| |
| |||||||
Log-Analyse und Auswertung: HiJackfile-Log Browser öffnet falsche InternetseitenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
24.03.2010, 14:48
| #1 |
 |  HiJackfile-Log Browser öffnet falsche Internetseiten Ich bitte um Hilfe - Mozilla und IE öffnen falsche Internetseiten, erst mit dem zweiten Klick wird die richtige Seite geöffnet. Malwarebytes hat kein Ergebnis gefunden. Vielen Dank für einen Tipp im Voraus! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:44:12, on 24.03.2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe c:\programme\gemeinsame dateien\logishrd\lvmvfm\LVPrcSrv.exe C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\Programme\Bonjour\mDNSResponder.exe C:\DATEV\PROGRAMM\B0001442\PSNTSERV.EXE C:\DATEV\PROGRAMM\B0000000\DFUEMNGR\DcManag.exe C:\Programme\FRITZ!DSL\IGDCTRL.EXE C:\Programme\Nero\Nero 7\InCD\InCDsrv.exe C:\Programme\Java\jre6\bin\jqs.exe C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe C:\WINDOWS\system32\nvsvc32.exe C:\DATEV\PROGRAMM\B0000347\ScMgmt\SCardService.exe C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\WINDOWS\system32\svchost.exe C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Programme\Acronis\TrueImageHome\TimounterMonitor.exe C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe C:\DATEV\PROGRAMM\B0000347\ScMgmt\ScardManager.exe C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\DATEV\PROGRAMM\B0000398\SiPaHost.exe C:\Programme\iTunes\iTunesHelper.exe C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\DATEV\PROGRAMM\B0000000\DFUEMNGR\DfueMan.exe C:\DATEV\PROGRAMM\DFUEISDN\sslclt\sslclt.exe C:\DATEV\PROGRAMM\RZKOMM\ccsrv2.exe C:\DATEV\PROGRAMM\B0000299\as\as.exe C:\DATEV\PROGRAMM\B0000299\as\as.exe C:\DATEV\PROGRAMM\B0000150\ScServer\DVcServ.exe C:\Programme\iPod\bin\iPodService.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\ctfmon.exe C:\LIBRI\libri.exe C:\WINDOWS\System32\TuneUpDefragService.exe C:\Programme\Mozilla Firefox\firefox.exe C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\distnoted.exe C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\SyncServer.exe C:\WINDOWS\system32\wuauclt.exe C:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE C:\Programme\Internet Explorer\IEXPLORE.EXE C:\Programme\Internet Explorer\IEXPLORE.EXE C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe C:\Programme\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ig?t=0 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll O2 - BHO: DATEV Smartcard Browser Helper - {AF8CD625-E04A-4A8F-A90A-0C74846C2E30} - C:\DATEV\SYSTEM\DVCCSAScardBHO002.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Programme\Acronis\TrueImageHome\TimounterMonitor.exe O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [DVCCSAWTSSetEntryNTE] C:\DATEV\PROGRAMM\B0000150\ScWTS\DVCCSAWTSSetEntryNTE.exe O4 - HKLM\..\Run: [DATEV_SCardMan] C:\DATEV\PROGRAMM\B0000347\ScMgmt\ScardManager.exe O4 - HKLM\..\Run: [AVP] "C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" O4 - HKLM\..\Run: [SiPaHost] C:\DATEV\PROGRAMM\B0000398\SiPaHost.exe C:\DATEV\KONFIG\B0000398 O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Adobe ARM] "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Microsoft Office Outlook] C:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE /recycle O4 - HKCU\..\Run: [Firefox] C:\Programme\Mozilla Firefox\firefox.exe O4 - HKCU\..\Run: [Das professionelle Handwerkszeug für den Buchhandel] C:\LIBRI\libri.exe O4 - HKCU\..\Run: [swg] "C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: DFÜ-Manager.lnk = C:\DATEV\PROGRAMM\B0000000\DFUEMNGR\DfueMan.exe O4 - Global Startup: SkyUserDevmode-Update.lnk = C:\DATEV\PROGRAMM\B0001401\UpdateDevmode.exe O4 - Global Startup: Zahlungserinnerung.lnk = C:\Programme\Profi cash\wzed.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: Google Sidewiki... - res://C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm O9 - Extra button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: @C:\Programme\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Programme\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O20 - Winlogon Notify: DVCCSA - C:\WINDOWS\SYSTEM32\DVCCSAnotify002.dll O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Programme\Bonjour\mDNSResponder.exe O23 - Service: DATEV Update-Service - DATEV eG - C:\DATEV\PROGRAMM\INSTALL\DvInesASDSvc.Exe O23 - Service: DATEV Druckservice (DatevPrintService) - DATEV eG - C:\DATEV\PROGRAMM\B0001442\PSNTSERV.EXE O23 - Service: DATEV DFÜ-System Dienst (Dcmanag) - DATEV eG - C:\DATEV\PROGRAMM\B0000000\DFUEMNGR\DcManag.exe O23 - Service: DVckService - DATEV eG - C:\DATEV\PROGRAMM\B0000150\ScServer\DVckService.exe O23 - Service: Google Update Service (gupdate1c9f18bc452d6e2) (gupdate1c9f18bc452d6e2) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: AVM IGD CTRL Service (IGDCTRL) - AVM Berlin - C:\Programme\FRITZ!DSL\IGDCTRL.EXE O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Programme\Nero\Nero 7\InCD\InCDsrv.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\programme\gemeinsame dateien\logishrd\lvmvfm\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Programme\Gemeinsame Dateien\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: NBService - Nero AG - C:\Programme\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: DATEV SmartCard Service (SCardService) - DATEV eG - C:\DATEV\PROGRAMM\B0000347\ScMgmt\SCardService.exe O23 - Service: TuneUp Drive Defrag-Dienst (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe -- End of file - 11021 bytes |
|
24.03.2010, 20:26
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | HiJackfile-Log Browser öffnet falsche Internetseiten Hallo und
__________________ Poste bitte trotzdem das komplette Malwarebytes Logfile. Erstell auch welche mit RSIT und GMER und poste auch diese.
__________________ |
|
25.03.2010, 10:54
| #3 |
| | HiJackfile-Log Browser öffnet falsche Internetseiten Hallo und vielen Dank schon mal, für das Kümmern!
__________________Anbei die Logfiles von Malwarebyte, RSIT und GMER. Letztere Analyse musste ich abbrechen, weil sie mir vorher zweimal den Rechner gebootet hat, ohne ein Ergebnis zu dokumentieren. Vielleicht ist das ja auch schon ein Hinweis... Nochmals besten Dank!!! Thomas Malwarebytes' Anti-Malware 1.44 Datenbank Version: 3907 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 24.03.2010 11:29:45 mbam-log-2010-03-24 (11-29-45).txt Scan-Methode: Vollständiger Scan (C:\|D:\|E:\|F:\|) Durchsuchte Objekte: 263612 Laufzeit: 45 minute(s), 40 second(s) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) ________________________________RSIT_____________________________ Logfile of random's system information tool 1.06 (written by random/random) Run by Thomas Calliebe at 2010-03-25 09:46:49 Microsoft Windows XP Home Edition Service Pack 3 System drive C: has 202 GB (85%) free of 238 GB Total RAM: 1918 MB (68% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 09:46:55, on 25.03.2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe c:\programme\gemeinsame dateien\logishrd\lvmvfm\LVPrcSrv.exe C:\WINDOWS\Explorer.EXE C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Programme\Acronis\TrueImageHome\TimounterMonitor.exe C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe C:\DATEV\PROGRAMM\B0000150\ScWTS\DVCCSAWTSSetEntryNTE.exe C:\DATEV\PROGRAMM\B0000347\ScMgmt\ScardManager.exe C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\DATEV\PROGRAMM\B0000398\SiPaHost.exe C:\Programme\iTunes\iTunesHelper.exe C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\ctfmon.exe C:\DATEV\PROGRAMM\B0000000\DFUEMNGR\DfueMan.exe C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\Programme\Bonjour\mDNSResponder.exe C:\DATEV\PROGRAMM\B0001442\PSNTSERV.EXE C:\DATEV\PROGRAMM\B0000000\DFUEMNGR\DcManag.exe C:\DATEV\PROGRAMM\B0000150\ScServer\DVckService.exe C:\Programme\FRITZ!DSL\IGDCTRL.EXE C:\Programme\Nero\Nero 7\InCD\InCDsrv.exe C:\Programme\Java\jre6\bin\jqs.exe C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE C:\DATEV\PROGRAMM\DFUEISDN\sslclt\sslclt.exe C:\DATEV\PROGRAMM\RZKOMM\ccsrv2.exe C:\DATEV\PROGRAMM\B0000299\as\as.exe C:\DATEV\PROGRAMM\B0000299\as\as.exe C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe C:\WINDOWS\system32\nvsvc32.exe C:\DATEV\PROGRAMM\B0000347\ScMgmt\SCardService.exe C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Programme\iPod\bin\iPodService.exe C:\Programme\Mozilla Firefox\firefox.exe C:\Dokumente und Einstellungen\Thomas Calliebe\Eigene Dateien\Downloads\RSIT.exe C:\Programme\Trend Micro\HijackThis\Thomas Calliebe.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ig?t=0 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll O2 - BHO: DATEV Smartcard Browser Helper - {AF8CD625-E04A-4A8F-A90A-0C74846C2E30} - C:\DATEV\SYSTEM\DVCCSAScardBHO002.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Programme\Acronis\TrueImageHome\TimounterMonitor.exe O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [DVCCSAWTSSetEntryNTE] C:\DATEV\PROGRAMM\B0000150\ScWTS\DVCCSAWTSSetEntryNTE.exe O4 - HKLM\..\Run: [DATEV_SCardMan] C:\DATEV\PROGRAMM\B0000347\ScMgmt\ScardManager.exe O4 - HKLM\..\Run: [AVP] "C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" O4 - HKLM\..\Run: [SiPaHost] C:\DATEV\PROGRAMM\B0000398\SiPaHost.exe C:\DATEV\KONFIG\B0000398 O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Adobe ARM] "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [Microsoft Office Outlook] C:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE /recycle O4 - HKCU\..\Run: [Firefox] C:\Programme\Mozilla Firefox\firefox.exe O4 - HKCU\..\Run: [Das professionelle Handwerkszeug für den Buchhandel] C:\LIBRI\libri.exe O4 - HKCU\..\Run: [swg] "C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: DFÜ-Manager.lnk = C:\DATEV\PROGRAMM\B0000000\DFUEMNGR\DfueMan.exe O4 - Global Startup: SkyUserDevmode-Update.lnk = C:\DATEV\PROGRAMM\B0001401\UpdateDevmode.exe O4 - Global Startup: Zahlungserinnerung.lnk = C:\Programme\Profi cash\wzed.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: Google Sidewiki... - res://C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm O9 - Extra button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: @C:\Programme\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Programme\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O20 - Winlogon Notify: DVCCSA - C:\WINDOWS\SYSTEM32\DVCCSAnotify002.dll O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Programme\Bonjour\mDNSResponder.exe O23 - Service: DATEV Update-Service - DATEV eG - C:\DATEV\PROGRAMM\INSTALL\DvInesASDSvc.Exe O23 - Service: DATEV Druckservice (DatevPrintService) - DATEV eG - C:\DATEV\PROGRAMM\B0001442\PSNTSERV.EXE O23 - Service: DATEV DFÜ-System Dienst (Dcmanag) - DATEV eG - C:\DATEV\PROGRAMM\B0000000\DFUEMNGR\DcManag.exe O23 - Service: DVckService - DATEV eG - C:\DATEV\PROGRAMM\B0000150\ScServer\DVckService.exe O23 - Service: Google Update Service (gupdate1c9f18bc452d6e2) (gupdate1c9f18bc452d6e2) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: AVM IGD CTRL Service (IGDCTRL) - AVM Berlin - C:\Programme\FRITZ!DSL\IGDCTRL.EXE O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Programme\Nero\Nero 7\InCD\InCDsrv.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\programme\gemeinsame dateien\logishrd\lvmvfm\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Programme\Gemeinsame Dateien\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: NBService - Nero AG - C:\Programme\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: DATEV SmartCard Service (SCardService) - DATEV eG - C:\DATEV\PROGRAMM\B0000347\ScMgmt\SCardService.exe O23 - Service: TuneUp Drive Defrag-Dienst (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe -- End of file - 10813 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\1-Klick-Wartung.job C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}] RealPlayer Download and Record Plugin for Internet Explorer - c:\program files\real\realplayer\rpbrowserrecordplugin.dll [2009-09-29 329312] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}] IEVkbdBHO Class - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll [2009-10-20 68112] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2010-02-01 279664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Programme\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [2010-02-01 812528] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF8CD625-E04A-4A8F-A90A-0C74846C2E30}] SCardBHOEvent Class - C:\DATEV\SYSTEM\DVCCSAScardBHO002.dll [2009-09-17 255584] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Programme\Java\jre6\bin\jp2ssv.dll [2010-03-12 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}] FilterBHO Class - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [2009-10-20 268816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-03-12 79648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2010-02-01 279664] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "TrueImageMonitor.exe"=C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe [2006-10-18 1189920] "AcronisTimounterMonitor"=C:\Programme\Acronis\TrueImageHome\TimounterMonitor.exe [2006-10-18 1962896] "Acronis Scheduler2 Service"=C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe [2006-10-17 87584] "DVCCSAWTSSetEntryNTE"=C:\DATEV\PROGRAMM\B0000150\ScWTS\DVCCSAWTSSetEntryNTE.exe [2009-10-07 544768] "DATEV_SCardMan"=C:\DATEV\PROGRAMM\B0000347\ScMgmt\ScardManager.exe [2009-09-17 304736] "AVP"=C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-10-20 340456] "SiPaHost"=C:\DATEV\PROGRAMM\B0000398\SiPaHost.exe [2009-03-19 269824] "iTunesHelper"=C:\Programme\iTunes\iTunesHelper.exe [2010-01-22 141608] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-12-25 13680640] "Adobe ARM"=C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672] "TkBellExe"=C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe [2009-09-29 198160] "SunJavaUpdateSched"=C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [2010-01-11 246504] "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Microsoft Office Outlook"=C:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE [2003-07-14 196152] "Firefox"=C:\Programme\Mozilla Firefox\firefox.exe [2010-03-16 910296] "Das professionelle Handwerkszeug für den Buchhandel"=C:\LIBRI\libri.exe [2009-06-23 11017728] "swg"=C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-11-27 39408] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-11-27 39408] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomcatStartup 2.5] C:\Programme\Hewlett-Packard\Toolbox\hpbpsttp.exe [2004-10-29 245760] C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart DFÜ-Manager.lnk - C:\DATEV\PROGRAMM\B0000000\DFUEMNGR\DfueMan.exe SkyUserDevmode-Update.lnk - C:\DATEV\PROGRAMM\B0001401\UpdateDevmode.exe Zahlungserinnerung.lnk - C:\Programme\Profi cash\wzed.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\DVCCSA] C:\WINDOWS\system32\DVCCSAnotify002.dll [2009-10-07 114688] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon] C:\WINDOWS\system32\klogon.dll [2009-10-20 219664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "authentication packages"=msv1_0 relog_ap [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoDriveAutoRun"=67108863 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= "NoDriveAutoRun"= "NoDriveTypeAutoRun"= "NoDrives"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\DATEV\PROGRAMM\SWS\Limaservice.exe"="C:\DATEV\PROGRAMM\SWS\LimaService.exe:*:Enabled:LimaService.exe" "C:\DATEV\PROGRAMM\B0000195\ADDMAN\DATEVAddMan.exe"="C:\DATEV\PROGRAMM\B0000195\ADDMAN\DATEVAddMan.exe:*:Enabled  ATEVAddMan.exe""C:\DATEV\PROGRAMM\B0000000\DFUEMNGR\DcManag.exe"="C:\DATEV\PROGRAMM\B0000000\DFUEMNGR\DcManag.exe:*:Enabled cManag.exe""C:\DATEV\PROGRAMM\B0000000\DFUEMNGR\DfueMan.exe"="C:\DATEV\PROGRAMM\B0000000\DFUEMNGR\DfueMan.exe:*:Enabled fueMan.exe""C:\DATEV\PROGRAMM\DFUEISDN\SecClt\SecClt.exe"="C:\DATEV\PROGRAMM\DFUEISDN\SecClt\SecClt.exe:10.0.0.0/255.0.0.0,172.16.0.0/255.240.0.0,192.168.0.0/255.255.0.0:Enabled:SecClt.exe" "C:\DATEV\PROGRAMM\DFUEISDN\SSLClt\SSLClt.exe"="C:\DATEV\PROGRAMM\DFUEISDN\SSLClt\SSLClt.exe:10.0.0.0/255.0.0.0,172.16.0.0/255.240.0.0,192.168.0.0/255.255.0.0:Enabled:SSLClt.exe" "C:\DATEV\PROGRAMM\DFUEWS\MNTBNA\mntbna.exe"="C:\DATEV\PROGRAMM\DFUEWS\MNTBNA\mntbna.exe:10.0.0.0/255.0.0.0,172.16.0.0/255.240.0.0,192.168.0.0/255.255.0.0:Enabled:mntbna.exe" "C:\DATEV\PROGRAMM\RZKOMM\ccsrv2.exe"="C:\DATEV\PROGRAMM\RZKOMM\ccsrv2.exe:*:Enabled:ccsrv2.exe" "C:\DATEV\PROGRAMM\RZKOMM\callauferst.exe"="C:\DATEV\PROGRAMM\RZKOMM\callauferst.exe:*:Enabled:callauferst.exe" "C:\DATEV\PROGRAMM\RZKOMM\DfueSammlerDienst.exe"="C:\DATEV\PROGRAMM\RZKOMM\DfueSammlerDienst.exe:*:Enabled fueSammlerDienst.exe""C:\DATEV\PROGRAMM\RZKOMM\funktest.exe"="C:\DATEV\PROGRAMM\RZKOMM\funktest.exe:*:Enabled:funktest.exe" "C:\DATEV\PROGRAMM\RZKOMM\funkt_fv.exe"="C:\DATEV\PROGRAMM\RZKOMM\funkt_fv.exe:*:Enabled:funkt_fv.exe" "C:\DATEV\PROGRAMM\RZKOMM\empftest.exe"="C:\DATEV\PROGRAMM\RZKOMM\empftest.exe:*:Enabled:empftest.exe" "C:\LIBRI\LCC32.EXE"="C:\LIBRI\LCC32.EXE:*:Enabled:LCC32" "C:\Programme\TeamViewer\Version4\TeamViewer.exe"="C:\Programme\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application" "C:\whBOOK\whAQHome.exe"="C:\whBOOK\whAQHome.exe:*:Enabled:whAQHome" "C:\Programme\FRITZ!DSL\IGDCTRL.EXE"="C:\Programme\FRITZ!DSL\IGDCTRL.EXE:*:Enabled:AVM FRITZ!DSL - igdctrl.exe" "C:\Programme\FRITZ!DSL\FBOXUPD.EXE"="C:\Programme\FRITZ!DSL\FBOXUPD.EXE:*:Enabled:AVM FRITZ!DSL - fboxupd.exe" "C:\Programme\FRITZ!DSL\WebwaIgd.exe"="C:\Programme\FRITZ!DSL\WebwaIgd.exe:*:Enabled:AVM FRITZ!DSL - webwaigd.exe" "C:\Programme\Bonjour\mDNSResponder.exe"="C:\Programme\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\DATEV\PROGRAMM\Install\ExecDll\ExecDllExe.exe"="C:\DATEV\PROGRAMM\Install\ExecDll\ExecDllExe.exe:*:Enabled:ExecDllExe.exe" "C:\DATEV\PROGRAMM\Install\Uninstal.exe"="C:\DATEV\PROGRAMM\Install\Uninstal.exe:*:Enabled:Uninstal.exe" "C:\DATEV\PROGRAMM\SWS\LimaServer.exe"="C:\DATEV\PROGRAMM\SWS\LimaServer.exe:*:Enabled:LimaServer.exe" "C:\DATEV\PROGRAMM\R0000135\EOR.EXE"="C:\DATEV\PROGRAMM\R0000135\EOR:*:Enabled:EOR.exe" "C:\Programme\iTunes\iTunes.exe"="C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\DATEV\PROGRAMM\SWS\Limaservice.exe"="C:\DATEV\PROGRAMM\SWS\LimaService.exe:*:Enabled:LimaService.exe" "C:\DATEV\PROGRAMM\B0000195\ADDMAN\DATEVAddMan.exe"="C:\DATEV\PROGRAMM\B0000195\ADDMAN\DATEVAddMan.exe:*:Enabled ATEVAddMan.exe""C:\DATEV\PROGRAMM\B0000000\DFUEMNGR\DcManag.exe"="C:\DATEV\PROGRAMM\B0000000\DFUEMNGR\DcManag.exe:*:Enabled cManag.exe""C:\DATEV\PROGRAMM\B0000000\DFUEMNGR\DfueMan.exe"="C:\DATEV\PROGRAMM\B0000000\DFUEMNGR\DfueMan.exe:*:Enabled fueMan.exe""C:\DATEV\PROGRAMM\DFUEISDN\SecClt\SecClt.exe"="C:\DATEV\PROGRAMM\DFUEISDN\SecClt\SecClt.exe:10.0.0.0/255.0.0.0,172.16.0.0/255.240.0.0,192.168.0.0/255.255.0.0:Enabled:SecClt.exe" "C:\DATEV\PROGRAMM\DFUEISDN\SSLClt\SSLClt.exe"="C:\DATEV\PROGRAMM\DFUEISDN\SSLClt\SSLClt.exe:10.0.0.0/255.0.0.0,172.16.0.0/255.240.0.0,192.168.0.0/255.255.0.0:Enabled:SSLClt.exe" "C:\DATEV\PROGRAMM\DFUEWS\MNTBNA\mntbna.exe"="C:\DATEV\PROGRAMM\DFUEWS\MNTBNA\mntbna.exe:10.0.0.0/255.0.0.0,172.16.0.0/255.240.0.0,192.168.0.0/255.255.0.0:Enabled:mntbna.exe" "C:\DATEV\PROGRAMM\RZKOMM\ccsrv2.exe"="C:\DATEV\PROGRAMM\RZKOMM\ccsrv2.exe:*:Enabled:ccsrv2.exe" "C:\DATEV\PROGRAMM\RZKOMM\callauferst.exe"="C:\DATEV\PROGRAMM\RZKOMM\callauferst.exe:*:Enabled:callauferst.exe" "C:\DATEV\PROGRAMM\RZKOMM\DfueSammlerDienst.exe"="C:\DATEV\PROGRAMM\RZKOMM\DfueSammlerDienst.exe:*:Enabled fueSammlerDienst.exe""C:\DATEV\PROGRAMM\RZKOMM\funktest.exe"="C:\DATEV\PROGRAMM\RZKOMM\funktest.exe:*:Enabled:funktest.exe" "C:\DATEV\PROGRAMM\RZKOMM\funkt_fv.exe"="C:\DATEV\PROGRAMM\RZKOMM\funkt_fv.exe:*:Enabled:funkt_fv.exe" "C:\DATEV\PROGRAMM\RZKOMM\empftest.exe"="C:\DATEV\PROGRAMM\RZKOMM\empftest.exe:*:Enabled:empftest.exe" "C:\DATEV\PROGRAMM\Install\ExecDll\ExecDllExe.exe"="C:\DATEV\PROGRAMM\Install\ExecDll\ExecDllExe.exe:*:Enabled:ExecDllExe.exe" "C:\DATEV\PROGRAMM\Install\Uninstal.exe"="C:\DATEV\PROGRAMM\Install\Uninstal.exe:*:Enabled:Uninstal.exe" "C:\DATEV\PROGRAMM\SWS\LimaServer.exe"="C:\DATEV\PROGRAMM\SWS\LimaServer.exe:*:Enabled:LimaServer.exe" "C:\DATEV\PROGRAMM\R0000135\EOR.EXE"="C:\DATEV\PROGRAMM\R0000135\EOR:*:Enabled:EOR.exe" ======List of files/folders created in the last 1 months====== 2010-03-25 09:46:40 ----SHD---- C:\RECYCLER 2010-03-25 09:34:20 ----D---- C:\rsit 2010-03-24 12:21:38 ----D---- C:\Programme\Trend Micro 2010-03-24 11:53:07 ----A---- C:\ComboFix.txt 2010-03-24 11:36:53 ----A---- C:\WINDOWS\zip.exe 2010-03-24 11:36:53 ----A---- C:\WINDOWS\SWXCACLS.exe 2010-03-24 11:36:53 ----A---- C:\WINDOWS\SWSC.exe 2010-03-24 11:36:53 ----A---- C:\WINDOWS\SWREG.exe 2010-03-24 11:36:53 ----A---- C:\WINDOWS\sed.exe 2010-03-24 11:36:53 ----A---- C:\WINDOWS\PEV.exe 2010-03-24 11:36:53 ----A---- C:\WINDOWS\NIRCMD.exe 2010-03-24 11:36:53 ----A---- C:\WINDOWS\MBR.exe 2010-03-24 11:36:53 ----A---- C:\WINDOWS\grep.exe 2010-03-24 11:36:46 ----D---- C:\WINDOWS\ERDNT 2010-03-24 11:36:07 ----AD---- C:\Qoobox 2010-03-24 11:32:10 ----D---- C:\Programme\CCleaner 2010-03-24 09:44:59 ----D---- C:\Programme\Mozilla Firefox 2010-03-12 12:10:17 ----D---- C:\Programme\JRE 2010-03-12 12:06:57 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sun 2010-03-12 12:06:56 ----D---- C:\Programme\Gemeinsame Dateien\Java 2010-03-12 12:06:47 ----A---- C:\WINDOWS\system32\javaws.exe 2010-03-12 12:06:47 ----A---- C:\WINDOWS\system32\javaw.exe 2010-03-12 12:06:47 ----A---- C:\WINDOWS\system32\java.exe 2010-03-11 16:40:54 ----A---- C:\WINDOWS\DINFO.INI 2010-03-11 15:28:36 ----D---- C:\Dokumente und Einstellungen\Thomas Calliebe\Anwendungsdaten\klickTel 2010-03-11 12:50:02 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$ 2010-03-09 11:32:35 ----D---- C:\Programme\Maximized Software ======List of files/folders modified in the last 1 months====== 2010-03-25 09:43:04 ----D---- C:\WINDOWS\Temp 2010-03-25 09:42:43 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Lab 2010-03-25 09:41:14 ----D---- C:\LIBRI 2010-03-25 09:40:30 ----D---- C:\WINDOWS\Minidump 2010-03-25 09:40:30 ----D---- C:\WINDOWS 2010-03-24 16:04:46 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-03-24 12:21:38 ----RD---- C:\Programme 2010-03-24 12:05:39 ----SHD---- C:\WINDOWS\Installer 2010-03-24 11:53:20 ----D---- C:\WINDOWS\system32\drivers 2010-03-24 11:51:34 ----D---- C:\WINDOWS\system32\CatRoot2 2010-03-24 11:46:22 ----A---- C:\WINDOWS\system.ini 2010-03-24 11:42:43 ----D---- C:\WINDOWS\system32\config 2010-03-24 11:42:09 ----D---- C:\WINDOWS\system32 2010-03-24 11:42:08 ----D---- C:\Programme\Internet Explorer 2010-03-24 11:41:16 ----D---- C:\WINDOWS\AppPatch 2010-03-24 11:41:12 ----D---- C:\Programme\Gemeinsame Dateien 2010-03-24 11:36:40 ----D---- C:\WINDOWS\Prefetch 2010-03-24 11:33:04 ----D---- C:\WINDOWS\Debug 2010-03-24 10:16:52 ----D---- C:\Programme\Malwarebytes' Anti-Malware 2010-03-24 10:02:54 ----SD---- C:\WINDOWS\Tasks 2010-03-24 09:45:07 ----D---- C:\Dokumente und Einstellungen\Thomas Calliebe\Anwendungsdaten\Mozilla 2010-03-17 09:38:20 ----D---- C:\Programme\Profi cash 2010-03-17 09:38:20 ----A---- C:\WINDOWS\win.ini 2010-03-12 12:11:18 ----RSD---- C:\WINDOWS\assembly 2010-03-12 12:10:28 ----RSD---- C:\WINDOWS\Fonts 2010-03-12 12:10:13 ----D---- C:\Programme\OpenOffice.org 3 2010-03-12 12:06:34 ----A---- C:\WINDOWS\system32\deploytk.dll 2010-03-11 12:50:06 ----HD---- C:\WINDOWS\inf 2010-03-11 12:50:04 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-03-11 12:50:04 ----D---- C:\Programme\Movie Maker 2010-03-11 12:49:47 ----HD---- C:\WINDOWS\$hf_mig$ 2010-03-08 15:16:32 ----RASH---- C:\boot.ini 2010-03-08 15:16:31 ----D---- C:\WINDOWS\pss 2010-03-06 12:36:26 ----A---- C:\WINDOWS\ODBC.INI 2010-03-01 21:30:14 ----A---- C:\WINDOWS\system32\MRT.exe 2010-02-27 10:46:38 ----D---- C:\Dokumente und Einstellungen ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2007-11-26 36776] R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys [2007-11-26 38440] R1 kl1;Kl1; \??\C:\WINDOWS\system32\drivers\kl1.sys [] R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2009-11-17 315408] R1 WS2IFSL;Windows Socket 2.0 Non-IFS-Dienstanbieter-Unterstützungsumgebung; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032] R2 tifsfilter;Acronis True Image FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2009-05-29 39264] R3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\System32\Drivers\BrScnUsb.sys [2004-10-15 15295] R3 BrSerIf;Brother MFC Serial Port Interface WDM Driver; C:\WINDOWS\System32\Drivers\BrSerIf.sys [2006-01-18 53248] R3 BrUsbSer;Brother MFC USB Serial WDM Driver; C:\WINDOWS\System32\Drivers\BrUsbSer.sys [2006-01-19 11904] R3 FilterService;UVC Filter Service; C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys [2007-02-03 22560] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600] R3 HDAudBus;Microsoft UAA-Bustreiber für High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-07-10 4449280] R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2009-09-14 32272] R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2009-10-02 19472] R3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys [2007-02-06 1691808] R3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys [2007-02-06 1964064] R3 lvpopflt;Logitech POP Suppression Filter; C:\WINDOWS\system32\DRIVERS\lvpopflt.sys [2007-02-03 1507232] R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2007-02-06 25632] R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2007-02-03 41504] R3 LVUVC;Logitech QuickCam Fusion(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc.sys [2007-02-03 1939360] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-12-25 6301344] R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-11-27 58368] R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-11-27 19968] R3 SCR3XX2K;SCR3xx USB SmartCardReader; C:\WINDOWS\system32\DRIVERS\SCR3XX2K.sys [2007-04-25 53248] R3 usbaudio;USB-Audiotreiber (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] R3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128] R3 usbehci;Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208] R3 usbhub;Microsoft USB-Standardhubtreiber; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520] R3 usbohci;Miniporttreiber für Microsoft USB Open Host-Controller; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-14 17152] R3 usbprint;Microsoft USB-Druckerklasse; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] R3 USBSTOR;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2007-11-26 118952] S1 kbdhid;Tastatur-HID-Treiber; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] S3 catchme;catchme; \??\C:\ComboFix\catchme.sys [] S3 CCDECODE;Untertiteldecoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 Dot4;MS IEEE-1284.4-Treiber; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2008-04-14 206976] S3 Dot4Print;Druckerklassentreiber für IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928] S3 dot4ufd;HP Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\hppaufd0.sys [2009-08-26 16800] S3 hidusb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368] S3 mouhid;Maus-HID-Treiber; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12288] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;NABTS/FEC VBI-Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Microsoft TV-/Videoverbindung; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 STCFUx32;STC DFU Driver; C:\WINDOWS\system32\DRIVERS\STCFUx32.SYS [2007-01-24 7680] S3 streamip;BDA-IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 usb_rndisx;USB-RNDIS-Adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-13 12800] S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-08-28 40448] S3 usbscan;USB-Scannertreiber; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672] S3 WSTCODEC;World Standard Teletext-Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe [2006-10-17 230944] R2 Apple Mobile Device;Apple Mobile Device; C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672] R2 AVP;Kaspersky Internet Security; C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-10-20 340456] R2 Bonjour Service;Bonjour-Dienst; C:\Programme\Bonjour\mDNSResponder.exe [2008-12-12 238888] R2 DatevPrintService;DATEV Druckservice; C:\DATEV\PROGRAMM\B0001442\PSNTSERV.EXE [2008-11-24 77312] R2 Dcmanag;DATEV DFÜ-System Dienst; C:\DATEV\PROGRAMM\B0000000\DFUEMNGR\DcManag.exe [2008-09-22 176128] R2 DVckService;DVckService; C:\DATEV\PROGRAMM\B0000150\ScServer\DVckService.exe [2009-11-09 1576960] R2 IGDCTRL;AVM IGD CTRL Service; C:\Programme\FRITZ!DSL\IGDCTRL.EXE [2007-09-04 87344] R2 InCDsrv;InCD Helper; C:\Programme\Nero\Nero 7\InCD\InCDsrv.exe [2007-11-26 1554728] R2 JavaQuickStarterService;Java Quick Starter; C:\Programme\Java\jre6\bin\jqs.exe [2010-03-12 153376] R2 LVPrcSrv;Process Monitor; c:\programme\gemeinsame dateien\logishrd\lvmvfm\LVPrcSrv.exe [2007-02-06 109344] R2 MDM;Machine Debug Manager; C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120] R2 MSSQL$DATEV_CL_DE01;SQL Server (DATEV_CL_DE01); C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2009-05-27 29278056] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-12-25 163908] R2 SCardService;DATEV SmartCard Service; C:\DATEV\PROGRAMM\B0000347\ScMgmt\SCardService.exe [2009-09-17 239200] R2 SQLBrowser;SQL Server-Browser; C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-24 239968] R2 SQLWriter;SQL Server VSS Writer; C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe [2009-05-27 86872] R2 UxTuneUp;TuneUp Designerweiterung; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] R3 iPod Service;iPod-Dienst; C:\Programme\iPod\bin\iPodService.exe [2010-01-22 545576] S2 gupdate1c9f18bc452d6e2;Google Update Service (gupdate1c9f18bc452d6e2); C:\Programme\Google\Update\GoogleUpdate.exe [2009-06-20 133104] S2 LVSrvLauncher;LVSrvLauncher; C:\Programme\Gemeinsame Dateien\LogiShrd\SrvLnch\SrvLnch.exe [2007-02-06 105248] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 DATEV Update-Service;DATEV Update-Service; C:\DATEV\PROGRAMM\INSTALL\DvInesASDSvc.Exe [2009-08-26 146016] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 gusvc;Google Software Updater; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-07 182768] S3 IDriverT;InstallDriver Table Manager; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 NBService;NBService; C:\Programme\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-09-17 800040] S3 NMIndexingService;NMIndexingService; C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848] S3 ose;Office Source Engine; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2003-10-22 65536] S3 TuneUp.Defrag;TuneUp Drive Defrag-Dienst; C:\WINDOWS\System32\TuneUpDefragService.exe [2010-02-10 361216] S3 WMPNetworkSvc;Windows Media Player-Netzwerkfreigabedienst; C:\Programme\Windows Media Player\WMPNetwk.exe [2006-11-03 920576] S4 MSSQLServerADHelper;Hilfsdienst von SQL Server für Active Directory; C:\Programme\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- _____________________________GMER_______________________________ GMER 1.0.15.15281 - hxxp://www.gmer.net Rootkit scan 2010-03-25 10:21:01 Windows 5.1.2600 Service Pack 3 Running: gmer.exe; Driver: C:\DOKUME~1\THOMAS~1\LOKALE~1\Temp\fxtdapog.sys ---- System - GMER 1.0.15 ---- SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwAdjustPrivilegesToken [0xB614758C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwClose [0xB6147E0C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwConnectPort [0xB6148922] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateEvent [0xB6148E94] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateFile [0xB61480EE] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateKey [0xB6146436] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateMutant [0xB6148D6C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateNamedPipeFile [0xB6147192] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreatePort [0xB6148C28] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateSection [0xB614734E] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateSemaphore [0xB6148FC6] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateSymbolicLinkObject [0xB614AC08] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateThread [0xB6147AAA] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateWaitablePort [0xB6148CCA] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDebugActiveProcess [0xB614A5FA] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDeleteKey [0xB61469FA] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDeleteValueKey [0xB6146D88] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDeviceIoControlFile [0xB6148576] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDuplicateObject [0xB614B5CA] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwEnumerateKey [0xB6146ECA] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwEnumerateValueKey [0xB6146F74] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwFsControlFile [0xB6148382] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwLoadDriver [0xB614A68C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwLoadKey [0xB6146412] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwLoadKey2 [0xB6146424] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwMapViewOfSection [0xB614ACBC] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwNotifyChangeKey [0xB61470C0] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenEvent [0xB6148F36] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenFile [0xB6147E8E] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenKey [0xB61465DC] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenMutant [0xB6148E04] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenProcess [0xB6147792] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenSection [0xB614AC32] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenSemaphore [0xB6149068] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenThread [0xB61476B6] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueryKey [0xB614701E] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueryMultipleValueKey [0xB6146C46] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQuerySection [0xB614AFD4] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueryValueKey [0xB6146896] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueueApcThread [0xB614A922] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwRenameKey [0xB6146B0E] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwReplaceKey [0xB61462B0] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwReplyPort [0xB61493F2] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwReplyWaitReceivePort [0xB61492B8] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwRequestWaitReplyPort [0xB614A39A] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwRestoreKey [0xB614DE2C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwResumeThread [0xB614B4AC] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSaveKey [0xB6146248] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSecureConnectPort [0xB614865C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetContextThread [0xB6147CC8] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetInformationToken [0xB6149C4A] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetSecurityObject [0xB614A786] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetSystemInformation [0xB614B114] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetValueKey [0xB614671E] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSuspendProcess [0xB614B1F8] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSuspendThread [0xB614B320] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSystemDebugControl [0xB614A526] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwTerminateProcess [0xB614790A] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwTerminateThread [0xB6147860] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwUnmapViewOfSection [0xB614AE8A] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwWriteVirtualMemory [0xB61479EA] Code \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) FsRtlCheckLockForReadAccess Code \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) IoIsOperationSynchronous ---- Kernel code sections - GMER 1.0.15 ---- .text ntkrnlpa.exe!FsRtlCheckLockForReadAccess 804EAF84 5 Bytes JMP B613C4DC \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) .text ntkrnlpa.exe!IoIsOperationSynchronous 804EF912 5 Bytes JMP B613C8B6 \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) .text ntkrnlpa.exe!ZwCallbackReturn + 2C98 80504534 16 Bytes [4E, 73, 14, B6, C6, 8F, 14, ...] .text ntkrnlpa.exe!ZwCallbackReturn + 2D54 805045F0 12 Bytes [8C, A6, 14, B6, 12, 64, 14, ...] {MOV WORD [ESI+0x6412b614], FS; ADC AL, 0xb6; AND AL, 0x64; ADC AL, 0xb6} .text ntkrnlpa.exe!ZwCallbackReturn + 2ED0 8050476C 16 Bytes [0E, 6B, 14, B6, B0, 62, 14, ...] .text ntkrnlpa.exe!ZwCallbackReturn + 2FC4 80504860 12 Bytes [F8, B1, 14, B6, 20, B3, 14, ...] {CLC ; MOV CL, 0x14; MOV DH, 0x20; MOV BL, 0x14; MOV DH, 0x26; MOVSD ; ADC AL, 0xb6} .text ntkrnlpa.exe!ZwCallbackReturn + 3024 805048C0 4 Bytes JMP F4B61479 .text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB8DC3360, 0x35363F, 0xE8000020] ---- User code sections - GMER 1.0.15 ---- ? C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[236] C:\WINDOWS\system32\ntdll.dll time/date stamp mismatch; ? C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[236] C:\WINDOWS\system32\kernel32.dll time/date stamp mismatch; .text C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[236] USER32.dll!AlignRects + FFFA5598 7E362A78 4 Bytes [70, 11, 33, 6D] ? C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[848] C:\WINDOWS\system32\ntdll.dll time/date stamp mismatch; ? C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[848] C:\WINDOWS\system32\kernel32.dll time/date stamp mismatch; .text C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[848] USER32.dll!AlignRects + FFFA5598 7E362A78 4 Bytes [70, 11, 33, 6D] .text C:\Programme\Mozilla Firefox\firefox.exe[1076] ntdll.dll!LdrLoadDll 7C9263C3 5 Bytes JMP 004013F0 C:\Programme\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation) .text C:\Programme\Mozilla Firefox\firefox.exe[1076] WS2_32.dll!select 71A130A8 5 Bytes JMP 040A0010 .text C:\Programme\Mozilla Firefox\firefox.exe[1076] WS2_32.dll!closesocket 71A13E2B 5 Bytes JMP 03710010 .text C:\Programme\Mozilla Firefox\firefox.exe[1076] WS2_32.dll!connect 71A14A07 5 Bytes JMP 04AA0010 .text C:\Programme\Mozilla Firefox\firefox.exe[1076] WS2_32.dll!send 71A14C27 5 Bytes JMP 04A80010 .text C:\Programme\Mozilla Firefox\firefox.exe[1076] WS2_32.dll!recv 71A1676F 5 Bytes JMP 040B0010 .text C:\LIBRI\libri.exe[1080] kernel32.dll!CreateThread + 1A 7C8106F1 4 Bytes CALL 0044F6F1 C:\LIBRI\libri.exe (Das professionelle Handwerkszeug für den Buchhandel/Hahnkamp KG) ---- Kernel IAT/EAT - GMER 1.0.15 ---- IAT \SystemRoot\system32\DRIVERS\tcpip.sys[TDI.SYS!TdiRegisterDeviceObject] [B5C06820] \??\C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Unified Driver/Kaspersky Lab) IAT \SystemRoot\system32\DRIVERS\netbt.sys[TDI.SYS!TdiRegisterDeviceObject] [B5C06820] \??\C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Unified Driver/Kaspersky Lab) |
|
25.03.2010, 11:34
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | HiJackfile-Log Browser öffnet falsche InternetseitenZitat:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
25.03.2010, 11:48
| #5 |
| | HiJackfile-Log Browser öffnet falsche Internetseiten Und hier noch das Combofix.log! Beste Grüße Thomas ComboFix 10-03-23.03 - Thomas Calliebe 24.03.2010 11:37:58.1.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.49.1031.18.1918.807 [GMT 1:00] ausgeführt von:: c:\dokumente und einstellungen\Thomas Calliebe\Eigene Dateien\Downloads\ComboFix.exe AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0} FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0} Achtung - Auf diesem PC ist keine Wiederherstellungskonsole installiert !! . (((((((((((((((((((((((((((((((((((( Weitere Löschungen )))))))))))))))))))))))))))))))))))))))))))))))) . c:\programme\Internet Explorer\SET55.tmp c:\programme\Internet Explorer\SET59.tmp c:\programme\Internet Explorer\SET5A.tmp c:\programme\Internet Explorer\SET83.tmp c:\programme\Internet Explorer\SET87.tmp c:\programme\Internet Explorer\SET88.tmp c:\programme\Internet Explorer\SETB1.tmp c:\programme\Internet Explorer\SETB5.tmp c:\programme\Internet Explorer\SETB6.tmp c:\recycler\S-1-5-21-1257340039-1523915668-2720055195-1004 c:\recycler\S-1-5-21-1900333563-2257141849-4042695414-1004 c:\recycler\S-1-5-21-2025429265-1383384898-682003330-1004 c:\windows\system32\encapi32.dll c:\windows\system32\Temp c:\windows\system32\Temp\KSKD87SFDS F:\autorun.inf . ((((((((((((((((((((((( Dateien erstellt von 2010-02-24 bis 2010-03-24 )))))))))))))))))))))))))))))) . 2010-03-24 10:32 . 2010-03-24 10:32 -------- d-----w- c:\programme\CCleaner 2010-03-12 11:10 . 2010-03-12 11:10 -------- d-----w- c:\programme\JRE 2010-03-12 11:06 . 2010-03-12 11:06 -------- d-----w- c:\programme\Gemeinsame Dateien\Java 2010-03-11 14:28 . 2010-03-11 14:28 -------- d-----w- c:\dokumente und einstellungen\Thomas Calliebe\Anwendungsdaten\klickTel 2010-03-09 10:37 . 2010-03-09 10:37 -------- d-----w- c:\dokumente und einstellungen\Thomas Calliebe\Lokale Einstellungen\Anwendungsdaten\Maximized Software 2010-03-09 10:32 . 2010-03-09 10:32 -------- d-----w- c:\programme\Maximized Software 2010-02-24 14:54 . 2010-02-24 14:54 -------- d-----w- c:\dokumente und einstellungen\Thomas Calliebe\Anwendungsdaten\Media Player Classic . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-03-24 10:46 . 2009-10-26 10:19 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Kaspersky Lab 2010-03-24 10:44 . 2009-09-09 08:59 0 ----a-w- c:\windows\system32\drivers\lvuvc.hs 2010-03-24 09:16 . 2009-11-28 09:58 -------- d-----w- c:\programme\Malwarebytes' Anti-Malware 2010-03-23 13:49 . 2009-11-04 15:19 1 ----a-w- c:\dokumente und einstellungen\Thomas Calliebe\Anwendungsdaten\OpenOffice.org\3\user\uno_packages\cache\stamp.sys 2010-03-17 08:38 . 2009-05-29 13:31 -------- d-----w- c:\programme\Profi cash 2010-03-13 10:26 . 2010-01-18 10:47 63752 ---ha-w- c:\windows\system32\mlfcache.dat 2010-03-13 09:21 . 2010-03-13 09:21 503808 ----a-w- c:\dokumente und einstellungen\Thomas Calliebe\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-4cb5903d-n\msvcp71.dll 2010-03-13 09:21 . 2010-03-13 09:21 499712 ----a-w- c:\dokumente und einstellungen\Thomas Calliebe\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-4cb5903d-n\jmc.dll 2010-03-13 09:21 . 2010-03-13 09:21 348160 ----a-w- c:\dokumente und einstellungen\Thomas Calliebe\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-4cb5903d-n\msvcr71.dll 2010-03-13 09:21 . 2010-03-13 09:21 61440 ----a-w- c:\dokumente und einstellungen\Thomas Calliebe\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-5f73fff9-n\decora-sse.dll 2010-03-13 09:21 . 2010-03-13 09:21 12800 ----a-w- c:\dokumente und einstellungen\Thomas Calliebe\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-5f73fff9-n\decora-d3d.dll 2010-03-12 13:52 . 2009-06-29 15:47 65680 ----a-w- c:\dokumente und einstellungen\Thomas Calliebe\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT 2010-03-12 11:10 . 2009-11-04 15:17 -------- d-----w- c:\programme\OpenOffice.org 3 2010-03-12 11:06 . 2009-06-22 13:54 411368 ----a-w- c:\windows\system32\deploytk.dll 2010-02-22 11:05 . 2009-05-30 07:27 -------- d-----w- c:\programme\Gemeinsame Dateien\Adobe 2010-02-18 15:55 . 2010-02-18 15:24 -------- d-----w- c:\dokumente und einstellungen\Thomas Calliebe\Anwendungsdaten\HandBrake 2010-02-18 15:24 . 2010-02-18 15:24 -------- d-----w- c:\programme\Handbrake 2010-02-17 15:10 . 2009-09-19 10:22 -------- d-----w- c:\programme\DivX 2010-02-10 11:34 . 2009-07-28 12:42 -------- d-----w- c:\programme\TuneUp Utilities 2008 2010-02-10 11:28 . 2009-09-22 07:35 361216 ----a-w- c:\windows\system32\TuneUpDefragService.exe 2010-02-10 10:28 . 2008-04-14 12:00 519292 ----a-w- c:\windows\system32\perfh007.dat 2010-02-10 10:28 . 2008-04-14 12:00 109170 ----a-w- c:\windows\system32\perfc007.dat 2010-02-10 10:23 . 2009-06-18 13:19 -------- d-----w- c:\programme\Microsoft ActiveSync 2010-02-10 10:07 . 2009-09-21 07:22 -------- d-----w- c:\programme\Gemeinsame Dateien\Symantec Shared 2010-02-08 09:29 . 2010-02-08 09:28 -------- d-----w- c:\programme\iTunes 2010-02-08 09:28 . 2010-02-08 09:28 -------- d-----w- c:\programme\iPod 2010-02-08 09:28 . 2009-10-12 08:48 -------- d-----w- c:\programme\Gemeinsame Dateien\Apple 2010-02-08 08:48 . 2010-02-08 08:48 72488 ----a-w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Apple Computer\Installer Cache\iTunes 9.0.3.15\SetupAdmin.exe 2010-02-02 09:24 . 2009-06-20 09:44 -------- d-----w- c:\programme\Google 2010-01-08 22:42 . 2010-01-08 22:42 3366912 ----a-w- c:\windows\system32\GPhotos.scr 2010-01-07 15:07 . 2009-11-28 10:01 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-01-07 15:07 . 2009-11-28 09:58 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-12-31 16:50 . 2008-04-14 12:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys . (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Microsoft Office Outlook"="c:\progra~1\MICROS~2\OFFICE11\OUTLOOK.EXE" [2003-07-14 196152] "Firefox"="c:\programme\Mozilla Firefox\firefox.exe" [2010-03-16 910296] "Das professionelle Handwerkszeug für den Buchhandel"="c:\libri\libri.exe" [2009-06-23 11017728] "swg"="c:\programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-11-27 39408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TrueImageMonitor.exe"="c:\programme\Acronis\TrueImageHome\TrueImageMonitor.exe" [2006-10-18 1189920] "AcronisTimounterMonitor"="c:\programme\Acronis\TrueImageHome\TimounterMonitor.exe" [2006-10-18 1962896] "Acronis Scheduler2 Service"="c:\programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe" [2006-10-17 87584] "DVCCSAWTSSetEntryNTE"="c:\datev\PROGRAMM\B0000150\ScWTS\DVCCSAWTSSetEntryNTE.exe" [2009-10-07 544768] "DATEV_SCardMan"="c:\datev\PROGRAMM\B0000347\ScMgmt\ScardManager.exe" [2009-09-17 304736] "AVP"="c:\programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2009-10-20 340456] "SiPaHost"="c:\datev\PROGRAMM\B0000398\SiPaHost.exe" [2009-03-19 269824] "iTunesHelper"="c:\programme\iTunes\iTunesHelper.exe" [2010-01-22 141608] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-25 13680640] "Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672] "TkBellExe"="c:\programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" [2009-09-29 198160] "SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2010-01-11 246504] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\dokumente und einstellungen\All Users\Startmen\Programme\Autostart\ DFš-Manager.lnk - c:\datev\PROGRAMM\B0000000\DFUEMNGR\DfueMan.exe [2008-7-7 352316] SkyUserDevmode-Update.lnk - c:\datev\PROGRAMM\B0001401\UpdateDevmode.exe [2007-11-5 14336] Zahlungserinnerung.lnk - c:\programme\Profi cash\wzed.exe [2009-5-29 36864] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DVCCSA] 2009-10-07 13:10 114688 ------w- c:\windows\system32\DVCCSAnotify002.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2009-12-22 00:57 35760 ----a-w- c:\programme\Adobe\Reader 9.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2009-11-27 15:35 39408 ----a-w- c:\programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomcatStartup 2.5] 2004-10-29 22:40 245760 ----a-w- c:\programme\Hewlett-Packard\Toolbox\hpbpsttp.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "CTFMON.EXE"=c:\windows\system32\ctfmon.exe "swg"="c:\programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Adobe Reader Speed Launcher"="c:\programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" "NeroFilterCheck"=c:\programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe "InCD"=c:\programme\Nero\Nero 7\InCD\InCD.exe "SecurDisc"=c:\programme\Nero\Nero 7\InCD\NBHGui.exe "NBKeyScan"="c:\programme\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe" "TkBellExe"="c:\programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot "SkyTel"=SkyTel.EXE "Ulead AutoDetector v2"=c:\programme\Gemeinsame Dateien\Ulead Systems\AutoDetector\monitor.exe "SetDefPrt"=c:\programme\Brother\Brmfl04g\BrStDvPt.exe "LogitechCommunicationsManager"="c:\programme\Gemeinsame Dateien\LogiShrd\LComMgr\Communications_Helper.exe" "ControlCenter2.0"=c:\programme\Brother\ControlCenter2\brctrcen.exe /autorun "LogitechQuickCamRibbon"="c:\programme\Logitech\QuickCam10\QuickCam10.exe" /hide "NvMediaCenter"=RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit "nwiz"=nwiz.exe /install "NvCplDaemon"=RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup "RTHDCPL"=RTHDCPL.EXE "Alcmtr"=ALCMTR.EXE "QuickTime Task"="c:\programme\QuickTime\QTTask.exe" -atboottime [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\DATEV\\PROGRAMM\\SWS\\Limaservice.exe"= c:\\DATEV\\PROGRAMM\\SWS\\LimaService.exe "c:\\DATEV\\PROGRAMM\\B0000195\\ADDMAN\\DATEVAddMan.exe"= "c:\\DATEV\\PROGRAMM\\B0000000\\DFUEMNGR\\DcManag.exe"= "c:\\DATEV\\PROGRAMM\\B0000000\\DFUEMNGR\\DfueMan.exe"= "c:\datev\PROGRAMM\DFUEISDN\SecClt\SecClt.exe"= c:\datev\PROGRAMM\DFUEISDN\SecClt\SecClt.exe:10.0.0.0/255.0.0.0,172.16.0.0/255.240.0.0,192.168.0.0/255.255.0.0:Enabled:SecClt.exe "c:\datev\PROGRAMM\DFUEISDN\SSLClt\SSLClt.exe"= c:\datev\PROGRAMM\DFUEISDN\SSLClt\SSLClt.exe:10.0.0.0/255.0.0.0,172.16.0.0/255.240.0.0,192.168.0.0/255.255.0.0:Enabled:SSLClt.exe "c:\datev\PROGRAMM\DFUEWS\MNTBNA\mntbna.exe"= c:\datev\PROGRAMM\DFUEWS\MNTBNA\mntbna.exe:10.0.0.0/255.0.0.0,172.16.0.0/255.240.0.0,192.168.0.0/255.255.0.0:Enabled:mntbna.exe "c:\\DATEV\\PROGRAMM\\RZKOMM\\ccsrv2.exe"= "c:\\DATEV\\PROGRAMM\\RZKOMM\\callauferst.exe"= "c:\\DATEV\\PROGRAMM\\RZKOMM\\DfueSammlerDienst.exe"= "c:\\DATEV\\PROGRAMM\\RZKOMM\\funktest.exe"= "c:\\DATEV\\PROGRAMM\\RZKOMM\\funkt_fv.exe"= "c:\\DATEV\\PROGRAMM\\RZKOMM\\empftest.exe"= "c:\\LIBRI\\LCC32.EXE"= "c:\\Programme\\TeamViewer\\Version4\\TeamViewer.exe"= "c:\\whBOOK\\whAQHome.exe"= "c:\\Programme\\FRITZ!DSL\\IGDCTRL.EXE"= "c:\\Programme\\FRITZ!DSL\\FBOXUPD.EXE"= "c:\\Programme\\FRITZ!DSL\\WebwaIgd.exe"= "c:\\Programme\\Bonjour\\mDNSResponder.exe"= "c:\\DATEV\\PROGRAMM\\Install\\ExecDll\\ExecDllExe.exe"= "c:\\DATEV\\PROGRAMM\\Install\\Uninstal.exe"= "c:\\DATEV\\PROGRAMM\\SWS\\LimaServer.exe"= "c:\\DATEV\\PROGRAMM\\R0000135\\EOR.EXE"= c:\\DATEV\\PROGRAMM\\R0000135\\EOR "c:\\Programme\\iTunes\\iTunes.exe"= R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [14.10.2009 21:18 36880] R2 DatevPrintService;DATEV Druckservice;c:\datev\PROGRAMM\B0001442\PSNTServ.exe [24.11.2008 02:00 77312] R2 Dcmanag;DATEV DFÜ-System Dienst;c:\datev\PROGRAMM\B0000000\DFUEMNGR\DcManag.exe [22.09.2008 07:47 176128] R2 IGDCTRL;AVM IGD CTRL Service;c:\programme\FRITZ!DSL\IGDCTRL.EXE [04.09.2007 09:14 87344] R2 MSSQL$DATEV_CL_DE01;SQL Server (DATEV_CL_DE01);c:\programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [27.05.2009 03:29 29278056] R2 SCardService;DATEV SmartCard Service;c:\datev\PROGRAMM\B0000347\ScMgmt\SCardService.exe [17.09.2009 14:06 239200] R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [14.09.2009 14:42 32272] R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [02.10.2009 19:39 19472] R3 SCR3XX2K;SCR3xx USB SmartCardReader;c:\windows\system32\drivers\SCR3XX2K.sys [25.04.2007 03:39 53248] S2 DVckService;DVckService;c:\datev\PROGRAMM\B0000150\ScServer\DVckService.exe [09.11.2009 15:03 1576960] S2 gupdate1c9f18bc452d6e2;Google Update Service (gupdate1c9f18bc452d6e2);c:\programme\Google\Update\GoogleUpdate.exe [20.06.2009 10:44 133104] S3 DATEV Update-Service;DATEV Update-Service;c:\datev\PROGRAMM\Install\DvInesASDSvc.Exe [26.08.2009 02:43 146016] S3 STCFUx32;STC DFU Driver;c:\windows\system32\drivers\STCFUx32.sys [24.01.2007 01:01 7680] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Inhalt des "geplante Tasks" Ordners 2010-03-24 c:\windows\Tasks\1-Klick-Wartung.job - c:\programme\TuneUp Utilities 2008\OneClickStarter.exe [2009-07-28 16:22] 2009-10-12 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\programme\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] 2010-03-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\programme\Google\Update\GoogleUpdate.exe [2009-06-20 09:44] 2010-03-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\programme\Google\Update\GoogleUpdate.exe [2009-06-20 09:44] . . ------- Zusätzlicher Suchlauf ------- . uStart Page = hxxp://www.google.de/ig?t=0 uDefault_Search_URL = hxxp://www.google.com/ie uInternet Settings,ProxyOverride = *.local;<local> uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Google Sidewiki... - c:\programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html IE: Hinzufügen zu Anti-Banner - c:\programme\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm FF - ProfilePath - c:\dokumente und einstellungen\Thomas Calliebe\Anwendungsdaten\Mozilla\Firefox\Profiles\vebj54dp.default\ FF - component: c:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll FF - plugin: c:\program files\real\realplayer\Netscape6\nppl3260.dll FF - plugin: c:\program files\real\realplayer\Netscape6\nprjplug.dll FF - plugin: c:\program files\real\realplayer\Netscape6\nprpjplug.dll FF - plugin: c:\programme\Google\Picasa3\npPicasa3.dll FF - plugin: c:\programme\Google\Update\1.2.183.23\npGoogleOneClick8.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX Richtlinien ---- c:\programme\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\programme\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false); c:\programme\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true); c:\programme\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true); c:\programme\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32); c:\programme\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600); c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\programme\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\programme\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1); c:\programme\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false); c:\programme\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2); c:\programme\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1); c:\programme\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25); c:\programme\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800); c:\programme\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25); c:\programme\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5); c:\programme\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false); c:\programme\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true); c:\programme\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\programme\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\programme\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\programme\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600); c:\programme\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "hxxp://www.firefox.com"); c:\programme\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff"); c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org"); c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com"); c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true); c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false); c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false); c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false); c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false); c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20); c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20); . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net Rootkit scan 2010-03-24 11:49 Windows 5.1.2600 Service Pack 3 NTFS Scanne versteckte Prozesse... Scanne versteckte Autostarteinträge... Scanne versteckte Dateien... Scan erfolgreich abgeschlossen versteckte Dateien: 0 ************************************************************************** . --------------------- Durch laufende Prozesse gestartete DLLs --------------------- - - - - - - - > 'winlogon.exe'(1132) c:\windows\SYSTEM32\NUKORDEU.DLL - - - - - - - > 'lsass.exe'(1188) c:\windows\system32\relog_ap.dll - - - - - - - > 'explorer.exe'(5428) c:\programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Weitere laufende Prozesse ------------------------ . c:\programme\gemeinsame dateien\logishrd\lvmvfm\LVPrcSrv.exe c:\windows\System32\SCardSvr.exe c:\programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe c:\programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\programme\Bonjour\mDNSResponder.exe c:\programme\Nero\Nero 7\InCD\InCDsrv.exe c:\programme\Java\jre6\bin\jqs.exe c:\programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE c:\windows\system32\nvsvc32.exe c:\programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe c:\programme\Microsoft SQL Server\90\Shared\sqlwriter.exe c:\datev\PROGRAMM\DFUEISDN\sslclt\sslclt.exe c:\datev\PROGRAMM\RZKOMM\ccsrv2.exe c:\datev\PROGRAMM\B0000299\as\as.exe c:\datev\PROGRAMM\B0000299\as\as.exe c:\datev\PROGRAMM\B0000150\ScServer\DVcServ.exe c:\programme\iPod\bin\iPodService.exe c:\programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\distnoted.exe c:\programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\SyncServer.exe . ************************************************************************** . Zeit der Fertigstellung: 2010-03-24 11:53:06 - PC wurde neu gestartet ComboFix-quarantined-files.txt 2010-03-24 10:53 Vor Suchlauf: 21 Verzeichnis(se), 211.749.875.712 Bytes frei Nach Suchlauf: 24 Verzeichnis(se), 211.728.318.464 Bytes frei - - End Of File - - 84FADE2E5A0B510D4E461CB67179D50C |
|
25.03.2010, 11:55
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | HiJackfile-Log Browser öffnet falsche Internetseiten Das sieht gut aus. Passieren die Umleitungen immer noch?
__________________ --> HiJackfile-Log Browser öffnet falsche Internetseiten |
|
25.03.2010, 12:11
| #7 |
| | HiJackfile-Log Browser öffnet falsche Internetseiten Hallo Arne, ja, die Umleitungen passieren immer noch. Habe mal testweise was gegoogelt. Angeklickt habe ich das Suchergebnis: www.aquarium-guide.de/ rausgekommen bin ich bei: hxxp://www.martina-scales.de/ Auch bei der Süddeutschen Zeitung lande ich mit diesem PC immer erst auf einer Abonnenten-Seite, erst beim zweiten Anklicken des Lesezeichens auf der eigentlichen Homepage. Sehr mysteriös, all das... Beste Grüße Thomas |
|
25.03.2010, 12:14
| #8 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | HiJackfile-Log Browser öffnet falsche InternetseitenZitat:
Wenn die Datei schon ausgewertet sein sollte, bitte eine weitere Auswertung starten.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
25.03.2010, 12:23
| #9 |
| | HiJackfile-Log Browser öffnet falsche Internetseiten Auch das anscheinend ohne Ergebnis - ist eine Datei von DATEV: Datei NUKORDEU.DLL empfangen 2010.03.25 11:17:34 (UTC) Status: Laden ... Wartend Warten Überprüfung Beendet Nicht gefunden Gestoppt Ergebnis: 0/42 (0%) Laden der Serverinformationen... Ihre Datei wartet momentan auf Position: ___. Geschätzte Startzeit ist zwischen ___ und ___ . Dieses Fenster bis zum Abschluss des Scans nicht schließen. Der Scanner, welcher momentan Ihre Datei bearbeitet ist momentan gestoppt. Wir warten einige Sekunden um Ihr Ergebnis zu erstellen. Falls Sie längern als fünf Minuten warten, versenden Sie bitte die Datei erneut. Ihre Datei wird momentan von VirusTotal überprüft, Ergebnisse werden sofort nach der Generierung angezeigt. Filter Filter Drucken der Ergebnisse Drucken der Ergebnisse Datei existiert nicht oder dessen Lebensdauer wurde überschritten Dienst momentan gestoppt. Ihre Datei befindet sich in der Warteschlange (position: ). Diese wird abgearbeitet, wenn der Dienst wieder startet. SIe können auf einen automatischen reload der homepage warten, oder ihre email in das untere formular eintragen. Klicken Sie auf "Anfragen", damit das System sie benachrichtigt wenn die Überprüfung abgeschlossen ist. Email: Antivirus Version letzte aktualisierung Ergebnis a-squared 4.5.0.50 2010.03.25 - AhnLab-V3 5.0.0.2 2010.03.25 - AntiVir 7.10.5.211 2010.03.25 - Antiy-AVL 2.0.3.7 2010.03.24 - Authentium 5.2.0.5 2010.03.25 - Avast 4.8.1351.0 2010.03.25 - Avast5 5.0.332.0 2010.03.25 - AVG 9.0.0.787 2010.03.25 - BitDefender 7.2 2010.03.25 - CAT-QuickHeal 10.00 2010.03.25 - ClamAV 0.96.0.0-git 2010.03.25 - Comodo 4379 2010.03.25 - DrWeb 5.0.1.12222 2010.03.25 - eSafe 7.0.17.0 2010.03.24 - eTrust-Vet 35.2.7387 2010.03.25 - F-Prot 4.5.1.85 2010.03.24 - F-Secure 9.0.15370.0 2010.03.25 - Fortinet 4.0.14.0 2010.03.24 - GData 19 2010.03.25 - Ikarus T3.1.1.80.0 2010.03.25 - Jiangmin 13.0.900 2010.03.25 - K7AntiVirus 7.10.1004 2010.03.22 - Kaspersky 7.0.0.125 2010.03.25 - McAfee 5930 2010.03.24 - McAfee+Artemis 5930 2010.03.24 - McAfee-GW-Edition 6.8.5 2010.03.25 - Microsoft 1.5605 2010.03.25 - NOD32 4973 2010.03.25 - Norman 6.04.10 2010.03.25 - nProtect 2009.1.8.0 2010.03.25 - Panda 10.0.2.2 2010.03.24 - PCTools 7.0.3.5 2010.03.25 - Prevx 3.0 2010.03.25 - Rising 22.40.03.04 2010.03.25 - Sophos 4.52.0 2010.03.25 - Sunbelt 6076 2010.03.25 - Symantec 20091.2.0.41 2010.03.25 - TheHacker 6.5.2.0.242 2010.03.24 - TrendMicro 9.120.0.1004 2010.03.25 - VBA32 3.12.12.2 2010.03.25 - ViRobot 2010.3.25.2244 2010.03.25 - VirusBuster 5.0.27.0 2010.03.24 - weitere Informationen File size: 485888 bytes MD5...: 23bb17aaa096f816182d730c917e5980 SHA1..: 82f8722ccfa60a7448b042d28638c3e0f82a1fdb SHA256: 0e78e5a0c40bc0316fc18a7d45054a9b9e231d1c6d55d2c40144676fc4ac5a39 ssdeep: 6144:waGa9+y9sYz5te8WtcqSd412WzYqVEJobCa:waztdmGd412WzYqVlH PEiD..: - PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x0 timedatestamp.....: 0x4b054058 (Thu Nov 19 12:55:52 2009) machinetype.......: 0x14c (I386) ( 2 sections ) name viradd virsiz rawdsiz ntrpy md5 .rdata 0x1000 0x5a 0x200 1.26 82446da692ad114bd3277e2bd6c90ac1 .rsrc 0x2000 0x764d8 0x76600 5.12 f8534b62c6935b5af0cf284c81c80526 ( 0 imports ) ( 0 exports ) RDS...: NSRL Reference Data Set - pdfid.: - trid..: Generic Win/DOS Executable (49.9%) DOS Executable Generic (49.8%) Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%) sigcheck: publisher....: DATEV eG copyright....: Copyright (c) 1998 - 2009 DATEV eG. product......: Nutzungskontrolle description..: Deutsche Resourcen original name: NKRESDEU.DLL internal name: NKRESDEU file version.: 5.0.2.0 comments.....: signers......: - signing date.: - verified.....: Unsigned |
|
25.03.2010, 17:04
| #11 |
| | HiJackfile-Log Browser öffnet falsche Internetseiten Anbei das Gmer-Log - diesmal ist es komplett durchgelaufen. Muß das Log in zwei Teilen posten, ist zu lang! GMER 1.0.15.14966 - hxxp://www.gmer.net Rootkit scan 2010-03-25 16:58:06 Windows 5.1.2600 Service Pack 3 ---- System - GMER 1.0.15 ---- SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwAdjustPrivilegesToken [0xB625E58C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwClose [0xB625EE0C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwConnectPort [0xB625F922] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateEvent [0xB625FE94] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateFile [0xB625F0EE] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateKey [0xB625D436] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateMutant [0xB625FD6C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateNamedPipeFile [0xB625E192] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreatePort [0xB625FC28] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateSection [0xB625E34E] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateSemaphore [0xB625FFC6] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateSymbolicLinkObject [0xB6261C08] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateThread [0xB625EAAA] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateWaitablePort [0xB625FCCA] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDebugActiveProcess [0xB62615FA] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDeleteKey [0xB625D9FA] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDeleteValueKey [0xB625DD88] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDeviceIoControlFile [0xB625F576] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDuplicateObject [0xB62625CA] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwEnumerateKey [0xB625DECA] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwEnumerateValueKey [0xB625DF74] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwFsControlFile [0xB625F382] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwLoadDriver [0xB626168C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwLoadKey [0xB625D412] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwLoadKey2 [0xB625D424] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwMapViewOfSection [0xB6261CBC] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwNotifyChangeKey [0xB625E0C0] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenEvent [0xB625FF36] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenFile [0xB625EE8E] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenKey [0xB625D5DC] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenMutant [0xB625FE04] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenProcess [0xB625E792] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenSection [0xB6261C32] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenSemaphore [0xB6260068] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenThread [0xB625E6B6] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueryKey [0xB625E01E] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueryMultipleValueKey [0xB625DC46] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQuerySection [0xB6261FD4] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueryValueKey [0xB625D896] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueueApcThread [0xB6261922] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwRenameKey [0xB625DB0E] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwReplaceKey [0xB625D2B0] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwReplyPort [0xB62603F2] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwReplyWaitReceivePort [0xB62602B8] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwRequestWaitReplyPort [0xB626139A] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwRestoreKey [0xB6264E2C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwResumeThread [0xB62624AC] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSaveKey [0xB625D248] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSecureConnectPort [0xB625F65C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetContextThread [0xB625ECC8] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetInformationToken [0xB6260C4A] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetSecurityObject [0xB6261786] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetSystemInformation [0xB6262114] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetValueKey [0xB625D71E] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSuspendProcess [0xB62621F8] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSuspendThread [0xB6262320] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSystemDebugControl [0xB6261526] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwTerminateProcess [0xB625E90A] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwTerminateThread [0xB625E860] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwUnmapViewOfSection [0xB6261E8A] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwWriteVirtualMemory [0xB625E9EA] Code \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) FsRtlCheckLockForReadAccess Code \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) IoIsOperationSynchronous ---- Kernel code sections - GMER 1.0.15 ---- .text ntkrnlpa.exe!FsRtlCheckLockForReadAccess 804EAF84 5 Bytes JMP B62534DC \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) .text ntkrnlpa.exe!IoIsOperationSynchronous 804EF912 5 Bytes JMP B62538B6 \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) .text ntkrnlpa.exe!ZwCallbackReturn + 2C98 80504534 16 Bytes [4E, E3, 25, B6, C6, FF, 25, ...] .text ntkrnlpa.exe!ZwCallbackReturn + 2D54 805045F0 12 Bytes [8C, 16, 26, B6, 12, D4, 25, ...] .text ntkrnlpa.exe!ZwCallbackReturn + 2ED0 8050476C 16 Bytes [0E, DB, 25, B6, B0, D2, 25, ...] .text ntkrnlpa.exe!ZwCallbackReturn + 2FC4 80504860 12 Bytes [F8, 21, 26, B6, 20, 23, 26, ...] .text ntkrnlpa.exe!ZwCallbackReturn + 2FD4 80504870 8 Bytes JMP 68B0FE9A .text ... ---- User code sections - GMER 1.0.15 ---- ? C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] C:\WINDOWS\system32\ntdll.dll time/date stamp mismatch; ? C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] C:\WINDOWS\system32\kernel32.dll time/date stamp mismatch; .text C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] USER32.dll!AlignRects + FFFA5598 7E362A78 4 Bytes [70, 11, 33, 6D] ? C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] C:\WINDOWS\system32\ntdll.dll time/date stamp mismatch; ? C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] C:\WINDOWS\system32\kernel32.dll time/date stamp mismatch; .text C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] USER32.dll!AlignRects + FFFA5598 7E362A78 4 Bytes [70, 11, 33, 6D] ---- Kernel IAT/EAT - GMER 1.0.15 ---- IAT \SystemRoot\system32\DRIVERS\tcpip.sys[TDI.SYS!TdiRegisterDeviceObject] [B5CF5820] \??\C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Unified Driver/Kaspersky Lab) IAT \SystemRoot\system32\DRIVERS\netbt.sys[TDI.SYS!TdiRegisterDeviceObject] [B5CF5820] \??\C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Unified Driver/Kaspersky Lab) |
|
25.03.2010, 17:04
| #12 |
| | HiJackfile-Log Browser öffnet falsche Internetseiten 2. Teil: ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlAllocateHeap] 00370240 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlFreeHeap] 003702B0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlSizeHeap] 00370320 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlReAllocateHeap] 00370390 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetModuleFileNameA] 00950860 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] 009508D0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] 00950940 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] 009509B0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] 00950A20 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00950A90 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateThread] 00370630 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!VirtualAlloc] 003706A0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!VirtualFree] 00370710 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!RtlFreeHeap] 00370780 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!RtlAllocateHeap] 003707F0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode] 00950B00 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 00950B70 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleFileNameW] 00950BE0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!CreateThread] 00370860 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00950C50 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] 00950CC0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] 00950D30 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] 00950DA0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] 00950E10 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!VirtualAlloc] 003709B0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!VirtualFree] 00370A20 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlFreeHeap] 00370A90 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlAllocateHeap] 00370B00 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlReAllocateHeap] 00370B70 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00950E80 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] 00950EF0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] 00950F60 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetModuleFileNameW] 7C9E0550 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] 7C9E05C0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] 7C9E0630 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!RtlFreeHeap] 00370BE0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!RtlAllocateHeap] 00370C50 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 7C9E06A0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateThread] 00370CC0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] 7C9E0710 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameA] 7C9E0780 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] 7C9E07F0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7C9E0860 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] 7C9E08D0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] 7C9E0940 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] 7C9E09B0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameW] 7C9E0A20 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!RtlAllocateHeap] 00370EF0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!RtlFreeHeap] 00370F60 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7C9E0A90 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 7C9E0B00 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] 7C9E0B70 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] 7C9E0BE0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] 7C9E0C50 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] 7C9E0CC0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!RtlAllocateHeap] 7C9D0390 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!RtlFreeHeap] 7C9D0400 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetErrorMode] 00960240 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 009602B0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] 00960320 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] 00960390 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] 00960400 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] 00960470 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] 009604E0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleFileNameA] 00960550 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!HeapDestroy] 7C9D0940 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!VirtualFree] 7C9D09B0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!VirtualAlloc] 7C9D0A20 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateThread] 7C9D0B00 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleFileNameW] 009605C0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!VirtualAlloc] 7C9D0CC0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!VirtualFree] 7C9D0D30 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!HeapDestroy] 7C9D0EF0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00960710 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] 00960780 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] 009607F0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleFileNameW] 00960860 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetErrorMode] 009608D0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] 00960940 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] 009609B0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateThread] 7C9D0F60 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 00960A20 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] 00960A90 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] 00960B00 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!RtlFreeHeap] 00380010 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00960B70 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode] 00960BE0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameW] 00960C50 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] 00960CC0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 00960D30 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] 00960DA0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] 00960E10 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] 00960E80 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] 00960EF0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] 00380080 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!HeapDestroy] 003800F0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] 00960F60 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] 00970010 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameA] 00970080 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] 009700F0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] 00970160 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] 009701D0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] 00970240 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetModuleFileNameW] 009702B0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateThread] 00380390 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 00970320 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] 00970390 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] 00970400 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!VirtualAlloc] 00380400 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00970470 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!RtlFreeHeap] 00380470 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] 009801D0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] 00980240 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] 009802B0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 00980320 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetErrorMode] 00980710 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryW] 00980780 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryExA] 009807F0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!CreateThread] 7C9D01D0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!CreateProcessW] 00980860 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!GetModuleFileNameW] 009808D0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!GetProcAddress] 00980940 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!FreeLibrary] 009809B0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryA] 00980A20 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00980A90 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\userenv.dll [ntdll.dll!RtlFreeHeap] 7C9D0080 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] 7C9E0400 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7C9E04E0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] 7C9E02B0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] 7C9E00F0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] 7C9E0240 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetModuleFileNameA] 7C9E0160 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!CreateThread] 7C9D01D0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!RtlAllocateHeap] 7C9D0010 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!RtlFreeHeap] 7C9D0080 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!HeapDestroy] 7C9D0240 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] 7C9E0240 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetModuleFileNameA] 7C9E0160 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] 7C9E02B0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!CreateThread] 7C9D01D0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] 7C9E00F0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7C9E04E0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] 7C9E00F0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7C9E04E0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] 7C9E02B0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetModuleFileNameA] 7C9E0160 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!CreateThread] 7C9D01D0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] 7C9E0240 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7C9E04E0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!FreeLibrary] 7C9E00F0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!HeapDestroy] 7C9D0240 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] 7C9E0240 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] 7C9E02B0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\iphlpapi.dll [ntdll.dll!RtlFreeHeap] 7C9D0080 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\iphlpapi.dll [ntdll.dll!RtlAllocateHeap] 7C9D0010 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] 7C9E00F0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] 7C9E0240 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] 7C9E02B0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7C9E04E0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] 7C9E0320 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 7C9E0390 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!CreateThread] 7C9D01D0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleFileNameW] 7C9E01D0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleFileNameA] 7C9E0160 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\SAMLIB.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7C9E04E0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\SAMLIB.dll [KERNEL32.dll!VirtualFree] 7C9D0320 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\SAMLIB.dll [KERNEL32.dll!VirtualAlloc] 7C9D02B0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] 7C9E0400 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!CreateThread] 7C9D01D0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!SetErrorMode] 7C9E0470 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetModuleFileNameA] 7C9E0160 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7C9E04E0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 7C9E0390 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] 7C9E0240 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] 7C9E02B0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!FreeLibrary] 7C9E00F0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[332] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetModuleFileNameW] 7C9E01D0 IAT C:\WINDOWS\Explorer.EXE[524] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00E62EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.) IAT C:\WINDOWS\Explorer.EXE[524] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00E62C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.) IAT C:\WINDOWS\Explorer.EXE[524] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00E62C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.) IAT C:\WINDOWS\Explorer.EXE[524] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00E62C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.) IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlAllocateHeap] 00370240 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlFreeHeap] 003702B0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlSizeHeap] 00370320 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlReAllocateHeap] 00370390 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetModuleFileNameA] 00B30860 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] 00B308D0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] 00B30940 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] 00B309B0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] 00B30A20 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00B30A90 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateThread] 00370630 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!VirtualAlloc] 003706A0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!VirtualFree] 00370710 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!RtlFreeHeap] 00370780 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!RtlAllocateHeap] 003707F0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode] 00B30B00 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 00B30B70 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleFileNameW] 00B30BE0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!CreateThread] 00370860 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00B30C50 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] 00B30CC0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] 00B30D30 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] 00B30DA0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] 00B30E10 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!VirtualAlloc] 003709B0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!VirtualFree] 00370A20 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlFreeHeap] 00370A90 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlAllocateHeap] 00370B00 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlReAllocateHeap] 00370B70 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00B30E80 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] 00B30EF0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] 00B30F60 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetModuleFileNameW] 7C9E0550 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] 7C9E05C0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] 7C9E0630 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!RtlFreeHeap] 00370BE0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!RtlAllocateHeap] 00370C50 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 7C9E06A0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateThread] 00370CC0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] 7C9E0710 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameA] 7C9E0780 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] 7C9E07F0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7C9E0860 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] 7C9E08D0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] 7C9E0940 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] 7C9E09B0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameW] 7C9E0A20 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!RtlAllocateHeap] 00370EF0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!RtlFreeHeap] 00370F60 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7C9E0A90 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 7C9E0B00 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] 7C9E0B70 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] 7C9E0BE0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] 7C9E0C50 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] 7C9E0CC0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!RtlAllocateHeap] 7C9D0390 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!RtlFreeHeap] 7C9D0400 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetErrorMode] 00B40240 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00B402B0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] 00B40320 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] 00B40390 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] 00B40400 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] 00B40470 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] 00B404E0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleFileNameA] 00B40550 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!HeapDestroy] 7C9D0940 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!VirtualFree] 7C9D09B0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!VirtualAlloc] 7C9D0A20 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateThread] 7C9D0B00 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleFileNameW] 00B405C0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!VirtualAlloc] 7C9D0CC0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!VirtualFree] 7C9D0D30 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!HeapDestroy] 7C9D0EF0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00B40710 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] 00B40780 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] 00B407F0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleFileNameW] 00B40860 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetErrorMode] 00B408D0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] 00B40940 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] 00B409B0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateThread] 7C9D0F60 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 00B40A20 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] 00B40A90 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] 00B40B00 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!RtlFreeHeap] 00380010 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00B40B70 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode] 00B40BE0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameW] 00B40C50 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] 00B40CC0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 00B40D30 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] 00B40DA0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] 00B40E10 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] 00B40E80 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] 00B40EF0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] 00380080 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!HeapDestroy] 003800F0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] 00B40F60 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] 00B50010 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameA] 00B50080 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] 00B500F0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] 00B50160 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] 00B501D0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] 00B50240 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetModuleFileNameW] 00B502B0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateThread] 00380390 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 00B50320 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] 00B50390 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] 00B50400 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!VirtualAlloc] 00380400 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00B50470 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!RtlFreeHeap] 00380470 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] 00B604E0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] 00B60550 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] 00B605C0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 00B60630 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetErrorMode] 00B60A20 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryW] 00B60A90 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryExA] 00B60B00 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!CreateThread] 7C9D01D0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!CreateProcessW] 00B60B70 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!GetModuleFileNameW] 00B60BE0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!GetProcAddress] 00B60C50 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!FreeLibrary] 00B60CC0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryA] 00B60D30 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00B60DA0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\userenv.dll [ntdll.dll!RtlFreeHeap] 7C9D0080 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] 7C9E0400 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7C9E04E0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] 7C9E02B0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] 7C9E00F0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] 7C9E0240 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetModuleFileNameA] 7C9E0160 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!CreateThread] 7C9D01D0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!RtlAllocateHeap] 7C9D0010 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!RtlFreeHeap] 7C9D0080 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!HeapDestroy] 7C9D0240 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] 7C9E0240 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetModuleFileNameA] 7C9E0160 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] 7C9E02B0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!CreateThread] 7C9D01D0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] 7C9E00F0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7C9E04E0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] 7C9E00F0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7C9E04E0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] 7C9E02B0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetModuleFileNameA] 7C9E0160 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!CreateThread] 7C9D01D0 IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[828] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] 7C9E0240 IAT C:\DOKUME~1\THOMAS~1\LOKALE~1\Temp\Rar$EX00.531\gmer.exe[2916] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [003B2EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.) IAT C:\DOKUME~1\THOMAS~1\LOKALE~1\Temp\Rar$EX00.531\gmer.exe[2916] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [003B2C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.) IAT C:\DOKUME~1\THOMAS~1\LOKALE~1\Temp\Rar$EX00.531\gmer.exe[2916] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [003B2C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.) IAT C:\DOKUME~1\THOMAS~1\LOKALE~1\Temp\Rar$EX00.531\gmer.exe[2916] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [003B2C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.) ---- Devices - GMER 1.0.15 ---- Device Ntfs.sys (NT File System Driver/Microsoft Corporation) Device Fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation) Device InCDFs.sys (InCD File System Driver/Nero AG) AttachedDevice \Driver\Tcpip \Device\Ip kl1.sys (Kaspersky Unified Driver/Kaspersky Lab) AttachedDevice \Driver\Tcpip \Device\Tcp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab) AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume1 snapman.sys (Acronis Snapshot API/Acronis) AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume2 snapman.sys (Acronis Snapshot API/Acronis) AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume3 snapman.sys (Acronis Snapshot API/Acronis) AttachedDevice \Driver\Tcpip \Device\Udp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab) AttachedDevice \Driver\Tcpip \Device\RawIp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab) Device mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation) AttachedDevice fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) Device Cdfs.SYS (CD-ROM File System Driver/Microsoft Corporation) ---- EOF - GMER 1.0.15 ---- |
|
25.03.2010, 18:17
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | HiJackfile-Log Browser öffnet falsche Internetseiten Das sieht besser aus. Diesmal war es vollständig. Aber auch da seh ich keine Hinweise auf die Umleitungen. BTW: Ist das ein Bürorechner oder einer der in einem PC-Laden steht? Was sagt der Admin dazu, der Dir den PC eingerichtet hat?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
26.03.2010, 09:22
| #14 |
| | HiJackfile-Log Browser öffnet falsche Internetseiten Hallo Arne, der Rechner ist ein Büro-PC, der "Admin" bin ich selbst, wobei ich keine Ausbildung in diesem Bereich habe. Heißt das, daß Du mit Deinem Latein am Ende bist? Kann man denn den Bedrohungswert dieser Störung einschätzen? Lande ich mit meinen Anfragen auf einem Server in der Ukraine, der meine Passwörter zieht oder ist das einfach nur ein nervige Angelegenheit? Am liebsten möchte ich den Rechner nicht leermachen und neu bespielen, weil das mit sehr viel Aufwand verbunden ist, da hier auch eine Reihe Anwendungssoftware läuft, deren Installation lange dauert. Andererseits brauche ich gerade wegen so wenig Aufregung wie nötig. Danke für Deine Hilfe!!! Thomas |
|
26.03.2010, 09:26
| #15 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | HiJackfile-Log Browser öffnet falsche Internetseiten Na gut. Dann graben wir mal weiter  1.) Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
2.) RootRepeal:
Code:
ATTFilter Drivers
Files
Processes
SSDT
Stealth Objects
Hidden Services
Shadow SSDT
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu HiJackfile-Log Browser öffnet falsche Internetseiten |
| adobe, bho, bitte um hilfe, bonjour, browser, dsl, explorer, falsche internetseiten, firefox, google, gupdate, hijack, hijackthis, hkus\s-1-5-18, internet explorer, kaspersky, mozilla, nvidia, plug-in, rundll, security, seiten, server, software, system, tastatur, windows, windows xp, öffnet |
Linear-Darstellung
