| |
| |||||||
Log-Analyse und Auswertung: XP sehr langsam, outlook meldet Termine immer wiederWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
24.12.2013, 10:40
| #1 |
 |  XP sehr langsam, outlook meldet Termine immer wieder Hi, mein Rechner ist sehr langsam, speedswitch zeigt meist sehr hohe CPU Auslastung. FRST wird abgebrochen. gmer: Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-12-24 10:29:27
Windows 5.1.2600 Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 SAMSUNG_HM160HC rev.LQ100-10 128,00GB
Running: gmer_2.1.19163.exe; Driver: D:\DOKUME~1\user\LOKALE~1\Temp\pgtdypoc.sys
---- System - GMER 2.1 ----
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwAddBootEntry [0xB8AD9610]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwAssignProcessToJobObject [0xB8ADA0E6]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwClose [0xB8B1DB36]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateEvent [0xB8AE5F18]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateEventPair [0xB8AE5F64]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateIoCompletion [0xB8AE60FE]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateMutant [0xB8AE5E86]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateSection [0xB8AE5FA8]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateSemaphore [0xB8AE5ECE]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateThread [0xB8ADA5E4]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateTimer [0xB8AE60B8]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDebugActiveProcess [0xB8ADAE9C]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDeleteBootEntry [0xB8AD9676]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDeleteKey [0xB8B1E1FC]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDeleteValueKey [0xB8B1E4B2]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDuplicateObject [0xB8ADE596]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwEnumerateKey [0xB8B1E067]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwEnumerateValueKey [0xB8B1DED2]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwLoadDriver [0xB8AD925E]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwModifyBootEntry [0xB8AD96DC]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwNotifyChangeKey [0xB8ADE98C]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwNotifyChangeMultipleKeys [0xB8ADB92C]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenEvent [0xB8AE5F42]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenEventPair [0xB8AE5F86]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenIoCompletion [0xB8AE6122]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenMutant [0xB8AE5EAC]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenProcess [0xB8ADDE78]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenSection [0xB8AE6036]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenSemaphore [0xB8AE5EF6]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenThread [0xB8ADE26E]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenTimer [0xB8AE60DC]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueryKey [0xB8B1DD4D]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueryObject [0xB8ADB7F8]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueryValueKey [0xB8B1DB9F]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueueApcThread [0xB8ADB34E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwRenameKey [0xB8B9A744]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwRestoreKey [0xB8B1CB30]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetBootEntryOrder [0xB8AD9742]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetBootOptions [0xB8AD97A8]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetContextThread [0xB8ADAD16]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetSystemInformation [0xB8AD92F8]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetSystemPowerState [0xB8AD94CE]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetValueKey [0xB8B1E303]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwShutdownSystem [0xB8AD945C]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSuspendProcess [0xB8ADB066]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSuspendThread [0xB8ADB1C8]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSystemDebugControl [0xB8AD9556]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwTerminateProcess [0xB8ADAB54]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwTerminateThread [0xB8ADACF6]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwVdmControl [0xB8AD980E]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwWriteVirtualMemory [0xB8ADA142]
SSDT \WINDOWS\system32\ntoskrnl.exe (NT-Kernel und -System/Microsoft Corporation) ZwCreateKey [0x804D7571]
SSDT \WINDOWS\system32\ntoskrnl.exe[unknown section] [804D7571] ZwCreateKey [0x804D7571]
SSDT \WINDOWS\system32\ntoskrnl.exe (NT-Kernel und -System/Microsoft Corporation) ZwOpenKey [0x804D7576]
SSDT \WINDOWS\system32\ntoskrnl.exe[unknown section] [804D7576] ZwOpenKey [0x804D7576]
INT 0x03 \WINDOWS\system32\ntoskrnl.exe[unknown section] 804D757B
INT 0x06 \??\D:\WINDOWS\system32\drivers\Haspnt.sys (HASP Kernel Device Driver for Windows NT/Aladdin Knowledge Systems) B420516D
INT 0x0E \??\D:\WINDOWS\system32\drivers\Haspnt.sys (HASP Kernel Device Driver for Windows NT/Aladdin Knowledge Systems) B4204FC2
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0xB8BA6E00]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject
---- Kernel code sections - GMER 2.1 ----
.text ntoskrnl.exe!_abnormal_termination + F0 804E26C4 3 Bytes [71, 75, 4D] {JNO 0x77; DEC EBP}
.text ntoskrnl.exe!_abnormal_termination + 208 804E27DC 8 Bytes [8C, E9, AD, B8, 2C, B9, AD, ...] {MOV ECX, GS; LODSD ; MOV EAX, 0xb8adb92c}
.text ntoskrnl.exe!_abnormal_termination + 228 804E27FC 3 Bytes [76, 75, 4D] {JBE 0x77; DEC EBP}
.text ntoskrnl.exe!_abnormal_termination + 398 804E296C 12 Bytes [42, 97, AD, B8, A8, 97, AD, ...]
.text ntoskrnl.exe!_abnormal_termination + 440 804E2A14 12 Bytes [66, B0, AD, B8, C8, B1, AD, ...]
PAGE ntoskrnl.exe!ObInsertObject 805651BA 5 Bytes JMP B8BA57B4 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntoskrnl.exe!ZwReplyWaitReceivePortEx + 3CC 8056BC20 4 Bytes CALL B8ADBFD9 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
PAGE ntoskrnl.exe!ZwCreateProcessEx 805830E4 7 Bytes JMP B8BA6E04 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntoskrnl.exe!ObMakeTemporaryObject 8059EAEB 5 Bytes JMP B8BA3C9A \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
.text win32k.sys!EngFreeUserMem + 674 BF80996D 5 Bytes JMP B8AE0284 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngFreeUserMem + 35D0 BF80C8C9 5 Bytes JMP B8AE0162 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngDeleteSurface + 45 BF813994 5 Bytes JMP B8AE0116 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!BRUSHOBJ_pvAllocRbrush + 322E BF81E641 5 Bytes JMP B8ADEBF4 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngMulDiv + 197D BF820D4E 5 Bytes JMP B8ADF6EC \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngPaint + 11A6 BF82D568 5 Bytes JMP B8ADED54 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngLockSurface + C09 BF82E6E6 5 Bytes JMP B8AE03FA \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!CLIPOBJ_bEnum + 2E84 BF839072 5 Bytes JMP B8AE0614 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!CLIPOBJ_bEnum + B8EC BF841ADA 5 Bytes JMP B8AE000A \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!CLIPOBJ_bEnum + E0A8 BF844296 5 Bytes JMP B8ADF6CE \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!CLIPOBJ_bEnum + F624 BF845812 5 Bytes JMP B8ADEDF4 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!XLATEOBJ_iXlate + 290F BF86F4A6 5 Bytes JMP B8ADF7C4 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!XLATEOBJ_iXlate + 4BED BF871784 5 Bytes JMP B8ADF22C \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!XLATEOBJ_iXlate + 4C78 BF87180F 5 Bytes JMP B8ADF508 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!XLATEOBJ_iXlate + 584E BF8723E5 5 Bytes JMP B8ADEAD8 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!XLATEOBJ_iXlate + AC2C BF8777C3 5 Bytes JMP B8AE01B2 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngUnicodeToMultiByteN + 67EE BF87E9ED 5 Bytes JMP B8AE033C \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngGetCurrentCodePage + 35E9 BF897CCE 5 Bytes JMP B8ADF2F2 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngGetCurrentCodePage + 4126 BF89880B 5 Bytes JMP B8ADF4C2 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngGetLastError + 1606 BF8B58F7 5 Bytes JMP B8ADF7E2 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngGradientFill + 2862 BF8B9015 5 Bytes JMP B8AE056C \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngAlphaBlend + 35C2 BF8C1B9F 5 Bytes JMP B8ADEF24 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngDeleteSemaphore + A5C1 BF8EB159 5 Bytes JMP B8ADF70A \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!PATHOBJ_bCloseFigure + 19EF BF8EFC1A 5 Bytes JMP B8ADE9C2 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!PATHOBJ_bCloseFigure + 3BBE BF8F1DE9 5 Bytes JMP B8ADF008 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!PATHOBJ_bCloseFigure + 3E3E BF8F2069 5 Bytes JMP B8ADF150 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCreateClip + 1A40 BF914A09 5 Bytes JMP B8ADECDC \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCreateClip + 1CEC BF914CB5 5 Bytes JMP B8ADF88C \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCreateClip + 2614 BF9155DD 5 Bytes JMP B8ADEEBC \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCreateClip + 4F95 BF917F5E 5 Bytes JMP B8ADF628 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngPlgBlt + 192B BF9484CB 5 Bytes JMP B8AE04BE \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.vmp2 D:\WINDOWS\system32\drivers\acedrv11.sys entry point in ".vmp2" section [0xB3E9069D]
.text D:\WINDOWS\system32\drivers\aksfridge.sys section is writeable [0xB3E10000, 0x48011, 0xE0000020]
.init D:\WINDOWS\system32\drivers\aksfridge.sys entry point in ".init" section [0xB3E65224]
.init D:\WINDOWS\system32\drivers\aksfridge.sys unknown last code section [0xB3E65000, 0x4000, 0xE20000E0]
.text D:\WINDOWS\system32\drivers\hardlock.sys section is writeable [0xB3C83400, 0x6E1B2, 0xE8000020]
.protectÿÿÿÿhardlockentry point in ".protectÿÿÿÿhardlockentry point in ".protectÿÿÿÿhardlockentry point in ".p" section [0xB3D0D220] D:\WINDOWS\system32\drivers\hardlock.sys entry point in ".protectÿÿÿÿhardlockentry point in ".protectÿÿÿÿhardlockentry point in ".p" section [0xB3D0D220]
.protectÿÿÿÿhardlockunknown last code section [0xB3D0D000, 0x50EA, 0xE0000020] D:\WINDOWS\system32\drivers\hardlock.sys unknown last code section [0xB3D0D000, 0x50EA, 0xE0000020]
---- User code sections - GMER 2.1 ----
.text D:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe[228] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe[228] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\WINDOWS\system32\svchost.exe[232] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\WINDOWS\system32\svchost.exe[232] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\Programme\AVAST Software\Avast\avastUI.exe[256] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\Programme\AVAST Software\Avast\avastUI.exe[256] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text E:\Programme\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe[280] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text E:\Programme\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe[280] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\Programme\Java\jre6\bin\jqs.exe[384] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\Programme\Java\jre6\bin\jqs.exe[384] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\WINDOWS\System32\smss.exe[436] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\WINDOWS\system32\wuauclt.exe[456] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\WINDOWS\system32\wuauclt.exe[456] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text E:\Programme\Microsoft Office\Office12\OUTLOOK.EXE[508] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text E:\Programme\Microsoft Office\Office12\OUTLOOK.EXE[508] kernel32.dll!SetUnhandledExceptionFilter 7C8449B5 5 Bytes JMP 326054C1 D:\Programme\Gemeinsame Dateien\Microsoft Shared\office12\mso.dll (2007 Microsoft Office component/Microsoft Corporation)
.text E:\Programme\Microsoft Office\Office12\OUTLOOK.EXE[508] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text E:\Programme\Microsoft Office\Office12\OUTLOOK.EXE[508] ole32.dll!OleLoadFromStream 774F988B 5 Bytes JMP 330BD62A D:\Programme\Gemeinsame Dateien\Microsoft Shared\office12\mso.dll (2007 Microsoft Office component/Microsoft Corporation)
.text E:\Programme\Bazaar\tbzrcache.exe[584] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text E:\Programme\Bazaar\tbzrcache.exe[584] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\Programme\AVAST Software\Avast\AvastSvc.exe[596] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\Programme\AVAST Software\Avast\AvastSvc.exe[596] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\Programme\TightVNC\tvnserver.exe[700] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\Programme\TightVNC\tvnserver.exe[700] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\WINDOWS\system32\spoolsv.exe[784] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\WINDOWS\system32\spoolsv.exe[784] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\Programme\Microsoft ActiveSync\WCESCOMM.EXE[788] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\Programme\Microsoft ActiveSync\WCESCOMM.EXE[788] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\Programme\Windows Desktop Search\WindowsSearch.exe[820] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\Programme\Windows Desktop Search\WindowsSearch.exe[820] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe[832] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe[832] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text E:\Programme\EaseUS\Todo Backup\bin\Agent.exe[856] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text E:\Programme\EaseUS\Todo Backup\bin\Agent.exe[856] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\WINDOWS\system32\csrss.exe[904] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\WINDOWS\system32\csrss.exe[904] KERNEL32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\WINDOWS\system32\winlogon.exe[944] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\WINDOWS\system32\winlogon.exe[944] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\WINDOWS\system32\services.exe[1004] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\WINDOWS\system32\services.exe[1004] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\WINDOWS\system32\lsass.exe[1016] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\WINDOWS\system32\lsass.exe[1016] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\WINDOWS\system32\hasplms.exe[1064] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\WINDOWS\system32\hasplms.exe[1064] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\WINDOWS\system32\svchost.exe[1220] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\WINDOWS\system32\svchost.exe[1220] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text E:\Programme\EaseUS\Todo Backup\bin\GuardAgent.exe[1236] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text E:\Programme\EaseUS\Todo Backup\bin\GuardAgent.exe[1236] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\WINDOWS\system32\nvsvc32.exe[1276] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\WINDOWS\system32\nvsvc32.exe[1276] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\WINDOWS\system32\svchost.exe[1308] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\WINDOWS\system32\svchost.exe[1308] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\WINDOWS\system32\svchost.exe[1380] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\WINDOWS\system32\svchost.exe[1380] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\WINDOWS\System32\svchost.exe[1400] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\WINDOWS\System32\svchost.exe[1400] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\Programme\DisplayLink Core Software\DisplayLinkManager.exe[1432] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\Programme\DisplayLink Core Software\DisplayLinkManager.exe[1432] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\Programme\TeamViewer\Version8\TeamViewer_Service.exe[1524] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\Programme\TeamViewer\Version8\TeamViewer_Service.exe[1524] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\WINDOWS\system32\svchost.exe[1632] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\WINDOWS\system32\svchost.exe[1632] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\Programme\Gemeinsame Dateien\Logitech\LCD Manager\Applets\LCDPOP3.exe[1692] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\Programme\Gemeinsame Dateien\Logitech\LCD Manager\Applets\LCDPOP3.exe[1692] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\Programme\DisplayLink Core Software\DisplayLinkUserAgent.exe[1764] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\Programme\DisplayLink Core Software\DisplayLinkUserAgent.exe[1764] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\Programme\Gemeinsame Dateien\Logitech\LCD Manager\Applets\LCDClock.exe[1788] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\Programme\Gemeinsame Dateien\Logitech\LCD Manager\Applets\LCDClock.exe[1788] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\WINDOWS\system32\svchost.exe[2016] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\WINDOWS\system32\svchost.exe[2016] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\WINDOWS\system32\svchost.exe[2024] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\WINDOWS\system32\svchost.exe[2024] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\Programme\HTC\HTC Sync\Application Launcher\Application Launcher.exe[2092] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\Programme\HTC\HTC Sync\Application Launcher\Application Launcher.exe[2092] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe[2164] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe[2164] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\WINDOWS\Explorer.EXE[2172] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\WINDOWS\Explorer.EXE[2172] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\WINDOWS\Explorer.EXE[2172] SHELL32.dll!SHFileOperationW 7E720984 5 Bytes JMP 00CC1102 D:\Programme\Unlocker\UnlockerHook.dll
.text D:\Programme\Messenger\msmsgs.exe[2184] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\Programme\Messenger\msmsgs.exe[2184] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\WINDOWS\system32\wscntfy.exe[2200] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\WINDOWS\system32\wscntfy.exe[2200] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\17.0.12\loggingserver.exe[2272] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\17.0.12\loggingserver.exe[2272] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\Programme\Gemeinsame Dateien\Teleca Shared\logger.exe[2276] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\Programme\Gemeinsame Dateien\Teleca Shared\logger.exe[2276] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\Programme\Gemeinsame Dateien\Logitech\LCD Manager\lcdmon.exe[2344] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\Programme\Gemeinsame Dateien\Logitech\LCD Manager\lcdmon.exe[2344] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\Programme\Acronis\TrueImage\TrueImageMonitor.exe[2376] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\Programme\Acronis\TrueImage\TrueImageMonitor.exe[2376] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\Programme\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exe[2676] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\Programme\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exe[2676] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\Programme\Gemeinsame Dateien\Teleca Shared\Generic.exe[2796] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\Programme\Gemeinsame Dateien\Teleca Shared\Generic.exe[2796] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text E:\Programme\VMware\VMware vCenter Converter Standalone\vmware-converter.exe[2964] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text E:\Programme\VMware\VMware vCenter Converter Standalone\vmware-converter.exe[2964] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text E:\Programme\EaseUS\Todo Backup\bin\EuWatch.exe[2992] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text E:\Programme\EaseUS\Todo Backup\bin\EuWatch.exe[2992] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\Programme\Gemeinsame Dateien\Logitech\LCD Manager\Applets\LCDCountdown.exe[3052] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\Programme\Gemeinsame Dateien\Logitech\LCD Manager\Applets\LCDCountdown.exe[3052] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text E:\Programme\VMware\VMware vCenter Converter Standalone\vmware-converter.exe[3064] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text E:\Programme\VMware\VMware vCenter Converter Standalone\vmware-converter.exe[3064] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe[3168] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe[3168] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\WINDOWS\system32\wbem\wmiapsrv.exe[3176] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\WINDOWS\system32\wbem\wmiapsrv.exe[3176] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\Programme\Gemeinsame Dateien\Logitech\LCD Manager\Applets\LCDMedia.exe[3240] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\Programme\Gemeinsame Dateien\Logitech\LCD Manager\Applets\LCDMedia.exe[3240] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text E:\Programme\EaseUS\Todo Backup\bin\TrayNotify.exe[3248] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text E:\Programme\EaseUS\Todo Backup\bin\TrayNotify.exe[3248] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\WINDOWS\system32\SearchIndexer.exe[3268] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\WINDOWS\system32\SearchIndexer.exe[3268] kernel32.dll!WriteFile 7C8112FF 7 Bytes JMP 00585C0C D:\WINDOWS\system32\MSSRCH.DLL (mssrch.dll/Microsoft Corporation)
.text D:\WINDOWS\system32\SearchIndexer.exe[3268] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\Programme\Unlocker\UnlockerAssistant.exe[3292] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\Programme\Unlocker\UnlockerAssistant.exe[3292] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\WINDOWS\System32\svchost.exe[3320] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\WINDOWS\System32\svchost.exe[3320] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\Programme\Wyse\PocketCloud Windows Companion\PocketCloudService.exe[3480] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\Programme\Wyse\PocketCloud Windows Companion\PocketCloudService.exe[3480] KERNEL32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\WINDOWS\system32\rundll32.exe[3548] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\WINDOWS\system32\rundll32.exe[3548] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\Programme\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe[3616] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\Programme\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe[3616] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\WINDOWS\system32\ctfmon.exe[3692] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\WINDOWS\system32\ctfmon.exe[3692] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\Programme\AVG Secure Search\vprot.exe[3696] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\Programme\AVG Secure Search\vprot.exe[3696] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\Programme\Chromatic Dragon\Toodledo Sync Application\SyncApp.exe[3732] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\Programme\Chromatic Dragon\Toodledo Sync Application\SyncApp.exe[3732] KERNEL32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\Programme\DisplayLink Core Software\DisplayLinkUI.exe[3780] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\Programme\DisplayLink Core Software\DisplayLinkUI.exe[3780] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\Programme\Gemeinsame Dateien\Teleca Shared\CapabilityManager.exe[3824] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\Programme\Gemeinsame Dateien\Teleca Shared\CapabilityManager.exe[3824] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\WINDOWS\system32\nipalsm.exe[4020] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\WINDOWS\system32\nipalsm.exe[4020] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\Programme\SpeedswitchXP\SpeedswitchXP.exe[4044] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\Programme\SpeedswitchXP\SpeedswitchXP.exe[4044] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\Programme\Logitech\Vid HD\Vid.exe[4052] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\Programme\Logitech\Vid HD\Vid.exe[4052] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\WINDOWS\System32\alg.exe[4072] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\WINDOWS\System32\alg.exe[4072] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\Programme\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exe[4152] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\Programme\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exe[4152] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\Programme\HTC\HTC Sync\Mobile Phone Monitor\DbgOut.exe[4244] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\Programme\HTC\HTC Sync\Mobile Phone Monitor\DbgOut.exe[4244] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\Dokumente und Einstellungen\user\Desktop\gmer_2.1.19163.exe[4708] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\Dokumente und Einstellungen\user\Desktop\gmer_2.1.19163.exe[4708] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\Programme\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exe[5948] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\Programme\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exe[5948] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
.text D:\Programme\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exe[6020] ntdll.dll!RtlDosSearchPath_U + 186 7C92616D 1 Byte [62]
.text D:\Programme\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exe[6020] kernel32.dll!GetBinaryTypeW + 80 7C8693DC 1 Byte [62]
---- Devices - GMER 2.1 ----
Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)
Device \FileSystem\Fastfat \FatCdrom aswSP.SYS (avast! self protection module/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume1 snapman.sys (Acronis Snapshot API/Acronis)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume1 timntr.sys (TrueImage Backup Archive Explorer/Acronis)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume1 EUBKMON.sys
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume2 snapman.sys (Acronis Snapshot API/Acronis)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume2 timntr.sys (TrueImage Backup Archive Explorer/Acronis)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume2 EUBKMON.sys
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume3 snapman.sys (Acronis Snapshot API/Acronis)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume3 timntr.sys (TrueImage Backup Archive Explorer/Acronis)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume3 EUBKMON.sys
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume4 snapman.sys (Acronis Snapshot API/Acronis)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume4 timntr.sys (TrueImage Backup Archive Explorer/Acronis)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume4 EUBKMON.sys
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
Device \Driver\Disk \Device\Harddisk0\DR0 aksfridge.sys (Ancillary Function Driver/Aladdin Knowledge Systems Ltd.)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
Device \FileSystem\Fastfat \Fat aswSP.SYS (avast! self protection module/AVAST Software)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
---- Registry - GMER 2.1 ----
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System@OOCC06.00.00.01WSSV 507383A3DF0070EC7AD1F64614D53CB47B3836A545F01971403AFAC16599C88CE8E6D32D025A1968782B0ECD02428FC92278B269727D2F8B1C478D8CE339CCAD88DE47385D58E9A8677293DD56F2B117A4906BB8C632F23126DBD1E748F0B691789D35DE3F2F63CE0318D6A99F5AEB654EBB467AB35E14EDD923E80C038AC32807DA98D0BA49E9D0887F4CF230206BCDEE2ED1266B85A8213A3A1A48C889113686429151A544C2793B820C13211D3EBF590ABF4AE6DFA97E4AB34E7F1321A0554B71603899719BE5626BD0764C61DB7EE66AE20763D8748D131593279EBAD8F0307CEEEF75D50108C87A7B1C51AE1A9FFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6171C11EC38DE3DA2D97226D213B555A6171C11EC38DE3DD6CE30DC1F957F0D175D38D02D72702756DD20CA506F7D5AA57DD823F07402C00A970D9A169F0907B1960996A00E7A49BD24B9B31F695FD4981D31A7265034AA596545ED4789C95BBB033A4D050CBBACA807FA22E84B7015CBCCE18520E4A803B5079A3A29902973191A85EB12E465DE0CCCB3C2496BC86D633FF5417707840294386E77F526728EAEC8C500C3498BC4DEAE5B561AD6E60789191AEE0ABECA33F12EC72F2B6FD43D686D7AA9571BA6939C5A0A32FB4CAA5CEAF4A0B9F84869F
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
und Frohe Feiertage Klaus |
| Themen zu XP sehr langsam, outlook meldet Termine immer wieder |
| avast, avg, browser, converter, cpu, dateien, desktop, device driver, einstellungen, error, harddisk, hohe cpu, langsam, lsass.exe, ntdll.dll, programme, registry, rundll, scan, secure, secure search, services.exe, software, svchost.exe, system, temp, udp, vtoolbarupdater, win32k.sys, winlogon.exe, wuauclt.exe |
Baum-Darstellung