trojan.win32.agent.czma |
||
|---|---|---|
| #0
| ||
|
18.11.2009, 00:14
Member
Beiträge: 14 |
||
 
|
|
|
|
06.12.2009, 13:48
Member
Beiträge: 3716 |
#2
hallo, bei der menge an threads bist du einfach untergegangen, sorry. wenn du noch ein problem mit dem pc hast, arbeite ab:
http://board.protecus.de/t23188.htm poste die logs. |
|
|
|
|
|
|
06.12.2009, 23:05
Member
Themenstarter Beiträge: 14 |
#3
ok...hier der malewarebytes log:
Malwarebytes' Anti-Malware 1.42 Datenbank Version: 3305 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18828 06.12.2009 21:35:31 mbam-log-2009-12-06 (21-35-31).txt Scan-Methode: Quick-Scan Durchsuchte Objekte: 110148 Laufzeit: 9 minute(s), 4 second(s) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) |
|
|
|
|
|
|
06.12.2009, 23:09
Member
Themenstarter Beiträge: 14 |
#4
GMER 1.0.15.15252 - http://www.gmer.net
Rootkit scan 2009-12-06 23:08:46 Windows 6.0.6002 Service Pack 2 Running: lkvf3xrs.exe; Driver: C:\Users\claudia\AppData\Local\Temp\pwrdafog.sys ---- Kernel code sections - GMER 1.0.15 ---- .text C:\Windows\system32\DRIVERS\atikmdag.sys section is writeable [0x92E08000, 0x1E73A0, 0xE8000020] C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl entry point in "" section [0x85FFE000] .clc C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl unknown last section [0x85FFF000, 0x1000, 0x00000000] ---- User code sections - GMER 1.0.15 ---- .text C:\Windows\system32\Dwm.exe[308] ntdll.dll!LdrLoadDll 76F59390 5 Bytes JMP 30781F20 C:\PROGRA~1\KASPER~1\KASPER~1\r3hook.dll (Kaspersky Anti-Virus Ring 3 Hooker/Kaspersky Lab) .text C:\Windows\system32\wbem\wmiprvse.exe[372] ntdll.dll!LdrLoadDll 76F59390 5 Bytes JMP 30781F20 C:\PROGRA~1\KASPER~1\KASPER~1\r3hook.dll (Kaspersky Anti-Virus Ring 3 Hooker/Kaspersky Lab) .text C:\Windows\Explorer.EXE[540] ntdll.dll!LdrLoadDll 76F59390 5 Bytes JMP 30781F20 C:\PROGRA~1\KASPER~1\KASPER~1\r3hook.dll (Kaspersky Anti-Virus Ring 3 Hooker/Kaspersky Lab) .text C:\Windows\system32\taskeng.exe[552] ntdll.dll!LdrLoadDll 76F59390 5 Bytes JMP 30781F20 C:\PROGRA~1\KASPER~1\KASPER~1\r3hook.dll (Kaspersky Anti-Virus Ring 3 Hooker/Kaspersky Lab) .text C:\Windows\system32\wininit.exe[724] ntdll.dll!LdrLoadDll 76F59390 5 Bytes JMP 30781F20 C:\PROGRA~1\KASPER~1\KASPER~1\r3hook.dll (Kaspersky Anti-Virus Ring 3 Hooker/Kaspersky Lab) .text ... ? C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] C:\Windows\system32\kernel32.dll time/date stamp mismatch; unknown module: comdlg32.dll .text C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] USER32.dll!SetScrollInfo + 7A8 76237980 4 Bytes [D0, 11, 42, 30] .text C:\Program Files\Bonjour\mDNSResponder.exe[2956] ntdll.dll!LdrLoadDll 76F59390 5 Bytes JMP 30781F20 C:\PROGRA~1\KASPER~1\KASPER~1\r3hook.dll (Kaspersky Anti-Virus Ring 3 Hooker/Kaspersky Lab) .text C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2988] ntdll.dll!LdrLoadDll 76F59390 5 Bytes JMP 30781F20 C:\PROGRA~1\KASPER~1\KASPER~1\r3hook.dll (Kaspersky Anti-Virus Ring 3 Hooker/Kaspersky Lab) .text C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe[3004] ntdll.dll!LdrLoadDll 76F59390 5 Bytes JMP 30781F20 C:\PROGRA~1\KASPER~1\KASPER~1\r3hook.dll (Kaspersky Anti-Virus Ring 3 Hooker/Kaspersky Lab) .text C:\Acer\Empowering Technology\eNet\eNet Service.exe[3164] ntdll.dll!LdrLoadDll 76F59390 5 Bytes JMP 30781F20 C:\PROGRA~1\KASPER~1\KASPER~1\r3hook.dll (Kaspersky Anti-Virus Ring 3 Hooker/Kaspersky Lab) .text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[3264] ntdll.dll!LdrLoadDll 76F59390 5 Bytes JMP 30781F20 C:\PROGRA~1\KASPER~1\KASPER~1\r3hook.dll (Kaspersky Anti-Virus Ring 3 Hooker/Kaspersky Lab) .text ... ? C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] C:\Windows\system32\kernel32.dll time/date stamp mismatch; unknown module: comdlg32.dll .text C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] USER32.dll!SetScrollInfo + 7A8 76237980 4 Bytes [D0, 11, 42, 30] .text C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe[4488] ntdll.dll!LdrLoadDll 76F59390 5 Bytes JMP 30781F20 C:\PROGRA~1\KASPER~1\KASPER~1\r3hook.dll (Kaspersky Anti-Virus Ring 3 Hooker/Kaspersky Lab) .text C:\Program Files\iTunes\iTunesHelper.exe[4504] ntdll.dll!LdrLoadDll 76F59390 5 Bytes JMP 30781F20 C:\PROGRA~1\KASPER~1\KASPER~1\r3hook.dll (Kaspersky Anti-Virus Ring 3 Hooker/Kaspersky Lab) .text C:\Program Files\HP\HP Software Update\hpwuSchd2.exe[4512] ntdll.dll!LdrLoadDll 76F59390 5 Bytes JMP 30781F20 C:\PROGRA~1\KASPER~1\KASPER~1\r3hook.dll (Kaspersky Anti-Virus Ring 3 Hooker/Kaspersky Lab) .text C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[4528] ntdll.dll!LdrLoadDll 76F59390 5 Bytes JMP 30781F20 C:\PROGRA~1\KASPER~1\KASPER~1\r3hook.dll (Kaspersky Anti-Virus Ring 3 Hooker/Kaspersky Lab) .text C:\Program Files\Windows Sidebar\sidebar.exe[4548] ntdll.dll!LdrLoadDll 76F59390 5 Bytes JMP 30781F20 C:\PROGRA~1\KASPER~1\KASPER~1\r3hook.dll (Kaspersky Anti-Virus Ring 3 Hooker/Kaspersky Lab) .text ... ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\Windows\Explorer.EXE[540] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [733E7817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[540] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [7343A86D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[540] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [733EBB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[540] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [733DF695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[540] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [733E75E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[540] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [733DE7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[540] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [73418395] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[540] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [733EDA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[540] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [733DFFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[540] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [733DFF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[540] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [733D71CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[540] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [7346CAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[540] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [7340C8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[540] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [733DD968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[540] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [733D6853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[540] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [733D687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[540] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [733E2AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[540] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] [10002300] C:\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated) IAT C:\Windows\Explorer.EXE[540] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibraryAndExitThread] [10001B30] C:\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated) IAT C:\Windows\Explorer.EXE[540] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [10002690] C:\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated) IAT C:\Windows\Explorer.EXE[540] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [10001290] C:\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Acer eDataSecurity Management PSD DragDrop Protection/Egis Incorporated) IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00CF04A8 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetModuleFileNameA] 00CF04D2 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] 00CF04FC IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] 00CF0526 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] 00CF0550 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] 00CF057A IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] 00CF05A4 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] 00CF05CE IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] 00CF05F8 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 00CF0622 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleFileNameW] 00CF064C IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode] 00CF0676 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00CF06A0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] 00CF06CA IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 00CF06F4 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] 00CF071E IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameA] 00CF0748 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] 00CF0772 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00CF079C IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameW] 00CF07C6 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] 00CF07F0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] 00CF081A IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FreeLibrary] 00CF0844 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00CF086E IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 00CF0898 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] 00CF08C2 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] 00CF08EC IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] 00CF0916 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] 00CF0940 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetErrorMode] 00CF0B38 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] 00CF0B62 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] 00CF0B8C IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] 00CF0BB6 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] 00CF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] 00CF0C0A IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetModuleFileNameA] 00CF0C34 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetModuleFileNameW] 00CF0C5E IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00CF0C88 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryW] 00CF0CB2 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00CF0DAE IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 00CF0DD8 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] 00CF0E02 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetModuleFileNameA] 00CF0E2C IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetErrorMode] 00CF0E56 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] 00CF0E80 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetModuleFileNameW] 00CF0EAA IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] 00CF0ED4 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] 00CF0EFE IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] 00CF0F28 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] 00CF0F52 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameW] 00CF0F7C IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameA] 00CF0FA6 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00CF0FD0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 00D60010 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode] 00D6003A IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] 00D60064 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] 00D6008E IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] 00D600B8 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 00D600E2 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateProcessW] 00D6010C IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00D60136 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] 00D60160 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetModuleFileNameW] 00D6018A IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] 00D601B4 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FreeLibrary] 00D601DE IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetProcAddress] 00D60208 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetModuleFileNameA] 00D60232 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 00D605A4 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00D6086E IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] 00D60898 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] 00D608C2 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetModuleFileNameW] 00D608EC IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] 00D60916 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] 00D60940 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!SetErrorMode] 00D60D30 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!GetProcAddress] 00D60D5A IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!FreeLibrary] 00D60D84 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!LoadLibraryA] 00D60DAE IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00D60DD8 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!GetModuleFileNameW] 00D60E02 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] 00CF0304 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] 00CF0286 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] 00CF01DE IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] 00CF025C IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00CF0358 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!GetModuleFileNameA] 00CF0208 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00CF0358 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] 00CF01DE IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] 00CF025C IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] 00CF0286 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 00CF02DA IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetModuleFileNameW] 00CF0232 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetModuleFileNameA] 00CF0208 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00CF0358 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] 00CF01DE IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] 00CF025C IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] 00CF0286 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 00CF02DA IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetModuleFileNameW] 00CF0232 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryW] 00CF0304 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\iphlpapi.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00CF0358 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] 00CF0286 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\iphlpapi.dll [KERNEL32.dll!FreeLibrary] 00CF01DE IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] 00CF025C IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!LoadLibraryA] 00CF0286 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!FreeLibrary] 00CF01DE IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!GetProcAddress] 00CF025C IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[2940] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00CF0358 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 018704A8 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetModuleFileNameA] 018704D2 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] 018704FC IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] 01870526 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] 01870550 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] 0187057A IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] 018705A4 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] 018705CE IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] 018705F8 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 01870622 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleFileNameW] 0187064C IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode] 01870676 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 018706A0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] 018706CA IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 018706F4 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] 0187071E IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameA] 01870748 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] 01870772 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 0187079C IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameW] 018707C6 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] 018707F0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] 0187081A IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FreeLibrary] 01870844 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 0187086E IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 01870898 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] 018708C2 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] 018708EC IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] 01870916 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] 01870940 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetErrorMode] 01870B38 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] 01870B62 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] 01870B8C IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] 01870BB6 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] 01870BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] 01870C0A IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetModuleFileNameA] 01870C34 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetModuleFileNameW] 01870C5E IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01870C88 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryW] 01870CB2 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01870DAE IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 01870DD8 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] 01870E02 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetModuleFileNameA] 01870E2C IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetErrorMode] 01870E56 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] 01870E80 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetModuleFileNameW] 01870EAA IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] 01870ED4 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] 01870EFE IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] 01870F28 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] 01870F52 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameW] 01870F7C IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameA] 01870FA6 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01870FD0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 018E0010 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode] 018E003A IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] 018E0064 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] 018E008E IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] 018E00B8 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 018E00E2 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateProcessW] 018E010C IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 018E0136 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] 018E0160 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetModuleFileNameW] 018E018A IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] 018E01B4 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FreeLibrary] 018E01DE IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetProcAddress] 018E0208 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetModuleFileNameA] 018E0232 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 018E05A4 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 018E086E IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] 018E0898 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] 018E08C2 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetModuleFileNameW] 018E08EC IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] 018E0916 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] 018E0940 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!SetErrorMode] 018E0E56 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!GetProcAddress] 018E0E80 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!FreeLibrary] 018E0EAA IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!LoadLibraryA] 018E0ED4 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 018E0EFE IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!GetModuleFileNameW] 018E0F28 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] 01870304 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!SetErrorMode] 0187032E IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetModuleFileNameA] 01870208 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01870358 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 018702DA IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] 0187025C IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] 01870286 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!FreeLibrary] 018701DE IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetModuleFileNameW] 01870232 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetModuleFileNameA] 01870208 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01870358 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] 018701DE IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] 0187025C IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] 01870286 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 018702DA IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetModuleFileNameW] 01870232 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryW] 01870304 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01870358 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] 018701DE IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] 0187025C IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] 01870286 IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 018702DA IAT C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe[4480] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetModuleFileNameW] 01870232 ---- Devices - GMER 1.0.15 ---- AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation) AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation) AttachedDevice \Driver\tdx \Device\Tcp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab) AttachedDevice \Driver\tdx \Device\Udp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab) ---- Threads - GMER 1.0.15 ---- Thread System [4:428] 8E2C5000 Thread System [4:436] 8E2C5000 Thread System [4:440] 8E3217E0 Thread System [4:444] 8E3217E0 Thread System [4:452] 8E3237D0 Thread System [4:456] 8E3237D0 Thread System [4:460] 8E3237D0 Thread System [4:468] 8E3217E0 ---- EOF - GMER 1.0.15 ---- |
|
|
|
|
|
|
06.12.2009, 23:37
Member
Themenstarter Beiträge: 14 |
#5
hickjackthis:
Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:29:22, on 06.12.2009 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18828) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Synaptics\SynTP\SynTPStart.exe C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe C:\Acer\Empowering Technology\eAudio\eAudio.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Windows\RtHDVCpl.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Users\claudia\AppData\Local\Temp\RtkBtMnt.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Launch Manager\QtZgAcer.EXE C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Windows\ehome\ehtray.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Windows\ehome\ehmsas.exe C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://de.intl.acer.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://de.intl.acer.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - - (no file) R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll O1 - Hosts: ::1 localhost O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Asz.Citavi.IEPicker.IEPickerButton - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\Windows\system32\mscoree.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [ALaunch] C:\Acer\ALaunch\AlaunchClient.exe O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe" O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe" O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe O4 - HKLM\..\Run: [QuickFinder Scheduler] "C:\Program Files\WordPerfect Office X3\Programs\QFSCHD130.EXE" O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire\Corel PhotoDownloader.exe O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Skytel] Skytel.exe O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6.5\ICQ.exe" silent O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST') O4 - Global Startup: Empowering Technology Launcher.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: SETAUDIO.EXE O4 - Global Startup: SETRES.EXE O8 - Extra context menu item: &Citavi Picker... - file://C:\Program Files\Internet Explorer\PLUGINS\Citavi Picker\ShowContextMenu.html O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O8 - Extra context menu item: Hinzufügen zu Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\ie_banner_deny.htm O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Öffnen mit WordPerfect - C:\Program Files\WordPerfect Office X3\Programs\WPLauncher.hta O9 - Extra button: Statistik für Web-Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\SCIEPlgn.dll O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Citavi Picker - {619D670F-B735-4da7-AC6D-F3BD358E325E} - C:\Windows\system32\mscoree.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: HP Intelligente Auswahl - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe O13 - Gopher Prefix: O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\r3hook.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: Kaspersky Security Suite CBE (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 13819 bytes |
|
|
|
|
|
|
06.12.2009, 23:39
Member
Themenstarter Beiträge: 14 |
#6
und zum schluss noch die UNINSTALL-LIST
hoffentlich hab ich alles richtig gemacht. ich danke für die hilfe! 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 2007 Microsoft Office Suite Service Pack 1 (SP1) 32 Bit HP CIO Components Installer 3D Mühle 2.04 Acer Arcade Deluxe Acer Crystal Eye webcam Acer Crystal Eye webcam Acer eAudio Management Acer eDataSecurity Management Acer eLock Management Acer Empowering Technology Acer eNet Management Acer ePower Management Acer ePresentation Management Acer eSettings Management Acer GameZone Console 2.0.1.1 Acer GridVista Acer Mobility Center Plug-In Acer ScreenSaver Activation Assistant for the 2007 Microsoft Office suites Adobe Flash Player 10 ActiveX Adobe Reader 8.1.4 Agatha Christie Death on the Nile Alice Greenfingers Alles Murmel 1.78 Apple Mobile Device Support Apple Software Update Azada Backspin Billiards Big Kahuna Reef Bonjour Bricks of Egypt Broadcom Gigabit Integrated Controller Brockhaus multimedial 2008 Cake Mania Catalyst Control Center - Branding CD-ROM Lebensmittelrecht Chicken Invaders 3 Chuzzle Citavi 2.5 Corel Snapfire DHTML Editing Component Diner Dash Flo on the Go Google Earth Google Toolbar for Internet Explorer Google Toolbar for Internet Explorer Google Updater HDAUDIO Soft Data Fax Modem with SmartCP Hervorhebe-Funktion (Windows Live Toolbar) HijackThis 2.0.2 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) HP Customer Participation Program 10.0 HP Deskjet F2200 All-In-One Driver Software 10.0 Rel .3 HP Imaging Device Functions 10.0 HP Photosmart Essential 2.5 HP Smart Web Printing HP Solution Center 10.0 HP Update ICQ Toolbar ICQ6.5 Intel® Matrix Storage Manager iTunes Jewel Quest Solitaire Junk Mail filter update Kaspersky Security Suite CBE Kaspersky Security Suite CBE Kick N Rush Launch Manager Mahjong Escape Ancient China Mahjongg Artifacts Malwarebytes' Anti-Malware Microsoft – Speichern als PDF – Add-In für 2007 Microsoft Office-Programme Microsoft .NET Framework 3.5 Language Pack SP1 - deu Microsoft .NET Framework 3.5 Language Pack SP1 - DEU Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 3.5 SP1 Microsoft Choice Guard Microsoft Office 2000 Premium Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office Access MUI (German) 2007 Microsoft Office Excel MUI (German) 2007 Microsoft Office Groove MUI (German) 2007 Microsoft Office Home and Student 2007 Microsoft Office Home and Student 2007 Microsoft Office InfoPath MUI (German) 2007 Microsoft Office Live Add-in 1.3 Microsoft Office OneNote MUI (German) 2007 Microsoft Office Outlook MUI (German) 2007 Microsoft Office PowerPoint MUI (German) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proof (Italian) 2007 Microsoft Office Proofing (German) 2007 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Publisher MUI (German) 2007 Microsoft Office Shared MUI (German) 2007 Microsoft Office Ultimate 2007 Microsoft Office Ultimate 2007 Microsoft Office Word MUI (German) 2007 Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Sync Framework Services Native v1.0 (x86) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Works MSVCRT MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB941833) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Mystery Case Files - Huntsville Mystery Solitaire - Secret Island MyTube Recorder NTI Backup NOW! 4.7 NTI CD & DVD-Maker Orion Paint.NET v3.36 PhotoFiltre PowerProducer QuickTime Realtek High Definition Audio Driver RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02 SecureW2 TTLS Client 3.2.0 for Windows Vista BETA1 Security Update for 2007 Microsoft Office System (KB951550) Security Update for 2007 Microsoft Office System (KB951944) Security Update for 2007 Microsoft Office System (KB969559) Security Update for 2007 Microsoft Office System (KB969559) Security Update for 2007 Microsoft Office System (KB973704) Security Update for 2007 Microsoft Office System (KB973704) Security Update for Microsoft Office Excel 2007 (KB973593) Security Update for Microsoft Office Excel 2007 (KB973593) Security Update for Microsoft Office OneNote 2007 (KB950130) Security Update for Microsoft Office Outlook 2007 (KB972363) Security Update for Microsoft Office PowerPoint 2007 (KB957789) Security Update for Microsoft Office PowerPoint 2007 (KB957789) Security Update for Microsoft Office Publisher 2007 (KB969693) Security Update for Microsoft Office system 2007 (972581) Security Update for Microsoft Office system 2007 (972581) Security Update for Microsoft Office system 2007 (KB969613) Security Update for Microsoft Office system 2007 (KB969613) Security Update for Microsoft Office system 2007 (KB974234) Security Update for Microsoft Office system 2007 (KB974234) Security Update for Microsoft Office Visio Viewer 2007 (KB973709) Security Update for Microsoft Office Visio Viewer 2007 (KB973709) Shop for HP Supplies Skype™ 3.8 Smart Menus (Windows Live Toolbar) Synaptics Pointing Device Driver Turbo Pizza Update for 2007 Microsoft Office System (KB967642) Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft Office Word 2007 (KB974561) Update for Microsoft Office Word 2007 (KB974561) Update for Outlook 2007 Junk Email Filter (kb975960) Update für Microsoft Office Excel 2007 Help (KB963678) Update für Microsoft Office Outlook 2007 Help (KB963677) Update für Microsoft Office Powerpoint 2007 Help (KB963669) Update für Microsoft Office Word 2007 Help (KB963665) Winamp Toolbar for Firefox Winbond CIR Drivers Windows Live Anmelde-Assistent Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Essentials Windows Live Family Safety Windows Live Favorites für Windows Live Toolbar Windows Live Fotogalerie Windows Live Mail Windows Live Messenger Windows Live Movie Maker Windows Live Sync Windows Live Toolbar Windows Live Toolbar-Erweiterung (Windows Live Toolbar) Windows Live Writer Windows Live-Uploadtool WordPerfect Office X3 WordPerfect Office X3 Yahoo! Toolbar Zuma Deluxe |
|
|
|
|
|
|
07.12.2009, 11:40
Member
Beiträge: 3716 |
#7
wie läuft der pc momentan?
|
|
|
|
|
|
|
07.12.2009, 11:54
Member
Themenstarter Beiträge: 14 |
#8
eher langsam und er bläßt auch recht oft und laut. das hochfahren dauert manchmal (aber nicht immer) auch ewig.
|
|
|
|
|
|
|
07.12.2009, 12:24
Member
Beiträge: 3716 |
#9
Ok, dann führe noch combofix aus, poste das log.
|
|
|
|
|
|
|
07.12.2009, 13:03
Member
Themenstarter Beiträge: 14 |
#10
hier das combofix-log:
ComboFix 09-12-06.A2 - claudia 07.12.2009 12:36.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.3069.1782 [GMT 1:00] ausgeführt von:: c:\users\claudia\Desktop\test.exe AV: Kaspersky Security Suite CBE *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0} FW: Kaspersky Security Suite CBE *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0} SP: Kaspersky Security Suite CBE *disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0} SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . (((((((((((((((((((((((((((((((((((( Weitere Löschungen )))))))))))))))))))))))))))))))))))))))))))))))) . c:\$recycle.bin\S-1-5-21-1160074774-1665627954-2514966497-500 c:\program files\ATI Technologies\ATI.ACE\Core-Static\atIAcmxx.dll c:\users\claudia\AppData\Roaming\.# c:\users\claudia\AppData\Roaming\.#\MBX@1094@242990.### c:\users\claudia\AppData\Roaming\.#\MBX@1094@2429C0.### c:\users\claudia\AppData\Roaming\.#\MBX@1094@2429F0.### c:\users\claudia\AppData\Roaming\.#\MBX@1414@382990.### c:\users\claudia\AppData\Roaming\.#\MBX@1414@3829C0.### c:\users\claudia\AppData\Roaming\.#\MBX@1414@3829F0.### c:\users\claudia\AppData\Roaming\.#\MBX@1564@372990.### c:\users\claudia\AppData\Roaming\.#\MBX@1564@3729C0.### c:\users\claudia\AppData\Roaming\.#\MBX@1564@3729F0.### c:\users\claudia\AppData\Roaming\.#\MBX@52C@1D12990.### c:\users\claudia\AppData\Roaming\.#\MBX@52C@1D129C0.### c:\users\claudia\AppData\Roaming\.#\MBX@52C@1D129F0.### c:\users\claudia\AppData\Roaming\.#\MBX@CCC@17D2990.### c:\users\claudia\AppData\Roaming\.#\MBX@CCC@17D29C0.### c:\users\claudia\AppData\Roaming\.#\MBX@CCC@17D29F0.### c:\users\claudia\AppData\Roaming\.#\MBX@CE0@1BF2990.### c:\users\claudia\AppData\Roaming\.#\MBX@CE0@1BF29C0.### c:\users\claudia\AppData\Roaming\.#\MBX@CE0@1BF29F0.### D:\install.exe . ((((((((((((((((((((((( Dateien erstellt von 2009-11-07 bis 2009-12-07 )))))))))))))))))))))))))))))) . 2009-12-06 22:12 . 2009-12-06 22:12 -------- d-----w- c:\program files\Trend Micro 2009-12-06 20:21 . 2009-12-06 20:21 -------- d-----w- c:\users\claudia\AppData\Roaming\Malwarebytes 2009-12-06 20:21 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-12-06 20:21 . 2009-12-06 20:21 -------- d-----w- c:\programdata\Malwarebytes 2009-12-06 20:21 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-12-06 20:21 . 2009-12-06 20:21 4096 d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-12-03 06:13 . 2009-12-03 06:13 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb90C5.tmp.exe 2009-11-28 19:11 . 2009-11-28 19:11 -------- d-----w- c:\program files\Windows Portable Devices 2009-11-28 17:58 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll 2009-11-28 17:58 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll 2009-11-28 17:58 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll 2009-11-28 17:56 . 2009-10-01 01:01 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll 2009-11-28 17:56 . 2009-10-01 01:02 2537472 ----a-w- c:\windows\system32\wpdshext.dll 2009-11-28 17:56 . 2009-10-01 01:02 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll 2009-11-28 17:56 . 2009-10-01 01:02 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll 2009-11-28 17:56 . 2009-10-01 01:01 546816 ----a-w- c:\windows\system32\wpd_ci.dll 2009-11-28 17:56 . 2009-10-01 01:01 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll 2009-11-28 17:56 . 2009-10-01 01:01 350208 ----a-w- c:\windows\system32\WPDSp.dll 2009-11-28 17:56 . 2009-10-01 01:01 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll 2009-11-28 17:56 . 2009-10-01 01:01 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll 2009-11-28 17:54 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll 2009-11-28 17:54 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll 2009-11-28 17:53 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll 2009-11-27 09:37 . 2009-11-27 09:37 -------- d-----w- c:\windows\system32\ca-ES 2009-11-27 09:37 . 2009-11-27 09:37 -------- d-----w- c:\windows\system32\eu-ES 2009-11-27 09:37 . 2009-11-27 09:37 -------- d-----w- c:\windows\system32\vi-VN 2009-11-26 11:04 . 2009-11-26 11:04 1152760 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2009-11-26 09:06 . 2009-10-29 09:17 2048 ----a-w- c:\windows\system32\tzres.dll 2009-11-25 07:49 . 2009-08-11 16:44 1401856 ----a-w- c:\windows\system32\msxml6.dll 2009-11-25 07:49 . 2009-08-11 16:44 1248768 ----a-w- c:\windows\system32\msxml3.dll 2009-11-18 18:52 . 2009-11-18 18:52 -------- d-----w- c:\program files\MSECache 2009-11-13 16:28 . 2009-11-13 16:28 -------- d-----w- c:\programdata\WindowsSearch 2009-11-11 14:47 . 2009-08-14 13:27 2036736 ----a-w- c:\windows\system32\win32k.sys 2009-11-11 14:47 . 2009-08-10 12:35 355328 ----a-w- c:\windows\system32\WSDApi.dll 2009-11-10 15:27 . 2009-11-10 15:27 -------- d-----w- c:\program files\Microsoft Visual Studio 8 . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-12-07 11:50 . 2008-07-31 14:27 1151438880 --sha-w- c:\windows\system32\drivers\fidbox.dat 2009-12-07 05:22 . 2008-01-21 07:15 618442 ----a-w- c:\windows\system32\perfh007.dat 2009-12-07 05:22 . 2008-01-21 07:15 122842 ----a-w- c:\windows\system32\perfc007.dat 2009-12-07 05:20 . 2008-06-03 10:00 4096 d-----w- c:\users\claudia\AppData\Roaming\Skype 2009-12-07 05:18 . 2008-06-03 10:03 4096 d-----w- c:\users\claudia\AppData\Roaming\skypePM 2009-12-07 05:17 . 2008-07-31 14:27 20480 d-----w- c:\programdata\Kaspersky Lab 2009-12-06 23:51 . 2008-07-31 14:27 15392936 --sha-w- c:\windows\system32\drivers\fidbox.idx 2009-12-06 19:40 . 2008-05-31 00:41 4096 d-----w- c:\programdata\Google Updater 2009-11-28 19:11 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat 2009-11-28 19:11 . 2009-11-28 19:11 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf 2009-11-27 09:38 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Sidebar 2009-11-27 09:38 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Photo Gallery 2009-11-27 09:38 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Journal 2009-11-27 09:38 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Collaboration 2009-11-27 09:38 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar 2009-11-27 09:38 . 2006-11-02 11:18 4096 d-----w- c:\program files\Windows Mail 2009-11-27 09:37 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Defender 2009-11-18 18:46 . 2008-06-01 12:11 1838 --sha-w- c:\windows\system32\KGyGaAvL.sys 2009-11-17 06:20 . 2008-03-25 14:26 12288 d-----w- c:\programdata\Microsoft Help 2009-11-10 15:59 . 2008-05-30 17:48 120832 ----a-w- c:\users\claudia\AppData\Local\GDIPFONTCACHEV1.DAT 2009-11-10 15:33 . 2006-11-02 12:37 -------- d-----w- c:\program files\MSBuild 2009-11-07 09:13 . 2008-06-01 14:52 77312 ----a-w- c:\users\claudia\AppData\Roaming\Engelmann Media\MyTube Downloader\HDX4VideoSites.dll 2009-11-06 22:20 . 2009-11-06 09:30 4096 d-----w- c:\program files\Microsoft Silverlight 2009-11-06 09:30 . 2009-11-06 09:24 -------- d-----w- c:\program files\Microsoft 2009-11-06 09:30 . 2008-05-30 18:51 4096 d-----w- c:\program files\Windows Live 2009-11-06 09:29 . 2008-05-30 19:20 8192 d-----w- c:\program files\Windows Live Toolbar 2009-11-06 09:29 . 2009-11-06 09:29 -------- d-----w- c:\program files\Microsoft Sync Framework 2009-11-06 09:27 . 2009-11-06 09:27 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition 2009-11-06 09:23 . 2009-11-06 09:23 -------- d-----w- c:\program files\Windows Live SkyDrive 2009-11-02 19:42 . 2009-10-03 13:38 195456 ------w- c:\windows\system32\MpSigStub.exe 2009-10-15 01:11 . 2008-03-25 14:28 28672 d-----w- c:\program files\Microsoft Works 2009-10-14 14:32 . 2008-07-31 14:27 95259 ----a-w- c:\windows\system32\drivers\klick.dat 2009-10-14 14:32 . 2008-07-31 14:27 108059 ----a-w- c:\windows\system32\drivers\klin.dat 2009-10-07 10:26 . 2009-10-07 10:25 1603760 ----a-w- c:\users\claudia\Paint.NET.3.36.zip 2009-10-05 13:26 . 2009-10-05 13:26 27172144 ----a-w- c:\users\claudia\CitaviSetup.exe 2009-10-01 01:02 . 2009-11-28 17:57 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe 2009-10-01 01:02 . 2009-11-28 17:57 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll 2009-10-01 01:01 . 2009-11-28 17:57 81920 ----a-w- c:\windows\system32\wpdbusenum.dll 2009-09-28 12:42 . 2009-09-28 12:42 369 ----a-w- c:\programdata\Kaspersky Lab\AVP7\Data\Updater\Temporary Files\temporaryFolder\bases\av\avc\i386\ForDiff\daily.avc.scr 2009-09-25 02:10 . 2009-11-28 17:57 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll 2009-09-25 02:07 . 2009-11-28 17:57 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll 2009-09-25 02:04 . 2009-11-28 17:57 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll 2009-09-25 01:49 . 2009-11-28 17:57 1554432 ----a-w- c:\windows\system32\xpsservices.dll 2009-09-25 01:48 . 2009-11-28 17:57 351232 ----a-w- c:\windows\system32\XpsPrint.dll 2009-09-25 01:38 . 2009-11-28 17:57 847360 ----a-w- c:\windows\system32\OpcServices.dll 2009-09-25 01:36 . 2009-11-28 17:57 280064 ----a-w- c:\windows\system32\XpsGdiConverter.dll 2009-09-25 01:35 . 2009-11-28 17:57 135680 ----a-w- c:\windows\system32\XpsRasterService.dll 2009-09-25 01:33 . 2009-11-28 17:57 195584 ----a-w- c:\windows\system32\dxdiagn.dll 2009-09-25 01:33 . 2009-11-28 17:57 829440 ----a-w- c:\windows\system32\d3d10warp.dll 2009-09-25 01:33 . 2009-11-28 17:57 369664 ----a-w- c:\windows\system32\WMPhoto.dll 2009-09-25 01:32 . 2009-11-28 17:57 252928 ----a-w- c:\windows\system32\dxdiag.exe 2009-09-25 01:31 . 2009-11-28 17:57 519680 ----a-w- c:\windows\system32\d3d11.dll 2009-09-25 01:31 . 2009-11-28 17:57 486912 ----a-w- c:\windows\system32\d3d10level9.dll 2009-09-25 01:31 . 2009-11-28 17:57 161280 ----a-w- c:\windows\system32\d3d10_1.dll 2009-09-25 01:31 . 2009-11-28 17:57 218112 ----a-w- c:\windows\system32\d3d10_1core.dll 2009-09-25 01:31 . 2009-11-28 17:57 1030144 ----a-w- c:\windows\system32\d3d10.dll 2009-09-25 01:31 . 2009-11-28 17:57 828928 ----a-w- c:\windows\system32\d2d1.dll 2009-09-25 01:30 . 2009-11-28 17:57 481792 ----a-w- c:\windows\system32\dxgi.dll 2009-09-25 01:30 . 2009-11-28 17:57 190464 ----a-w- c:\windows\system32\d3d10core.dll 2009-09-25 01:27 . 2009-11-28 17:57 634880 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys 2009-09-25 01:27 . 2009-11-28 17:57 37888 ----a-w- c:\windows\system32\cdd.dll 2009-09-25 01:27 . 2009-11-28 17:57 793088 ----a-w- c:\windows\system32\FntCache.dll 2009-09-25 01:27 . 2009-11-28 17:57 1064448 ----a-w- c:\windows\system32\DWrite.dll 2009-09-24 22:54 . 2009-11-28 17:57 258048 ----a-w- c:\windows\system32\winspool.drv 2009-09-24 22:54 . 2009-11-28 17:57 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe 2009-09-24 22:54 . 2009-11-28 17:57 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll 2009-09-17 06:41 . 2009-09-17 06:41 12791 ----a-w- c:\programdata\Kaspersky Lab\AVP7\Data\Updater\Temporary Files\temporaryFolder\bases\as\pas\ForDiff\cfbase-s.gsg.bat 2009-09-14 09:29 . 2009-10-14 21:15 144896 ----a-w- c:\windows\system32\drivers\srv2.sys 2009-09-10 16:48 . 2009-10-14 21:16 218624 ----a-w- c:\windows\system32\msv1_0.dll 2009-09-10 14:59 . 2009-10-27 18:32 8147456 ----a-w- c:\windows\system32\wmploc.DLL 2009-09-10 14:58 . 2009-10-27 18:32 310784 ----a-w- c:\windows\system32\unregmp2.exe . (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2008-01-03 01:00 39472 ----a-w- c:\acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920] "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883840] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-05-31 68856] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-04-23 22058792] "ICQ"="c:\program files\ICQ6.5\ICQ.exe" [2009-03-01 172792] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184] "NvSvc"="c:\windows\system32\nvsvc.dll" [2008-03-11 92704] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-03-11 8534560] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-03-11 88608] "SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2008-01-24 102400] "eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-02-25 518656] "eAudio"="c:\acer\Empowering Technology\eAudio\eAudio.exe" [2007-10-10 1286144] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-11-22 178712] "RtHDVCpl"="RtHDVCpl.exe" [2008-01-24 4702208] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112] "LManager"="c:\progra~1\LAUNCH~1\QtZgAcer.EXE" [2008-01-02 707080] "PlayMovie"="c:\program files\Acer Arcade Deluxe\Play Movie\PMVService.exe" [2008-01-22 200704] "PLFSet"="c:\windows\PLFSet.dll" [2007-04-25 45056] "WarReg_PopUp"="c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe" [2008-01-29 303104] "QuickFinder Scheduler"="c:\program files\WordPerfect Office X3\Programs\QFSCHD130.EXE" [2007-01-02 83568] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152] "hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-06-02 80896] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648] "Skytel"="Skytel.exe" [2008-01-24 1826816] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2008-3-25 535336] HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360] Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588] SETAUDIO.EXE [2008-4-4 20480] SETRES.EXE [2008-4-4 20480] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1\r3hook.dll c:\progra~1\KASPER~1\KASPER~1\adialhk.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "VistaSp2"=hex(b):e6,0a,08,d2,46,6f,ca,01 R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\System32\drivers\klim6.sys [16.10.2007 11:05 20496] R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl [07.05.2008 23:03 41456] R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [14.08.2009 14:12 222968] R3 winbondcir;Winbond IR Transceiver;c:\windows\System32\drivers\winbondcir.sys [25.03.2008 21:59 43008] S2 ALaunchService;ALaunch Service;c:\acer\ALaunch\ALaunchSvc.exe [25.03.2008 15:47 51200] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [25.03.2008 21:59 179712] S3 FontCache;Windows-Dienst für Schriftartencache;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21.01.2008 03:23 21504] S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [06.11.2009 10:30 54632] S3 fsssvc;Windows Live Family Safety-Dienst;c:\program files\Windows Live\Family Safety\fsssvc.exe [05.08.2009 22:48 704864] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . ------- Zusätzlicher Suchlauf ------- . mStart Page = hxxp://de.intl.acer.yahoo.com uInternet Settings,ProxyOverride = *.local IE: &Citavi Picker... - file://c:\program files\Internet Explorer\PLUGINS\Citavi Picker\ShowContextMenu.html IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html IE: Hinzufügen zu Kaspersky Anti-Banner - c:\program files\Kaspersky Lab\Kaspersky Security Suite CBE\ie_banner_deny.htm IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Öffnen mit WordPerfect - c:\program files\WordPerfect Office X3\Programs\WPLauncher.hta . - - - - Entfernte verwaiste Registrierungseinträge - - - - HKLM-Run-ALaunch - c:\acer\ALaunch\AlaunchClient.exe HKLM-Run-eRecoveryService - (no file) HKLM-Run-Corel Photo Downloader - c:\program files\Corel\Corel Snapfire\Corel PhotoDownloader.exe HKLM-Run-WinampAgent - c:\program files\Winamp\winampa.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-12-07 12:50 Windows 6.0.6002 Service Pack 2 NTFS Scanne versteckte Prozesse... Scanne versteckte Autostarteinträge... Scanne versteckte Dateien... Scan erfolgreich abgeschlossen versteckte Dateien: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}] "ImagePath"="\??\c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl" . --------------------- Gesperrte Registrierungsschluessel --------------------- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . --------------------- Durch laufende Prozesse gestartete DLLs --------------------- - - - - - - - > 'winlogon.exe'(960) c:\progra~1\KASPER~1\KASPER~1\r3hook.dll c:\progra~1\KASPER~1\KASPER~1\adialhk.dll c:\windows\system32\NSI.dll - - - - - - - > 'lsass.exe'(784) c:\progra~1\KASPER~1\KASPER~1\r3hook.dll c:\progra~1\KASPER~1\KASPER~1\adialhk.dll c:\program files\Kaspersky Lab\Kaspersky Security Suite CBE\dnsq.dll . Zeit der Fertigstellung: 2009-12-07 12:54 ComboFix-quarantined-files.txt 2009-12-07 11:54 Vor Suchlauf: 12 Verzeichnis(se), 85.721.751.552 Bytes frei Nach Suchlauf: 17 Verzeichnis(se), 86.581.014.528 Bytes frei - - End Of File - - 038EFDB4A28021CE5B1F288E879C8CE4 |
|
|
|
|
|
|
07.12.2009, 13:23
Member
Beiträge: 3716 |
#11
welche version von kaspersky nutzt du? 2010 oder noch 09? wenn ja ugraden auf 2010 bitte. danach updaten und full scan ausführen, funde in quarantäne, log posten.
|
|
|
|
|
|
|
07.12.2009, 14:27
Member
Themenstarter Beiträge: 14 |
#12
ähm ich denke, dass das die 09 version ist....ich nutze die kostenlose aus der computer-bild. die kann ich nich upgraden, oder?
|
|
|
|
|
|
|
07.12.2009, 14:50
Member
Beiträge: 3716 |
#13
nein. dann bitte updaten und einen vollen scan ausführen, funde quarantäne, log posten.
|
|
|
|
|
|
|
07.12.2009, 15:04
Member
Beiträge: 3716 |
#14
könntest du auch mal bei der gelegenheit schauen, wo kaspersky den oben genannten trojaner fand?
|
|
|
|
|
|
|
07.12.2009, 15:24
Member
Themenstarter Beiträge: 14 |
#15
ok...der scan läuft und hat auch schon was gefunden....in der test.exe
nach Quarantäne verschoben: Virus Heur.Invader (Modifikation) Datei: C:\Users\claudia\Desktop\test.exe//PE_Patch.UPX/32788R22FWJFW\FileKill.cfxxe nach Quarantäne verschoben: Virus Heur.Invader (Modifikation) Datei: und das sind die dinger, die ich irgendwann mal gefunden hab....zuletzt den trojan.32.agent.czma gelöscht: trojanisches Programm Trojan-GameThief.Win32.OnLineGames.zex Datei: G:\ranvrgn.exe gelöscht: trojanisches Programm Trojan-PSW.Win32.OnLineGames.zex Datei: E:\autorun.inf gelöscht: trojanisches Programm Trojan.Win32.Agent.czma Datei: C:\Program Files\Acer GameZone\Jewel Quest Solitaire\aJewelQuestSolitaire.exe//Armadillo |
|
|
|
|
|
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!
bitte erst » hier kostenlos registrieren!!
Folgende Themen könnten Dich auch interessieren:
Copyright © 2024, Protecus.de - Protecus Team - Impressum / Mediadaten
Infiziert: trojanisches Programm Trojan.Win32.Agent.czma