdownTimer.exe[5508] C:\Windows\syswow64\PSAPI.dll!GetProcessImageFileNameW + 20            0000000076b716b2 2 bytes JMP 76d88f4c C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\FreeCountdownTimer\FreeCountdownTimer.exe[5508] C:\Windows\syswow64\PSAPI.dll!GetProcessImageFileNameW + 31            0000000076b716bd 2 bytes JMP 76d88713 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Jana\AppData\Local\Amazon Music\Amazon Music Helper.exe[5524] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                0000000076b71401 2 bytes JMP 76d0b21b C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Jana\AppData\Local\Amazon Music\Amazon Music Helper.exe[5524] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                  0000000076b71419 2 bytes JMP 76d0b346 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Jana\AppData\Local\Amazon Music\Amazon Music Helper.exe[5524] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                0000000076b71431 2 bytes JMP 76d88fd1 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Jana\AppData\Local\Amazon Music\Amazon Music Helper.exe[5524] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                0000000076b7144a 2 bytes CALL 76ce489d C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                           * 9
.text  C:\Users\Jana\AppData\Local\Amazon Music\Amazon Music Helper.exe[5524] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                   0000000076b714dd 2 bytes JMP 76d888c4 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Jana\AppData\Local\Amazon Music\Amazon Music Helper.exe[5524] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17            0000000076b714f5 2 bytes JMP 76d88aa0 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Jana\AppData\Local\Amazon Music\Amazon Music Helper.exe[5524] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                   0000000076b7150d 2 bytes JMP 76d887ba C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Jana\AppData\Local\Amazon Music\Amazon Music Helper.exe[5524] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17            0000000076b71525 2 bytes JMP 76d88b8a C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Jana\AppData\Local\Amazon Music\Amazon Music Helper.exe[5524] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                  0000000076b7153d 2 bytes JMP 76cffca8 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Jana\AppData\Local\Amazon Music\Amazon Music Helper.exe[5524] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                       0000000076b71555 2 bytes JMP 76d068ef C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Jana\AppData\Local\Amazon Music\Amazon Music Helper.exe[5524] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                0000000076b7156d 2 bytes JMP 76d89089 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Jana\AppData\Local\Amazon Music\Amazon Music Helper.exe[5524] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                  0000000076b71585 2 bytes JMP 76d88bea C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Jana\AppData\Local\Amazon Music\Amazon Music Helper.exe[5524] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                     0000000076b7159d 2 bytes JMP 76d8877e C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Jana\AppData\Local\Amazon Music\Amazon Music Helper.exe[5524] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                  0000000076b715b5 2 bytes JMP 76cffd41 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Jana\AppData\Local\Amazon Music\Amazon Music Helper.exe[5524] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                0000000076b715cd 2 bytes JMP 76d0b2dc C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Jana\AppData\Local\Amazon Music\Amazon Music Helper.exe[5524] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20            0000000076b716b2 2 bytes JMP 76d88f4c C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Jana\AppData\Local\Amazon Music\Amazon Music Helper.exe[5524] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31            0000000076b716bd 2 bytes JMP 76d88713 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\Microsoft Office\Office14\GROOVE.EXE[5228] C:\Windows\system32\kernel32.dll!SetUnhandledExceptionFilter + 1                  00000000770a90a1 11 bytes {MOV EAX, 0xffffffffe8d86e48; INC BYTE [RDI]; ADD [RAX], AL; JMP RAX}
.text  C:\Program Files\Microsoft Office\Office14\GROOVE.EXE[5228] C:\Windows\system32\ole32.dll!OleLoadFromStream                                   000007fefd717790 5 bytes JMP 000007fffd4a00d8
.text  C:\Program Files\Microsoft Office\Office14\GROOVE.EXE[5228] C:\Windows\system32\OLEAUT32.dll!VariantClear                                     000007fefe101180 5 bytes JMP 000007fffd4a01b8
.text  C:\Program Files\Microsoft Office\Office14\GROOVE.EXE[5228] C:\Windows\system32\OLEAUT32.dll!SysFreeString                                    000007fefe101320 7 bytes JMP 000007fffd4a0148
.text  C:\Program Files\Microsoft Office\Office14\GROOVE.EXE[5228] C:\Windows\system32\OLEAUT32.dll!SysAllocStringByteLen                            000007fefe104470 6 bytes JMP 000007fffd4a0110
.text  C:\Program Files\Microsoft Office\Office14\GROOVE.EXE[5228] C:\Windows\system32\OLEAUT32.dll!VariantChangeType                                000007fefe106720 10 bytes JMP 000007fffd4a0180
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[5680] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                     0000000076b71401 2 bytes JMP 76d0b21b C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[5680] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                       0000000076b71419 2 bytes JMP 76d0b346 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[5680] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                     0000000076b71431 2 bytes JMP 76d88fd1 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[5680] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                     0000000076b7144a 2 bytes CALL 76ce489d C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                           * 9
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[5680] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                        0000000076b714dd 2 bytes JMP 76d888c4 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[5680] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                 0000000076b714f5 2 bytes JMP 76d88aa0 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[5680] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                        0000000076b7150d 2 bytes JMP 76d887ba C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[5680] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                 0000000076b71525 2 bytes JMP 76d88b8a C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[5680] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                       0000000076b7153d 2 bytes JMP 76cffca8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[5680] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                            0000000076b71555 2 bytes JMP 76d068ef C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[5680] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                     0000000076b7156d 2 bytes JMP 76d89089 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[5680] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                       0000000076b71585 2 bytes JMP 76d88bea C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[5680] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                          0000000076b7159d 2 bytes JMP 76d8877e C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[5680] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                       0000000076b715b5 2 bytes JMP 76cffd41 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[5680] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                     0000000076b715cd 2 bytes JMP 76d0b2dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[5680] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                 0000000076b716b2 2 bytes JMP 76d88f4c C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[5680] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                 0000000076b716bd 2 bytes JMP 76d88713 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe[5856] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17          0000000076b71401 2 bytes JMP 76d0b21b C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe[5856] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17            0000000076b71419 2 bytes JMP 76d0b346 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe[5856] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17          0000000076b71431 2 bytes JMP 76d88fd1 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe[5856] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42          0000000076b7144a 2 bytes CALL 76ce489d C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                           * 9
.text  C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe[5856] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17             0000000076b714dd 2 bytes JMP 76d888c4 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe[5856] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17      0000000076b714f5 2 bytes JMP 76d88aa0 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe[5856] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17             0000000076b7150d 2 bytes JMP 76d887ba C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe[5856] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17      0000000076b71525 2 bytes JMP 76d88b8a C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe[5856] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17            0000000076b7153d 2 bytes JMP 76cffca8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe[5856] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                 0000000076b71555 2 bytes JMP 76d068ef C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe[5856] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17          0000000076b7156d 2 bytes JMP 76d89089 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe[5856] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17            0000000076b71585 2 bytes JMP 76d88bea C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe[5856] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17               0000000076b7159d 2 bytes JMP 76d8877e C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe[5856] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17            0000000076b715b5 2 bytes JMP 76cffd41 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe[5856] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17          0000000076b715cd 2 bytes JMP 76d0b2dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe[5856] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20      0000000076b716b2 2 bytes JMP 76d88f4c C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe[5856] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31      0000000076b716bd 2 bytes JMP 76d88713 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\RunDll32.exe[6244] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                0000000076b71401 2 bytes JMP 76d0b21b C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\RunDll32.exe[6244] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                  0000000076b71419 2 bytes JMP 76d0b346 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\RunDll32.exe[6244] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                0000000076b71431 2 bytes JMP 76d88fd1 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\RunDll32.exe[6244] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                0000000076b7144a 2 bytes CALL 76ce489d C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                           * 9
.text  C:\Windows\SysWOW64\RunDll32.exe[6244] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                   0000000076b714dd 2 bytes JMP 76d888c4 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\RunDll32.exe[6244] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                            0000000076b714f5 2 bytes JMP 76d88aa0 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\RunDll32.exe[6244] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                   0000000076b7150d 2 bytes JMP 76d887ba C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\RunDll32.exe[6244] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                            0000000076b71525 2 bytes JMP 76d88b8a C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\RunDll32.exe[6244] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                  0000000076b7153d 2 bytes JMP 76cffca8 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\RunDll32.exe[6244] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                       0000000076b71555 2 bytes JMP 76d068ef C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\RunDll32.exe[6244] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                0000000076b7156d 2 bytes JMP 76d89089 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\RunDll32.exe[6244] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                  0000000076b71585 2 bytes JMP 76d88bea C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\RunDll32.exe[6244] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                     0000000076b7159d 2 bytes JMP 76d8877e C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\RunDll32.exe[6244] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                  0000000076b715b5 2 bytes JMP 76cffd41 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\RunDll32.exe[6244] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                0000000076b715cd 2 bytes JMP 76d0b2dc C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\RunDll32.exe[6244] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                            0000000076b716b2 2 bytes JMP 76d88f4c C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\RunDll32.exe[6244] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                            0000000076b716bd 2 bytes JMP 76d88713 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe[7184] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                 0000000076b71401 2 bytes JMP 76d0b21b C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe[7184] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                   0000000076b71419 2 bytes JMP 76d0b346 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe[7184] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                 0000000076b71431 2 bytes JMP 76d88fd1 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe[7184] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                 0000000076b7144a 2 bytes CALL 76ce489d C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                           * 9
.text  C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe[7184] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                    0000000076b714dd 2 bytes JMP 76d888c4 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe[7184] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17             0000000076b714f5 2 bytes JMP 76d88aa0 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe[7184] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                    0000000076b7150d 2 bytes JMP 76d887ba C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe[7184] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17             0000000076b71525 2 bytes JMP 76d88b8a C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe[7184] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                   0000000076b7153d 2 bytes JMP 76cffca8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe[7184] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                        0000000076b71555 2 bytes JMP 76d068ef C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe[7184] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                 0000000076b7156d 2 bytes JMP 76d89089 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe[7184] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                   0000000076b71585 2 bytes JMP 76d88bea C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe[7184] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                      0000000076b7159d 2 bytes JMP 76d8877e C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe[7184] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                   0000000076b715b5 2 bytes JMP 76cffd41 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe[7184] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                 0000000076b715cd 2 bytes JMP 76d0b2dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe[7184] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20             0000000076b716b2 2 bytes JMP 76d88f4c C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe[7184] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31             0000000076b716bd 2 bytes JMP 76d88713 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\ITbrain Agent\itbrain_agent.exe[9284] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                          0000000076b71401 2 bytes JMP 76d0b21b C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\ITbrain Agent\itbrain_agent.exe[9284] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                            0000000076b71419 2 bytes JMP 76d0b346 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\ITbrain Agent\itbrain_agent.exe[9284] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                          0000000076b71431 2 bytes JMP 76d88fd1 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\ITbrain Agent\itbrain_agent.exe[9284] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                          0000000076b7144a 2 bytes CALL 76ce489d C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                           * 9
.text  C:\Program Files (x86)\ITbrain Agent\itbrain_agent.exe[9284] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                             0000000076b714dd 2 bytes JMP 76d888c4 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\ITbrain Agent\itbrain_agent.exe[9284] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                      0000000076b714f5 2 bytes JMP 76d88aa0 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\ITbrain Agent\itbrain_agent.exe[9284] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                             0000000076b7150d 2 bytes JMP 76d887ba C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\ITbrain Agent\itbrain_agent.exe[9284] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                      0000000076b71525 2 bytes JMP 76d88b8a C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\ITbrain Agent\itbrain_agent.exe[9284] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                            0000000076b7153d 2 bytes JMP 76cffca8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\ITbrain Agent\itbrain_agent.exe[9284] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                 0000000076b71555 2 bytes JMP 76d068ef C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\ITbrain Agent\itbrain_agent.exe[9284] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                          0000000076b7156d 2 bytes JMP 76d89089 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\ITbrain Agent\itbrain_agent.exe[9284] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                            0000000076b71585 2 bytes JMP 76d88bea C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\ITbrain Agent\itbrain_agent.exe[9284] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                               0000000076b7159d 2 bytes JMP 76d8877e C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\ITbrain Agent\itbrain_agent.exe[9284] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                            0000000076b715b5 2 bytes JMP 76cffd41 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\ITbrain Agent\itbrain_agent.exe[9284] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                          0000000076b715cd 2 bytes JMP 76d0b2dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\ITbrain Agent\itbrain_agent.exe[9284] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                      0000000076b716b2 2 bytes JMP 76d88f4c C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\ITbrain Agent\itbrain_agent.exe[9284] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                      0000000076b716bd 2 bytes JMP 76d88713 C:\Windows\syswow64\kernel32.dll

---- Registry - GMER 2.1 ----

Reg    HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\ccaf78e7e8e8                                                                   
Reg    HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\ccaf78e7e8e8@001653436008                                                      0x59 0x53 0x18 0x7B ...
Reg    HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\ccaf78e7e8e8@50a4c815a0c2                                                      0x87 0xF3 0x7E 0x77 ...
Reg    HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\ccaf78e7e8e8@5cb524c56c6a                                                      0x07 0xA1 0x8D 0xEA ...
Reg    HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\ccaf78e7e8e8@001ddf696850                                                      0x1E 0xB1 0x1B 0x3D ...
Reg    HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\ccaf78e7e8e8@3894965a10fd                                                      0x1F 0x11 0x9E 0x20 ...
Reg    HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\ccaf78e7e8e8 (not active ControlSet)                                               
Reg    HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\ccaf78e7e8e8@001653436008                                                          0x59 0x53 0x18 0x7B ...
Reg    HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\ccaf78e7e8e8@50a4c815a0c2                                                          0x87 0xF3 0x7E 0x77 ...
Reg    HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\ccaf78e7e8e8@5cb524c56c6a                                                          0x07 0xA1 0x8D 0xEA ...
Reg    HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\ccaf78e7e8e8@001ddf696850                                                          0x1E 0xB1 0x1B 0x3D ...
Reg    HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\ccaf78e7e8e8@3894965a10fd                                                          0x1F 0x11 0x9E 0x20 ...

---- EOF - GMER 2.1 ----

Antwort

Themen zu Virus verschlüsselt Dateien - speichert Datei Howto_RESTORE_FILES.txt html Dateiendung .vvv
antivirus, aufsetzen, auftrag, computer, dateien, dateiverschlüsselung, firefox, howto_restore_files.txt, infiziert, installation, internet, logfile, malware, microsoft, mozilla, netzwerk, private key, programm, public key, windows


« Avast: Win32:evo-gen [susp] | Avast Pop-up bei Schoener-Fernsehen | Infektion URL:Mal | http://sda.vidcore.tv/crossdomain.xml »


Ähnliche Themen: Virus verschlüsselt Dateien - speichert Datei Howto_RESTORE_FILES.txt html Dateiendung .vvv


  1. Dateien verschlüsselt Virus, Datenrettung?
    Plagegeister aller Art und deren Bekämpfung - 27.11.2015 (5)
  2. Virus verschlüsselt Dateien
    Plagegeister aller Art und deren Bekämpfung - 02.11.2015 (1)
  3. ROTO Virus verschlüsselt alle Dateien
    Plagegeister aller Art und deren Bekämpfung - 30.06.2015 (3)
  4. CBT Virus Dateiendung: .mghobdi Alle Bilder und Texdokumente verschlüsselt
    Plagegeister aller Art und deren Bekämpfung - 04.01.2015 (1)
  5. Alle Dateien durch Howdecrypt Virus verschlüsselt - Entschlüsselungsversuche bisher erfolglos!
    Plagegeister aller Art und deren Bekämpfung - 08.03.2014 (26)
  6. Wichtige Dateien durch Virus verschlüsselt "Read to Decrypt!"
    Plagegeister aller Art und deren Bekämpfung - 09.07.2013 (9)
  7. Dateien nach Virus verschlüsselt?
    Plagegeister aller Art und deren Bekämpfung - 27.05.2013 (12)
  8. Trojaner verschlüsselt Dateien, mit z.B. xyzsdfjs ohne Dateiendung
    Log-Analyse und Auswertung - 23.02.2013 (3)
  9. ICQ speichert Datei als Attachment auf mail.ru
    Diskussionsforum - 09.02.2013 (10)
  10. Virus hat Dateien verschlüsselt
    Plagegeister aller Art und deren Bekämpfung - 02.02.2013 (1)
  11. verschlüsselte Dateien nach einer Infizierung im Format txsgQTfUGpaqLVXg ohne Dateiendung
    Plagegeister aller Art und deren Bekämpfung - 19.12.2012 (3)
  12. Dateien aller Art sind komplett verschlüsselt ohne irgend eine Dateiendung..
    Plagegeister aller Art und deren Bekämpfung - 16.07.2012 (1)
  13. Trojaner, Daten verschlüsselt ohne Dateiendung, 200€, Aus Emailanhang?
    Plagegeister aller Art und deren Bekämpfung - 26.06.2012 (1)
  14. Windows Update Virus, Nach Beseitigung bleiben eigene Dateien und Fotos verschlüsselt!
    Log-Analyse und Auswertung - 24.05.2012 (1)
  15. In der 'Datei t2_ad_ajax[1].htm' wurde der Virus 'HTML/Infected.WebPage.Gen' entdeckt
    Plagegeister aller Art und deren Bekämpfung - 06.03.2010 (1)
  16. Bilder / Dateien haben .Cyrpted Dateiendung und lassen sich nicht mehr öffnen.
    Plagegeister aller Art und deren Bekämpfung - 16.02.2010 (10)
  17. "Ziel speichern unter" speichert statt wmv datei nur ein html Dokument
    Alles rund um Windows - 26.12.2009 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Virus verschlüsselt Dateien - speichert Datei Howto_RESTORE_FILES.txt html Dateiendung .vvv - Code: Alles auswählen Aufklappen ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net Rootkit scan 2015-12-07 17:54:53 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 ST9500420AS rev.0003LVM1 465,76GB Running: yfux8l27.exe; Driver: C:\Users\LAPTOP~1\AppData\Local\Temp\kxliypow.sys ---- - Virus verschlüsselt Dateien - speichert Datei Howto_RESTORE_FILES.txt html Dateiendung .vvv...
Archiv
Du betrachtest: Virus verschlüsselt Dateien - speichert Datei Howto_RESTORE_FILES.txt html Dateiendung .vvv auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55