| |
| |||||||
Log-Analyse und Auswertung: Irgentwas stimmt nicht.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
21.05.2010, 14:05
| #1 |
| |  Irgentwas stimmt nicht. Hallo, Ich habe hier den Laptop einer Freundin von mir, und irgentetwas stimmt hier hinten und vorne nicht. Sie hat ihn mir gegeben, damit ich ihn mir mal genauer anschau, da sie sagte sie hätte nen Virus oder sowas drauf. Aber ich werde nicht so ganz schlau daraus. Hier der Log: Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:57:49, on 21.05.2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v7.00 (7.00.6002.18005) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Users\Anastasia\AppData\Local\Temp\Nvl.exe C:\Windows\Explorer.EXE C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe C:\Windows\system32\Dwm.exe C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe C:\Windows\System32\rundll32.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Windows\PLFSetI.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\ICQ6.5\ICQ.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\ehome\ehtray.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Windows\ehome\ehmsas.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Users\ANASTA~1\AppData\Local\Temp\RtkBtMnt.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=1209&m=aspire_5738 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=1209&m=aspire_5738 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=1209&m=aspire_5738 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=1209&m=aspire_5738 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5555 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - - (no file) R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -k O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe" O4 - HKLM\..\Run: [mwlDaemon] C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [ProductReg] "C:\Program Files\Acer\WR_PopUp\ProductReg.exe" O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6.5\ICQ.exe" silent O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [WindowsSystemGuard] C:\Users\Public\winsvcn.exe O4 - HKCU\..\Run: [Canaveral] rundll32.exe C:\Users\ANASTA~1\AppData\Local\Temp\sshnas21.dll,BackupReadW O4 - HKCU\..\Run: [M5T8QL3YW3] C:\Users\Anastasia\AppData\Local\Temp\Nvl.exe O4 - HKCU\..\Run: [mscj.exe] C:\Users\Anastasia\AppData\Roaming\MSA\mscj.exe O4 - HKCU\..\Run: [xmlp2pdev] rundll32.exe "C:\Users\Anastasia\AppData\Local\xmlp2pdev\xmlp2pdev.dll", DllInit O4 - HKCU\..\Run: [mscjm.exe] C:\Users\Anastasia\AppData\Roaming\MSA\mscjm.exe O4 - HKCU\..\Run: [userinit] C:\Users\Anastasia\AppData\Roaming\sdra64.exe O4 - HKCU\..\Run: [dbaistyu] C:\Users\Anastasia\AppData\Local\aeebdkvum\xxdfkdptssd.exe O4 - HKCU\..\Run: [nnonnosys] rundll32.exe "c:\users\anasta~1\appdata\local\temp\ssqqpn.dll",DllRegisterServer O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: MyWinLocker Service (MWLService) - EgisTec Inc. - C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe -- End of file - 12075 bytes Hoffe man kann mir helfen, mit Lösungsansatz auf ganz dummisch. Ich verstehe sonst gar nichts mehr. |
|
21.05.2010, 14:09
| #2 | |
  | Irgentwas stimmt nicht. Hallo,
__________________ Zitat:
Da stimmt einiges nicht.  Benutze Malwarebytes nach der Anleitung. Wenn Malwarebytes durch ist und das Log erscheint gehe auf "Auswahl entfernen" und poste bei Scan-Berichte das Log in deinen Thread. Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden)
__________________ |
|
21.05.2010, 14:14
| #3 |
| | Irgentwas stimmt nicht. Ja, Malwarebytes habe ich schon ausprobiert nach der Anleitung hier im Forum, nur führe ich es aus, dann fragt mich der Computer ob ich dies wirklich machen möchte(zulassen).
__________________Nur danach wird er PC Bildschirm ganz kurz schwarz und nix passiert.  |
|
21.05.2010, 14:18
| #4 |
| | Irgentwas stimmt nicht. Versuchs mal bitte mit Rechtsklick -> "als administrator starten..." Vista 64 oder 32 bit?
__________________ Avira Upgrade 10 ist auf dem Markt! Agressive Einstellung von Avira What goes around comes around! |
|
21.05.2010, 14:20
| #5 |
| | Irgentwas stimmt nicht. Vielen dank schonmal für die antworten  Es handelt sich um ein 32.Bit System, aber auch wenn ich als Administrator ausführe, passiert genau das gleiche. |
|
21.05.2010, 14:26
| #7 |
| | Irgentwas stimmt nicht. Okay, das werde ich machen. Vielen dank dir Ich muss jetzt leider weg, mache ich aber sobald ich wieder da bin, vielen dank!! Finde ich toll, das einem hier so schnell geholfen wird. |
|
21.05.2010, 14:30
| #8 |
| | Irgentwas stimmt nicht. Keine Ursache, wir kriegen das irgendwie geregelt
__________________ Avira Upgrade 10 ist auf dem Markt! Agressive Einstellung von Avira What goes around comes around! |
|
21.05.2010, 15:31
| #9 |
| | Irgentwas stimmt nicht. So, hier der GMER Scan. also das hat ewigkeiten gedauert zu scannen, und schlau werde ich auch nicht draus, aber vielleicht kann das ja einer von euch ^^ Code:
ATTFilter GMER 1.0.15.15281 - hxxp://www.gmer.net
Rootkit scan 2010-05-21 16:29:16
Windows 6.0.6002 Service Pack 2
Running: 40omh3d5.exe; Driver: C:\Users\ANASTA~1\AppData\Local\Temp\kgtdypog.sys
---- Kernel code sections - GMER 1.0.15 ----
.text C:\Windows\system32\DRIVERS\nvlddmkm.sys section is writeable [0x8DE01340, 0x3EDBA7, 0xE8000020]
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe[768] @ C:\Windows\system32\SHELL32.dll [USER32.dll!ExitWindowsEx] [00A51210] C:\Program Files\NewTech Infosystems\Acer Backup Manager\Pehook.dll (Backup Manager Module/NewTech Infosystems, Inc.)
IAT C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[788] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 003851CB
IAT C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[788] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 003850B2
IAT C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[788] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 00385117
IAT C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[788] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 00385484
IAT C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[788] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 00385736
IAT C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[788] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 00385736
IAT C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[788] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 00385484
IAT C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[788] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 00385736
IAT C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[788] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 003851CB
IAT C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[788] @ C:\Windows\system32\ws2_32.dll [ntdll.dll!NtQueryDirectoryFile] 003851CB
IAT C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe[1124] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 01AD51CB
IAT C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe[1124] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 01AD50B2
IAT C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe[1124] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 01AD5117
IAT C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe[1124] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 01AD5736
IAT C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe[1124] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 01AD5484
IAT C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe[1124] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 01AD5736
IAT C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe[1124] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 01AD51CB
IAT C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe[1124] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 01AD5484
IAT C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe[1124] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 01AD5736
IAT C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe[1124] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!NtQueryDirectoryFile] 01AD51CB
IAT C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[1308] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 003E51CB
IAT C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[1308] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 003E50B2
IAT C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[1308] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 003E5117
IAT C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[1308] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 003E5484
IAT C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[1308] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 003E5736
IAT C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[1308] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 003E5484
IAT C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[1308] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 003E5736
IAT C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[1308] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 003E51CB
IAT C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[1308] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 003E5736
IAT C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe[1308] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!NtQueryDirectoryFile] 003E51CB
IAT C:\Program Files\ICQ6.5\ICQ.exe[1392] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 002351CB
IAT C:\Program Files\ICQ6.5\ICQ.exe[1392] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 002350B2
IAT C:\Program Files\ICQ6.5\ICQ.exe[1392] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 00235117
IAT C:\Program Files\ICQ6.5\ICQ.exe[1392] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 00235484
IAT C:\Program Files\ICQ6.5\ICQ.exe[1392] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 00235736
IAT C:\Program Files\ICQ6.5\ICQ.exe[1392] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!NtQueryDirectoryFile] 002351CB
IAT C:\Program Files\ICQ6.5\ICQ.exe[1392] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 00235736
IAT C:\Program Files\ICQ6.5\ICQ.exe[1392] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 00235484
IAT C:\Program Files\ICQ6.5\ICQ.exe[1392] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 00235736
IAT C:\Program Files\ICQ6.5\ICQ.exe[1392] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 002351CB
IAT C:\Users\ANASTA~1\AppData\Local\Temp\RtkBtMnt.exe[1576] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 003C51CB
IAT C:\Users\ANASTA~1\AppData\Local\Temp\RtkBtMnt.exe[1576] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 003C50B2
IAT C:\Users\ANASTA~1\AppData\Local\Temp\RtkBtMnt.exe[1576] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 003C5117
IAT C:\Users\ANASTA~1\AppData\Local\Temp\RtkBtMnt.exe[1576] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 003C5484
IAT C:\Users\ANASTA~1\AppData\Local\Temp\RtkBtMnt.exe[1576] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 003C5736
IAT C:\Users\ANASTA~1\AppData\Local\Temp\RtkBtMnt.exe[1576] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 003C5736
IAT C:\Users\ANASTA~1\AppData\Local\Temp\RtkBtMnt.exe[1576] @ C:\Windows\system32\shell32.dll [USER32.dll!GetClipboardData] 003C5484
IAT C:\Users\ANASTA~1\AppData\Local\Temp\RtkBtMnt.exe[1576] @ C:\Windows\system32\shell32.dll [USER32.dll!TranslateMessage] 003C5736
IAT C:\Users\ANASTA~1\AppData\Local\Temp\RtkBtMnt.exe[1576] @ C:\Windows\system32\shell32.dll [ntdll.dll!NtQueryDirectoryFile] 003C51CB
IAT C:\Users\ANASTA~1\AppData\Local\Temp\RtkBtMnt.exe[1576] @ C:\Windows\system32\ws2_32.dll [ntdll.dll!NtQueryDirectoryFile] 003C51CB
IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[1816] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 000551CB
IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[1816] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 000550B2
IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[1816] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 00055117
IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[1816] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 00055484
IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[1816] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 00055736
IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[1816] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 00055736
IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[1816] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 00055484
IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[1816] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 00055736
IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[1816] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 000551CB
IAT C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[1816] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!NtQueryDirectoryFile] 000551CB
IAT C:\Program Files\iTunes\iTunesHelper.exe[2116] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 004051CB
IAT C:\Program Files\iTunes\iTunesHelper.exe[2116] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 004050B2
IAT C:\Program Files\iTunes\iTunesHelper.exe[2116] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 00405117
IAT C:\Program Files\iTunes\iTunesHelper.exe[2116] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 00405736
IAT C:\Program Files\iTunes\iTunesHelper.exe[2116] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!NtQueryDirectoryFile] 004051CB
IAT C:\Program Files\iTunes\iTunesHelper.exe[2116] @ C:\Windows\system32\shell32.dll [USER32.dll!GetClipboardData] 00405484
IAT C:\Program Files\iTunes\iTunesHelper.exe[2116] @ C:\Windows\system32\shell32.dll [USER32.dll!TranslateMessage] 00405736
IAT C:\Program Files\iTunes\iTunesHelper.exe[2116] @ C:\Windows\system32\shell32.dll [ntdll.dll!NtQueryDirectoryFile] 004051CB
IAT C:\Program Files\iTunes\iTunesHelper.exe[2116] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 00405484
IAT C:\Program Files\iTunes\iTunesHelper.exe[2116] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 00405736
IAT C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2360] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 001B51CB
IAT C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2360] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 001B50B2
IAT C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2360] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 001B5117
IAT C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2360] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 001B5736
IAT C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2360] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 001B5484
IAT C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2360] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 001B5736
IAT C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2360] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 001B51CB
IAT C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2360] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 001B5484
IAT C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2360] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 001B5736
IAT C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2360] @ C:\Windows\system32\ws2_32.dll [ntdll.dll!NtQueryDirectoryFile] 001B51CB
IAT C:\Windows\ehome\ehmsas.exe[2544] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 000E51CB
IAT C:\Windows\ehome\ehmsas.exe[2544] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 000E50B2
IAT C:\Windows\ehome\ehmsas.exe[2544] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 000E5117
IAT C:\Windows\ehome\ehmsas.exe[2544] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 000E5484
IAT C:\Windows\ehome\ehmsas.exe[2544] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 000E5736
IAT C:\Windows\ehome\ehmsas.exe[2544] @ C:\Windows\system32\shell32.dll [USER32.dll!GetClipboardData] 000E5484
IAT C:\Windows\ehome\ehmsas.exe[2544] @ C:\Windows\system32\shell32.dll [USER32.dll!TranslateMessage] 000E5736
IAT C:\Windows\ehome\ehmsas.exe[2544] @ C:\Windows\system32\shell32.dll [ntdll.dll!NtQueryDirectoryFile] 000E51CB
IAT C:\Windows\ehome\ehmsas.exe[2544] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 000E5736
IAT C:\Windows\ehome\ehmsas.exe[2544] @ C:\Windows\system32\ws2_32.dll [ntdll.dll!NtQueryDirectoryFile] 000E51CB
IAT C:\Windows\System32\rundll32.exe[2640] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 000A51CB
IAT C:\Windows\System32\rundll32.exe[2640] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 000A50B2
IAT C:\Windows\System32\rundll32.exe[2640] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 000A5117
IAT C:\Windows\System32\rundll32.exe[2640] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 000A5484
IAT C:\Windows\System32\rundll32.exe[2640] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 000A5736
IAT C:\Windows\System32\rundll32.exe[2640] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 000A51CB
IAT C:\Windows\System32\rundll32.exe[2640] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 000A5736
IAT C:\Windows\System32\rundll32.exe[2640] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 000A5484
IAT C:\Windows\System32\rundll32.exe[2640] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 000A5736
IAT C:\Windows\System32\rundll32.exe[2640] @ C:\Windows\system32\ws2_32.dll [ntdll.dll!NtQueryDirectoryFile] 000A51CB
IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3020] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 009651CB
IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3020] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 009650B2
IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3020] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 00965117
IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3020] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!NtQueryDirectoryFile] 009651CB
IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3020] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 00965484
IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3020] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 00965736
IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3020] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 00965736
IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3020] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 00965484
IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3020] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 00965736
IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3020] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 009651CB
IAT C:\Windows\system32\Dwm.exe[3104] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 019751CB
IAT C:\Windows\system32\Dwm.exe[3104] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 019750B2
IAT C:\Windows\system32\Dwm.exe[3104] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 01975117
IAT C:\Windows\system32\Dwm.exe[3104] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 01975484
IAT C:\Windows\system32\Dwm.exe[3104] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 01975736
IAT C:\Windows\system32\Dwm.exe[3104] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!NtQueryDirectoryFile] 019751CB
IAT C:\Windows\system32\Dwm.exe[3104] @ C:\Windows\system32\shell32.dll [USER32.dll!GetClipboardData] 01975484
IAT C:\Windows\system32\Dwm.exe[3104] @ C:\Windows\system32\shell32.dll [USER32.dll!TranslateMessage] 01975736
IAT C:\Windows\system32\Dwm.exe[3104] @ C:\Windows\system32\shell32.dll [ntdll.dll!NtQueryDirectoryFile] 019751CB
IAT C:\Windows\system32\Dwm.exe[3104] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 01975736
IAT C:\Windows\system32\taskeng.exe[3144] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 01B951CB
IAT C:\Windows\system32\taskeng.exe[3144] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 01B950B2
IAT C:\Windows\system32\taskeng.exe[3144] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 01B95117
IAT C:\Windows\system32\taskeng.exe[3144] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 01B95484
IAT C:\Windows\system32\taskeng.exe[3144] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 01B95736
IAT C:\Windows\system32\taskeng.exe[3144] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 01B951CB
IAT C:\Windows\system32\taskeng.exe[3144] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 01B95736
IAT C:\Windows\system32\taskeng.exe[3144] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 01B95484
IAT C:\Windows\system32\taskeng.exe[3144] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 01B95736
IAT C:\Windows\system32\taskeng.exe[3144] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!NtQueryDirectoryFile] 01B951CB
IAT C:\Windows\System32\rundll32.exe[3208] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 002D51CB
IAT C:\Windows\System32\rundll32.exe[3208] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 002D50B2
IAT C:\Windows\System32\rundll32.exe[3208] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 002D5117
IAT C:\Windows\System32\rundll32.exe[3208] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 002D5484
IAT C:\Windows\System32\rundll32.exe[3208] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 002D5736
IAT C:\Windows\System32\rundll32.exe[3208] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 002D51CB
IAT C:\Windows\System32\rundll32.exe[3208] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 002D5736
IAT C:\Windows\System32\rundll32.exe[3208] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 002D5484
IAT C:\Windows\System32\rundll32.exe[3208] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 002D5736
IAT C:\Windows\System32\rundll32.exe[3208] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!NtQueryDirectoryFile] 002D51CB
IAT C:\Windows\Explorer.EXE[3216] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] [10002480] C:\Program Files\EgisTec\MyWinLocker 3\x86\psdprotect.dll (PSD DragDrop Protection/EgisTec Inc.)
IAT C:\Windows\Explorer.EXE[3216] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibraryAndExitThread] [10001DA0] C:\Program Files\EgisTec\MyWinLocker 3\x86\psdprotect.dll (PSD DragDrop Protection/EgisTec Inc.)
IAT C:\Windows\Explorer.EXE[3216] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [100027D0] C:\Program Files\EgisTec\MyWinLocker 3\x86\psdprotect.dll (PSD DragDrop Protection/EgisTec Inc.)
IAT C:\Windows\Explorer.EXE[3216] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [10001290] C:\Program Files\EgisTec\MyWinLocker 3\x86\psdprotect.dll (PSD DragDrop Protection/EgisTec Inc.)
IAT C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe[3296] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 016951CB
IAT C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe[3296] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 016950B2
IAT C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe[3296] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 01695117
IAT C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe[3296] @ C:\Windows\system32\OLE32.DLL [USER32.dll!GetClipboardData] 01695484
IAT C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe[3296] @ C:\Windows\system32\OLE32.DLL [USER32.dll!CreateWindowExW] [00419346] C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe
IAT C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe[3296] @ C:\Windows\system32\OLE32.DLL [USER32.dll!DialogBoxParamW] [004194D8] C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe
IAT C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe[3296] @ C:\Windows\system32\OLE32.DLL [USER32.dll!MessageBoxW] [004194E4] C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe
IAT C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe[3296] @ C:\Windows\system32\OLE32.DLL [USER32.dll!ShowWindow] [004193BE] C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe
IAT C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe[3296] @ C:\Windows\system32\OLE32.DLL [USER32.dll!TranslateMessage] 01695736
IAT C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe[3296] @ C:\Windows\system32\SHELL32.DLL [USER32.dll!MessageBoxW] [004194E4] C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe
IAT C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe[3296] @ C:\Windows\system32\SHELL32.DLL [USER32.dll!CreateWindowExW] [00419346] C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe
IAT C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe[3296] @ C:\Windows\system32\SHELL32.DLL [USER32.dll!GetClipboardData] 01695484
IAT C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe[3296] @ C:\Windows\system32\SHELL32.DLL [USER32.dll!TranslateMessage] 01695736
IAT C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe[3296] @ C:\Windows\system32\SHELL32.DLL [USER32.dll!SetWindowPos] [0041946C] C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe
IAT C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe[3296] @ C:\Windows\system32\SHELL32.DLL [USER32.dll!DialogBoxParamW] [004194D8] C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe
IAT C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe[3296] @ C:\Windows\system32\SHELL32.DLL [USER32.dll!ShowWindow] [004193BE] C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe
IAT C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe[3296] @ C:\Windows\system32\SHELL32.DLL [USER32.dll!MessageBoxIndirectW] [004194D2] C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe
IAT C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe[3296] @ C:\Windows\system32\SHELL32.DLL [ntdll.dll!NtQueryDirectoryFile] 016951CB
IAT C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe[3296] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!CreateWindowExA] [004192CE] C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe
IAT C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe[3296] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!CreateWindowExW] [00419346] C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe
IAT C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe[3296] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 01695736
IAT C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe[3296] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!DialogBoxParamA] [004194D8] C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe
IAT C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe[3296] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!DialogBoxParamW] [004194D8] C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe
IAT C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe[3296] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!MessageBoxW] [004194E4] C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe
IAT C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe[3296] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!NtQueryDirectoryFile] 016951CB
IAT C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe[3296] @ C:\Windows\system32\wininet.dll [USER32.dll!CreateWindowExW] [00419346] C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe
IAT C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe[3296] @ C:\Windows\system32\wininet.dll [USER32.dll!MessageBoxW] [004194E4] C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe
IAT C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe[3296] @ C:\Windows\system32\wininet.dll [USER32.dll!SetWindowPos] [0041946C] C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe
IAT C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe[3296] @ C:\Windows\system32\wininet.dll [USER32.dll!DialogBoxParamW] [004194D8] C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe
IAT C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe[3296] @ C:\Windows\system32\crypt32.dll [USER32.dll!MessageBoxW] [004194E4] C:\Users\ANASTA~1\AppData\Local\Temp\Nvk.exe
IAT C:\Users\Anastasia\AppData\Local\Temp\Nvl.exe[3304] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 021751CB
IAT C:\Users\Anastasia\AppData\Local\Temp\Nvl.exe[3304] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 021750B2
IAT C:\Users\Anastasia\AppData\Local\Temp\Nvl.exe[3304] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 02175117
IAT C:\Users\Anastasia\AppData\Local\Temp\Nvl.exe[3304] @ C:\Windows\system32\OLE32.DLL [USER32.dll!GetClipboardData] 02175484
IAT C:\Users\Anastasia\AppData\Local\Temp\Nvl.exe[3304] @ C:\Windows\system32\OLE32.DLL [USER32.dll!CreateWindowExW] [0041844E] C:\Users\Anastasia\AppData\Local\Temp\Nvl.exe
IAT C:\Users\Anastasia\AppData\Local\Temp\Nvl.exe[3304] @ C:\Windows\system32\OLE32.DLL [USER32.dll!ShowWindow] [004184C8] C:\Users\Anastasia\AppData\Local\Temp\Nvl.exe
IAT C:\Users\Anastasia\AppData\Local\Temp\Nvl.exe[3304] @ C:\Windows\system32\OLE32.DLL [USER32.dll!TranslateMessage] 02175736
IAT C:\Users\Anastasia\AppData\Local\Temp\Nvl.exe[3304] @ C:\Windows\system32\shlwapi.dll [USER32.dll!CreateWindowExA] [004183D4] C:\Users\Anastasia\AppData\Local\Temp\Nvl.exe
IAT C:\Users\Anastasia\AppData\Local\Temp\Nvl.exe[3304] @ C:\Windows\system32\shlwapi.dll [USER32.dll!CreateWindowExW] [0041844E] C:\Users\Anastasia\AppData\Local\Temp\Nvl.exe
IAT C:\Users\Anastasia\AppData\Local\Temp\Nvl.exe[3304] @ C:\Windows\system32\shlwapi.dll [USER32.dll!TranslateMessage] 02175736
IAT C:\Users\Anastasia\AppData\Local\Temp\Nvl.exe[3304] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!NtQueryDirectoryFile] 021751CB
IAT C:\Users\Anastasia\AppData\Local\Temp\Nvl.exe[3304] @ C:\Windows\system32\SHELL32.dll [USER32.dll!CreateWindowExW] [0041844E] C:\Users\Anastasia\AppData\Local\Temp\Nvl.exe
IAT C:\Users\Anastasia\AppData\Local\Temp\Nvl.exe[3304] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 02175484
IAT C:\Users\Anastasia\AppData\Local\Temp\Nvl.exe[3304] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 02175736
IAT C:\Users\Anastasia\AppData\Local\Temp\Nvl.exe[3304] @ C:\Windows\system32\SHELL32.dll [USER32.dll!SetWindowPos] [0041857A] C:\Users\Anastasia\AppData\Local\Temp\Nvl.exe
IAT C:\Users\Anastasia\AppData\Local\Temp\Nvl.exe[3304] @ C:\Windows\system32\SHELL32.dll [USER32.dll!ShowWindow] [004184C8] C:\Users\Anastasia\AppData\Local\Temp\Nvl.exe
IAT C:\Users\Anastasia\AppData\Local\Temp\Nvl.exe[3304] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 021751CB
IAT C:\Users\Anastasia\AppData\Local\Temp\Nvl.exe[3304] @ C:\Windows\system32\wininet.dll [USER32.dll!CreateWindowExW] [0041844E] C:\Users\Anastasia\AppData\Local\Temp\Nvl.exe
IAT C:\Users\Anastasia\AppData\Local\Temp\Nvl.exe[3304] @ C:\Windows\system32\wininet.dll [USER32.dll!SetWindowPos] [0041857A] C:\Users\Anastasia\AppData\Local\Temp\Nvl.exe
IAT C:\Windows\ehome\ehtray.exe[3376] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 002C51CB
IAT C:\Windows\ehome\ehtray.exe[3376] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 002C50B2
IAT C:\Windows\ehome\ehtray.exe[3376] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 002C5117
IAT C:\Windows\ehome\ehtray.exe[3376] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 002C5484
IAT C:\Windows\ehome\ehtray.exe[3376] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 002C5736
IAT C:\Windows\ehome\ehtray.exe[3376] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 002C51CB
IAT C:\Windows\ehome\ehtray.exe[3376] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 002C5736
IAT C:\Windows\ehome\ehtray.exe[3376] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 002C5484
IAT C:\Windows\ehome\ehtray.exe[3376] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 002C5736
IAT C:\Windows\ehome\ehtray.exe[3376] @ C:\Windows\system32\ws2_32.dll [ntdll.dll!NtQueryDirectoryFile] 002C51CB
IAT C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe[3496] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 00DA51CB
IAT C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe[3496] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 00DA50B2
IAT C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe[3496] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 00DA5117
IAT C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe[3496] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 00DA5484
IAT C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe[3496] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 00DA5736
IAT C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe[3496] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 00DA51CB
IAT C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe[3496] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 00DA5736
IAT C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe[3496] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 00DA5484
IAT C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe[3496] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 00DA5736
IAT C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe[3496] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!NtQueryDirectoryFile] 00DA51CB
IAT C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe[3652] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 01A951CB
IAT C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe[3652] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 01A950B2
IAT C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe[3652] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 01A95117
IAT C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe[3652] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 01A95736
IAT C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe[3652] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 01A95484
IAT C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe[3652] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 01A95736
IAT C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe[3652] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 01A95484
IAT C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe[3652] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 01A95736
IAT C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe[3652] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 01A951CB
IAT C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe[3652] @ C:\Windows\system32\ws2_32.dll [ntdll.dll!NtQueryDirectoryFile] 01A951CB
IAT C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe[3668] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 01CB51CB
IAT C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe[3668] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 01CB50B2
IAT C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe[3668] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 01CB5117
IAT C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe[3668] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 01CB5484
IAT C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe[3668] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 01CB5736
IAT C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe[3668] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 01CB5484
IAT C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe[3668] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 01CB5736
IAT C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe[3668] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 01CB51CB
IAT C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe[3668] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 01CB5736
IAT C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe[3668] @ C:\Windows\system32\ws2_32.dll [ntdll.dll!NtQueryDirectoryFile] 01CB51CB
IAT C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe[3700] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 002051CB
IAT C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe[3700] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 002050B2
IAT C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe[3700] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 00205117
IAT C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe[3700] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 00205484
IAT C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe[3700] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 00205736
IAT C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe[3700] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 00205736
IAT C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe[3700] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 00205484
IAT C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe[3700] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 00205736
IAT C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe[3700] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 002051CB
IAT C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe[3700] @ C:\Windows\system32\ws2_32.dll [ntdll.dll!NtQueryDirectoryFile] 002051CB
IAT C:\Windows\System32\rundll32.exe[3736] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 003151CB
IAT C:\Windows\System32\rundll32.exe[3736] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 003150B2
IAT C:\Windows\System32\rundll32.exe[3736] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 00315117
IAT C:\Windows\System32\rundll32.exe[3736] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 00315484
IAT C:\Windows\System32\rundll32.exe[3736] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 00315736
IAT C:\Windows\System32\rundll32.exe[3736] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 003151CB
IAT C:\Windows\System32\rundll32.exe[3736] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 00315736
IAT C:\Windows\System32\rundll32.exe[3736] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 00315484
IAT C:\Windows\System32\rundll32.exe[3736] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 00315736
IAT C:\Windows\System32\rundll32.exe[3736] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!NtQueryDirectoryFile] 003151CB
IAT C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe[3760] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 00A351CB
IAT C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe[3760] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 00A350B2
IAT C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe[3760] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 00A35117
IAT C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe[3760] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 00A35736
IAT C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe[3760] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 00A35484
IAT C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe[3760] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 00A35736
IAT C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe[3760] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!NtQueryDirectoryFile] 00A351CB
IAT C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe[3760] @ C:\Windows\system32\shell32.dll [USER32.dll!GetClipboardData] 00A35484
IAT C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe[3760] @ C:\Windows\system32\shell32.dll [USER32.dll!TranslateMessage] 00A35736
IAT C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe[3760] @ C:\Windows\system32\shell32.dll [ntdll.dll!NtQueryDirectoryFile] 00A351CB
IAT C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3860] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 00B751CB
IAT C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3860] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 00B750B2
IAT C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3860] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 00B75117
IAT C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3860] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!NtQueryDirectoryFile] 00B751CB
IAT C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3860] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 00B75484
IAT C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3860] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 00B75736
IAT C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3860] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 00B751CB
IAT C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3860] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 00B75736
IAT C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3860] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 00B75484
IAT C:\Program Files\Windows Live\Messenger\msnmsgr.exe[3860] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 00B75736
IAT C:\Program Files\OpenOffice.org 3\program\soffice.exe[3868] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 002751CB
IAT C:\Program Files\OpenOffice.org 3\program\soffice.exe[3868] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 002750B2
IAT C:\Program Files\OpenOffice.org 3\program\soffice.exe[3868] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 00275117
IAT C:\Program Files\OpenOffice.org 3\program\soffice.exe[3868] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 00275484
IAT C:\Program Files\OpenOffice.org 3\program\soffice.exe[3868] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 00275736
IAT C:\Program Files\OpenOffice.org 3\program\soffice.exe[3868] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 002751CB
IAT C:\Program Files\OpenOffice.org 3\program\soffice.exe[3868] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 00275736
IAT C:\Program Files\OpenOffice.org 3\program\soffice.exe[3868] @ C:\Windows\system32\ws2_32.dll [ntdll.dll!NtQueryDirectoryFile] 002751CB
IAT C:\Program Files\OpenOffice.org 3\program\soffice.exe[3868] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 00275484
IAT C:\Program Files\OpenOffice.org 3\program\soffice.exe[3868] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 00275736
IAT C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3872] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 021A51CB
IAT C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3872] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 021A50B2
IAT C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3872] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 021A5117
IAT C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3872] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 021A5484
IAT C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3872] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 021A5736
IAT C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3872] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 021A5736
IAT C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3872] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 021A5484
IAT C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3872] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 021A5736
IAT C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3872] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 021A51CB
IAT C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3872] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!NtQueryDirectoryFile] 021A51CB
IAT C:\Windows\system32\wbem\unsecapp.exe[3892] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 008A51CB
IAT C:\Windows\system32\wbem\unsecapp.exe[3892] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 008A50B2
IAT C:\Windows\system32\wbem\unsecapp.exe[3892] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 008A5117
IAT C:\Windows\system32\wbem\unsecapp.exe[3892] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 008A5484
IAT C:\Windows\system32\wbem\unsecapp.exe[3892] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 008A5736
IAT C:\Windows\system32\wbem\unsecapp.exe[3892] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!NtQueryDirectoryFile] 008A51CB
IAT C:\Windows\system32\wbem\unsecapp.exe[3892] @ C:\Windows\system32\shell32.dll [USER32.dll!GetClipboardData] 008A5484
IAT C:\Windows\system32\wbem\unsecapp.exe[3892] @ C:\Windows\system32\shell32.dll [USER32.dll!TranslateMessage] 008A5736
IAT C:\Windows\system32\wbem\unsecapp.exe[3892] @ C:\Windows\system32\shell32.dll [ntdll.dll!NtQueryDirectoryFile] 008A51CB
IAT C:\Windows\system32\wbem\unsecapp.exe[3892] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 008A5736
IAT C:\Program Files\Java\jre6\bin\jusched.exe[3936] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 001A51CB
IAT C:\Program Files\Java\jre6\bin\jusched.exe[3936] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 001A50B2
IAT C:\Program Files\Java\jre6\bin\jusched.exe[3936] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 001A5117
IAT C:\Program Files\Java\jre6\bin\jusched.exe[3936] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 001A5736
IAT C:\Program Files\Java\jre6\bin\jusched.exe[3936] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 001A5484
IAT C:\Program Files\Java\jre6\bin\jusched.exe[3936] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 001A5736
IAT C:\Program Files\Java\jre6\bin\jusched.exe[3936] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 001A5484
IAT C:\Program Files\Java\jre6\bin\jusched.exe[3936] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 001A5736
IAT C:\Program Files\Java\jre6\bin\jusched.exe[3936] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 001A51CB
IAT C:\Program Files\Java\jre6\bin\jusched.exe[3936] @ C:\Windows\system32\ws2_32.dll [ntdll.dll!NtQueryDirectoryFile] 001A51CB
IAT C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe[3956] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 01A451CB
IAT C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe[3956] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 01A450B2
IAT C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe[3956] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 01A45117
IAT C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe[3956] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 01A45736
IAT C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe[3956] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 01A45484
IAT C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe[3956] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 01A45736
IAT C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe[3956] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 01A45484
IAT C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe[3956] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 01A45736
IAT C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe[3956] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 01A451CB
IAT C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe[3956] @ C:\Windows\system32\ws2_32.dll [ntdll.dll!NtQueryDirectoryFile] 01A451CB
IAT C:\Windows\PLFSetI.exe[4012] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 003C51CB
IAT C:\Windows\PLFSetI.exe[4012] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 003C50B2
IAT C:\Windows\PLFSetI.exe[4012] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 003C5117
IAT C:\Windows\PLFSetI.exe[4012] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 003C5736
IAT C:\Windows\PLFSetI.exe[4012] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 003C5484
IAT C:\Windows\PLFSetI.exe[4012] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 003C5736
IAT C:\Windows\PLFSetI.exe[4012] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 003C51CB
IAT C:\Windows\PLFSetI.exe[4012] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 003C5484
IAT C:\Windows\PLFSetI.exe[4012] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 003C5736
IAT C:\Windows\PLFSetI.exe[4012] @ C:\Windows\system32\ws2_32.dll [ntdll.dll!NtQueryDirectoryFile] 003C51CB
IAT C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe[4088] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 034351CB
IAT C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe[4088] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 034350B2
IAT C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe[4088] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 03435117
IAT C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe[4088] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 03435736
IAT C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe[4088] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 03435484
IAT C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe[4088] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 03435736
IAT C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe[4088] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!NtQueryDirectoryFile] 034351CB
IAT C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe[4088] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 03435484
IAT C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe[4088] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 03435736
IAT C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe[4088] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 034351CB
IAT C:\Program Files\OpenOffice.org 3\program\soffice.bin[4548] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 037551CB
IAT C:\Program Files\OpenOffice.org 3\program\soffice.bin[4548] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 037550B2
IAT C:\Program Files\OpenOffice.org 3\program\soffice.bin[4548] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 03755117
IAT C:\Program Files\OpenOffice.org 3\program\soffice.bin[4548] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 03755736
IAT C:\Program Files\OpenOffice.org 3\program\soffice.bin[4548] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!NtQueryDirectoryFile] 037551CB
IAT C:\Program Files\OpenOffice.org 3\program\soffice.bin[4548] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 03755484
IAT C:\Program Files\OpenOffice.org 3\program\soffice.bin[4548] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 03755736
IAT C:\Program Files\OpenOffice.org 3\program\soffice.bin[4548] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 03755484
IAT C:\Program Files\OpenOffice.org 3\program\soffice.bin[4548] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 03755736
IAT C:\Program Files\OpenOffice.org 3\program\soffice.bin[4548] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 037551CB
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs mwlPSDFilter.sys (PSD Filter Driver/Egis Incorporated.)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation)
---- Files - GMER 1.0.15 ----
File C:\Users\Anastasia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7DRUHSYK\errorPageStrings[1] 0 bytes
File C:\Users\Anastasia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7DRUHSYK\info_48[1] 0 bytes
File C:\Users\Anastasia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P0VLG3LI\dnserrordiagoff_webOC[1] 6914 bytes
File C:\Users\Anastasia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P0VLG3LI\down[1] 3414 bytes
File C:\Users\Anastasia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TKC15QGH\ErrorPageTemplate[1] 0 bytes
File C:\Users\Anastasia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TKC15QGH\info_48[1] 0 bytes
---- EOF - GMER 1.0.15 ----
|
|
21.05.2010, 16:10
| #10 |
| | Irgentwas stimmt nicht. Bitte mach mal den Systemscan mit Otl.
__________________ Avira Upgrade 10 ist auf dem Markt! Agressive Einstellung von Avira What goes around comes around! |
|
21.05.2010, 16:31
| #11 |
| | Irgentwas stimmt nicht. Mhmm, Nachdem Ich dem GMER scan hatte durchlaufen alssen, hab ich den laptop mal neuhochgefhren wie in der Anleitung. Auf jeden fall, hab ich sehr kurz nach dem Hochfahren Malwarebytes angemaht und es hat geöffnet. Auf jeden fall, hab ich halt mal nen Quick scan gemahct und es kamen 34 Infizierte Objekte heraus! Ich habse mal gelöscht. Und, naja, seid dem öffnen sich schonmal nichtmehr wahllos Fenster und Programme und Erroranzeigen. Wars das, und ich kann Antivierenprogramm vernünftig durchlaufen lassen, und CCleaner, oder noch weiter machen'? |
|
21.05.2010, 17:35
| #12 |
| | Irgentwas stimmt nicht. Gehe bei Malwarebytes auf Scan-Berichte und poste Malwarebytes Log bitte hier her.
__________________ Avira Upgrade 10 ist auf dem Markt! Agressive Einstellung von Avira What goes around comes around! |
|
| Themen zu Irgentwas stimmt nicht. |
| adobe, agere systems, antivir, antivir guard, avg, avira, bho, bonjour, defender, desktop, google, gupdate, hijack, hijackthis, internet, internet explorer, launch, local\temp, locker, logfile, mywinlocker, object, plug-in, popup, realtek, rundll, senden, skype.exe, software, system, temp, virus, vista, windows |
Linear-Darstellung
