| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: ieframe.dll acr_errorWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
07.03.2011, 17:59
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  ieframe.dll acr_error Dann wären wir durch!  Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Anleitung Windows-Update PDF-Reader aktualisieren Dein Adobe Reader ist nicht aktuell, was ein großes Sicherheitsrisiko darstellt. Du solltest daher besser die alte Version über Systemsteuerung => Software deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. Ich empfehle einen alternativen PDF-Reader wie SumatraPDF oder Foxit PDF Reader, beide sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers, hier der direkte Downloadlink (Mozilla und andere Browser) => http://filepony.de/?q=Flash+Player Internet Explorer => http://fpdownload.adobe.com/get/flas..._player_ax.exe Java-Update Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
14.03.2011, 20:15
| #17 |
 | ieframe.dll acr_error problem besteht wieder
__________________ hab heut den pc neugestartet (bisher immer nur runtergefahren) und seitdem ist das gleiche wieder da. hier schonmal OTL logfile, ansonsten hab ich eig. nix gemacht, kam einfach nach dem neustart. Code:
ATTFilter OTL Extras logfile created on: 14.03.2011 20:05:51 - Run 3
OTL by OldTimer - Version 3.2.22.2 Folder = C:\Dokumente und Einstellungen\Mirau\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 75,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 90,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 130,59 Gb Total Space | 35,37 Gb Free Space | 27,08% Space Free | Partition Type: NTFS
Drive D: | 102,27 Gb Total Space | 17,32 Gb Free Space | 16,93% Space Free | Partition Type: NTFS
Drive E: | 362,32 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: MIRAU-1 | User Name: Mirau | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
https [open] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"57297:TCP" = 57297:TCP:*:Enabled:Pando Media Booster
"57297:UDP" = 57297:UDP:*:Enabled:Pando Media Booster
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3724:TCP" = 3724:TCP:*:Enabled:Blizzard Downloader: 3724
"6881:TCP" = 6881:TCP:*:Enabled:Blizzard Downloader: 6881
"57297:TCP" = 57297:TCP:*:Enabled:Pando Media Booster
"57297:UDP" = 57297:UDP:*:Enabled:Pando Media Booster
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\Pando Networks\Media Booster\PMB.exe" = C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Programme\ICQ7.2\ICQ.exe" = C:\Programme\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2
"C:\Programme\ICQ7.2\aolload.exe" = C:\Programme\ICQ7.2\aolload.exe:*:Enabled:aolload.exe
"D:\Neuer Ordner\ICQ7.2\ICQ.exe" = D:\Neuer Ordner\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2
"D:\Neuer Ordner\ICQ7.2\aolload.exe" = D:\Neuer Ordner\ICQ7.2\aolload.exe:*:Enabled:aolload.exe
"C:\Programme\ICQ7.3\ICQ7.2\ICQ.exe" = C:\Programme\ICQ7.3\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2
"C:\Programme\ICQ7.3\ICQ7.2\aolload.exe" = C:\Programme\ICQ7.3\ICQ7.2\aolload.exe:*:Enabled:aolload.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\Codemasters\Der Herr der Ringe Online\lotroclient.exe" = C:\Programme\Codemasters\Der Herr der Ringe Online\lotroclient.exe:*:Enabled:lotroclient -- (Turbine, Inc.)
"C:\Programme\EA GAMES\Die Schlacht um Mittelerde(tm)\game.dat" = C:\Programme\EA GAMES\Die Schlacht um Mittelerde(tm)\game.dat:*:Enabled:Die Schlacht um Mittelerde -- ()
"C:\Programme\Firefly Studios\Stronghold Legends\StrongholdLegends.exe" = C:\Programme\Firefly Studios\Stronghold Legends\StrongholdLegends.exe:*:Enabled:Stronghold Legends -- (Firefly Studios)
"C:\Programme\Java\jre6\bin\java.exe" = C:\Programme\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\Electronic Arts\Die Schlacht um Mittelerde II\game.dat" = C:\Programme\Electronic Arts\Die Schlacht um Mittelerde II\game.dat:*:Enabled:Die Schlacht um Mittelerde™ II -- (Electronic Arts Inc.)
"C:\Programme\World of Warcraft\Launcher.exe" = C:\Programme\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher -- (Blizzard Entertainment)
"C:\Programme\TeamViewer\Version4\TeamViewer.exe" = C:\Programme\TeamViewer\Version4\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\RpcAgentSrv.exe" = C:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\RpcAgentSrv.exe:*:Enabled:SiSoftware Deployment Agent Service -- (SiSoftware)
"C:\Programme\Electronic Arts\Aufstieg des Hexenkönigs\game.dat" = C:\Programme\Electronic Arts\Aufstieg des Hexenkönigs\game.dat:*:Enabled:Der Herr der Ringe™, Aufstieg des Hexenkönigs™ -- (Electronic Arts Inc.)
"C:\Programme\Electronic Arts\Die Schlacht um Mittelerde II\patchget.dat" = C:\Programme\Electronic Arts\Die Schlacht um Mittelerde II\patchget.dat:*:Enabled:patchgrabber -- (Electronic Arts)
"C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Lab Setup Files\Kaspersky Internet Security 2009\German\setup.exe" = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Lab Setup Files\Kaspersky Internet Security 2009\German\setup.exe:*:Disabled:Installationsprogramm für Kaspersky Internet Security 2009 -- (Kaspersky Lab)
"C:\Programme\uTorrent\uTorrent.exe" = C:\Programme\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x86\RpcSandraSrv.exe" = C:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service -- (SiSoftware)
"D:\Programme\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe" = D:\Programme\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV -- (Sony DADC Austria AG)
"C:\Programme\Google\Google Earth\plugin\geplugin.exe" = C:\Programme\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)
"C:\Programme\Pando Networks\Media Booster\PMB.exe" = C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Programme\Opera\opera.exe" = C:\Programme\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Programme\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe" = C:\Programme\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\Programme\BitTorrent\BitTorrent.exe" = C:\Programme\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00010407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Professional
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}" = Medieval II Total War : Kingdoms : Crusades
"{04B45310-A5FE-4425-BFCA-1A6D8920DE74}" = OpenOffice.org 3.0
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18DF6AB4-0CD0-4856-80BA-51F5282EC2B4}" = DameWare NT Utilities
"{1BD07DF4-FB06-41BA-B896-B2DA59000C96}" = Windows Live Toolbar
"{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 13
"{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = Die Schlacht um Mittelerde™ II
"{2DD388FF-6422-43C9-86A1-C7A99C83E946}" = ASUS nVidia Driver
"{2E97F7E8-ABDE-4E0D-B0AD-B6B4BAD89E24}" = Rome - Total War - Gold Edition
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{317058CF-0568-4331-82C0-A08350E3E068}" = CStats
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{350FB27C-CF62-4EF3-AF9D-70FF313FE221}" = iTunes
"{3571656A-575D-4CED-809D-5547587121FF}" = Yu-Gi-Oh! Power of Chaos YUGI THE DESTINY
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{3F290582-3F4E-4B96-009C-E0BABAA40C42}" = Die Schlacht um Mittelerde(tm)
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{498A4E3D-562E-4129-8722-6DCAB12384AE}" = Windows Communication Foundation Language Pack - DEU
"{49FC50FC-F965-40D9-89B4-CBFF80941031}" = Windows Movie Maker 2.0
"{4B35F00C-E63D-40DC-9839-DF15A33EAC46}" = Grand Theft Auto Vice City
"{5454083B-1308-4485-BF17-111000038701}" = Grand Theft Auto: Episodes from Liberty City
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5A2F371F-8B5D-46B4-833C-0612B065BEC7}" = GameShadow
"{5F4B9958-F507-449A-A6E1-FD223314AF5A}" = TMPGEnc 4.0 XPress Testversion
"{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}" = Grand Theft Auto: Episodes From Liberty City
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{66A405D2-BA14-4594-BF36-B3B544F0754E}" = Stronghold Legends
"{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7228FD8C-3B9E-4204-AE36-8A466107685B}" = Windows Workflow Foundation DE Language Pack
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{75983B66-804C-40D1-BA13-64DAF652A6F1}" = Medieval II Total War : Kingdoms : Americas
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}" = Medieval II Total War : Kingdoms : Teutonic
"{7C5B4583-7CBF-4289-B195-03B553959DEA}" = VoiceOver Kit
"{8544556F-92C9-478E-9ABC-BC2823E39577}" = MAGIX Speed burnR (MSI)
"{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE
"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 12
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92DF2F1B-F63C-4D9A-B3E1-B2D11AE29790}" = Windows Presentation Foundation Language Pack (DEU)
"{95120000-003F-0409-0000-0000000FF1CE}" = Microsoft Office Excel Viewer
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAE31374-02C2-452E-88EC-2F16D92731A9}" = MAGIX Screenshare
"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1.3 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 135.50
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B931FB80-537A-4600-00AD-AC5DEDB6C25B}" = Aufstieg des Hexenkönigs™
"{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1" = v2011.build.46
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BB394D95-C049-4EA4-00B3-F866A3357CCD}" = F1 2002 WORK IN PROGRESS DEMO
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C0698BDA-0D29-40EE-8570-A31106DF9AB1}" = Medieval II Total War
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2196}_is1" = SiSoftware Sandra Lite 2009.SP3c
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}" = Medieval II Total War : Kingdoms : Britannia
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D92FF8EB-BD77-40AE-B68B-A6BFC6F8661D}" = Windows Live Family Safety
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{ED1390DC-6910-4C77-97E2-579CAFE82F5B}" = Moorhuhn 4 Teile
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{EE3A0915-E8E5-4F1C-A048-592B7BD374D7}" = MAGIX Video deluxe 17 Download-Version
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F2A7F421-1679-48D5-B918-96999014ED53}" = Microsoft .NET Framework 3.0 German Language Pack
"{F6399E05-9FC3-4C3E-8730-DF786C9D4B31}" = KPSA-home (IE)
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"12345_is1" = WeGame Client Beta 2.1.9
"4f6dcc3b-179d-4b1b-80f0-b6083a0b3ce6_is1" = DER HERR DER RINGE ONLINE: Die Schatten von Angmar v01.07.01.81
"7-Zip" = 7-Zip 4.57
"AbAlarm_is1" = AbAlarm
"Accent OFFICE Password Recovery" = Accent OFFICE Password Recovery 2.80
"Adobe Acrobat 4.0" = Adobe Acrobat 4.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced IP Scanner v1.5" = Advanced IP Scanner v1.5
"AVI Splitter_is1" = AVI Splitter
"BFGC" = Big Fish Games: Game Manager
"BFG-Gutterball 2" = Gutterball 2
"BitTorrent" = BitTorrent
"Bus-Simulator 2009_is1" = Bus-Simulator 2009
"CamStudio" = CamStudio
"CCleaner" = CCleaner
"Download Manager" = Download Manager 2.3.10
"Driver Cleaner Pro" = DH Driver Cleaner Professional Edition
"Emicsoft FLV Converter_is1" = Emicsoft FLV Converter
"Euro Truck Simulator" = Euro Truck Simulator 1.2
"FIS2005_is1" = FIS2005 1.0
"FLV Player" = FLV Player 2.0 (build 25)
"Foxit Reader" = Foxit Reader
"Fraps" = Fraps
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free FLV Converter_is1" = Free FLV Converter V 6.93.0
"Free YouTube Download_is1" = Free YouTube Download 2.7
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"Freez FLV to AVI/MPEG/WMV Converter v1.6_is1" = Freez FLV to AVI/MPEG/WMV Converter
"Game Cam XPress" = Game Cam XPress 2.6.0
"German Truck Simulator" = German Truck Simulator 1.00
"German Truck Simulator Demo" = German Truck Simulator Demo (entfernen)
"G-Force" = G-Force
"Google Chrome" = Google Chrome
"Guitar Explorer 1.0" = Guitar Explorer 1.0
"Gutscheinmieze - Toolbar" = Gutscheinmieze - Toolbar
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"IMG Tool" = IMG Tool (remove only)
"Imperium Romanum" = Imperium Romanum 1.02
"InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"IrfanView" = IrfanView (remove only)
"King" = King
"KPSA-home (IE)" = KPSA-home (IE)
"MAGIX_MSI_Videodeluxe17" = MAGIX Video deluxe 17 Download-Version
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU
"Microsoft .NET Framework 3.0 German Language Pack" = Microsoft .NET Framework 3.0 German Language Pack
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Miranda IM" = Miranda IM 0.9.13
"Mozilla Firefox (3.6.15)" = Mozilla Firefox (3.6.15)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"myGamersCam" = myGamersCam 1.5
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Opera 11.01.1190" = Opera 11.01
"PROR" = Microsoft Office Professional 2007-Testversion
"ProTrain 10 Aachen - Köln 1.0" = ProTrain 10 Aachen - Köln 1.0
"ProTrain 17 München-Salzburg 1.0" = ProTrain 17 München-Salzburg 1.0
"ProTrain 18 Hamburg-Berlin 1.0" = ProTrain 18 Hamburg-Berlin 1.0
"ProTrain 19 Berlin-Rostock 1.0" = ProTrain 19 Berlin-Rostock 1.0
"RealArcade 1.2" = RealArcade
"San Andreas Mod Installer1.0" = San Andreas Mod Installer
"Santa Claus in Trouble" = Santa Claus in Trouble
"Santa Claus in trouble ...again! - Demo" = Santa Claus in trouble ...again! - Demo
"SecondLifeViewer2" = SecondLifeViewer2 (remove only)
"Security Task Manager" = Security Task Manager 1.7i
"Sound Blaster AudioPCI 128" = Sound Blaster AudioPCI 128
"SystemRequirementsLab" = System Requirements Lab
"TeamViewer 4" = TeamViewer 4
"Train Simulator 1.0" = Microsoft Train Simulator
"Trillian" = Trillian
"Uninstall_is1" = Uninstall 1.0.0.1
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.5
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"World of Warcraft" = World of Warcraft
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XMedia Recode" = XMedia Recode 2.2.9.7
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{4B35F00C-E63D-40DC-9839-DF15A33EAC46}" = Grand Theft Auto Vice City
"Bus Driver Streckeneditor 0.9.0.0 Alpha" = Bus Driver Streckeneditor 0.9.0.0 Alpha
"PhotoFiltre" = PhotoFiltre
"PhotoZoom Pro 3" = BenVista PhotoZoom Pro 3.1
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.2
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 08.03.2011 16:35:37 | Computer Name = MIRAU-1 | Source = Bonjour Service | ID = 100
Description = 248: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)
Error - 13.03.2011 14:48:49 | Computer Name = MIRAU-1 | Source = Bonjour Service | ID = 100
Description = 228: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)
Error - 13.03.2011 14:48:49 | Computer Name = MIRAU-1 | Source = Bonjour Service | ID = 100
Description = 224: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)
Error - 13.03.2011 14:48:49 | Computer Name = MIRAU-1 | Source = Bonjour Service | ID = 100
Description = 396: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)
Error - 13.03.2011 14:48:49 | Computer Name = MIRAU-1 | Source = Bonjour Service | ID = 100
Description = 388: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)
Error - 14.03.2011 13:25:37 | Computer Name = MIRAU-1 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung explorer.exe, Version 6.0.2900.5512, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 14.03.2011 14:07:59 | Computer Name = MIRAU-1 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung game.exe, Version 1.3.2.0, fehlgeschlagenes
Modul kernel32.dll, Version 5.1.2600.5781, Fehleradresse 0x00012afb.
Error - 14.03.2011 14:10:57 | Computer Name = MIRAU-1 | Source = Bonjour Service | ID = 100
Description = 248: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)
Error - 14.03.2011 14:15:51 | Computer Name = MIRAU-1 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung avp.exe, Version 11.0.2.571, fehlgeschlagenes
Modul msvcr80.dll, Version 8.0.50727.4053, Fehleradresse 0x00015460.
Error - 14.03.2011 14:18:42 | Computer Name = MIRAU-1 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung game.exe, Version 1.0.0.0, fehlgeschlagenes
Modul game.exe, Version 1.0.0.0, Fehleradresse 0x00002863.
[ System Events ]
Error - 26.01.2011 18:24:35 | Computer Name = MIRAU-1 | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Kaspersky
Anti-Virus Service.
Error - 26.01.2011 18:24:35 | Computer Name = MIRAU-1 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Kaspersky Anti-Virus Service" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1053
Error - 28.01.2011 13:41:45 | Computer Name = MIRAU-1 | Source = Service Control Manager | ID = 7011
Description = Zeitüberschreitung (30000 ms) beim Warten auf eine Transaktionsrückmeldung
von Dienst nvsvc.
Error - 28.01.2011 13:42:14 | Computer Name = MIRAU-1 | Source = Service Control Manager | ID = 7023
Description = Der Dienst "SSDP-Suchdienst" wurde mit folgendem Fehler beendet: %%32
< End of report >
|
|
14.03.2011, 21:54
| #18 |
| | ieframe.dll acr_error ich mach morgen nochmal Malwarebytes vollscan und superantispyware...
__________________und jetzt is auch noch was dazu gekommen, der prozes csrss.exe braucht manchmal(wenn er sich mit dem internet verbinden will) um die 50% cpu auslastung was vorher noch nich war, dann nimmt kaspersky auch noch 40% mit seiner avp.exe und dann geht garnix mehr |
|
15.03.2011, 10:59
| #19 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | ieframe.dll acr_error Bitte mal dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html
__________________ Logfiles bitte immer in CODE-Tags posten |
|
26.03.2011, 10:54
| #20 |
| | ieframe.dll acr_error sorry das es so lange gedauert hat, konnte in letzter zeit nich an pc ran. Code:
ATTFilter 2011/03/26 10:49:16.0437 2412 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/03/26 10:49:16.0875 2412 ================================================================================
2011/03/26 10:49:16.0875 2412 SystemInfo:
2011/03/26 10:49:16.0875 2412
2011/03/26 10:49:16.0875 2412 OS Version: 5.1.2600 ServicePack: 3.0
2011/03/26 10:49:16.0875 2412 Product type: Workstation
2011/03/26 10:49:16.0875 2412 ComputerName: MIRAU-1
2011/03/26 10:49:16.0875 2412 UserName: Mirau
2011/03/26 10:49:16.0875 2412 Windows directory: C:\WINDOWS
2011/03/26 10:49:16.0875 2412 System windows directory: C:\WINDOWS
2011/03/26 10:49:16.0875 2412 Processor architecture: Intel x86
2011/03/26 10:49:16.0875 2412 Number of processors: 2
2011/03/26 10:49:16.0875 2412 Page size: 0x1000
2011/03/26 10:49:16.0875 2412 Boot type: Normal boot
2011/03/26 10:49:16.0875 2412 ================================================================================
2011/03/26 10:49:17.0484 2412 Initialize success
2011/03/26 10:49:27.0593 3480 ================================================================================
2011/03/26 10:49:27.0593 3480 Scan started
2011/03/26 10:49:27.0593 3480 Mode: Manual;
2011/03/26 10:49:27.0593 3480 ================================================================================
2011/03/26 10:49:29.0968 3480 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/03/26 10:49:30.0359 3480 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/03/26 10:49:30.0937 3480 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/03/26 10:49:31.0218 3480 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
2011/03/26 10:49:34.0031 3480 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/03/26 10:49:34.0343 3480 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/03/26 10:49:34.0812 3480 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/03/26 10:49:35.0046 3480 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/03/26 10:49:35.0375 3480 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/03/26 10:49:35.0750 3480 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/03/26 10:49:36.0000 3480 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/03/26 10:49:36.0296 3480 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/03/26 10:49:36.0968 3480 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/03/26 10:49:38.0500 3480 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/03/26 10:49:38.0953 3480 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
2011/03/26 10:49:39.0484 3480 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
2011/03/26 10:49:39.0734 3480 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/03/26 10:49:39.0890 3480 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/03/26 10:49:40.0140 3480 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/03/26 10:49:40.0562 3480 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/03/26 10:49:40.0734 3480 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/03/26 10:49:40.0906 3480 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
2011/03/26 10:49:41.0187 3480 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/03/26 10:49:41.0484 3480 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/03/26 10:49:42.0109 3480 fssfltr (e0087225b137e57239ff40f8ae82059b) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
2011/03/26 10:49:42.0796 3480 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/03/26 10:49:43.0109 3480 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/03/26 10:49:43.0359 3480 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
2011/03/26 10:49:43.0765 3480 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/03/26 10:49:44.0078 3480 GVCplDrv (f22bf7f345df95c09942951246aaa28d) C:\WINDOWS\system32\drivers\GVCplDrv.sys
2011/03/26 10:49:44.0421 3480 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/03/26 10:49:44.0718 3480 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/03/26 10:49:45.0265 3480 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/03/26 10:49:45.0843 3480 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/03/26 10:49:46.0234 3480 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/03/26 10:49:46.0593 3480 InCDfs (cbe690aa5e97fcac2fc15e1943626e21) C:\WINDOWS\system32\drivers\InCDfs.sys
2011/03/26 10:49:46.0953 3480 InCDPass (468c4fb805c5aa2cf654f6e725204ac1) C:\WINDOWS\system32\DRIVERS\InCDPass.sys
2011/03/26 10:49:47.0218 3480 InCDrec (1a41a2ba254c06d07de199f464dffe47) C:\WINDOWS\system32\drivers\InCDrec.sys
2011/03/26 10:49:47.0500 3480 incdrm (a253c41ef33cf38895a19062500ce2af) C:\WINDOWS\system32\drivers\incdrm.sys
2011/03/26 10:49:49.0343 3480 IntcAzAudAddService (eb5608fd4f2961517ac9f5cac88b023b) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/03/26 10:49:49.0953 3480 intelppm (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/03/26 10:49:50.0296 3480 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/03/26 10:49:50.0515 3480 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/03/26 10:49:50.0890 3480 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/03/26 10:49:51.0312 3480 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/03/26 10:49:51.0718 3480 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/03/26 10:49:52.0031 3480 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
2011/03/26 10:49:52.0343 3480 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/03/26 10:49:52.0890 3480 irsir (0501f0b9ab08425f8c0eacbdcc04aa32) C:\WINDOWS\system32\DRIVERS\irsir.sys
2011/03/26 10:49:53.0265 3480 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/03/26 10:49:53.0750 3480 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/03/26 10:49:54.0093 3480 kbdhid (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/03/26 10:49:54.0437 3480 kl1 (94d67d49bd9503bb1d838405d80f2058) C:\WINDOWS\system32\DRIVERS\kl1.sys
2011/03/26 10:49:54.0953 3480 kl2 (713576569667ac9e0f8556076004a96b) C:\WINDOWS\system32\DRIVERS\kl2.sys
2011/03/26 10:49:55.0265 3480 KLIF (44ec6b3dbe167c7fa818f9918d2cbf22) C:\WINDOWS\system32\DRIVERS\klif.sys
2011/03/26 10:49:55.0468 3480 klim5 (8d6e11bfa9927978d25b1b8029554f07) C:\WINDOWS\system32\DRIVERS\klim5.sys
2011/03/26 10:49:55.0703 3480 klmouflt (3959530f69e19da56f1f24f2c89f1e2c) C:\WINDOWS\system32\DRIVERS\klmouflt.sys
2011/03/26 10:49:55.0953 3480 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/03/26 10:49:56.0156 3480 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/03/26 10:49:56.0437 3480 L8042Kbd (ac728768de636093b4d5ae6361cfadae) C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
2011/03/26 10:49:56.0593 3480 L8042mou (02d869562e114db8867271992408bb2d) C:\WINDOWS\system32\DRIVERS\L8042mou.Sys
2011/03/26 10:49:57.0593 3480 LHidFilt (75415a95c589a07d6c97baa2d4143916) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
2011/03/26 10:49:57.0859 3480 LMouFilt (fcb3f81ac07b8608f921134237823b88) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
2011/03/26 10:49:58.0093 3480 LMouKE (b286865ac2747ee3b5ea78b5231f8c57) C:\WINDOWS\system32\DRIVERS\LMouKE.Sys
2011/03/26 10:49:58.0359 3480 LUsbFilt (ff1c2f90d40a2e52649937854e175987) C:\WINDOWS\system32\Drivers\LUsbFilt.Sys
2011/03/26 10:49:58.0671 3480 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/03/26 10:49:58.0859 3480 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
2011/03/26 10:49:59.0078 3480 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/03/26 10:49:59.0359 3480 mouhid (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/03/26 10:49:59.0609 3480 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/03/26 10:49:59.0906 3480 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/03/26 10:50:00.0140 3480 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/03/26 10:50:00.0281 3480 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/03/26 10:50:00.0484 3480 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/03/26 10:50:00.0671 3480 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/03/26 10:50:00.0968 3480 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/03/26 10:50:01.0250 3480 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/03/26 10:50:01.0625 3480 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2011/03/26 10:50:01.0953 3480 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/03/26 10:50:02.0234 3480 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/03/26 10:50:02.0531 3480 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/03/26 10:50:03.0156 3480 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/03/26 10:50:03.0750 3480 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/03/26 10:50:04.0375 3480 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/03/26 10:50:05.0062 3480 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/03/26 10:50:05.0531 3480 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/03/26 10:50:06.0328 3480 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/03/26 10:50:07.0250 3480 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/03/26 10:50:11.0265 3480 nv (18c9b152da7bea76b2f9e4b6412e0aaf) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/03/26 10:50:14.0937 3480 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/03/26 10:50:15.0453 3480 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/03/26 10:50:15.0984 3480 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/03/26 10:50:16.0312 3480 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/03/26 10:50:16.0468 3480 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/03/26 10:50:16.0640 3480 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/03/26 10:50:17.0312 3480 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/03/26 10:50:17.0890 3480 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/03/26 10:50:18.0843 3480 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/03/26 10:50:19.0156 3480 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/03/26 10:50:19.0328 3480 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/03/26 10:50:20.0328 3480 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/03/26 10:50:20.0500 3480 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
2011/03/26 10:50:20.0781 3480 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/03/26 10:50:20.0859 3480 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/03/26 10:50:20.0906 3480 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/03/26 10:50:21.0015 3480 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/03/26 10:50:21.0500 3480 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/03/26 10:50:22.0375 3480 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/03/26 10:50:23.0265 3480 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/03/26 10:50:23.0531 3480 RTLE8023xp (b2961a8861da27c4562282c3707250f5) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
2011/03/26 10:50:23.0750 3480 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Programme\SUPERAntiSpyware\SASDIFSV.SYS
2011/03/26 10:50:23.0796 3480 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS
2011/03/26 10:50:24.0343 3480 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/03/26 10:50:24.0609 3480 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/03/26 10:50:24.0796 3480 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/03/26 10:50:25.0000 3480 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/03/26 10:50:25.0078 3480 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/03/26 10:50:25.0359 3480 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/03/26 10:50:25.0765 3480 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/03/26 10:50:25.0906 3480 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/03/26 10:50:25.0953 3480 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/03/26 10:50:26.0062 3480 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/03/26 10:50:26.0125 3480 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/03/26 10:50:26.0156 3480 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/03/26 10:50:26.0187 3480 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/03/26 10:50:26.0234 3480 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/03/26 10:50:26.0468 3480 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/03/26 10:50:26.0609 3480 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/03/26 10:50:26.0796 3480 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\WINDOWS\system32\Drivers\usbaapl.sys
2011/03/26 10:50:26.0984 3480 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/03/26 10:50:27.0187 3480 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/03/26 10:50:27.0437 3480 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/03/26 10:50:27.0562 3480 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/03/26 10:50:27.0640 3480 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/03/26 10:50:27.0828 3480 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/03/26 10:50:27.0984 3480 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/03/26 10:50:28.0125 3480 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/03/26 10:50:28.0359 3480 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/03/26 10:50:28.0578 3480 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
2011/03/26 10:50:28.0734 3480 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/03/26 10:50:29.0000 3480 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/03/26 10:50:29.0203 3480 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/03/26 10:50:29.0500 3480 ================================================================================
2011/03/26 10:50:29.0500 3480 Scan finished
2011/03/26 10:50:29.0500 3480 ================================================================================
|
|
26.03.2011, 19:06
| #21 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | ieframe.dll acr_error Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Downloade Dir danach bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
__________________ --> ieframe.dll acr_error |
|
27.03.2011, 11:18
| #22 |
| | ieframe.dll acr_error seitdem das kaspersky tool ausgeführt wurde was angeblich nix gemacht hat spinnt firefox auch schon rum, meldet probleme beim wiederherstellen von tabs, der prozess von firefox beendet sich nich mehr automatisch nur noch manuell, und wenn der prozess läuft kann ich firefox maximal 1x starten, kann keine mehreren fenster öffnen. hier schonmal OSAM und MBRCheck, GMER folgt später Code:
ATTFilter MBRCheck, version 1.2.3
(c) 2010, AD
Command-line:
Windows Version: Windows XP Home Edition
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000003c
Kernel Drivers (total 125):
0x804D7000 \WINDOWS\system32\ntoskrnl.exe
0x80701000 \WINDOWS\system32\hal.dll
0xF7987000 \WINDOWS\system32\KDCOM.DLL
0xF7897000 \WINDOWS\system32\BOOTVID.dll
0xB82DE000 kl1.sys
0xB82AF000 ACPI.sys
0xF7989000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xB829E000 pci.sys
0xF75F7000 isapnp.sys
0xF7A4F000 pciide.sys
0xF7707000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xF7607000 MountMgr.sys
0xB81DF000 ftdisk.sys
0xF770F000 PartMgr.sys
0xF7617000 VolSnap.sys
0xB81C7000 atapi.sys
0xF7627000 disk.sys
0xF7637000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xB81A7000 fltmgr.sys
0xB8195000 sr.sys
0xB817E000 KSecDD.sys
0xB80F1000 Ntfs.sys
0xB80C4000 NDIS.sys
0xB80AA000 Mup.sys
0xF76F7000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xB540B000 \SystemRoot\system32\DRIVERS\nv4_mini.sys
0xB53F7000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xB53CF000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xB53B5000 \SystemRoot\system32\DRIVERS\Rtenicxp.sys
0xF77C7000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xB5391000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xF77CF000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xB828E000 \SystemRoot\system32\DRIVERS\serial.sys
0xF77D7000 \SystemRoot\system32\DRIVERS\irsir.sys
0xB8086000 \SystemRoot\system32\DRIVERS\irenum.sys
0xB537D000 \SystemRoot\system32\DRIVERS\parport.sys
0xB807E000 \SystemRoot\system32\DRIVERS\serenum.sys
0xB827E000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xB826E000 \SystemRoot\system32\DRIVERS\redbook.sys
0xB535A000 \SystemRoot\system32\DRIVERS\ks.sys
0xF77DF000 \SystemRoot\System32\DRIVERS\InCDPass.sys
0xF77E7000 \SystemRoot\System32\Drivers\incdrm.SYS
0xF77EF000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0xB825E000 \SystemRoot\system32\DRIVERS\imapi.sys
0xB824E000 \SystemRoot\system32\DRIVERS\klim5.sys
0xF7A71000 \SystemRoot\system32\DRIVERS\audstub.sys
0xF77F7000 \SystemRoot\system32\DRIVERS\rasirda.sys
0xF77FF000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xB823E000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xB8062000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xB5343000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xB822E000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xB821E000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xB5332000 \SystemRoot\system32\DRIVERS\psched.sys
0xB820E000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xF780F000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xF7817000 \SystemRoot\system32\DRIVERS\raspti.sys
0xB81FE000 \SystemRoot\system32\DRIVERS\termdd.sys
0xF781F000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xF771F000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xF79F1000 \SystemRoot\system32\DRIVERS\swenum.sys
0xB52D4000 \SystemRoot\system32\DRIVERS\update.sys
0xB805E000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xB7EE6000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xB1E9F000 \SystemRoot\system32\drivers\RtkHDAud.sys
0xB1E7B000 \SystemRoot\system32\drivers\portcls.sys
0xB7ED6000 \SystemRoot\system32\drivers\drmk.sys
0xB5E0A000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xF79FD000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xB1852000 \SystemRoot\system32\DRIVERS\klif.sys
0xF7A03000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xB190B000 \SystemRoot\System32\Drivers\Null.SYS
0xF7A05000 \SystemRoot\System32\Drivers\Beep.SYS
0xB74BE000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xB74B6000 \SystemRoot\System32\drivers\vga.sys
0xF7A07000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF7A09000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xF798B000 \SystemRoot\System32\Drivers\InCDrec.SYS
0xB17F3000 \SystemRoot\System32\Drivers\InCDfs.SYS
0xB74AE000 \SystemRoot\System32\Drivers\Msfs.SYS
0xB74A6000 \SystemRoot\System32\Drivers\Npfs.SYS
0xF7943000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xB749E000 \SystemRoot\system32\DRIVERS\kl2.sys
0xF774F000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0xF7757000 \SystemRoot\System32\Drivers\LUsbFilt.Sys
0xB5DDA000 \SystemRoot\System32\Drivers\WDFLDR.SYS
0xB1778000 \SystemRoot\system32\DRIVERS\Wdf01000.sys
0xB2356000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xB5DCA000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xB173D000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xB16E4000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xB16BE000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xB1696000 \SystemRoot\system32\DRIVERS\netbt.sys
0xB5DBA000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xB1674000 \SystemRoot\System32\drivers\afd.sys
0xB5DAA000 \SystemRoot\system32\DRIVERS\netbios.sys
0xB1652000 \??\C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS
0xF775F000 \??\C:\Programme\SUPERAntiSpyware\SASDIFSV.SYS
0xB15D7000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xB1567000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xB5D9A000 \SystemRoot\System32\Drivers\Fips.SYS
0xF7767000 \SystemRoot\system32\DRIVERS\LHidFilt.Sys
0xB1E6F000 \SystemRoot\system32\DRIVERS\mouhid.sys
0xF776F000 \SystemRoot\system32\DRIVERS\LMouFilt.Sys
0xB1E67000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0xB7E66000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xB1527000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xF79B5000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xB175C000 \SystemRoot\System32\drivers\Dxapi.sys
0xB74C6000 \SystemRoot\System32\watchdog.sys
0xBD000000 \SystemRoot\System32\drivers\dxg.sys
0xF7ABC000 \SystemRoot\System32\drivers\dxgthk.sys
0xBD012000 \SystemRoot\System32\nv4_disp.dll
0xBD62C000 \SystemRoot\System32\ATMFD.DLL
0xB1517000 \SystemRoot\system32\DRIVERS\fssfltr_tdi.sys
0xB06AF000 \SystemRoot\system32\DRIVERS\irda.sys
0xB07D1000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xB04BA000 \SystemRoot\system32\drivers\wdmaud.sys
0xB1507000 \SystemRoot\system32\drivers\sysaudio.sys
0xB00E7000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xF79F9000 \SystemRoot\System32\Drivers\ParVdm.SYS
0xAFE0F000 \SystemRoot\system32\DRIVERS\srv.sys
0xAF506000 \SystemRoot\system32\drivers\kmixer.sys
0x7C910000 \WINDOWS\system32\ntdll.dll
Processes (total 43):
0 System Idle Process
4 System
976 C:\WINDOWS\system32\smss.exe
1028 csrss.exe
1052 C:\WINDOWS\system32\winlogon.exe
1096 C:\WINDOWS\system32\services.exe
1108 C:\WINDOWS\system32\lsass.exe
1284 C:\WINDOWS\system32\nvsvc32.exe
1320 C:\WINDOWS\system32\svchost.exe
1444 svchost.exe
1568 C:\WINDOWS\system32\svchost.exe
1588 C:\Programme\Ahead\InCD\InCDsrv.exe
1900 svchost.exe
180 C:\WINDOWS\system32\spoolsv.exe
692 C:\WINDOWS\explorer.exe
768 C:\WINDOWS\RTHDCPL.exe
820 C:\Programme\iTunes\iTunesHelper.exe
832 C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
848 C:\WINDOWS\system32\rundll32.exe
1356 C:\WINDOWS\system32\ctfmon.exe
1560 svchost.exe
1788 C:\Programme\Logitech\SetPoint\SetPoint.exe
1240 C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1888 C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
260 C:\Programme\Bonjour\mDNSResponder.exe
564 C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\FABS.exe
556 C:\Programme\OpenOffice.org 3\program\soffice.exe
352 C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
2200 C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE
2412 C:\Programme\Gemeinsame Dateien\Logishrd\KHAL2\KHALMNPR.exe
2484 C:\Programme\OpenOffice.org 3\program\soffice.bin
2824 C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVCM.EXE
816 C:\Programme\iPod\bin\iPodService.exe
2628 alg.exe
3572 PresentationFontCache.exe
1400 C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\klwtblfs.exe
744 C:\Programme\iTunes\iTunes.exe
3504 C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
2320 C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\distnoted.exe
440 C:\Programme\Mozilla Firefox\firefox.exe
3936 C:\Programme\Mozilla Firefox\plugin-container.exe
2668 C:\osam.exe
1144 C:\Dokumente und Einstellungen\Mirau\Desktop\MBRCheck.exe
\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`007e0000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000020`a686b200 (NTFS)
PhysicalDrive0 Model Number: ST3250310AS, Rev: 3.AAF
Size Device Name MBR Status
--------------------------------------------
232 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: ADFE55CD0C6ED2E00B22375835E4C2736CE9AD11
Done!
Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 12:17:39 on 27.03.2011 OS: Windows XP Home Edition Service Pack 3 (Build 2600) Default Browser: Mozilla Corporation Firefox 3.6.16 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [AppInit DLLs] -----( HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows )----- "AppInit_DLLs" - "Kaspersky Lab ZAO" - C:\PROGRA~1\KASPER~1\KASPER~3\kloehk.dll [Common] -----( %SystemRoot%\Tasks )----- "AppleSoftwareUpdate.job" - "Apple Inc." - C:\Programme\Apple Software Update\SoftwareUpdate.exe "GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe [Control Panel Objects] -----( %SystemRoot%\system32 )----- "infocardcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\infocardcpl.cpl "javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\javacpl.cpl "nvcpl.cpl" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvcpl.cpl -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Office12\MLCFG32.CPL "Pando" - "Pando Networks" - C:\Programme\Pando Networks\Media Booster\PMB.cpl "QuickTime" - "Apple Inc." - C:\Programme\QuickTime\QTSystem\QuickTime.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "catchme" (catchme) - ? - C:\cofi\catchme.sys (File not found) "cdrmkaun" (cdrmkaun) - ? - C:\DOKUME~1\Mirau\LOKALE~1\Temp\cdrmkaun.sys (File not found) "Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys (File not found) "ensqio" (ensqio) - ? - C:\WINDOWS\System32\DRIVERS\ensqio.sys (File not found) "FssFltr" (fssfltr) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\fssfltr_tdi.sys "GVCplDrv" (GVCplDrv) - ? - C:\WINDOWS\system32\drivers\GVCplDrv.sys (File found, but it contains no detailed information) "i2omgmt" (i2omgmt) - ? - C:\WINDOWS\system32\drivers\i2omgmt.sys (File not found) "InCD File System" (InCDfs) - "Ahead Software AG" - C:\WINDOWS\system32\drivers\InCDfs.sys "InCD Reader" (incdrm) - "Ahead Software AG" - C:\WINDOWS\system32\drivers\incdrm.sys "InCDPass" (InCDPass) - "Ahead Software AG" - C:\WINDOWS\System32\DRIVERS\InCDPass.sys "InCDrec" (InCDrec) - "Ahead Software AG" - C:\WINDOWS\system32\drivers\InCDrec.sys "lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys (File not found) "PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys (File not found) "PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys (File not found) "PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys (File not found) "PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys (File not found) "PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys (File not found) "SASDIFSV" (SASDIFSV) - "SUPERAdBlocker.com and SUPERAntiSpyware.com" - C:\Programme\SUPERAntiSpyware\SASDIFSV.SYS "SASKUTIL" (SASKUTIL) - "SUPERAdBlocker.com and SUPERAntiSpyware.com" - C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS "SB AudioPCI 128" (sbpcint4) - ? - C:\WINDOWS\System32\DRIVERS\sbpcint4.sys (File not found) "WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys (File not found) [Explorer] -----( HKCU\Software\Classes\Folder\shellex\ColumnHandlers )----- {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - (File not found | COM-object registry key not found) -----( HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {BDEADF00-C265-11d0-BCED-00A0C90AB50F} "Web Folders" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\MSONSEXT.DLL -----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )----- {89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll {807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll {828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL {828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL {03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Programme\Windows Live\Mail\mailcomm.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )----- {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} "SABShellExecuteHook Class" - "SuperAdBlocker.com" - C:\Programme\SUPERAntiSpyware\SASSEH.DLL -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Programme\7-Zip\7-zip.dll {0563DB41-F538-4B37-A92D-4659049B7766} "CLSID_WLMCMimeFilter" - "Microsoft Corporation" - C:\Programme\Windows Live\Mail\mailcomm.dll {94586423-855F-4EB2-9F6A-D9DA5658DBE3} "Context menu" - ? - C:\PROGRA~1\FREEM4~1\m4a_menu.dll (File found, but it contains no detailed information) {42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? - deskpan.dll (File not found) {1CDB2949-8F65-4355-8456-263E7C208A5D} "Desktop Explorer" - "NVIDIA Corporation" - C:\Programme\NVIDIA Corporation\nView\nvshell.dll {1E9B04FB-F9E5-4718-997B-B8DA88302A47} "Desktop Explorer Menu" - "NVIDIA Corporation" - C:\Programme\NVIDIA Corporation\nView\nvshell.dll {A70C977A-BF00-412C-90B7-034C51DA2439} "DesktopContext Class" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvcpl.dll {1D2680C9-0E2A-469d-B787-065558BC7D43} "Fusion Cache" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll {88895560-9AA2-1069-930E-00AA0030EBC8} "HyperTerminal Icon Ext" - ? - C:\WINDOWS\system32\hticons.dll (File not found) {FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? - (File not found | COM-object registry key not found) {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Programme\iTunes\iTunesMiniPlayer.dll {DC70C4A5-2044-4c59-B806-DEFB9AE0DF7C} "KbLogiExt Class" - "Logitech, Inc." - C:\Programme\Logitech\SetPoint\kbcplext.dll {853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? - (File not found | COM-object registry key not found) {B9B9F083-2B04-452A-8691-83694AC1037B} "LogiExt Class" - "Logitech, Inc." - C:\Programme\Logitech\SetPoint\mcplext.dll {73B24247-042E-4EF5-ADC2-42F62E6FD654} "MCLiteShellExt Class" - ? - C:\Programme\ICQLite\ICQLiteShell.dll (File not found) {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\msohevi.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\msoshext.dll {00020D75-0000-0000-C000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Office12\MLSHEXT.DLL {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\msoshext.dll {FFB699E0-306A-11d3-8BD1-00104B6F7516} "NVIDIA CPL Extension" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvcpl.dll {1E9B04FB-F9E5-4718-997B-B8DA88302A48} "nView Desktop Context Menu" - "NVIDIA Corporation" - C:\Programme\NVIDIA Corporation\nView\nvshell.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - (File not found | COM-object registry key not found) {087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - (File not found | COM-object registry key not found) {63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - (File not found | COM-object registry key not found) {3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - (File not found | COM-object registry key not found) {0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Office12\OLKFSTUB.DLL {950FF917-7A57-46BC-8017-59D9BF474000} "Shell Extension for CDRW" - "Ahead Software AG" - C:\Programme\Ahead\InCD\incdshx.dll {E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - C:\WINDOWS\system32\dfshim.dll {764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? - (File not found | COM-object registry key not found) {e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - C:\WINDOWS\system32\dfshim.dll {66F1DE40-D550-4119-9120-6592E3390623} "SmartDraw Thumbnail Handler" - ? - C:\Programme\SmartDraw 2010\SDThumbnail.dll (File not found) {85E0B171-04FA-11D1-B7DA-00A0C90348D6} "Statistik für den Schutz des Web-Datenverkehrs" - ? - (File not found | COM-object registry key not found) {BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Web Folders" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\MSONSEXT.DLL {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\PhotoViewerShim.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Programme\WinRAR\rarext.dll {06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- <binary data> "&Google" - "Google Germany GmbH" - c:\programme\google\googletoolbar1.dll <binary data> "&Windows Live Toolbar" - "Microsoft Corporation" - C:\Programme\Windows Live\Toolbar\wltcore.dll <binary data> "Gutscheinmieze" - ? - C:\Dokumente und Einstellungen\Mirau\Anwendungsdaten\Gutscheinmieze\toolbar.dll (File not found) ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) <binary data> "ITBarLayout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_13" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_13.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} "Java Plug-in 1.6.0_13" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_13.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_13" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_13.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab {166B1BCA-3F9C-11CF-8075-444553540000} "Shockwave ActiveX Control" - "Adobe Systems, Inc." - C:\WINDOWS\system32\Adobe\Director\SwDir.dll / hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab {1E54D648-B804-468d-BC78-4AFFED8E262F} "System Requirements Lab Class" - "Husdawg, LLC" - C:\WINDOWS\Downloaded Program Files\sysreqlab_nvd.dll / hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} "{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}" - ? - (File not found | COM-object registry key not found) / hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {4248FE82-7FCB-46AC-B270-339F08212110} "&Virtuelle Tastatur" - "Kaspersky Lab ZAO" - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll {5F7B1267-94A9-47F5-98DB-E99415F33AEC} "Blog This" - "Microsoft Corporation" - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll {CCF151D8-D089-449F-A5A4-D9909053F20F} "Li&nks untersuchen" - "Kaspersky Lab ZAO" - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll {FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- <binary data> "&Windows Live Toolbar" - "Microsoft Corporation" - C:\Programme\Windows Live\Toolbar\wltcore.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {E33CF602-D945-461A-83F0-819F76A199F8} "FilterBHO Class" - "Kaspersky Lab ZAO" - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll {AA58ED58-01DD-4d91-8333-CF10577473F7} "Google Toolbar Helper" - "Google Germany GmbH" - c:\programme\google\googletoolbar1.dll {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} "Google Toolbar Notifier BHO" - "Google Inc." - C:\Programme\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} "IEVkbdBHO Class" - "Kaspersky Lab ZAO" - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} "Search Helper" - "Microsoft Corp." - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID Sign-in Helper" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} "Windows Live Toolbar Helper" - "Microsoft Corporation" - C:\Programme\Windows Live\Toolbar\wltcore.dll {5C255C8A-E604-49b4-9D64-90988571CECB} "{5C255C8A-E604-49b4-9D64-90988571CECB}" - ? - (File not found | COM-object registry key not found) [Logon] -----( %AllUsersProfile%\Startmenü\Programme\Autostart )----- "desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini "Logitech SetPoint.lnk" - "Logitech, Inc." - C:\Programme\Logitech\SetPoint\SetPoint.exe (Shortcut exists | File exists) "McAfee Security Scan Plus.lnk" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\McAfee Security Scan Plus.lnk (Shortcut exists | File not found) "Microsoft Office.lnk" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office\OSA9.EXE (Shortcut exists | File exists) -----( %UserProfile%\Startmenü\Programme\Autostart )----- "desktop.ini" - ? - C:\Dokumente und Einstellungen\Mirau\Startmenü\Programme\Autostart\desktop.ini "OpenOffice.org 3.0.lnk" - ? - C:\Programme\OpenOffice.org 3\program\quickstart.exe (Shortcut exists | File found, but it contains no detailed information | File exists) -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "igndlm.exe" - "IGN Entertainment" - C:\Programme\Download Manager\DLM.exe /windowsstart /startifwork "msnmsgr" - "Microsoft Corporation" - "C:\Programme\Windows Live\Messenger\msnmsgr.exe" /background "Pando Media Booster" - ? - C:\Programme\Pando Networks\Media Booster\PMB.exe "RGSC" - "Take-Two Interactive Software, Inc." - D:\Programme\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent "SUPERAntiSpyware" - "SUPERAntiSpyware.com" - C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" "avp" - "Kaspersky Lab ZAO" - "C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" "iTunesHelper" - "Apple Inc." - "C:\Programme\iTunes\iTunesHelper.exe" "NvCplDaemon" - "NVIDIA Corporation" - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup "NvMediaCenter" - "NVIDIA Corporation" - RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit "nwiz" - "NVIDIA Corporation" - C:\Programme\NVIDIA Corporation\nView\nwiz.exe /installquiet "QuickTime Task" - "Apple Inc." - "C:\Programme\QuickTime\qttask.exe" -atboottime "TrayServer" - "MAGIX AG" - C:\Programme\MAGIX\Video_deluxe_17_Download-Version\TrayServer.exe [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- ".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe "Anwendungsverwaltung" (AppMgmt) - ? - C:\WINDOWS\System32\appmgmts.dll (File not found) "Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe "ASP.NET-Zustandsdienst" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe "Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Programme\Bonjour\mDNSResponder.exe "FABS - Helping agent for MAGIX media database" (Fabs) - "MAGIX AG" - C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\FABS.exe "Firebird Server - MAGIX Instance" (FirebirdServerMAGIXInstance) - "MAGIX®" - C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\fbserver.exe "getPlus(R) Helper 3004" (nosGetPlusHelper) - "NOS Microsystems Ltd." - C:\Programme\NOS\bin\getPlus_Helper_3004.dll "Google Update Service (gupdate1c9de1043fda0a)" (gupdate1c9de1043fda0a) - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe "Google Updater Service" (gusvc) - "Google" - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe "InCD Helper (read only)" (InCDsrvR) - "Ahead Software AG" - C:\Programme\Ahead\InCD\InCDsrv.exe "InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe "iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Programme\iPod\bin\iPodService.exe "Kaspersky Anti-Virus Service" (AVP) - "Kaspersky Lab ZAO" - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe "Logitech Bluetooth Service" (LBTServ) - "Logitech, Inc." - C:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTServ.exe "McAfee Security Scan Component Host Service" (McComponentHostService) - ? - "C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe" (File not found) "Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE "NVIDIA Display Driver Service" (nvsvc) - "NVIDIA Corporation" - C:\WINDOWS\system32\nvsvc32.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE "SeaPort" (SeaPort) - "Microsoft Corp." - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe "SiSoftware Deployment Agent Service" (SandraAgentSrv) - "SiSoftware" - C:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\RpcAgentSrv.exe "Windows CardSpace" (idsvc) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe "Windows Live Family Safety Service" (fsssvc) - "Microsoft Corporation" - C:\Programme\Windows Live\Family Safety\fsssvc.exe "Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE "Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [Winlogon] -----( HKCU\Control Panel\IOProcs )----- "MVB" - ? - mvfs32.dll (File not found) -----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions )----- {c6dc5466-785a-11d2-84d0-00c04fb169f7} "Softwareinstallation" - ? - appmgmts.dll (File not found) -----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )----- "!SASWinLogon" - "SUPERAntiSpyware.com" - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL "LBTWlgn" - "Logitech, Inc." - c:\programme\gemeinsame dateien\logishrd\bluetooth\LBTWlgn.dll [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "mdnsNSP" - "Apple Inc." - C:\Programme\Bonjour\mdnsNSP.dll ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru |
|
27.03.2011, 13:25
| #23 |
| | ieframe.dll acr_error GMER Code:
ATTFilter GMER 1.0.15.15530 - hxxp://www.gmer.net
Rootkit scan 2011-03-27 14:24:13
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-17 ST3250310AS rev.3.AAF
Running: 9wwk15un.exe; Driver: C:\DOKUME~1\Mirau\LOKALE~1\Temp\pgtdypow.sys
---- System - GMER 1.0.15 ----
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwAdjustPrivilegesToken [0xB187E5FA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwClose [0xB187EEFE]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwConnectPort [0xB187FD32]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateEvent [0xB188027C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateFile [0xB187F1DA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateKey [0xB187D46A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateMutant [0xB1880162]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateNamedPipeFile [0xB187E1E8]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreatePort [0xB1880036]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateSection [0xB187E390]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateSemaphore [0xB188039C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateThread [0xB187EB86]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateWaitablePort [0xB18800CC]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDebugActiveProcess [0xB1881A84]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDeleteKey [0xB187DA74]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDeleteValueKey [0xB187DE28]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDeviceIoControlFile [0xB187F65C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDuplicateObject [0xB1882C90]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwEnumerateKey [0xB187DF74]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwEnumerateValueKey [0xB187E00C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwFsControlFile [0xB187F46A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwLoadDriver [0xB1881B76]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwLoadKey [0xB187D446]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwLoadKey2 [0xB187D458]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwMapViewOfSection [0xB18822DE]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwNotifyChangeKey [0xB187E138]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenEvent [0xB1880312]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenFile [0xB187EF80]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenKey [0xB187D62A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenMutant [0xB18801F2]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenProcess [0xB187E836]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenSection [0xB1882078]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenSemaphore [0xB1880432]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenThread [0xB187E728]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueryKey [0xB187E0A4]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueryMultipleValueKey [0xB187DCDC]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQuerySection [0xB1882618]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueryValueKey [0xB187D906]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueueApcThread [0xB1881F0A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwRenameKey [0xB187DB96]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwReplaceKey [0xB187CE80]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwReplyPort [0xB1880796]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwReplyWaitReceivePort [0xB188065C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwRequestWaitReplyPort [0xB188181E]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwRestoreKey [0xB187D1F8]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwResumeThread [0xB1882B32]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSaveKey [0xB187CE18]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSecureConnectPort [0xB187FA78]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetContextThread [0xB187EDA2]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetInformationToken [0xB18810BE]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetSecurityObject [0xB1881D14]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetSystemInformation [0xB1882768]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetValueKey [0xB187D780]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSuspendProcess [0xB188285A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSuspendThread [0xB1882994]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSystemDebugControl [0xB18819A8]
SSDT \??\C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS (SASKUTIL.SYS/SUPERAdBlocker.com and SUPERAntiSpyware.com) ZwTerminateProcess [0xB165C620]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwTerminateThread [0xB187E932]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwUnmapViewOfSection [0xB18824BC]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwWriteVirtualMemory [0xB187EABC]
Code \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) FsRtlCheckLockForReadAccess
Code \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) IoIsOperationSynchronous
---- Kernel code sections - GMER 1.0.15 ----
.text ntoskrnl.exe!ZwYieldExecution + 1FA 804E4A54 12 Bytes [76, 1B, 88, B1, 46, D4, 87, ...]
.text ntoskrnl.exe!ZwYieldExecution + 25E 804E4AB8 4 Bytes CALL 053AFC44
.text ntoskrnl.exe!ZwYieldExecution + 376 804E4BD0 16 Bytes [96, DB, 87, B1, 80, CE, 87, ...] {XCHG ESI, EAX; FILD DWORD [EDI-0x78317f4f]; MOV CL, 0x96; POP ES; MOV [ECX-0x4e77f9a4], DH}
.text ntoskrnl.exe!ZwYieldExecution + 46A 804E4CC4 12 Bytes [5A, 28, 88, B1, 94, 29, 88, ...]
.text ntoskrnl.exe!ZwYieldExecution + 4CA 804E4D24 4 Bytes JMP 5AB2B187
.text ntoskrnl.exe!IoIsOperationSynchronous 804EAFCE 5 Bytes JMP B18713C8 \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)
.text ntoskrnl.exe!FsRtlCheckLockForReadAccess 804F45B3 5 Bytes JMP B1870FEC \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)
.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB540B3A0, 0x5FE082, 0xE8000020]
---- User code sections - GMER 1.0.15 ----
? C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] C:\WINDOWS\system32\ntdll.dll time/date stamp mismatch;
? C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] C:\WINDOWS\system32\kernel32.dll time/date stamp mismatch;
.text C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] USER32.dll!AlignRects + FFFA5598 7E362A78 4 Bytes [E0, 13, 48, 6C] {LOOPNZ 0x15; DEC EAX; INSB }
? C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] C:\WINDOWS\system32\ntdll.dll time/date stamp mismatch;
? C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] C:\WINDOWS\system32\kernel32.dll time/date stamp mismatch;
.text C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] USER32.dll!AlignRects + FFFA5598 7E362A78 4 Bytes [E0, 13, 48, 6C] {LOOPNZ 0x15; DEC EAX; INSB }
---- Kernel IAT/EAT - GMER 1.0.15 ----
IAT \SystemRoot\system32\DRIVERS\ipsec.sys[ntoskrnl.exe!IoCreateDevice] [B8320C00] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[ntoskrnl.exe!IoCreateDevice] [B8320C00] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[TDI.SYS!TdiRegisterDeviceObject] [B8320D50] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
IAT \SystemRoot\system32\DRIVERS\ipnat.sys[ntoskrnl.exe!IoCreateDevice] [B8320C00] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
IAT \SystemRoot\system32\DRIVERS\netbt.sys[ntoskrnl.exe!IoCreateDevice] [B8320C00] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
IAT \SystemRoot\system32\DRIVERS\netbt.sys[TDI.SYS!TdiRegisterDeviceObject] [B8320D50] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[ntoskrnl.exe!IoCreateDevice] [B8320C00] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
IAT \SystemRoot\System32\drivers\afd.sys[ntoskrnl.exe!IoCreateDevice] [B8320C00] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
IAT \SystemRoot\system32\DRIVERS\netbios.sys[ntoskrnl.exe!IoCreateDevice] [B8320C00] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
IAT \SystemRoot\system32\DRIVERS\rdbss.sys[ntoskrnl.exe!IoCreateDevice] [B8320C00] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
IAT \SystemRoot\system32\DRIVERS\mrxsmb.sys[ntoskrnl.exe!IoCreateDevice] [B8320C00] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
IAT \SystemRoot\System32\Drivers\Fips.SYS[ntoskrnl.exe!IoCreateDevice] [B8320C00] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
IAT \SystemRoot\system32\DRIVERS\mouhid.sys[ntoskrnl.exe!IoCreateDevice] [B8320C00] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
IAT \SystemRoot\system32\DRIVERS\kbdhid.sys[ntoskrnl.exe!IoCreateDevice] [B8320C00] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
IAT \SystemRoot\System32\Drivers\Cdfs.SYS[ntoskrnl.exe!IoCreateDevice] [B8320C00] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
IAT \SystemRoot\system32\DRIVERS\fssfltr_tdi.sys[ntoskrnl.exe!IoCreateDevice] [B8320C00] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
IAT \SystemRoot\system32\DRIVERS\irda.sys[ntoskrnl.exe!IoCreateDevice] [B8320C00] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[ntoskrnl.exe!IoCreateDevice] [B8320C00] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
IAT \SystemRoot\system32\drivers\wdmaud.sys[ntoskrnl.exe!IoCreateDevice] [B8320C00] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
IAT \SystemRoot\system32\drivers\sysaudio.sys[ntoskrnl.exe!IoCreateDevice] [B8320C00] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
IAT \SystemRoot\system32\DRIVERS\mrxdav.sys[ntoskrnl.exe!IoCreateDevice] [B8320C00] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
IAT \SystemRoot\System32\Drivers\ParVdm.SYS[ntoskrnl.exe!IoCreateDevice] [B8320C00] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
IAT \SystemRoot\system32\DRIVERS\srv.sys[ntoskrnl.exe!IoCreateDevice] [B8320C00] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
IAT \SystemRoot\system32\drivers\kmixer.sys[ntoskrnl.exe!IoCreateDevice] [B8320C00] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlAllocateHeap] 01160240
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlFreeHeap] 011602B0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlSizeHeap] 01160320
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlReAllocateHeap] 01160390
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetErrorMode] 013404E0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01340550
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] 013405C0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] 01340630
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleHandleA] 013406A0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!HeapDestroy] 01160940
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!HeapCreate] 011609B0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!VirtualFree] 01160A20
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!VirtualAlloc] 01160A90
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateThread] 01160B70
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode] 013408D0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!CreateThread] 01160CC0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleW] 01340940
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 013409B0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleA] 01340A20
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] 01340A90
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] 01340B00
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!VirtualAlloc] 01160E10
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!VirtualFree] 01160E80
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlFreeHeap] 01160EF0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlAllocateHeap] 01160F60
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlReAllocateHeap] 7C9D0400
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] 01340B70
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] 01340BE0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01340C50
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateThread] 7C9D0550
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetModuleHandleW] 01340CC0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!VirtualAlloc] 7C9D05C0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!VirtualFree] 7C9D0630
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!RtlFreeHeap] 7C9D06A0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!RtlAllocateHeap] 7C9D0710
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01340D30
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetModuleHandleW] 01340DA0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] 01340E10
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] 01340E80
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!RtlFreeHeap] 7C9D0780
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!RtlAllocateHeap] 7C9D07F0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] 01340EF0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] 01340F60
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7C9E02B0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!CreateThread] 7C9D0860
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleHandleA] 7C9E0320
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleHandleW] 7C9E04E0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateThread] 7C9D08D0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleHandleA] 7C9E0550
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7C9E05C0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] 7C9E0630
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] 7C9E06A0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!RtlAllocateHeap] 7C9D0B00
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!RtlFreeHeap] 7C9D0B70
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7C9E0710
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] 7C9E0780
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] 7C9E07F0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!RtlAllocateHeap] 7C9D0BE0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!RtlFreeHeap] 7C9D0C50
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetErrorMode] 7C9E0D30
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!CreateThread] 01170320
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!GetProcAddress] 7C9E0DA0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!FreeLibrary] 7C9E0E10
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7C9E0E80
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\userenv.dll [ntdll.dll!RtlFreeHeap] 01170390
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 013500F0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!FreeLibrary] 01350160
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!GetProcAddress] 013501D0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!CreateThread] 01170470
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\netapi32.dll [ntdll.dll!RtlAllocateHeap] 011705C0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\netapi32.dll [ntdll.dll!RtlFreeHeap] 01170630
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] 01350390
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] 01350400
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 01350470
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 013504E0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode] 01350550
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleA] 013505C0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleW] 01350630
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] 013506A0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] 011708D0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!HeapDestroy] 01170940
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!HeapCreate] 01170A20
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] 01350710
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!VirtualAlloc] 01170EF0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleA] 01350B70
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!HeapCreate] 01170F60
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!VirtualFree] 01180010
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!HeapDestroy] 011801D0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01350BE0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleW] 01350C50
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetErrorMode] 01350CC0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] 01350D30
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateThread] 01180240
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] 01350DA0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!RtlFreeHeap] 011802B0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] 01350E10
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetModuleHandleW] 01350E80
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] 01350EF0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateThread] 011804E0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!VirtualAlloc] 01180550
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01350F60
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!RtlFreeHeap] 011805C0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!HeapCreate] 7C9D0240
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!HeapDestroy] 7C9D02B0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] 7C9E0160
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!CreateThread] 7C9D01D0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] 7C9E0010
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7C9E0240
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] 7C9E0010
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7C9E0240
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetModuleHandleA] 7C9E0080
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!CreateThread] 7C9D01D0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[832] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] 7C9E0160
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlAllocateHeap] 00F20240
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlFreeHeap] 00F202B0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlSizeHeap] 00F20320
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlReAllocateHeap] 00F20390
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetErrorMode] 011F04E0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 011F0550
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] 011F05C0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] 011F0630
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleHandleA] 011F06A0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!HeapDestroy] 00F20940
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!HeapCreate] 00F209B0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!VirtualFree] 00F20A20
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!VirtualAlloc] 00F20A90
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateThread] 00F20B70
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode] 011F08D0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!CreateThread] 00F20CC0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleW] 011F0940
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 011F09B0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleA] 011F0A20
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] 011F0A90
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] 011F0B00
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!VirtualAlloc] 00F20E10
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!VirtualFree] 00F20E80
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlFreeHeap] 00F20EF0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlAllocateHeap] 00F20F60
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlReAllocateHeap] 7C9D0400
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] 011F0B70
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] 011F0BE0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 011F0C50
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateThread] 7C9D0550
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetModuleHandleW] 011F0CC0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!VirtualAlloc] 7C9D05C0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!VirtualFree] 7C9D0630
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!RtlFreeHeap] 7C9D06A0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!RtlAllocateHeap] 7C9D0710
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 011F0D30
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetModuleHandleW] 011F0DA0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] 011F0E10
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] 011F0E80
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!RtlFreeHeap] 7C9D0780
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!RtlAllocateHeap] 7C9D07F0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] 011F0EF0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] 011F0F60
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7C9E02B0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!CreateThread] 7C9D0860
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleHandleA] 7C9E0320
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleHandleW] 7C9E04E0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateThread] 7C9D08D0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleHandleA] 7C9E0550
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7C9E05C0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] 7C9E0630
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] 7C9E06A0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!RtlAllocateHeap] 7C9D0B00
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!RtlFreeHeap] 7C9D0B70
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7C9E0710
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] 7C9E0780
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] 7C9E07F0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!RtlAllocateHeap] 7C9D0BE0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!RtlFreeHeap] 7C9D0C50
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetErrorMode] 7C9E0D30
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!CreateThread] 00F30320
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!GetProcAddress] 7C9E0DA0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!FreeLibrary] 7C9E0E10
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7C9E0E80
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\userenv.dll [ntdll.dll!RtlFreeHeap] 00F30390
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 012000F0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!FreeLibrary] 01200160
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!GetProcAddress] 012001D0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!CreateThread] 00F30470
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\netapi32.dll [ntdll.dll!RtlAllocateHeap] 00F305C0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\netapi32.dll [ntdll.dll!RtlFreeHeap] 00F30630
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] 01200390
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] 01200400
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 01200470
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 012004E0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode] 01200550
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleA] 012005C0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleW] 01200630
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] 012006A0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] 00F308D0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!HeapDestroy] 00F30940
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!HeapCreate] 00F30A20
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] 01200710
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!VirtualAlloc] 00F30EF0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleA] 01200B70
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!HeapCreate] 00F30F60
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!VirtualFree] 00F40010
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!HeapDestroy] 00F401D0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01200BE0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleW] 01200C50
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetErrorMode] 01200CC0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] 01200D30
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateThread] 00F40240
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] 01200DA0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!RtlFreeHeap] 00F402B0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] 01200E10
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetModuleHandleW] 01200E80
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] 01200EF0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateThread] 00F404E0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!VirtualAlloc] 00F40550
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01200F60
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!RtlFreeHeap] 00F405C0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!HeapCreate] 7C9D0240
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!HeapDestroy] 7C9D02B0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] 7C9E0160
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!CreateThread] 7C9D01D0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] 7C9E0010
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7C9E0240
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] 7C9E0010
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7C9E0240
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetModuleHandleA] 7C9E0080
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!CreateThread] 7C9D01D0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] 7C9E0160
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7C9E0240
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!FreeLibrary] 7C9E0010
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!HeapCreate] 7C9D0240
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!HeapDestroy] 7C9D02B0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] 7C9E0160
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\iphlpapi.dll [ntdll.dll!RtlFreeHeap] 7C9D0080
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\iphlpapi.dll [ntdll.dll!RtlAllocateHeap] 7C9D0010
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\SAMLIB.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7C9E0240
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\SAMLIB.dll [KERNEL32.dll!VirtualFree] 7C9D0390
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\SAMLIB.dll [KERNEL32.dll!VirtualAlloc] 7C9D0320
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!CreateThread] 7C9D01D0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!SetErrorMode] 7C9E01D0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetModuleHandleA] 7C9E0080
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetModuleHandleW] 7C9E00F0
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7C9E0240
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] 7C9E0160
IAT C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1888] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!FreeLibrary] 7C9E0010
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\Tcpip \Device\Ip kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
AttachedDevice \Driver\Tcpip \Device\Tcp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
AttachedDevice \Driver\Tcpip \Device\Udp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
AttachedDevice \Driver\Tcpip \Device\RawIp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
|
|
27.03.2011, 21:01
| #24 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | ieframe.dll acr_errorZitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
28.03.2011, 16:56
| #25 |
| | ieframe.dll acr_error einen report nach dem neustart gabs jetzt nich, nur ne meldung das es erfolgreich war. Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 17:55:23 on 28.03.2011 OS: Windows XP Home Edition Service Pack 3 (Build 2600) Default Browser: Mozilla Corporation Firefox 3.6.16 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [AppInit DLLs] -----( HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows )----- "AppInit_DLLs" - "Kaspersky Lab ZAO" - C:\PROGRA~1\KASPER~1\KASPER~3\kloehk.dll [Common] -----( %SystemRoot%\Tasks )----- "AppleSoftwareUpdate.job" - "Apple Inc." - C:\Programme\Apple Software Update\SoftwareUpdate.exe "GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe [Control Panel Objects] -----( %SystemRoot%\system32 )----- "infocardcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\infocardcpl.cpl "javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\javacpl.cpl "nvcpl.cpl" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvcpl.cpl -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Office12\MLCFG32.CPL "Pando" - "Pando Networks" - C:\Programme\Pando Networks\Media Booster\PMB.cpl "QuickTime" - "Apple Inc." - C:\Programme\QuickTime\QTSystem\QuickTime.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "catchme" (catchme) - ? - C:\cofi\catchme.sys (File not found) "cdrmkaun" (cdrmkaun) - ? - C:\DOKUME~1\Mirau\LOKALE~1\Temp\cdrmkaun.sys (File not found) "Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys (File not found) "FssFltr" (fssfltr) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\fssfltr_tdi.sys "GVCplDrv" (GVCplDrv) - ? - C:\WINDOWS\system32\drivers\GVCplDrv.sys (File found, but it contains no detailed information) "i2omgmt" (i2omgmt) - ? - C:\WINDOWS\system32\drivers\i2omgmt.sys (File not found) "InCD File System" (InCDfs) - "Ahead Software AG" - C:\WINDOWS\system32\drivers\InCDfs.sys "InCD Reader" (incdrm) - "Ahead Software AG" - C:\WINDOWS\system32\drivers\incdrm.sys "InCDPass" (InCDPass) - "Ahead Software AG" - C:\WINDOWS\System32\DRIVERS\InCDPass.sys "InCDrec" (InCDrec) - "Ahead Software AG" - C:\WINDOWS\system32\drivers\InCDrec.sys "lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys (File not found) "PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys (File not found) "PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys (File not found) "PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys (File not found) "PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys (File not found) "PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys (File not found) "SASDIFSV" (SASDIFSV) - "SUPERAdBlocker.com and SUPERAntiSpyware.com" - C:\Programme\SUPERAntiSpyware\SASDIFSV.SYS "SASKUTIL" (SASKUTIL) - "SUPERAdBlocker.com and SUPERAntiSpyware.com" - C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS "SB AudioPCI 128" (sbpcint4) - ? - C:\WINDOWS\System32\DRIVERS\sbpcint4.sys (File not found) "WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys (File not found) [Explorer] -----( HKCU\Software\Classes\Folder\shellex\ColumnHandlers )----- {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - (File not found | COM-object registry key not found) -----( HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {BDEADF00-C265-11d0-BCED-00A0C90AB50F} "Web Folders" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\MSONSEXT.DLL -----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )----- {89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll {807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll {828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL {828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL {03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Programme\Windows Live\Mail\mailcomm.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )----- {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} "SABShellExecuteHook Class" - "SuperAdBlocker.com" - C:\Programme\SUPERAntiSpyware\SASSEH.DLL -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Programme\7-Zip\7-zip.dll {0563DB41-F538-4B37-A92D-4659049B7766} "CLSID_WLMCMimeFilter" - "Microsoft Corporation" - C:\Programme\Windows Live\Mail\mailcomm.dll {94586423-855F-4EB2-9F6A-D9DA5658DBE3} "Context menu" - ? - C:\PROGRA~1\FREEM4~1\m4a_menu.dll (File found, but it contains no detailed information) {42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? - deskpan.dll (File not found) {1CDB2949-8F65-4355-8456-263E7C208A5D} "Desktop Explorer" - "NVIDIA Corporation" - C:\Programme\NVIDIA Corporation\nView\nvshell.dll {1E9B04FB-F9E5-4718-997B-B8DA88302A47} "Desktop Explorer Menu" - "NVIDIA Corporation" - C:\Programme\NVIDIA Corporation\nView\nvshell.dll {A70C977A-BF00-412C-90B7-034C51DA2439} "DesktopContext Class" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvcpl.dll {1D2680C9-0E2A-469d-B787-065558BC7D43} "Fusion Cache" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll {88895560-9AA2-1069-930E-00AA0030EBC8} "HyperTerminal Icon Ext" - ? - C:\WINDOWS\system32\hticons.dll (File not found) {FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? - (File not found | COM-object registry key not found) {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Programme\iTunes\iTunesMiniPlayer.dll {DC70C4A5-2044-4c59-B806-DEFB9AE0DF7C} "KbLogiExt Class" - "Logitech, Inc." - C:\Programme\Logitech\SetPoint\kbcplext.dll {853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? - (File not found | COM-object registry key not found) {B9B9F083-2B04-452A-8691-83694AC1037B} "LogiExt Class" - "Logitech, Inc." - C:\Programme\Logitech\SetPoint\mcplext.dll {73B24247-042E-4EF5-ADC2-42F62E6FD654} "MCLiteShellExt Class" - ? - C:\Programme\ICQLite\ICQLiteShell.dll (File not found) {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\msohevi.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\msoshext.dll {00020D75-0000-0000-C000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Office12\MLSHEXT.DLL {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\msoshext.dll {FFB699E0-306A-11d3-8BD1-00104B6F7516} "NVIDIA CPL Extension" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvcpl.dll {1E9B04FB-F9E5-4718-997B-B8DA88302A48} "nView Desktop Context Menu" - "NVIDIA Corporation" - C:\Programme\NVIDIA Corporation\nView\nvshell.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - (File not found | COM-object registry key not found) {087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - (File not found | COM-object registry key not found) {63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - (File not found | COM-object registry key not found) {3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - (File not found | COM-object registry key not found) {0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Office12\OLKFSTUB.DLL {950FF917-7A57-46BC-8017-59D9BF474000} "Shell Extension for CDRW" - "Ahead Software AG" - C:\Programme\Ahead\InCD\incdshx.dll {E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - C:\WINDOWS\system32\dfshim.dll {764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? - (File not found | COM-object registry key not found) {e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - C:\WINDOWS\system32\dfshim.dll {66F1DE40-D550-4119-9120-6592E3390623} "SmartDraw Thumbnail Handler" - ? - C:\Programme\SmartDraw 2010\SDThumbnail.dll (File not found) {85E0B171-04FA-11D1-B7DA-00A0C90348D6} "Statistik für den Schutz des Web-Datenverkehrs" - ? - (File not found | COM-object registry key not found) {BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Web Folders" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\MSONSEXT.DLL {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\PhotoViewerShim.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Programme\WinRAR\rarext.dll {06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Programme\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- <binary data> "&Google" - "Google Germany GmbH" - c:\programme\google\googletoolbar1.dll <binary data> "&Windows Live Toolbar" - "Microsoft Corporation" - C:\Programme\Windows Live\Toolbar\wltcore.dll <binary data> "Gutscheinmieze" - ? - C:\Dokumente und Einstellungen\Mirau\Anwendungsdaten\Gutscheinmieze\toolbar.dll (File not found) ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) <binary data> "ITBarLayout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_13" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_13.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} "Java Plug-in 1.6.0_13" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_13.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_13" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_13.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab {166B1BCA-3F9C-11CF-8075-444553540000} "Shockwave ActiveX Control" - "Adobe Systems, Inc." - C:\WINDOWS\system32\Adobe\Director\SwDir.dll / hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab {1E54D648-B804-468d-BC78-4AFFED8E262F} "System Requirements Lab Class" - "Husdawg, LLC" - C:\WINDOWS\Downloaded Program Files\sysreqlab_nvd.dll / hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} "{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}" - ? - (File not found | COM-object registry key not found) / hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {4248FE82-7FCB-46AC-B270-339F08212110} "&Virtuelle Tastatur" - "Kaspersky Lab ZAO" - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll {5F7B1267-94A9-47F5-98DB-E99415F33AEC} "Blog This" - "Microsoft Corporation" - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll {CCF151D8-D089-449F-A5A4-D9909053F20F} "Li&nks untersuchen" - "Kaspersky Lab ZAO" - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll {FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- <binary data> "&Windows Live Toolbar" - "Microsoft Corporation" - C:\Programme\Windows Live\Toolbar\wltcore.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {E33CF602-D945-461A-83F0-819F76A199F8} "FilterBHO Class" - "Kaspersky Lab ZAO" - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll {AA58ED58-01DD-4d91-8333-CF10577473F7} "Google Toolbar Helper" - "Google Germany GmbH" - c:\programme\google\googletoolbar1.dll {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} "Google Toolbar Notifier BHO" - "Google Inc." - C:\Programme\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} "IEVkbdBHO Class" - "Kaspersky Lab ZAO" - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} "Search Helper" - "Microsoft Corp." - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID Sign-in Helper" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} "Windows Live Toolbar Helper" - "Microsoft Corporation" - C:\Programme\Windows Live\Toolbar\wltcore.dll {5C255C8A-E604-49b4-9D64-90988571CECB} "{5C255C8A-E604-49b4-9D64-90988571CECB}" - ? - (File not found | COM-object registry key not found) [Logon] -----( %AllUsersProfile%\Startmenü\Programme\Autostart )----- "desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini "Logitech SetPoint.lnk" - "Logitech, Inc." - C:\Programme\Logitech\SetPoint\SetPoint.exe (Shortcut exists | File exists) "McAfee Security Scan Plus.lnk" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\McAfee Security Scan Plus.lnk (Shortcut exists | File not found) "Microsoft Office.lnk" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office\OSA9.EXE (Shortcut exists | File exists) -----( %UserProfile%\Startmenü\Programme\Autostart )----- "desktop.ini" - ? - C:\Dokumente und Einstellungen\Mirau\Startmenü\Programme\Autostart\desktop.ini "OpenOffice.org 3.0.lnk" - ? - C:\Programme\OpenOffice.org 3\program\quickstart.exe (Shortcut exists | File found, but it contains no detailed information | File exists) -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "igndlm.exe" - "IGN Entertainment" - C:\Programme\Download Manager\DLM.exe /windowsstart /startifwork "msnmsgr" - "Microsoft Corporation" - "C:\Programme\Windows Live\Messenger\msnmsgr.exe" /background "Pando Media Booster" - ? - C:\Programme\Pando Networks\Media Booster\PMB.exe "RGSC" - "Take-Two Interactive Software, Inc." - D:\Programme\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent "SUPERAntiSpyware" - "SUPERAntiSpyware.com" - C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" "avp" - "Kaspersky Lab ZAO" - "C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" "iTunesHelper" - "Apple Inc." - "C:\Programme\iTunes\iTunesHelper.exe" "NvCplDaemon" - "NVIDIA Corporation" - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup "NvMediaCenter" - "NVIDIA Corporation" - RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit "nwiz" - "NVIDIA Corporation" - C:\Programme\NVIDIA Corporation\nView\nwiz.exe /installquiet "QuickTime Task" - "Apple Inc." - "C:\Programme\QuickTime\qttask.exe" -atboottime "TrayServer" - "MAGIX AG" - C:\Programme\MAGIX\Video_deluxe_17_Download-Version\TrayServer.exe [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- ".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe "Anwendungsverwaltung" (AppMgmt) - ? - C:\WINDOWS\System32\appmgmts.dll (File not found) "Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe "ASP.NET-Zustandsdienst" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe "Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Programme\Bonjour\mDNSResponder.exe "FABS - Helping agent for MAGIX media database" (Fabs) - "MAGIX AG" - C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\FABS.exe "Firebird Server - MAGIX Instance" (FirebirdServerMAGIXInstance) - "MAGIX®" - C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\fbserver.exe "getPlus(R) Helper 3004" (nosGetPlusHelper) - "NOS Microsystems Ltd." - C:\Programme\NOS\bin\getPlus_Helper_3004.dll "Google Update Service (gupdate1c9de1043fda0a)" (gupdate1c9de1043fda0a) - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe "Google Updater Service" (gusvc) - "Google" - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe "InCD Helper (read only)" (InCDsrvR) - "Ahead Software AG" - C:\Programme\Ahead\InCD\InCDsrv.exe "InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe "iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Programme\iPod\bin\iPodService.exe "Kaspersky Anti-Virus Service" (AVP) - "Kaspersky Lab ZAO" - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe "Logitech Bluetooth Service" (LBTServ) - "Logitech, Inc." - C:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTServ.exe "McAfee Security Scan Component Host Service" (McComponentHostService) - ? - "C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe" (File not found) "Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE "NVIDIA Display Driver Service" (nvsvc) - "NVIDIA Corporation" - C:\WINDOWS\system32\nvsvc32.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE "SeaPort" (SeaPort) - "Microsoft Corp." - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe "SiSoftware Deployment Agent Service" (SandraAgentSrv) - "SiSoftware" - C:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\RpcAgentSrv.exe "Windows CardSpace" (idsvc) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe "Windows Live Family Safety Service" (fsssvc) - "Microsoft Corporation" - C:\Programme\Windows Live\Family Safety\fsssvc.exe "Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE "Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [Winlogon] -----( HKCU\Control Panel\IOProcs )----- "MVB" - ? - mvfs32.dll (File not found) -----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions )----- {c6dc5466-785a-11d2-84d0-00c04fb169f7} "Softwareinstallation" - ? - appmgmts.dll (File not found) -----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )----- "!SASWinLogon" - "SUPERAntiSpyware.com" - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL "LBTWlgn" - "Logitech, Inc." - c:\programme\gemeinsame dateien\logishrd\bluetooth\LBTWlgn.dll [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "mdnsNSP" - "Apple Inc." - C:\Programme\Bonjour\mdnsNSP.dll ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru |
|
28.03.2011, 19:22
| #26 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | ieframe.dll acr_errorZitat:
Mach danach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
31.03.2011, 12:17
| #27 |
| | ieframe.dll acr_error hier schonmal SUPERAntispyware hab nich so viel zeit um die scans durchlaufen zu lassen, deswegen folgt Malwarebytes später. Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 03/31/2011 at 01:10 PM
Application Version : 4.49.1000
Core Rules Database Version : 6720
Trace Rules Database Version: 4532
Scan type : Complete Scan
Total Scan Time : 01:27:07
Memory items scanned : 495
Memory threats detected : 0
Registry items scanned : 7460
Registry threats detected : 0
File items scanned : 136245
File threats detected : 6
Adware.Tracking Cookie
ch.mediaplanet.streamingbolaget.se [ C:\Dokumente und Einstellungen\Mirau\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\BFGTW76Z ]
media.mtvnservices.com [ C:\Dokumente und Einstellungen\Mirau\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\BFGTW76Z ]
www.naiadsystems.com [ C:\Dokumente und Einstellungen\Mirau\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\BFGTW76Z ]
www.coulourred.com [ C:\Dokumente und Einstellungen\Mirau\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\BFGTW76Z ]
Trojan.Agent/Gen-FakeAV
C:\PROGRAMME\WINRAR\DEFAULT.SFX
Trojan.Agent/Gen-FakeDrop
C:\SYSTEM VOLUME INFORMATION\_RESTORE{DF01F75A-8918-4465-A337-7FE57BB2E57D}\RP676\A0886856.EXE
|
|
31.03.2011, 13:41
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | ieframe.dll acr_error Nur Cookies und Überreste in der SWH. Deaktiviere die Systemwiederherstellung, im Verlauf der Infektion wurden auch Malwaredateien in Wiederherstellungspunkten mitgesichert - die sind alle nun unbrauchbar, da ein Zurücksetzen des Systems durch einen Wiederherstellungspunkt wahrscheinlich wieder eine Infektion nach sich ziehen würde. Danach der Malwarebytes Scan bitte
__________________ Logfiles bitte immer in CODE-Tags posten |
|
09.04.2011, 08:34
| #29 |
| | ieframe.dll acr_error es hat ewig gedauert aber jetzt hatte ich endlich mal zeit gefunden den scan zu machen..Muss halt viel am PC arbeiten und während der scan läuft kann man ja kaum anderes nebenbei machen. Code:
ATTFilter Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Datenbank Version: 6315
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
09.04.2011 02:06:04
mbam-log-2011-04-09 (02-06-04).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 305698
Laufzeit: 1 Stunde(n), 57 Minute(n), 56 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
|
|
09.04.2011, 14:39
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | ieframe.dll acr_error Ok, sieht gut aus. Noch probleme oder Rechner wieder ok?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu ieframe.dll acr_error |
| anti-malware, computer, error, explorer, gmx, google, icq, ie7, ieframe.dll, internet, internet explorer, live, meldung, messenger, nicht mehr, problem, probleme, programm, programme, registerkarte, seite, seiten, windows, windows live, youtube, öffnen |
Linear-Darstellung
