Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
TR/PSW.Zbot.133169.Y alle 11 Minuten Antivir und temp Dateien

TR/PSW.Zbot.133169.Y alle 11 Minuten Antivir und temp Dateien


Log-Analyse und Auswertung: TR/PSW.Zbot.133169.Y alle 11 Minuten Antivir und temp Dateien

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Seite 2 von 7 1 2 34 Letzte »
Alt 27.06.2010, 22:17   #16
Larusso
/// Selecta Jahrusso
 
TR/PSW.Zbot.133169.Y alle 11 Minuten Antivir und temp Dateien - Standard

TR/PSW.Zbot.133169.Y alle 11 Minuten Antivir und temp Dateien


Schritt 1

Temp File Cleaner

Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.


Schritt 2

Bitte
  • alle anderen Scanner gegen Viren, Spyware, usw. deaktiviert sein,
  • keine Verbindung zu einem Netzwerk/Internet bestehen (WLAN nicht vergessen),
  • nichts am Rechner getan werden,
  • nach jedem Scan der Rechner neu gestartet werden.
Gmer scannen lassen
  • Lade Dir Gmer von dieser Seite herunter
    (auf den Button Download EXE drücken) und das Programm auf dem Desktop speichern.
  • Alle anderen Programme sollen geschlossen sein.
  • Starte gmer.exe (Programm hat einen willkürlichen Programm-Namen).
  • Entferne rechts den Haken bei
    • Sections
    • IAT/EAT
    • Alle Festplatten ausser die Systemplatte (normalerweise ist nur C:\ angehackt)
    • Show all (sollte abgehackt sein)
  • Vista-User mit Rechtsklick und als Administrator starten.
  • Sollte sich ein Fenster mit folgender Warnung öffnen:
    WARNING !!!
    GMER has found system modification, which might have been caused by ROOTKIT activity.
    Do you want to fully scan your system ?
    Unbedingt auf "No" klicken.
  • Starte den Scan mit "Scan". Mache nichts am Computer während der Scan läuft.
  • Wenn der Scan fertig ist klicke auf Save und speichere die Logfile unter Gmer.txt auf deinem Desktop. Mit "Ok" wird GMER beendet.
Antiviren-Programm und sonstige Scanner wieder einschalten, bevor Du ins Netz gehst!


Schritt 3

Starte bitte OTL.exe und klicke auf den Quick Scan Button.


Bitte poste in Deiner nächsten Antwort
Gmer.txt
OTL.txt
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie
Geändert von Larusso (27.06.2010 um 22:22 Uhr)

Alt 28.06.2010, 07:43   #17
Kiesopfer
 
TR/PSW.Zbot.133169.Y alle 11 Minuten Antivir und temp Dateien - Standard

TR/PSW.Zbot.133169.Y alle 11 Minuten Antivir und temp Dateien


zHallo
wie lage soll day denn dauern.

Habe erst TFC dann GMER das ging relativ schnell
HABE das Protokoll gespeichert und OTtL gestartet.
Der pc arbeotet nun seit sieben Stunden
sollte ich otl quick mit oder ohne code von larusso starten?
__________________
Alt 28.06.2010, 07:45   #18
Larusso
/// Selecta Jahrusso
 
TR/PSW.Zbot.133169.Y alle 11 Minuten Antivir und temp Dateien - Standard

TR/PSW.Zbot.133169.Y alle 11 Minuten Antivir und temp Dateien


Mit dem Handy Online ?

Hast Du den PC neu gestartet nach dem GMER Scan ?
Und es steht nichts von nem Code oder sonst was.
__________________
__________________
Alt 28.06.2010, 08:01   #19
Kiesopfer
 
TR/PSW.Zbot.133169.Y alle 11 Minuten Antivir und temp Dateien - Standard

TR/PSW.Zbot.133169.Y alle 11 Minuten Antivir und temp Dateien


handy online ja

neustart nach tfc nicht nach gmer

Ganz unten steht" Getting User Info..."
Sonst ist nichts zu sehen. Hatte noch lop prüfung und purity prüfung mit an.
Online muss ich aber nicht für otl gehen?

Alt 28.06.2010, 08:04   #20
Larusso
/// Selecta Jahrusso
 
TR/PSW.Zbot.133169.Y alle 11 Minuten Antivir und temp Dateien - Standard

TR/PSW.Zbot.133169.Y alle 11 Minuten Antivir und temp Dateien


ne musst du nicht.
Und steht nicht in der GMER Anweisung den PC neu starten?

Es hat alles seinen Grund

Brich OTL.exe ab, starte den PC neu und starte OTL erneut

__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie
Alt 28.06.2010, 08:18   #21
Kiesopfer
 
TR/PSW.Zbot.133169.Y alle 11 Minuten Antivir und temp Dateien - Standard

TR/PSW.Zbot.133169.Y alle 11 Minuten Antivir und temp Dateien


Ist das peinlich Tut mir leid... Hier nun die Protokolle OTL:

OTL logfile created on: 28.06.2010 09:11:22 - Run 2
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Dokumente und Einstellungen\Norman\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 71,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 70,17 Gb Total Space | 4,36 Gb Free Space | 6,21% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 111,79 Gb Total Space | 65,62 Gb Free Space | 58,70% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: TEST
Current User Name: Norman
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010.06.27 18:38:48 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Norman\Desktop\OTL.exe
PRC - [2010.04.03 22:32:35 | 000,038,840 | ---- | M] (Adobe Systems Incorporated) -- E:\Programme\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe
PRC - [2010.04.03 16:44:26 | 000,640,440 | ---- | M] (Adobe Systems Inc.) -- E:\Programme\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2010.02.18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2010.01.18 15:41:50 | 000,063,928 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe
PRC - [2009.12.21 18:49:44 | 000,069,568 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe
PRC - [2009.11.24 13:51:18 | 000,176,056 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\TPONSCR.exe
PRC - [2009.11.18 14:04:18 | 000,038,248 | ---- | M] (Lenovo.) -- C:\WINDOWS\system32\ibmpmsvc.exe
PRC - [2009.10.01 16:14:30 | 000,144,752 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\ZOOM\TpScrex.exe
PRC - [2009.07.21 14:34:28 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2009.06.12 10:55:48 | 000,028,672 | ---- | M] (Lenovo Group Limited) -- c:\Programme\Lenovo\System Update\SUService.exe
PRC - [2009.05.13 16:48:18 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2009.04.16 13:41:28 | 000,053,248 | ---- | M] () -- C:\Programme\ThinkPad\Utilities\PWMDBSVC.exe
PRC - [2009.04.14 19:51:38 | 000,015,136 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\tpfnf6r.exe
PRC - [2009.03.05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009.03.02 13:08:43 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2009.02.02 20:16:48 | 000,181,536 | ---- | M] (Lenovo.) -- C:\WINDOWS\system32\TpShocks.exe
PRC - [2009.01.29 03:10:00 | 000,185,688 | ---- | M] (Lenovo Group Limited) -- C:\Programme\ThinkVantage\PrdCtr\LPMGR.EXE
PRC - [2009.01.29 03:10:00 | 000,124,248 | ---- | M] (Lenovo Group Limited) -- C:\Programme\ThinkVantage\PrdCtr\LPMLCHK.EXE
PRC - [2009.01.28 17:59:12 | 000,039,976 | ---- | M] (Lenovo.) -- C:\WINDOWS\system32\TPHDEXLG.exe
PRC - [2008.10.27 11:03:52 | 000,090,112 | ---- | M] (Lenovo ) -- C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
PRC - [2008.10.27 11:03:32 | 000,135,168 | ---- | M] (Lenovo ) -- C:\Programme\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
PRC - [2008.10.27 11:02:30 | 000,217,088 | ---- | M] (Lenovo ) -- C:\Programme\ThinkPad\ConnectUtilities\AcSvc.exe
PRC - [2008.10.27 10:56:38 | 000,143,360 | ---- | M] (Lenovo ) -- C:\Programme\ThinkPad\ConnectUtilities\ACWLIcon.exe
PRC - [2008.07.04 00:17:00 | 000,118,784 | ---- | M] (Synaptics, Inc.) -- C:\Programme\Synaptics\SynTP\SynTPLpr.exe
PRC - [2008.06.05 02:36:00 | 000,242,976 | ---- | M] (Lenovo Group Ltd.) -- C:\Programme\ThinkPad\Utilities\EZEJMNAP.EXE
PRC - [2008.04.14 04:22:49 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe
PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.03.26 03:06:00 | 000,059,680 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\NPDIRECT\tpfnf7sp.exe
PRC - [2008.03.04 10:34:20 | 000,487,424 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe
PRC - [2008.03.04 10:34:12 | 001,122,304 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe
PRC - [2007.11.26 16:58:10 | 000,576,104 | ---- | M] (Broadcom Corporation.) -- C:\Programme\ThinkPad\Bluetooth Software\BTTray.exe
PRC - [2007.11.26 16:58:08 | 000,264,800 | ---- | M] (Broadcom Corporation.) -- C:\Programme\ThinkPad\Bluetooth Software\bin\btwdins.exe
PRC - [2007.09.26 18:34:46 | 000,644,408 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe
PRC - [2007.09.06 13:28:18 | 000,110,592 | ---- | M] (Apple, Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2007.02.02 03:00:02 | 000,419,376 | ---- | M] (LENOVO) -- C:\Programme\ThinkVantage\AMSG\Amsg.exe
PRC - [2006.08.16 19:07:00 | 000,073,728 | ---- | M] (Lenovo Group Limited) -- C:\WINDOWS\system32\IPSSVC.EXE
PRC - [2006.08.16 19:07:00 | 000,069,632 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\AwayTask\AwaySch.EXE
PRC - [2006.07.14 18:13:14 | 002,341,632 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\Client Security Solution\cssauth.exe
PRC - [2006.07.14 18:01:00 | 001,974,272 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\Rescue and Recovery\rrservice.exe
PRC - [2006.07.14 17:42:22 | 000,723,712 | ---- | M] (IBM) -- C:\Programme\Lenovo\Client Security Solution\tvttcsd.exe
PRC - [2006.07.14 17:36:00 | 000,022,016 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Lenovo\Logger\logmon.exe
PRC - [2006.07.14 15:52:48 | 000,045,056 | ---- | M] () -- C:\Programme\Lenovo\Rescue and Recovery\ADM\IUService.exe
PRC - [2006.07.04 03:05:00 | 000,229,376 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\ThinkPad\UltraNav Wizard\UNavTray.exe
PRC - [2006.05.23 21:08:06 | 000,622,700 | ---- | M] (Diskeeper Corporation) -- C:\Programme\Diskeeper Corporation\Diskeeper\DkService.exe
PRC - [2006.05.18 16:24:06 | 000,196,696 | ---- | M] (Diskeeper Corporation) -- C:\Programme\Diskeeper Corporation\Diskeeper\DkIcon.exe
PRC - [2006.03.16 01:07:06 | 000,421,888 | ---- | M] (Google Inc.) -- C:\Programme\Picasa2\PicasaMediaDetector.exe
PRC - [2006.03.13 16:38:56 | 000,041,472 | R--- | M] (Utimaco Safeware AG) -- C:\Programme\Lenovo\SafeGuard PrivateDisk\pdservice.exe
PRC - [2006.02.02 05:20:00 | 000,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE
PRC - [2005.06.06 21:26:22 | 000,032,768 | ---- | M] () -- C:\WINDOWS\system32\TpKmpSvc.exe
PRC - [2005.05.20 02:11:06 | 000,925,696 | ---- | M] (Analog Devices, Inc.) -- C:\Programme\Analog Devices\Core\smax4pnp.exe
PRC - [2004.07.27 16:50:18 | 000,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Programme\Gemeinsame Dateien\Installshield\UpdateService\issch.exe
PRC - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
PRC - [2003.04.06 01:06:58 | 000,028,672 | ---- | M] (Hewlett-Packard) -- C:\Programme\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
PRC - [2003.04.06 00:55:04 | 000,311,296 | ---- | M] (Hewlett-Packard Co.) -- C:\Programme\Hewlett-Packard\Digital Imaging\bin\hposts08.exe
PRC - [2003.04.06 00:45:10 | 000,286,720 | ---- | M] (Hewlett-Packard Co.) -- C:\Programme\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
PRC - [2003.04.06 00:37:38 | 000,147,456 | ---- | M] (Hewlett-Packard Co.) -- C:\Programme\Hewlett-Packard\Digital Imaging\bin\hposol08.exe


========== Modules (SafeList) ==========

MOD - [2010.06.27 18:38:48 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Norman\Desktop\OTL.exe
MOD - [2008.04.14 04:21:06 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2007.11.26 16:55:46 | 000,073,728 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\BtMmHook.dll
MOD - [2006.08.16 19:07:00 | 000,086,016 | ---- | M] (Lenovo Group Limited) -- C:\WINDOWS\system32\PROCHLP.DLL


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (XAMPP)
SRV - [2010.01.18 15:41:50 | 000,063,928 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe -- (TPHKSVC)
SRV - [2009.11.18 14:04:18 | 000,038,248 | ---- | M] (Lenovo.) [Auto | Running] -- C:\WINDOWS\system32\ibmpmsvc.exe -- (IBMPMSVC)
SRV - [2009.11.17 18:06:02 | 000,044,984 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Programme\Lenovo\HOTKEY\micmute.exe -- (LENOVO.MICMUTE)
SRV - [2009.07.21 14:34:28 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009.06.12 10:55:48 | 000,028,672 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- c:\Programme\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2009.05.13 16:48:18 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009.04.16 13:41:28 | 000,053,248 | ---- | M] () [Auto | Running] -- C:\Programme\ThinkPad\Utilities\PWMDBSVC.exe -- (Power Manager DBC Service)
SRV - [2009.01.28 17:59:12 | 000,039,976 | ---- | M] (Lenovo.) [Auto | Running] -- C:\WINDOWS\system32\TPHDEXLG.exe -- (TPHDEXLGSVC)
SRV - [2009.01.02 20:51:22 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008.11.11 09:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008.11.04 11:48:10 | 000,288,112 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)
SRV - [2008.10.27 11:03:52 | 000,090,112 | ---- | M] (Lenovo ) [Auto | Running] -- C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe -- (AcPrfMgrSvc)
SRV - [2008.10.27 11:02:30 | 000,217,088 | ---- | M] (Lenovo ) [Auto | Running] -- C:\Programme\ThinkPad\ConnectUtilities\AcSvc.exe -- (AcSvc)
SRV - [2008.04.14 04:22:49 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008.04.14 04:22:49 | 000,015,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC) Simple Mail Transfer Protocol (SMTP)
SRV - [2008.04.14 04:22:49 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2008.03.04 10:34:12 | 001,122,304 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe -- (TVT Scheduler)
SRV - [2007.11.26 16:58:08 | 000,264,800 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\ThinkPad\Bluetooth Software\bin\btwdins.exe -- (btwdins)
SRV - [2007.09.26 18:34:46 | 000,644,408 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service)
SRV - [2007.09.07 19:07:22 | 000,023,552 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\psasrv.exe -- (PsaSrv)
SRV - [2007.09.06 13:28:18 | 000,110,592 | ---- | M] (Apple, Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2006.08.16 19:07:00 | 000,073,728 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\WINDOWS\system32\IPSSVC.EXE -- (IPSSVC)
SRV - [2006.07.14 18:01:00 | 001,974,272 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\Rescue and Recovery\rrservice.exe -- (TVT Backup Service)
SRV - [2006.07.14 17:42:22 | 000,723,712 | ---- | M] (IBM) [Auto | Running] -- C:\Programme\Lenovo\Client Security Solution\tvttcsd.exe -- (TSSCoreService)
SRV - [2006.07.14 15:52:48 | 000,045,056 | ---- | M] () [Auto | Running] -- C:\Programme\Lenovo\Rescue and Recovery\ADM\IUService.exe -- (tvtnetwk)
SRV - [2006.05.23 21:08:06 | 000,622,700 | ---- | M] (Diskeeper Corporation) [Auto | Running] -- C:\Programme\Diskeeper Corporation\Diskeeper\DkService.exe -- (Diskeeper)
SRV - [2005.10.06 18:13:10 | 000,856,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Connect 2\wmccds.exe -- (WMConnectCDS)
SRV - [2005.06.06 21:26:22 | 000,032,768 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\TpKmpSvc.exe -- (TpKmpSVC)
SRV - [2004.10.22 03:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe -- (MDM)
SRV - [2003.03.09 22:31:02 | 000,065,795 | R--- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - [2010.06.27 00:00:00 | 000,005,427 | ---- | M] (IBM Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\EGATHDRV.SYS -- (EGATHDRV)
DRV - [2010.06.09 11:26:50 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010.04.27 04:25:20 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscemdm.sys -- (sscemdm)
DRV - [2010.04.27 04:25:20 | 000,100,352 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssceserd.sys -- (ssceserd) SAMSUNG Mobile Modem Diagnostic Serial Port V2 (WDM)
DRV - [2010.04.27 04:25:20 | 000,098,560 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscebus.sys -- (sscebus) SAMSUNG USB Composite Device V2 driver (WDM)
DRV - [2010.04.27 04:25:20 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscemdfl.sys -- (sscemdfl)
DRV - [2009.12.11 10:17:48 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009.11.18 14:03:36 | 000,026,608 | ---- | M] (Lenovo.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ibmpmdrv.sys -- (IBMPMDRV)
DRV - [2009.07.12 09:40:48 | 000,030,144 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psadd.sys -- (psadd)
DRV - [2009.06.18 01:59:58 | 000,234,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1e5132.sys -- (e1express) Intel(R)
DRV - [2009.05.11 10:12:20 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.03.30 10:33:03 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009.02.13 12:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009.02.11 17:11:50 | 000,329,752 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2009.01.28 17:58:46 | 000,117,800 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\Apsx86.sys -- (Shockprf)
DRV - [2009.01.28 17:57:12 | 000,020,520 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ApsHM86.sys -- (TPDIGIMN)
DRV - [2009.01.03 12:12:57 | 000,073,312 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\adfs.sys -- (adfs)
DRV - [2009.01.02 15:31:46 | 000,043,672 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2008.12.09 00:53:58 | 000,050,832 | ---- | M] (UPEK Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tcusb.sys -- (TcUsb)
DRV - [2008.11.11 01:52:08 | 003,301,888 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008.10.24 14:33:00 | 000,011,520 | ---- | M] (IBM Corp.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ANC.sys -- (ANC)
DRV - [2008.10.24 14:33:00 | 000,004,224 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\IBMBLDID.sys -- (IBMTPCHK)
DRV - [2008.07.03 23:53:00 | 000,225,664 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2008.05.12 22:14:14 | 000,017,844 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TPHKDRV.sys -- (TPHKDRV)
DRV - [2008.05.12 18:04:02 | 000,013,480 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\smiif32.sys -- (lenovo.smi)
DRV - [2008.04.13 20:54:36 | 000,028,672 | ---- | M] (National Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nscirda.sys -- (NSCIRDA)
DRV - [2008.04.13 20:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008.04.13 20:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008.04.13 18:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008.03.26 03:06:00 | 000,004,608 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TSMAPIP.SYS -- (TSMAPIP)
DRV - [2007.11.27 16:40:00 | 000,539,512 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2007.11.27 16:40:00 | 000,074,688 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2007.11.21 11:51:00 | 000,879,624 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2007.11.01 16:26:36 | 000,989,696 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2007.11.01 16:25:32 | 000,211,456 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2007.11.01 16:25:22 | 000,731,520 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2007.09.07 19:06:32 | 000,007,012 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\pmemnt.sys -- (pmem)
DRV - [2007.06.29 12:38:00 | 000,156,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2007.06.21 04:43:26 | 002,208,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32) Intel(R)
DRV - [2007.03.23 10:50:00 | 000,037,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2006.11.28 23:46:24 | 000,028,224 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PDNMp50.sys -- (PDNMp50)
DRV - [2006.11.28 23:46:22 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PDNSp50.sys -- (PDNSp50)
DRV - [2006.10.02 01:55:00 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SMAPINT.SYS -- (Smapint)
DRV - [2006.10.02 01:55:00 | 000,009,343 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TDSMAPI.SYS -- (TDSMAPI)
DRV - [2006.09.27 02:36:24 | 001,709,696 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NETw3x32.sys -- (NETw3x32) Intel(R)
DRV - [2006.08.16 19:07:00 | 000,005,120 | ---- | M] (Lenovo Group Limited) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PROCDD.SYS -- (PROCDD)
DRV - [2006.07.14 17:27:22 | 000,012,544 | ---- | M] (Lenovo) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tvtfilter.sys -- (tvtfilter)
DRV - [2006.07.14 17:03:04 | 000,017,664 | ---- | M] (Lenovo Group Limited) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tvtpktfilter.sys -- (TVTPktFilter)
DRV - [2006.07.14 15:55:12 | 000,003,968 | ---- | M] (IBM Corp.) [Kernel | Auto | Running] -- C:\Programme\SMI2\smi2.sys -- (smi2)
DRV - [2006.03.13 16:05:54 | 000,058,368 | R--- | M] (Utimaco Safeware AG) [Kernel | Auto | Running] -- C:\Programme\Lenovo\SafeGuard PrivateDisk\privatediskm.sys -- (PrivateDisk)
DRV - [2006.03.01 03:30:00 | 000,089,472 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS -- (DRVMCDB)
DRV - [2006.02.02 05:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006.02.02 05:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006.02.02 05:20:00 | 000,086,652 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2006.02.02 05:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006.02.02 05:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006.02.02 05:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006.02.02 05:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2006.01.31 04:19:34 | 000,176,128 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV - [2005.12.06 04:20:48 | 000,192,512 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hsxhwazl.sys -- (HSXHWAZL)
DRV - [2005.11.18 12:02:50 | 000,005,660 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005.11.18 12:02:10 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2005.11.18 05:20:00 | 000,040,544 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (DRVNDDM)
DRV - [2005.05.17 10:20:08 | 000,015,872 | ---- | M] (Atmel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atmeltpm.sys -- (atmeltpm)
DRV - [2004.11.30 16:38:24 | 000,004,442 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TPPWRIF.SYS -- (TPPWRIF)
DRV - [2004.08.03 23:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2003.09.10 23:36:54 | 000,021,060 | ---- | M] (InterVideo, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\iviaspi.sys -- (Iviaspi)
DRV - [2001.08.18 14:22:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001.08.18 05:33:12 | 000,322,432 | ---- | M] (Matrox Graphics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\G400m.sys -- (G400)
DRV - [2001.08.18 00:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001.08.18 00:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001.08.18 00:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001.08.18 00:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001.08.18 00:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001.08.17 23:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001.08.17 23:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001.08.17 23:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001.08.17 23:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001.08.17 23:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001.08.17 23:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001.08.17 23:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001.08.17 23:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001.08.17 23:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001.08.17 14:48:14 | 000,011,520 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TwoTrack.sys -- (TwoTrack)
DRV - [2001.08.17 13:20:04 | 000,096,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ac97intc.sys -- (ac97intc) Intel(r) 82801 Audiotreiber-Installationsdienst (WDM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.live.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..extensions.enabledItems: de-DE@dictionaries.addons.mozilla.org:2.0.1
FF - prefs.js..extensions.enabledItems: {6e84150a-d526-41f1-a480-a67d3fed910d}:1.4.5.1
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: en-US@dictionaries.addons.mozilla.org:4.0.0
FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.8
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..network.proxy.http: "hxxp://1.1.1.1/http.de.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:defficial"
FF - prefs.js..network.proxy.type: 4

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.06.27 09:12:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.06.27 09:12:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2010.04.04 10:21:49 | 000,000,000 | ---D | M]

[2010.04.02 11:12:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Norman\Anwendungsdaten\Mozilla\Extensions
[2010.04.02 11:12:52 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Norman\Anwendungsdaten\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.06.27 10:11:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Norman\Anwendungsdaten\Mozilla\Firefox\Profiles\z9ur2adu.default\extensions
[2010.06.13 23:28:10 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Norman\Anwendungsdaten\Mozilla\Firefox\Profiles\z9ur2adu.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.04.24 17:02:40 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Norman\Anwendungsdaten\Mozilla\Firefox\Profiles\z9ur2adu.default\extensions\{34ea1c70-42cc-42c5-aa29-ec58b95a343e}
[2010.02.05 22:34:39 | 000,000,000 | ---D | M] (IE View) -- C:\Dokumente und Einstellungen\Norman\Anwendungsdaten\Mozilla\Firefox\Profiles\z9ur2adu.default\extensions\{6e84150a-d526-41f1-a480-a67d3fed910d}
[2010.04.11 23:11:29 | 000,000,000 | ---D | M] (LeechBlock) -- C:\Dokumente und Einstellungen\Norman\Anwendungsdaten\Mozilla\Firefox\Profiles\z9ur2adu.default\extensions\{a95d8332-e4b4-6e7f-98ac-20b733364387}
[2009.07.01 21:20:27 | 000,000,000 | ---D | M] (Web Developer) -- C:\Dokumente und Einstellungen\Norman\Anwendungsdaten\Mozilla\Firefox\Profiles\z9ur2adu.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2009.04.24 17:02:41 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Norman\Anwendungsdaten\Mozilla\Firefox\Profiles\z9ur2adu.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2010.02.15 08:32:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Norman\Anwendungsdaten\Mozilla\Firefox\Profiles\z9ur2adu.default\extensions\de-DE@dictionaries.addons.mozilla.org
[2008.07.31 20:49:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Norman\Anwendungsdaten\Mozilla\Firefox\Profiles\z9ur2adu.default\extensions\de-DE-comb@dictionaries.addons.mozilla.org
[2009.10.08 09:29:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Norman\Anwendungsdaten\Mozilla\Firefox\Profiles\z9ur2adu.default\extensions\en-US@dictionaries.addons.mozilla.org
[2009.04.24 17:01:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Norman\Anwendungsdaten\Mozilla\Firefox\Profiles\z9ur2adu.default\extensions\SQLiteManager@mrinalkant.blogspot(2).com
[2010.04.09 10:15:28 | 000,002,433 | ---- | M] () -- C:\Dokumente und Einstellungen\Norman\Anwendungsdaten\Mozilla\Firefox\Profiles\z9ur2adu.default\searchplugins\ixquickde-https.xml
[2010.06.27 12:05:37 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.06.27 10:34:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.06.27 10:34:18 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.06.26 10:03:55 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.06.26 10:03:55 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.06.26 10:03:55 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.06.26 10:03:55 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.06.26 10:03:55 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml

Alt 28.06.2010, 08:19   #22
Kiesopfer
 
TR/PSW.Zbot.133169.Y alle 11 Minuten Antivir und temp Dateien - Standard

TR/PSW.Zbot.133169.Y alle 11 Minuten Antivir und temp Dateien


Protokoll OTL Teil 2:

O1 HOSTS File: ([2010.06.27 18:01:44 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {0124123D-61B4-456f-AF86-78C53A0790C5} - No CLSID value found.
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - E:\Programme\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O2 - BHO: (CPwmIEBrowserHelper Object) - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Programme\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - {0124123D-61B4-456f-AF86-78C53A0790C5} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - E:\Programme\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] E:\Programme\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [ACWLIcon] C:\Programme\ThinkPad\ConnectUtilities\ACWLIcon.exe (Lenovo )
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] E:\Programme\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Programme\Gemeinsame Dateien\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AMSG] C:\Programme\ThinkVantage\AMSG\Amsg.exe (LENOVO)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [AwaySch] C:\Programme\Lenovo\AwayTask\AwaySch.EXE (Lenovo Group Limited)
O4 - HKLM..\Run: [BLOG] C:\Programme\ThinkPad\Utilities\BATLOGEX.DLL ()
O4 - HKLM..\Run: [cssauth] C:\Programme\Lenovo\Client Security Solution\cssauth.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [DiskeeperSystray] C:\Programme\Diskeeper Corporation\Diskeeper\DkIcon.exe (Diskeeper Corporation)
O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [EZEJMNAP] C:\Programme\ThinkPad\Utilities\EZEJMNAP.EXE (Lenovo Group Ltd.)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Programme\Gemeinsame Dateien\Installshield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [LENOVO.TPFNF6R] C:\Programme\Lenovo\HOTKEY\tpfnf6r.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [LPMailChecker] C:\Programme\ThinkVantage\PrdCtr\LPMLCHK.EXE (Lenovo Group Limited)
O4 - HKLM..\Run: [LPManager] C:\Programme\ThinkVantage\PrdCtr\LPMGR.EXE (Lenovo Group Limited)
O4 - HKLM..\Run: [PDService.exe] C:\Programme\Lenovo\SafeGuard PrivateDisk\pdservice.exe (Utimaco Safeware AG)
O4 - HKLM..\Run: [Picasa Media Detector] C:\Programme\Picasa2\PicasaMediaDetector.exe (Google Inc.)
O4 - HKLM..\Run: [PWRMGRTR] C:\Programme\ThinkPad\Utilities\PWRMGRTR.DLL (Lenovo Group Limited)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Programme\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TP4EX] C:\WINDOWS\System32\TP4EX.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [TPFNF7] C:\Programme\Lenovo\NPDIRECT\TPFNF7SP.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [TPHOTKEY] C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [TPKMAPHELPER] C:\Programme\ThinkPad\Utilities\TpKmapAp.exe (Lenovo)
O4 - HKLM..\Run: [TpShocks] C:\WINDOWS\System32\TpShocks.exe (Lenovo.)
O4 - HKLM..\Run: [TVT Scheduler Proxy] C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BTTray.lnk = C:\Programme\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\hpoddt01.exe.lnk = C:\Programme\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\officejet 6100.lnk = C:\Programme\Hewlett-Packard\Digital Imaging\bin\hposol08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\sipgate X-Lite.lnk = C:\Programme\sipgate X-Lite\sipgateXLite.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 475
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 475
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Windows Live Search - C:\Programme\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Senden an &Bluetooth-Gerät... - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Senden an Bluetooth - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Programme\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1230902201937 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O18 - Protocol\Handler\haufereader {39198710-62F7-42CD-9458-069843FA5D32} - C:\Programme\Haufe\HaufeReader\HRInstmon.dll (Haufe Mediengruppe)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ACNotify: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\AwayNotify: DllName - C:\Programme\Lenovo\AwayTask\AwayNotify.dll - C:\Programme\Lenovo\AwayTask\AwayNotify.dll (Lenovo Group Limited)
O20 - Winlogon\Notify\NavLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O20 - Winlogon\Notify\psfus: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\1400_1050 Think EMEA Map.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.01.27 04:18:40 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010.06.11 18:07:58 | 000,000,000 | ---D | M] - E:\Automobilia -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010.06.27 23:43:52 | 000,444,416 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Norman\Desktop\TFC.exe
[2010.06.27 19:33:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\rundll16.exe
[2010.06.27 19:33:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\logo1_.exe
[2010.06.27 19:29:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\VDLL.DLL
[2010.06.27 19:29:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\runouce.exe
[2010.06.27 19:29:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\RUNDL132.EXE
[2010.06.27 19:29:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\logo_1.exe
[2010.06.27 19:27:59 | 000,034,048 | ---- | C] (MicroWorld Technologies Inc.) -- C:\WINDOWS\System32\eEmpty.exe
[2010.06.27 19:27:53 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\MicroWorld
[2010.06.27 19:27:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MicroWorld
[2010.06.27 19:23:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Norman\Anwendungsdaten\Download Manager
[2010.06.27 18:39:02 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Norman\Desktop\OTL.exe
[2010.06.27 18:32:53 | 166,440,096 | ---- | C] (G Data Software AG) -- C:\Dokumente und Einstellungen\Norman\Eigene Dateien\GER_R_ESD_IS.exe
[2010.06.27 18:24:59 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010.06.27 18:10:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010.06.27 17:47:41 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010.06.27 17:47:41 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010.06.27 17:47:41 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010.06.27 17:47:41 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010.06.27 17:47:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010.06.27 17:44:13 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.06.27 17:40:29 | 000,000,000 | ---D | C] -- C:\rsit
[2010.06.27 17:28:32 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Norman\Recent
[2010.06.27 13:37:30 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010.06.27 12:12:58 | 036,598,544 | ---- | C] (PC Tools ) -- C:\Dokumente und Einstellungen\Norman\Desktop\sdsetup.exe
[2010.06.27 10:22:00 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2010.06.27 09:52:44 | 000,000,000 | ---D | C] -- C:\Programme\Trend Micro
[2010.06.27 09:51:21 | 000,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Dokumente und Einstellungen\Norman\Desktop\HJTInstall.exe
[2010.06.26 15:33:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Norman\Anwendungsdaten\Malwarebytes
[2010.06.26 15:33:08 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.06.26 15:33:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2010.06.26 15:33:05 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.06.26 15:33:05 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.06.26 14:37:19 | 001,870,056 | ---- | C] (Trend Micro Inc.) -- C:\Dokumente und Einstellungen\Norman\Desktop\HousecallLauncher.exe
[2010.06.26 14:08:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Adobe
[2010.06.26 11:25:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sun
[2010.06.26 11:01:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Macromedia
[2010.06.26 10:33:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Adobe
[2010.06.18 08:36:31 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft ActiveSync
[2010.06.17 17:04:08 | 000,100,352 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssceserd.sys
[2010.06.17 17:04:07 | 000,123,648 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscemdm.sys
[2010.06.17 17:04:07 | 000,098,560 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscebus.sys
[2010.06.17 17:04:07 | 000,014,848 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscemdfl.sys
[2010.06.17 17:04:07 | 000,012,416 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscecmnt.sys
[2010.06.17 17:04:07 | 000,012,416 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscecm.sys
[2010.06.17 17:04:07 | 000,012,288 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscewhnt.sys
[2010.06.17 17:04:07 | 000,012,288 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscewh.sys
[2010.06.17 16:32:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Norman\Eigene Dateien\SelfMV
[2010.06.17 12:23:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Norman\Lokale Einstellungen\Anwendungsdaten\PCHealth
[2010.06.14 14:34:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Norman\Eigene Dateien\Galileo Press
[2010.06.09 10:53:28 | 000,000,000 | ---D | C] -- C:\Programme\MyFree Codec
[2010.06.04 10:06:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\KB905474
[2010.05.27 23:05:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2010.05.27 23:05:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Norman\Anwendungsdaten\PC Suite
[2010.05.27 23:05:20 | 000,233,472 | ---- | C] (Teruten) -- C:\WINDOWS\System32\FsUsbExService.Exe
[2010.05.27 23:04:10 | 000,000,000 | ---D | C] -- C:\Programme\DIFX
[2010.05.27 23:04:09 | 000,018,816 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\pccsmcfd.sys
[2010.05.27 23:02:54 | 000,000,000 | ---D | C] -- C:\Programme\PC Connectivity Solution
[2010.05.27 23:02:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Norman\Anwendungsdaten\Samsung
[2010.05.27 23:02:15 | 000,000,000 | ---D | C] -- C:\Programme\Common Files
[2010.05.27 23:02:14 | 000,000,000 | ---D | C] -- C:\Programme\MarkAny
[2010.05.27 22:54:49 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Samsung
[2010.05.22 09:49:07 | 000,000,000 | ---D | C] -- C:\Programme\eBay
[2010.05.22 09:49:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\eBay
[2010.05.20 07:07:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Norman\Anwendungsdaten\Update
[2010.04.23 16:59:54 | 001,044,480 | R--- | C] (eHelp Corporation.) -- C:\WINDOWS\System32\roboex32.dll
[2010.04.23 16:59:54 | 000,049,152 | R--- | C] (Blue Sky Software Corporation.) -- C:\WINDOWS\System32\inetwh32.dll
[2010.04.05 08:11:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Norman\Anwendungsdaten\elsterformular
[2010.04.02 12:30:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Norman\Lokale Einstellungen\Anwendungsdaten\Thunderbird

========== Files - Modified Within 90 Days ==========

[2010.06.28 09:10:35 | 000,010,027 | ---- | M] () -- C:\WINDOWS\System32\PROCDB.INI
[2010.06.28 09:08:20 | 000,000,302 | ---- | M] () -- C:\WINDOWS\tasks\PMTask.job
[2010.06.28 09:07:39 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2010.06.28 09:07:21 | 000,000,248 | ---- | M] () -- C:\WINDOWS\tasks\Auf Updates für Windows Live Toolbar prüfen.job
[2010.06.28 09:07:21 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.06.28 09:07:06 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.06.28 09:07:00 | 000,045,668 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2010.06.28 09:06:54 | 3219,574,784 | -HS- | M] () -- C:\hiberfil.sys
[2010.06.28 00:06:00 | 015,466,496 | ---- | M] () -- C:\Dokumente und Einstellungen\Norman\ntuser.dat
[2010.06.28 00:05:38 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\Norman\ntuser.ini
[2010.06.27 23:43:48 | 000,444,416 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Norman\Desktop\TFC.exe
[2010.06.27 23:36:24 | 006,456,900 | -H-- | M] () -- C:\Dokumente und Einstellungen\Norman\Lokale Einstellungen\Anwendungsdaten\IconCache.db
[2010.06.27 23:21:52 | 000,293,376 | ---- | M] () -- C:\Dokumente und Einstellungen\Norman\Desktop\qbron9eb.exe
[2010.06.27 23:18:53 | 000,001,516 | ---- | M] () -- C:\Dokumente und Einstellungen\Norman\Eigene Dateien\pinfect.zip
[2010.06.27 19:30:55 | 000,000,053 | ---- | M] () -- C:\WINDOWS\Lic.xxx
[2010.06.27 19:27:58 | 000,034,048 | ---- | M] (MicroWorld Technologies Inc.) -- C:\WINDOWS\System32\eEmpty.exe
[2010.06.27 19:24:58 | 086,349,632 | ---- | M] () -- C:\Dokumente und Einstellungen\Norman\Desktop\mwav.exe
[2010.06.27 18:38:48 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Norman\Desktop\OTL.exe
[2010.06.27 18:35:09 | 166,440,096 | ---- | M] (G Data Software AG) -- C:\Dokumente und Einstellungen\Norman\Eigene Dateien\GER_R_ESD_IS.exe
[2010.06.27 18:01:51 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.06.27 18:01:44 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.06.27 17:29:48 | 000,000,206 | ---- | M] () -- C:\Dokumente und Einstellungen\Norman\Desktop\cc_20100627_172942.reg
[2010.06.27 16:01:00 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp officejet 6100 series#1190378331.job
[2010.06.27 13:56:11 | 000,027,804 | ---- | M] () -- C:\Dokumente und Einstellungen\Norman\Desktop\cc_20100627_135544.reg
[2010.06.27 12:13:18 | 036,598,544 | ---- | M] (PC Tools ) -- C:\Dokumente und Einstellungen\Norman\Desktop\sdsetup.exe
[2010.06.27 12:09:29 | 000,824,681 | ---- | M] () -- C:\Dokumente und Einstellungen\Norman\Desktop\RSIT.exe
[2010.06.27 10:22:05 | 000,000,661 | ---- | M] () -- C:\Dokumente und Einstellungen\Norman\Desktop\CCleaner.lnk
[2010.06.27 10:07:18 | 003,721,252 | R--- | M] () -- C:\Dokumente und Einstellungen\Norman\Desktop\ComboFix.exe
[2010.06.27 09:52:44 | 000,001,705 | ---- | M] () -- C:\Dokumente und Einstellungen\Norman\Desktop\HijackThis.lnk
[2010.06.27 09:51:03 | 000,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Dokumente und Einstellungen\Norman\Desktop\HJTInstall.exe
[2010.06.27 09:12:23 | 000,001,573 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk
[2010.06.27 09:06:02 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.06.27 08:39:07 | 002,672,312 | ---- | M] () -- C:\Dokumente und Einstellungen\Norman\Desktop\esetsmartinstaller_enu.exe
[2010.06.27 08:36:27 | 000,000,727 | ---- | M] () -- C:\Dokumente und Einstellungen\Norman\Desktop\Eusing Free Registry Cleaner.lnk
[2010.06.26 19:57:59 | 000,000,512 | ---- | M] () -- C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job
[2010.06.26 19:57:58 | 000,000,316 | ---- | M] () -- C:\WINDOWS\tasks\SystemToolsDailyTest.job
[2010.06.26 15:33:11 | 000,000,683 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.06.26 14:37:09 | 001,870,056 | ---- | M] (Trend Micro Inc.) -- C:\Dokumente und Einstellungen\Norman\Desktop\HousecallLauncher.exe
[2010.06.26 10:29:39 | 000,409,923 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100626-131548.backup
[2010.06.26 10:10:13 | 000,000,246 | ---- | M] () -- C:\WINDOWS\WININIT.INI
[2010.06.24 20:36:35 | 010,560,512 | ---- | M] () -- C:\Dokumente und Einstellungen\Norman\Eigene Dateien\Börge-Hendrik Spröde.QBW
[2010.06.24 20:31:43 | 000,000,494 | ---- | M] () -- C:\hpfr5550.xml
[2010.06.24 20:28:21 | 000,018,240 | ---- | M] () -- C:\Dokumente und Einstellungen\Norman\Desktop\Rechnung-HEBUX-338.pdf
[2010.06.23 20:09:56 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010.06.23 19:07:21 | 000,027,136 | ---- | M] () -- C:\Dokumente und Einstellungen\Norman\Desktop\Ute Lepin-HEK.doc
[2010.06.23 18:56:34 | 000,026,624 | ---- | M] () -- C:\Dokumente und Einstellungen\Norman\Desktop\Ute Lepin23.doc
[2010.06.23 15:09:25 | 000,018,341 | ---- | M] () -- C:\Dokumente und Einstellungen\Norman\Desktop\Rechnung-HEBUX-337.pdf
[2010.06.23 08:59:50 | 000,002,006 | ---- | M] () -- C:\aqua_bitmap.cpp
[2010.06.23 08:19:00 | 001,179,070 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.06.23 08:19:00 | 000,521,298 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010.06.23 08:19:00 | 000,491,870 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.06.23 08:19:00 | 000,105,016 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010.06.23 08:19:00 | 000,089,666 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.06.22 21:19:00 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010.06.22 14:31:53 | 000,072,314 | ---- | M] () -- C:\Dokumente und Einstellungen\Norman\Desktop\Navi-z205.jpg
[2010.06.18 09:26:33 | 007,844,864 | ---- | M] () -- C:\Dokumente und Einstellungen\Norman\Desktop\setup.msi
[2010.06.17 15:51:36 | 000,018,287 | ---- | M] () -- C:\Dokumente und Einstellungen\Norman\Desktop\Rechnung-HEBUX-336.pdf
[2010.06.17 10:19:45 | 000,247,792 | ---- | M] () -- C:\Dokumente und Einstellungen\Norman\Desktop\Telefonbuch001.SPB
[2010.06.16 20:46:57 | 000,018,502 | ---- | M] () -- C:\Dokumente und Einstellungen\Norman\Desktop\Rechnung-HEBUX-335.pdf
[2010.06.12 00:28:06 | 000,070,995 | ---- | M] () -- C:\Dokumente und Einstellungen\Norman\Desktop\1000-teile.jpg
[2010.06.10 19:34:49 | 004,376,744 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.06.09 11:27:44 | 000,015,872 | ---- | M] () -- C:\Dokumente und Einstellungen\Norman\Desktop\abrechnung.xlr
[2010.06.09 11:26:50 | 000,233,472 | ---- | M] (Teruten) -- C:\WINDOWS\System32\FsUsbExService.Exe
[2010.06.09 11:26:50 | 000,036,608 | ---- | M] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2010.05.30 00:27:08 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010.05.28 12:07:28 | 000,001,714 | ---- | M] () -- C:\Dokumente und Einstellungen\Norman\Desktop\Home.LNK
[2010.05.28 07:08:28 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010.05.27 23:03:40 | 000,002,528 | ---- | M] () -- C:\Dokumente und Einstellungen\Norman\Anwendungsdaten\$_hpcst$.hpc
[2010.05.19 18:34:20 | 000,033,570 | ---- | M] () -- C:\Dokumente und Einstellungen\Norman\Desktop\Transfers PB.pdf
[2010.05.18 23:27:58 | 000,017,220 | ---- | M] () -- C:\Dokumente und Einstellungen\Norman\Desktop\Bestellung-Samsung-Wave.pdf
[2010.05.14 10:42:43 | 000,001,458 | ---- | M] () -- C:\Dokumente und Einstellungen\Norman\Desktop\IBP starten.lnk
[2010.05.07 16:53:51 | 000,148,830 | ---- | M] () -- C:\Dokumente und Einstellungen\Norman\Desktop\Business-Viano.pdf
[2010.05.02 16:42:55 | 000,033,792 | ---- | M] () -- C:\Dokumente und Einstellungen\Norman\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.05.01 08:51:28 | 000,110,592 | ---- | M] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.04.29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.04.27 04:25:20 | 000,123,648 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscemdm.sys
[2010.04.27 04:25:20 | 000,100,352 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssceserd.sys
[2010.04.27 04:25:20 | 000,098,560 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscebus.sys
[2010.04.27 04:25:20 | 000,014,848 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscemdfl.sys
[2010.04.27 04:25:20 | 000,012,416 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscecmnt.sys
[2010.04.27 04:25:20 | 000,012,416 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscecm.sys
[2010.04.27 04:25:20 | 000,012,288 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscewhnt.sys
[2010.04.27 04:25:20 | 000,012,288 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscewh.sys
[2010.04.26 15:58:12 | 000,256,512 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2010.04.24 11:36:18 | 029,312,544 | ---- | M] () -- C:\Dokumente und Einstellungen\Norman\Desktop\contract - invoice-1.psd
[2010.04.24 11:35:30 | 000,142,765 | ---- | M] () -- C:\Dokumente und Einstellungen\Norman\Desktop\contract - in....pdf
[2010.04.23 16:59:54 | 001,044,480 | R--- | M] (eHelp Corporation.) -- C:\WINDOWS\System32\roboex32.dll
[2010.04.23 16:59:54 | 000,049,152 | R--- | M] (Blue Sky Software Corporation.) -- C:\WINDOWS\System32\inetwh32.dll
[2010.04.23 14:02:20 | 000,067,193 | ---- | M] () -- C:\Dokumente und Einstellungen\Norman\Desktop\Nachweis-Zustellung.pdf
[2010.04.20 21:44:43 | 000,361,459 | ---- | M] () -- C:\Dokumente und Einstellungen\Norman\Desktop\HEBUX-Bestätigung.pdf
[2010.04.16 10:37:16 | 000,020,732 | ---- | M] () -- C:\Dokumente und Einstellungen\Norman\Desktop\Alfa-Romeo.pdf
[2010.04.05 08:10:53 | 000,000,711 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ElsterFormular.lnk
[2010.04.02 12:21:39 | 000,001,639 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Thunderbird.lnk
[2010.03.31 15:28:25 | 000,001,595 | ---- | M] () -- C:\Dokumente und Einstellungen\Norman\Desktop\Link Popularity Check.lnk

========== Files Created - No Company Name ==========

[2010.06.27 23:22:01 | 000,293,376 | ---- | C] () -- C:\Dokumente und Einstellungen\Norman\Desktop\qbron9eb.exe
[2010.06.27 23:18:53 | 000,001,516 | ---- | C] () -- C:\Dokumente und Einstellungen\Norman\Eigene Dateien\pinfect.zip
[2010.06.27 19:28:25 | 000,000,053 | ---- | C] () -- C:\WINDOWS\Lic.xxx
[2010.06.27 19:27:59 | 000,000,522 | ---- | C] () -- C:\WINDOWS\System32\Microsoft.VC80.CRT.manifest
[2010.06.27 19:23:33 | 086,349,632 | ---- | C] () -- C:\Dokumente und Einstellungen\Norman\Desktop\mwav.exe
[2010.06.27 18:16:54 | 3219,574,784 | -HS- | C] () -- C:\hiberfil.sys
[2010.06.27 17:47:41 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010.06.27 17:47:41 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010.06.27 17:47:41 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010.06.27 17:47:41 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010.06.27 17:47:41 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010.06.27 17:29:45 | 000,000,206 | ---- | C] () -- C:\Dokumente und Einstellungen\Norman\Desktop\cc_20100627_172942.reg
[2010.06.27 13:55:57 | 000,027,804 | ---- | C] () -- C:\Dokumente und Einstellungen\Norman\Desktop\cc_20100627_135544.reg
[2010.06.27 12:09:43 | 000,824,681 | ---- | C] () -- C:\Dokumente und Einstellungen\Norman\Desktop\RSIT.exe
[2010.06.27 10:22:05 | 000,000,661 | ---- | C] () -- C:\Dokumente und Einstellungen\Norman\Desktop\CCleaner.lnk
[2010.06.27 10:07:17 | 003,721,252 | R--- | C] () -- C:\Dokumente und Einstellungen\Norman\Desktop\ComboFix.exe
[2010.06.27 09:52:44 | 000,001,705 | ---- | C] () -- C:\Dokumente und Einstellungen\Norman\Desktop\HijackThis.lnk
[2010.06.27 08:39:14 | 002,672,312 | ---- | C] () -- C:\Dokumente und Einstellungen\Norman\Desktop\esetsmartinstaller_enu.exe
[2010.06.27 08:36:27 | 000,000,727 | ---- | C] () -- C:\Dokumente und Einstellungen\Norman\Desktop\Eusing Free Registry Cleaner.lnk
[2010.06.26 19:57:59 | 000,000,512 | ---- | C] () -- C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job
[2010.06.26 19:57:57 | 000,000,316 | ---- | C] () -- C:\WINDOWS\tasks\SystemToolsDailyTest.job
[2010.06.26 15:33:11 | 000,000,683 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.06.24 20:28:21 | 000,018,240 | ---- | C] () -- C:\Dokumente und Einstellungen\Norman\Desktop\Rechnung-HEBUX-338.pdf
[2010.06.23 19:01:08 | 000,027,136 | ---- | C] () -- C:\Dokumente und Einstellungen\Norman\Desktop\Ute Lepin-HEK.doc
[2010.06.23 18:56:33 | 000,026,624 | ---- | C] () -- C:\Dokumente und Einstellungen\Norman\Desktop\Ute Lepin23.doc
[2010.06.23 15:09:25 | 000,018,341 | ---- | C] () -- C:\Dokumente und Einstellungen\Norman\Desktop\Rechnung-HEBUX-337.pdf
[2010.06.23 08:49:26 | 010,529,280 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2010.06.23 08:35:28 | 000,000,074 | ---- | C] () -- C:\Dokumente und Einstellungen\Norman\log.log
[2010.06.22 14:31:52 | 000,072,314 | ---- | C] () -- C:\Dokumente und Einstellungen\Norman\Desktop\Navi-z205.jpg
[2010.06.18 09:50:55 | 000,247,792 | ---- | C] () -- C:\Dokumente und Einstellungen\Norman\Desktop\Telefonbuch001.SPB
[2010.06.18 09:26:33 | 007,844,864 | ---- | C] () -- C:\Dokumente und Einstellungen\Norman\Desktop\setup.msi
[2010.06.17 15:51:36 | 000,018,287 | ---- | C] () -- C:\Dokumente und Einstellungen\Norman\Desktop\Rechnung-HEBUX-336.pdf
[2010.06.16 20:46:57 | 000,018,502 | ---- | C] () -- C:\Dokumente und Einstellungen\Norman\Desktop\Rechnung-HEBUX-335.pdf
[2010.06.12 00:28:06 | 000,070,995 | ---- | C] () -- C:\Dokumente und Einstellungen\Norman\Desktop\1000-teile.jpg
[2010.06.04 10:06:30 | 000,000,260 | ---- | C] () -- C:\WINDOWS\tasks\WGASetup.job
[2010.05.28 12:07:28 | 000,001,714 | ---- | C] () -- C:\Dokumente und Einstellungen\Norman\Desktop\Home.LNK
[2010.05.27 23:05:20 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2010.05.27 23:05:20 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2010.05.27 23:03:40 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\Norman\Anwendungsdaten\$_hpcst$.hpc
[2010.05.27 22:53:27 | 000,002,006 | ---- | C] () -- C:\aqua_bitmap.cpp
[2010.05.19 18:34:20 | 000,033,570 | ---- | C] () -- C:\Dokumente und Einstellungen\Norman\Desktop\Transfers PB.pdf
[2010.05.18 23:27:58 | 000,017,220 | ---- | C] () -- C:\Dokumente und Einstellungen\Norman\Desktop\Bestellung-Samsung-Wave.pdf
[2010.05.14 10:42:43 | 000,001,458 | ---- | C] () -- C:\Dokumente und Einstellungen\Norman\Desktop\IBP starten.lnk
[2010.05.07 16:53:51 | 000,148,830 | ---- | C] () -- C:\Dokumente und Einstellungen\Norman\Desktop\Business-Viano.pdf
[2010.04.24 11:35:30 | 000,142,765 | ---- | C] () -- C:\Dokumente und Einstellungen\Norman\Desktop\contract - in....pdf
[2010.04.23 14:02:20 | 000,067,193 | ---- | C] () -- C:\Dokumente und Einstellungen\Norman\Desktop\Nachweis-Zustellung.pdf
[2010.04.23 11:12:11 | 029,312,544 | ---- | C] () -- C:\Dokumente und Einstellungen\Norman\Desktop\contract - invoice-1.psd
[2010.04.20 21:44:43 | 000,361,459 | ---- | C] () -- C:\Dokumente und Einstellungen\Norman\Desktop\HEBUX-Bestätigung.pdf
[2010.04.16 10:37:16 | 000,020,732 | ---- | C] () -- C:\Dokumente und Einstellungen\Norman\Desktop\Alfa-Romeo.pdf
[2010.04.05 08:10:53 | 000,000,711 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ElsterFormular.lnk
[2009.10.06 09:16:00 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009.01.03 17:58:29 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2009.01.03 17:58:29 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
[2009.01.03 17:58:29 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
[2009.01.03 17:58:29 | 000,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2009.01.03 17:58:29 | 000,000,073 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll
[2009.01.03 17:58:29 | 000,000,021 | ---- | C] () -- C:\WINDOWS\SurCode.INI
[2008.07.04 10:02:26 | 000,000,109 | ---- | C] () -- C:\WINDOWS\Backup.INI
[2008.02.09 20:16:29 | 000,000,246 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2008.02.04 21:30:57 | 000,000,111 | ---- | C] () -- C:\WINDOWS\telephon.ini
[2008.01.23 14:57:20 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2008.01.23 14:57:20 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2008.01.23 14:57:19 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2007.11.26 16:56:04 | 002,842,624 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2007.11.26 16:43:48 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2007.11.15 21:31:34 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\LXPrnUtil10.dll
[2007.11.15 21:27:40 | 000,303,104 | ---- | C] () -- C:\WINDOWS\System32\dnt27VC8.dll
[2007.11.15 21:25:28 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\dntvmc27VC8.dll
[2007.11.15 21:25:12 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dntvm27VC8.dll
[2007.10.07 13:21:17 | 000,003,325 | ---- | C] () -- C:\WINDOWS\tm.ini
[2007.10.01 00:07:57 | 000,000,076 | ---- | C] () -- C:\WINDOWS\my.ini
[2007.09.30 09:47:10 | 000,024,222 | ---- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2007.09.30 09:47:10 | 000,001,137 | ---- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2007.09.30 09:46:41 | 000,061,950 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2007.09.30 09:46:41 | 000,016,173 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini
[2007.09.30 09:46:40 | 000,017,590 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2007.09.08 00:42:44 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\PXTToolVC7.dll
[2007.09.08 00:33:00 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007.09.08 00:08:57 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2007.09.07 19:13:57 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007.09.07 19:05:58 | 000,004,224 | ---- | C] () -- C:\WINDOWS\System32\drivers\IBMBLDID.sys
[2007.09.07 18:55:42 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2007.09.07 18:55:42 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2007.09.07 18:55:42 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2007.09.07 18:55:42 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2007.09.07 18:55:42 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2007.09.07 18:55:42 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2007.09.07 18:47:30 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\FPCALL.dll
[2007.09.07 18:46:20 | 000,004,608 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSMAPIP.SYS
[2007.09.07 18:44:31 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll
[2007.09.07 18:44:13 | 000,004,442 | ---- | C] () -- C:\WINDOWS\System32\drivers\TPPWRIF.SYS
[2007.09.07 18:43:56 | 000,009,343 | ---- | C] () -- C:\WINDOWS\System32\drivers\TDSMAPI.SYS
[2006.09.21 14:53:28 | 000,282,679 | ---- | C] () -- C:\WINDOWS\System32\dnt27.dll
[2006.09.21 14:52:24 | 000,077,882 | ---- | C] () -- C:\WINDOWS\System32\dntvmc27.dll
[2006.09.21 14:52:14 | 000,077,881 | ---- | C] () -- C:\WINDOWS\System32\dntvm27.dll
[2006.08.17 10:00:13 | 000,010,027 | ---- | C] () -- C:\WINDOWS\System32\PROCDB.INI
[2006.08.17 10:00:09 | 000,000,487 | ---- | C] () -- C:\WINDOWS\System32\IPSCtrl.INI
[2006.08.03 03:27:52 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\notifyf2.dll
[2006.06.14 18:26:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006.06.12 12:27:00 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\DEVMAN.DLL
[2006.01.27 19:18:01 | 000,000,849 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006.01.27 19:05:14 | 000,002,963 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005.11.09 12:13:48 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\dnt27VC7.dll
[2005.11.09 12:11:46 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dntvmc27VC7.dll
[2005.11.09 12:11:30 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\dntvm27VC7.dll
[2005.05.04 14:00:06 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\MMedia10VC7.dll
[2005.02.17 12:41:32 | 000,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005.02.17 12:41:30 | 000,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2003.03.09 22:31:04 | 000,561,152 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll
[2001.12.12 12:41:36 | 000,041,472 | ---- | C] () -- C:\WINDOWS\System32\W32btstp.dll
[2001.12.12 12:41:36 | 000,025,088 | ---- | C] () -- C:\WINDOWS\System32\W32btxlt.dll
[2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[2000.12.04 20:27:06 | 000,110,080 | ---- | C] () -- C:\WINDOWS\System32\W32MKRC.DLL
[1999.05.14 15:05:22 | 000,015,627 | ---- | C] () -- C:\WINDOWS\System32\WBROLLRS.DLL
[1996.12.14 00:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1996.12.14 00:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL

========== LOP Check ==========

[2008.07.31 20:48:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Backup
[2008.01.24 12:54:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BTrieve
[2008.06.02 13:57:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\eDocPrintPro
[2010.01.20 18:58:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ElsterFormular
[2009.05.19 22:33:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\G DATA
[2008.07.31 21:45:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Lenovo
[2008.07.31 20:48:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Lexware
[2010.06.27 19:27:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MicroWorld
[2009.01.03 17:58:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Minnetonka Audio Software
[2010.05.27 23:05:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2010.06.26 19:45:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PCDr
[2008.07.31 20:48:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SecTaskMan
[2008.07.31 20:48:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\sentinel
[2010.06.27 13:46:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2009.10.17 09:00:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\UIB
[2010.04.14 08:15:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Norman\Anwendungsdaten\becker
[2008.07.31 20:49:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Norman\Anwendungsdaten\DataDesign
[2008.07.31 20:49:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Norman\Anwendungsdaten\digital publishing
[2008.06.02 13:57:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Norman\Anwendungsdaten\eDocPrintPro
[2010.04.05 08:11:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Norman\Anwendungsdaten\elsterformular
[2010.06.26 15:03:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Norman\Anwendungsdaten\IBP
[2008.07.31 20:49:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Norman\Anwendungsdaten\InterVideo
[2008.07.31 21:45:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Norman\Anwendungsdaten\Lenovo
[2008.07.31 20:49:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Norman\Anwendungsdaten\Lexware
[2010.06.17 09:34:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Norman\Anwendungsdaten\LPC
[2007.09.08 16:13:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Norman\Anwendungsdaten\Opera
[2009.12.02 23:30:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Norman\Anwendungsdaten\Passware
[2010.05.27 23:05:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Norman\Anwendungsdaten\PC Suite
[2010.06.18 10:17:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Norman\Anwendungsdaten\Samsung
[2008.07.31 20:49:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Norman\Anwendungsdaten\ThinkVantage
[2010.04.02 11:12:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Norman\Anwendungsdaten\Thunderbird
[2010.06.13 14:03:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Norman\Anwendungsdaten\Update
[2010.06.28 09:07:21 | 000,000,248 | ---- | M] () -- C:\WINDOWS\Tasks\Auf Updates für Windows Live Toolbar prüfen.job
[2010.06.27 16:01:00 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp officejet 6100 series#1190378331.job
[2010.06.26 19:57:59 | 000,000,512 | ---- | M] () -- C:\WINDOWS\Tasks\PCDoctorBackgroundMonitorTask.job
[2010.06.28 09:08:20 | 000,000,302 | ---- | M] () -- C:\WINDOWS\Tasks\PMTask.job
[2010.06.26 19:57:58 | 000,000,316 | ---- | M] () -- C:\WINDOWS\Tasks\SystemToolsDailyTest.job
[2010.06.28 09:07:39 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 122 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:A8ADE5D8
@Alternate Data Stream - 121 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMPFC5A2B2
< End of report >

Alt 28.06.2010, 08:27   #23
Kiesopfer
 
TR/PSW.Zbot.133169.Y alle 11 Minuten Antivir und temp Dateien - Standard

TR/PSW.Zbot.133169.Y alle 11 Minuten Antivir und temp Dateien


Protokoll GMER Teil I:

GMER 1.0.15.15281 - hxxp://www.gmer.net
Rootkit scan 2010-06-28 00:22:39
Windows 5.1.2600 Service Pack 3
Running: qbron9eb.exe; Driver: C:\DOKUME~1\Norman\LOKALE~1\Temp\ugtdipow.sys


---- System - GMER 1.0.15 ----

SSDT BA7B6B0E ZwCreateKey
SSDT BA7B6B04 ZwCreateThread
SSDT BA7B6B13 ZwDeleteKey
SSDT BA7B6B1D ZwDeleteValueKey
SSDT BA7B6B22 ZwLoadKey
SSDT BA7B6AF0 ZwOpenProcess
SSDT BA7B6AF5 ZwOpenThread
SSDT BA7B6B2C ZwReplaceKey
SSDT BA7B6B27 ZwRestoreKey
SSDT BA7B6B18 ZwSetValueKey
SSDT BA7B6AFF ZwTerminateProcess
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwAcceptConnectPort [0x805A45F6]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwAccessCheck [0x805F0AD8]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwAccessCheckAndAuditAlarm [0x805F430E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwAccessCheckByType [0x805F0B0A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwAccessCheckByTypeAndAuditAlarm [0x805F4348]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwAccessCheckByTypeResultList [0x805F0B40]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwAccessCheckByTypeResultListAndAuditAlarm [0x805F438C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwAccessCheckByTypeResultListAndAuditAlarmByHandle [0x805F43D0]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwAddAtom [0x806153D4]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwAddBootEntry [0x80616108]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwAdjustGroupsToken [0x805EBEBE]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwAdjustPrivilegesToken [0x805EBB16]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwAlertResumeThread [0x805D4B1E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwAlertThread [0x805D4ACE]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwAllocateLocallyUniqueId [0x806159FA]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwAllocateUserPhysicalPages [0x805B5F62]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwAllocateUuids [0x80615016]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwAllocateVirtualMemory [0x805A8A80]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwAreMappedFilesTheSame [0x805B0576]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwAssignProcessToJobObject [0x805D65E2]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwCallbackReturn [0x8050189C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwCancelDeviceWakeupRequest [0x805C861C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwCancelIoFile [0x80576AE6]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwCancelTimer [0x80538BEE]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwClearEvent [0x8060E5E4]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwClose [0x805BC4DC]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwCloseObjectAuditAlarm [0x805F4848]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwCompactKeys [0x80623398]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwCompareTokens [0x805F8D5C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwCompleteConnectPort [0x805A4CE4]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwCompressKey [0x806235EC]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwConnectPort [0x805A4596]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwContinue [0x80544EA4]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwCreateDebugObject [0x80642132]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwCreateDirectoryObject [0x805BE48C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwCreateEvent [0x8060E634]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwCreateEventPair [0x8061697E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwCreateFile [0x80579084]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwCreateIoCompletion [0x80578A62]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwCreateJobObject [0x805D55A6]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwCreateJobSet [0x805D52DE]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwCreateMailslotFile [0x80579192]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwCreateMutant [0x80616D76]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwCreateNamedPipeFile [0x805790BE]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwCreatePagingFile [0x805AB9B4]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwCreatePort [0x805A50B2]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwCreateProcess [0x805D11EA]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwCreateProcessEx [0x805D1134]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwCreateProfile [0x80617196]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwCreateSection [0x805AB38E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwCreateSemaphore [0x80614734]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwCreateSymbolicLinkObject [0x805C39A6]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwCreateTimer [0x80616646]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwCreateToken [0x805F9104]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwCreateWaitablePort [0x805A50D6]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwDebugActiveProcess [0x8064320E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwDebugContinue [0x8064335E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwDelayExecution [0x80616058]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwDeleteAtom [0x8061588A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwDeleteFile [0x80576C2C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwDeleteObjectAuditAlarm [0x805F4954]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwDeviceIoControlFile [0x8057924A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwDisplayString [0x806126B2]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwDuplicateObject [0x805BDFB4]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwDuplicateToken [0x805ECD6C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwEnumerateKey [0x80624014]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwEnumerateSystemEnvironmentValuesEx [0x806160FA]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwEnumerateValueKey [0x8062427E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwExtendSection [0x805B3C82]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwFilterToken [0x805ECF18]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwFindAtom [0x8061563E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwFlushBuffersFile [0x80576CF8]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwFlushInstructionCache [0x805B67F6]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwFlushKey [0x806244E8]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwFlushVirtualMemory [0x805AC6C8]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwFlushWriteBuffer [0x805B6798]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwFreeUserPhysicalPages [0x805B6304]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwFreeVirtualMemory [0x805B2F5E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwFsControlFile [0x8057927E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwGetContextThread [0x805D14E4]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwGetDevicePowerState [0x805C863E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwGetPlugPlayEvent [0x80599116]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwGetWriteWatch [0x80521196]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwImpersonateAnonymousToken [0x805F8A50]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwImpersonateClientOfPort [0x805A5140]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwImpersonateThread [0x805D77A2]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwInitializeRegistry [0x8062190A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwInitiatePowerAction [0x805C8416]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwIsProcessInJob [0x805D51A2]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwIsSystemResumeAutomatic [0x805C862A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwListenPort [0x805A534C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwLoadDriver [0x8058413A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwLoadKey2 [0x806255F8]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwLockFile [0x805792B2]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwLockProductActivationKeys [0x80612CA4]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwLockRegistryKey [0x80623698]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwLockVirtualMemory [0x805B68FE]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwMakePermanentObject [0x805BE282]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwMakeTemporaryObject [0x805BC580]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwMapUserPhysicalPages [0x805B53C2]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwMapUserPhysicalPagesScatter [0x805B5912]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwMapViewOfSection [0x805B1FE6]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwNotifyChangeDirectoryFile [0x80579ECA]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwNotifyChangeKey [0x806259B6]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwNotifyChangeMultipleKeys [0x806245EA]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwOpenDirectoryObject [0x805BE55E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwOpenEvent [0x8060E734]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwOpenEventPair [0x80616A56]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwOpenFile [0x8057A182]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwOpenIoCompletion [0x80578B3A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwOpenJobObject [0x805D572C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwOpenKey [0x80624BA6]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwOpenMutant [0x80616E4E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwOpenObjectAuditAlarm [0x805F4416]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwOpenProcessToken [0x805ED706]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwOpenProcessTokenEx [0x805ED36A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwOpenSection [0x805AA3B2]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwOpenSemaphore [0x8061482E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwOpenSymbolicLinkObject [0x805C3B8C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwOpenThreadToken [0x805ED724]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwOpenThreadTokenEx [0x805ED4DA]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwOpenTimer [0x80616768]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwPlugPlayControl [0x80645400]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwPowerInformation [0x805C94AC]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwPrivilegeCheck [0x805F7B02]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwPrivilegeObjectAuditAlarm [0x805F3728]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwPrivilegedServiceAuditAlarm [0x805F3914]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwProtectVirtualMemory [0x805B83CA]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwPulseEvent [0x8060E7EC]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwQueryAttributesFile [0x80576ED6]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwQueryDebugFilterState [0x8053FBD6]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwQueryDefaultLocale [0x806103DE]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwQueryDefaultUILanguage [0x8061103E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwQueryDirectoryFile [0x80579E64]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwQueryDirectoryObject [0x805BE5FE]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwQueryEaFile [0x8057A1B2]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwQueryEvent [0x8060E8B4]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwQueryFullAttributesFile [0x8057702A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwQueryInformationAtom [0x806158B2]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwQueryInformationFile [0x8057AA1E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwQueryInformationJobObject [0x805D5BFE]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwQueryInformationPort [0x805A53AA]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwQueryInformationProcess [0x805CCF4E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwQueryInformationThread [0x805CBB7C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwQueryInformationToken [0x805ED804]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwQueryInstallUILanguage [0x806107DC]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwQueryIntervalProfile [0x80617618]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwQueryIoCompletion [0x80578BE2]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwQueryKey [0x80624EE8]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwQueryMultipleValueKey [0x80622916]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwQueryMutant [0x80616EF6]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwQueryObject [0x805C5278]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwQueryOpenSubKeys [0x80622FC2]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwQueryPerformanceCounter [0x806176A6]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwQueryQuotaInformationFile [0x8057B800]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwQuerySection [0x805B858C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwQuerySecurityObject [0x805C0046]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwQuerySemaphore [0x806148E6]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwQuerySymbolicLinkObject [0x805C3C2C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwQuerySystemEnvironmentValue [0x80616124]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwQuerySystemEnvironmentValueEx [0x806160EC]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwQuerySystemInformation [0x806110BE]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwQuerySystemTime [0x8061287E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwQueryTimer [0x80616820]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwQueryTimerResolution [0x80612910]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwQueryValueKey [0x806219EC]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwQueryVirtualMemory [0x805B8C1A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwQueryVolumeInformationFile [0x8057BCEA]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwQueueApcThread [0x805D1230]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwRaiseException [0x80544EEC]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwRaiseHardError [0x80614558]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwReadFile [0x8057C48A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwReadFileScatter [0x8057C9F4]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwReadRequestData [0x805A5E32]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwReadVirtualMemory [0x805B426E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwRegisterThreadTerminatePort [0x805D2738]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwReleaseMutant [0x8061702E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwReleaseSemaphore [0x80614A16]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwRemoveIoCompletion [0x80578EDA]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwRemoveProcessDebug [0x806432DE]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwRenameKey [0x806231EA]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwReplyPort [0x805A54B2]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwReplyWaitReceivePort [0x805A647A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwReplyWaitReceivePortEx [0x805A5E82]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwReplyWaitReplyPort [0x805A579C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwRequestDeviceWakeup [0x805C85AE]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwRequestPort [0x805A2A10]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwRequestWaitReplyPort [0x805A2D3C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwRequestWakeupLatency [0x805C83BC]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwResetEvent [0x8060E9C6]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwResetWriteWatch [0x8052167E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwResumeProcess [0x805D4A78]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwResumeThread [0x805D495A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwSaveKey [0x806252A4]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwSaveKeyEx [0x8062538A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwSaveMergedKeys [0x806254B2]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwSecureConnectPort [0x805A3D2A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwSetContextThread [0x805D16F4]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwSetDebugFilterState [0x80645F96]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwSetDefaultHardErrorPort [0x80614402]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwSetDefaultLocale [0x8061052E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwSetDefaultUILanguage [0x80610DA0]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwSetEaFile [0x8057A6C6]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwSetEvent [0x8060EA86]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwSetEventBoostPriority [0x8060EB50]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwSetHighEventPair [0x80616D12]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwSetHighWaitLowEventPair [0x80616C42]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwSetInformationDebugObject [0x80642CA8]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwSetInformationFile [0x8057B010]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwSetInformationJobObject [0x805D690C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwSetInformationKey [0x806224E2]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwSetInformationObject [0x805C47EE]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwSetInformationProcess [0x805CDE44]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwSetInformationThread [0x805CC0C8]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwSetInformationToken [0x805F9E7E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwSetIntervalProfile [0x8061717A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwSetIoCompletion [0x80578E78]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwSetLdtEntries [0x805D38A4]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwSetLowEventPair [0x80616CAE]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwSetLowWaitHighEventPair [0x80616BD6]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwSetQuotaInformationFile [0x8057B7DE]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwSetSecurityObject [0x805C05DA]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwSetSystemEnvironmentValue [0x806163A8]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwSetSystemInformation [0x8060F3EC]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwSetSystemPowerState [0x80652E18]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwSetSystemTime [0x80613B86]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwSetThreadExecutionState [0x805C82D0]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwSetTimer [0x80538D7E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwSetTimerResolution [0x80613058]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwSetUuidSeed [0x80614ECC]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwSetVolumeInformationFile [0x8057C0F4]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwShutdownSystem [0x80612676]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwSignalAndWaitForSingleObject [0x80526774]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwStartProfile [0x806173C4]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwStopProfile [0x8061756E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwSuspendProcess [0x805D4A22]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwSuspendThread [0x805D4894]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwSystemDebugControl [0x80617792]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwTerminateJobObject [0x805D74A0]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwTerminateThread [0x805D2B7C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwTestAlert [0x805D4BE2]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwTraceEvent [0x80535114]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwTranslateFilePath [0x80616116]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwUnloadDriver [0x805842CE]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwUnloadKey [0x80622064]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwUnloadKeyEx [0x80622286]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwUnlockFile [0x80579656]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwUnlockVirtualMemory [0x805B6E8C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwUnmapViewOfSection [0x805B2DF4]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwVdmControl [0x805FB236]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwWaitForDebugEvent [0x80642A10]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwWaitForMultipleObjects [0x805C0790]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwWaitForSingleObject [0x805C06A6]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwWaitHighEventPair [0x80616B72]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwWaitLowEventPair [0x80616B0E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwWriteFile [0x8057CEF2]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwWriteFileGather [0x8057D4D6]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwWriteRequestData [0x805A5E5A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwWriteVirtualMemory [0x805B4378]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwYieldExecution [0x80504AF4]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwCreateKeyedEvent [0x80617BEA]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwOpenKeyedEvent [0x80617CD4]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwReleaseKeyedEvent [0x80617D86]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) ZwWaitForKeyedEvent [0x80617FE2]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)

Alt 28.06.2010, 08:28   #24
Kiesopfer
 
TR/PSW.Zbot.133169.Y alle 11 Minuten Antivir und temp Dateien - Standard

TR/PSW.Zbot.133169.Y alle 11 Minuten Antivir und temp Dateien


Protokoll GMER Teil II:

INT 0x00 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 805421C0
INT 0x01 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 8054233C
INT 0x03 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80542750
INT 0x04 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 805428D0
INT 0x05 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80542A30
INT 0x06 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80542BA4
INT 0x07 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 8054321C
INT 0x09 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80543620
INT 0x0A \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80543740
INT 0x0B \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80543880
INT 0x0C \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80543AE0
INT 0x0D \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80543DCC
INT 0x0E \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 805444E0
INT 0x0F \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80544818
INT 0x10 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80544938
INT 0x11 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80544A74
INT 0x12 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80544818
INT 0x13 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80544BDC
INT 0x14 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80544818
INT 0x15 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80544818
INT 0x16 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80544818
INT 0x17 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80544818
INT 0x18 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80544818
INT 0x19 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80544818
INT 0x1A \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80544818
INT 0x1B \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80544818
INT 0x1C \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80544818
INT 0x1D \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80544818
INT 0x1E \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80544818
INT 0x1F \WINDOWS\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 806E710C
INT 0x2A \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 805419EE
INT 0x2B \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80541AF0
INT 0x2C \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80541CA0
INT 0x2D \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 8054262C
INT 0x2E \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80541471
INT 0x2F \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80544818
INT 0x30 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540B30
INT 0x31 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540B3A
INT 0x32 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540B44
INT 0x33 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540B4E
INT 0x34 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540B58
INT 0x35 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540B62
INT 0x36 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540B6C
INT 0x37 \WINDOWS\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 806E6864
INT 0x38 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540B80
INT 0x39 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540B8A
INT 0x3A \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540B94
INT 0x3B \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540B9E
INT 0x3C \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540BA8
INT 0x3D \WINDOWS\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 806E7E2C
INT 0x3E \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540BBC
INT 0x3F \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540BC6
INT 0x40 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540BD0
INT 0x41 \WINDOWS\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 806E7C88
INT 0x42 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540BE4
INT 0x43 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540BEE
INT 0x44 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540BF8
INT 0x45 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540C02
INT 0x46 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540C0C
INT 0x47 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540C16
INT 0x48 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540C20
INT 0x49 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540C2A
INT 0x4A \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540C34
INT 0x4B \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540C3E
INT 0x4C \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540C48
INT 0x4D \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540C52
INT 0x4E \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540C5C
INT 0x4F \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540C66
INT 0x50 \WINDOWS\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 806E693C
INT 0x51 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540C7A
INT 0x52 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540C84
INT 0x53 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540C8E
INT 0x54 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540C98
INT 0x55 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540CA2
INT 0x56 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540CAC
INT 0x57 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540CB6
INT 0x58 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540CC0
INT 0x59 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540CCA
INT 0x5A \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540CD4
INT 0x5B \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540CDE
INT 0x5C \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540CE8
INT 0x5D \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540CF2
INT 0x5E \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540CFC
INT 0x5F \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540D06
INT 0x60 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540D10
INT 0x61 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540D1A
INT 0x62 atapi.sys (IDE/ATAPI Port Driver/Microsoft Corporation) B9EF167E
INT 0x63 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540D2E
INT 0x64 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540D38
INT 0x65 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540D42
INT 0x66 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540D4C
INT 0x67 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540D56
INT 0x68 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540D60
INT 0x69 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540D6A
INT 0x6A \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540D74
INT 0x6B \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540D7E
INT 0x6C \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540D88
INT 0x6D \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540D92
INT 0x6E \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540D9C
INT 0x6F \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540DA6
INT 0x70 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540DB0
INT 0x71 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540DBA
INT 0x72 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540DC4
INT 0x73 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540DCE
INT 0x74 \SystemRoot\system32\DRIVERS\USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation) B93F4E54
INT 0x75 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540DE2
INT 0x76 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540DEC
INT 0x77 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540DF6
INT 0x78 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540E00
INT 0x79 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540E0A
INT 0x7A \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540E14
INT 0x7B \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540E1E
INT 0x7C \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540E28
INT 0x7D \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540E32
INT 0x7E \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540E3C
INT 0x7F \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540E46
INT 0x80 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540E50
INT 0x81 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540E5A
INT 0x82 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540E64
INT 0x83 pcmcia.sys (PCMCIA-Treiber/Microsoft Corporation) B9F4A046
INT 0x83 iaStor.sys (Intel Matrix Storage Manager driver - ia32/Intel Corporation) B9E55264
INT 0x83 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS (Video Port Driver/Microsoft Corporation) B9680CB8
INT 0x83 NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation) B9CFDE10
INT 0x83 \SystemRoot\system32\DRIVERS\USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation) B93F4E54
INT 0x83 pcmcia.sys (PCMCIA-Treiber/Microsoft Corporation) B9F4A046
INT 0x84 \SystemRoot\system32\DRIVERS\USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation) B93F4E54
INT 0x85 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540E82
INT 0x86 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540E8C
INT 0x87 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540E96
INT 0x88 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540EA0
INT 0x89 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540EAA
INT 0x8A \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540EB4
INT 0x8B \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540EBE
INT 0x8C \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540EC8
INT 0x8D \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540ED2
INT 0x8E \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540EDC
INT 0x8F \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540EE6
INT 0x90 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540EF0
INT 0x91 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540EFA
INT 0x92 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540F04
INT 0x93 \SystemRoot\system32\DRIVERS\i8042prt.sys (i8042-Anschlusstreiber/Microsoft Corporation) BA248495
INT 0x94 \SystemRoot\system32\DRIVERS\HDAudBus.sys (High Definition Audio Bus Driver v1.0a/Windows (R) Server 2003 DDK provider) B9659DFC
INT 0x94 NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation) B9CFDE10
INT 0x94 \SystemRoot\system32\DRIVERS\USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation) B93F4E54
INT 0x94 \SystemRoot\system32\DRIVERS\HDAudBus.sys (High Definition Audio Bus Driver v1.0a/Windows (R) Server 2003 DDK provider) B9659DFC
INT 0x95 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540F22
INT 0x96 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540F2C
INT 0x97 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540F36
INT 0x98 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540F40
INT 0x99 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540F4A
INT 0x9A \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540F54
INT 0x9B \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540F5E
INT 0x9C \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540F68
INT 0x9D \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540F72
INT 0x9E \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540F7C
INT 0x9F \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540F86
INT 0xA0 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540F90
INT 0xA1 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540F9A
INT 0xA2 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540FA4
INT 0xA3 \SystemRoot\system32\DRIVERS\i8042prt.sys (i8042-Anschlusstreiber/Microsoft Corporation) BA24FC90
INT 0xA4 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540FB8
INT 0xA5 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540FC2
INT 0xA6 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540FCC
INT 0xA7 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540FD6
INT 0xA8 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540FE0
INT 0xA9 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540FEA
INT 0xAA \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540FF4
INT 0xAB \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80540FFE
INT 0xAC \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80541008
INT 0xAD \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80541012
INT 0xAE \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 8054101C
INT 0xAF \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80541026
INT 0xB0 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80541030
INT 0xB1 ACPI.sys (ACPI-Treiber für NT/Microsoft Corporation) B9F8331E
INT 0xB2 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80541044
INT 0xB3 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 8054104E
INT 0xB4 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80541058
INT 0xB5 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80541062
INT 0xB6 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 8054106C
INT 0xB7 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80541076
INT 0xB8 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80541080
INT 0xB9 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 8054108A
INT 0xBA \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80541094
INT 0xBB \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 8054109E
INT 0xBC \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 805410A8
INT 0xBD \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 805410B2
INT 0xBE \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 805410BC
INT 0xBF \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 805410C6
INT 0xC0 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 805410D0
INT 0xC1 \WINDOWS\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 806E6AC0
INT 0xC2 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 805410E4
INT 0xC3 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 805410EE
INT 0xC4 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 805410F8
INT 0xC5 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80541102
INT 0xC6 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 8054110C
INT 0xC7 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80541116
INT 0xC8 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80541120
INT 0xC9 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 8054112A
INT 0xCA \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80541134
INT 0xCB \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 8054113E
INT 0xCC \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80541148
INT 0xCD \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80541152
INT 0xCE \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 8054115C
INT 0xCF \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80541166
INT 0xD0 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80541170
INT 0xD1 \WINDOWS\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 806E5E54
INT 0xD2 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80541184
INT 0xD3 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 8054118E
INT 0xD4 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80541198
INT 0xD5 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 805411A2
INT 0xD6 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 805411AC
INT 0xD7 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 805411B6
INT 0xD8 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 805411C0
INT 0xD9 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 805411CA
INT 0xDA \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 805411D4
INT 0xDB \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 805411DE
INT 0xDC \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 805411E8
INT 0xDD \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 805411F2
INT 0xDE \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 805411FC
INT 0xDF \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80541206
INT 0xE0 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80541210
INT 0xE1 \WINDOWS\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 806E7048
INT 0xE2 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80541224
INT 0xE3 \WINDOWS\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 806E6DAC
INT 0xE4 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80541238
INT 0xE5 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80541242
INT 0xE6 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 8054124C
INT 0xE7 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80541256
INT 0xE8 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80541260
INT 0xE9 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 8054126A
INT 0xEA \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80541274
INT 0xEB \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 8054127E
INT 0xEC \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80541288
INT 0xED \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80541292
INT 0xEE \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80541299
INT 0xEF \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 805412A0
INT 0xF0 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 805412A7
INT 0xF1 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 805412AE
INT 0xF2 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 805412B5
INT 0xF3 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 805412BC
INT 0xF4 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 805412C3
INT 0xF5 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 805412CA
INT 0xF6 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 805412D1
INT 0xF7 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 805412D8
INT 0xF8 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 805412DF
INT 0xF9 \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 805412E6
INT 0xFA \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 805412ED
INT 0xFB \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 805412F4
INT 0xFC \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 805412FB
INT 0xFD \WINDOWS\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 806E75A8
INT 0xFE \WINDOWS\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 806E7748
INT 0xFF \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 80541310

SYSENTER \WINDOWS\system32\ntkrnlpa.exe

Alt 28.06.2010, 08:28   #25
Larusso
/// Selecta Jahrusso
 
TR/PSW.Zbot.133169.Y alle 11 Minuten Antivir und temp Dateien - Standard

TR/PSW.Zbot.133169.Y alle 11 Minuten Antivir und temp Dateien


Braucht nichts peinlich zu sein.

Zwischenfrage. Kommt die Virenmeldung mit den verschiedenen .tmp Ordnern noch ?
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie
Alt 28.06.2010, 08:31   #26
Kiesopfer
 
TR/PSW.Zbot.133169.Y alle 11 Minuten Antivir und temp Dateien - Standard

TR/PSW.Zbot.133169.Y alle 11 Minuten Antivir und temp Dateien


Protokoll GMER Teil 3:
ZwQueryPortInformationProcess [0x805CB8FC]

80541540
---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs Ntfs.sys (NT File System Driver/Microsoft Corporation)
Device \FileSystem\Ntfs \Ntfs ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \FileSystem\Ntfs \Ntfs ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)

AttachedDevice \FileSystem\Ntfs \Ntfs tvtfilter.sys (Rescue and Recovery filter driver/Lenovo)

Device \FileSystem\Fastfat \FatCdrom Fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation)
Device \FileSystem\Fastfat \FatCdrom ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \FileSystem\Fastfat \FatCdrom ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \FileSystem\Mup \Dfs Mup.sys (Multiple UNC Provider driver/Microsoft Corporation)
Device \FileSystem\DLAIFS_M \TfsCd DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\DLAIFS_M \TfsCd ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \FileSystem\DLAIFS_M \TfsCd ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\KSecDD \Device\KsecDD KSecDD.sys (Kernel Security Support Provider Interface/Microsoft Corporation)
Device \Driver\KSecDD \Device\KsecDD ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\NDIS \Device\Ndis NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
Device \Driver\WudfPf \Device\WUDFLpcDevice WudfPf.sys (Windows Driver Foundation - User-mode Driver Framework Platform Driver/Microsoft Corporation)
Device \Driver\Beep \Device\Beep Beep.SYS (BEEP Driver/Microsoft Corporation)
Device \Driver\Beep \Device\Beep ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\usbhub \Device\0000009b usbhub.sys (Default Hub Driver for USB/Microsoft Corporation)
Device \Driver\usbhub \Device\0000009b ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Device\00000032
Device \Device\00000025
Device \Device\00000019
Device \Driver\smi2 \Device\SMI2Services smi2.sys (SMI BIOS driver/IBM Corp.)
Device \Driver\smi2 \Device\SMI2Services ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \FileSystem\NetBIOS \Device\Netbios netbios.sys (NetBIOS interface driver/Microsoft Corporation)
Device \FileSystem\NetBIOS \Device\Netbios ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\AFS2K \Device\OAKAFSUI AFS2K.SYS (Audio File System/Oak Technology Inc.)
Device \Driver\AFS2K \Device\OAKAFSUI ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\ACPI \Device\0000009c ACPI.sys (ACPI-Treiber für NT/Microsoft Corporation)
Device \Driver\ACPI \Device\0000008f ACPI.sys (ACPI-Treiber für NT/Microsoft Corporation)
Device \Device\00000033
Device \Device\00000026
Device \Driver\IBMPMDRV \Device\PMDRV ibmpmdrv.sys (ThinkPad Power Management Driver/Lenovo.)
Device \Driver\IBMPMDRV \Device\PMDRV ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\swenum \Device\KSENUM#00000001 swenum.sys (Plug and Play Software Device Enumerator/Microsoft Corporation)
Device \Driver\swenum \Device\KSENUM#00000001 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\usbhub \Device\0000009d usbhub.sys (Default Hub Driver for USB/Microsoft Corporation)
Device \Driver\usbhub \Device\0000009d ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\psadd \Device\PsaDD0 psadd.sys (SMBIOS Driver/Lenovo (United States) Inc.)
Device \Driver\psadd \Device\PsaDD0 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\TermDD \Device\RDP_CONSOLE0 termdd.sys (Terminal Server Driver/Microsoft Corporation)
Device \Device\00000040
Device \Device\00000034
Device \Device\00000027
Device \Driver\Tcpip \Device\Ip tcpip.sys (TCP/IP Protocol Driver/Microsoft Corporation)
Device \Driver\swenum \Device\KSENUM#00000002 swenum.sys (Plug and Play Software Device Enumerator/Microsoft Corporation)
Device \Driver\swenum \Device\KSENUM#00000002 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\Kbdclass \Device\KeyboardClass0 kbdclass.sys (Tastaturklassentreiber/Microsoft Corporation)
Device \Driver\Kbdclass \Device\KeyboardClass0 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)

AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

Device \Driver\Fips \Device\Fips Fips.SYS (FIPS-Verschlüsselungstreiber/Microsoft Corporation)
Device \Driver\Fips \Device\Fips ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Device\Video0
Device \Driver\avgio \Device\avgio avgio.sys (Avira AntiVir Support for Minifilter/Avira GmbH)
Device \Driver\ACPI \Device\0000009e ACPI.sys (ACPI-Treiber für NT/Microsoft Corporation)
Device \Driver\TermDD \Device\RDP_CONSOLE1 termdd.sys (Terminal Server Driver/Microsoft Corporation)
Device \Device\00000041
Device \Device\00000035
Device \Device\00000028
Device \Driver\WudfPf \Device\ProcessManagement WudfPf.sys (Windows Driver Foundation - User-mode Driver Framework Platform Driver/Microsoft Corporation)
Device \Device\Video1
Device \Driver\usbhub \Device\0000009f usbhub.sys (Default Hub Driver for USB/Microsoft Corporation)
Device \Driver\usbhub \Device\0000009f ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Device\00000042
Device \Device\00000036
Device \Device\00000029
Device \Driver\NDProxy \Device\NDProxy NDProxy.SYS (NDIS Proxy/Microsoft Corporation)
Device \Driver\NDProxy \Device\NDProxy ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\Kbdclass \Device\KeyboardClass1 kbdclass.sys (Tastaturklassentreiber/Microsoft Corporation)
Device \Driver\Kbdclass \Device\KeyboardClass1 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)

AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

Device \Device\0000000a
Device \Device\00000037
Device \Device\00000043
Device \Device\00000050
Device \Device\RdpDrDvMgr
Device \Driver\Mouclass \Device\PointerClass0 mouclass.sys (Mausklassentreiber/Microsoft Corporation)
Device \Driver\Mouclass \Device\PointerClass0 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Device\Video2
Device \Device\0000000b
Device \Device\00000038
Device \Device\00000044
Device \Device\00000051
Device \Driver\Mouclass \Device\PointerClass1 mouclass.sys (Mausklassentreiber/Microsoft Corporation)
Device \Driver\Mouclass \Device\PointerClass1 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Device\Processor
Device \Driver\Compbatt \Device\CompositeBattery compbatt.sys (Composite Battery Driver/Microsoft Corporation)
Device \Driver\Compbatt \Device\CompositeBattery ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\usbuhci \Device\USBPDO-0 USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation)
Device \Driver\usbuhci \Device\USBPDO-0 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Device\Video3
Device \Driver\PROCDD \Device\ProcDD PROCDD.SYS (IPS Helper Driver/Lenovo Group Limited)
Device \Driver\PROCDD \Device\ProcDD ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\WMIxWDM \Device\WMIDataDevice ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\WMIxWDM \Device\WMIDataDevice ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\WMIxWDM \Device\WMIDataDevice ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Device\0000000c
Device \Device\00000039
Device \FileSystem\RAW \Device\RawTape ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \FileSystem\RAW \Device\RawTape ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Device\00000045
Device \Driver\usbuhci \Device\USBPDO-1 USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation)
Device \Driver\usbuhci \Device\USBPDO-1 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Device\Video4
Device \Driver\dmio \Device\DmControl\DmIoDaemon dmio.sys (E/A-Treiber für NT Datenträgerverwaltung/Microsoft Corp., Veritas Software)
Device \Driver\dmio \Device\DmControl\DmIoDaemon ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\dmio \Device\DmControl\DmConfig dmio.sys (E/A-Treiber für NT Datenträgerverwaltung/Microsoft Corp., Veritas Software)
Device \Driver\dmio \Device\DmControl\DmConfig ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\dmio \Device\DmControl\DmPnP dmio.sys (E/A-Treiber für NT Datenträgerverwaltung/Microsoft Corp., Veritas Software)
Device \Driver\dmio \Device\DmControl\DmPnP ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\dmio \Device\DmControl\DmInfo dmio.sys (E/A-Treiber für NT Datenträgerverwaltung/Microsoft Corp., Veritas Software)
Device \Driver\dmio \Device\DmControl\DmInfo ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Device\i
Device \Driver\ACPI_HAL \Device\00000053 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\ACPI_HAL \Device\00000053 hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
Device \Driver\rdpdr \Device\RdpDrPort rdpdr.sys (Microsoft RDP Device redirector/Microsoft Corporation)
Device \Driver\usbehci \Device\USBPDO-2 USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation)
Device \Driver\usbehci \Device\USBPDO-2 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \FileSystem\MRxDAV \Device\WebDavRedirector mrxdav.sys (Windows NT WebDav Minirdr/Microsoft Corporation)
Device \FileSystem\MRxDAV \Device\WebDavRedirector ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\BTKRNL \Device\BTKRNL btkrnl.sys (Bluetooth Bus Enumerator/Broadcom Corporation.)
Device \Driver\BTKRNL \Device\BTKRNL ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\BTKRNL \Device\BTKRNL btkrnl.sys (Bluetooth Bus Enumerator/Broadcom Corporation.)
Device \Driver\PnpManager \Device\00000047 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000047 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\usbuhci \Device\USBPDO-3 USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation)
Device \Driver\usbuhci \Device\USBPDO-3 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\NetBT \Device\NetBT_Tcpip_{9253803D-A826-462C-95FB-54E6608C3F1A} netbt.sys (MBT Transport driver/Microsoft Corporation)
Device \Driver\NetBT \Device\NetBT_Tcpip_{9253803D-A826-462C-95FB-54E6608C3F1A} ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0002 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0002 pci.sys (NT-Plug & Play PCI-Enumerator/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000048 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000048 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\usbhub \Device\000000a0 usbhub.sys (Default Hub Driver for USB/Microsoft Corporation)
Device \Driver\usbhub \Device\000000a0 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\usbuhci \Device\USBPDO-4 USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation)
Device \Driver\usbuhci \Device\USBPDO-4 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \FileSystem\DLACDBHM \Device\sscdbhook1 DLACDBHM.SYS (Shared Driver Component/Sonic Solutions)
Device \Driver\IpNat \Device\IPNAT ipnat.sys (IP Network Address Translator/Microsoft Corporation)
Device \Driver\IpNat \Device\IPNAT ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\RasAcd \Device\RasAcd rasacd.sys (RAS Automatic Connection Driver/Microsoft Corporation)
Device \Driver\RasAcd \Device\RasAcd ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\Tcpip \Device\Tcp tcpip.sys (TCP/IP Protocol Driver/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000049 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000049 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0010 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0010 pci.sys (NT-Plug & Play PCI-Enumerator/Microsoft Corporation)
Device \Driver\i2omgmt \Device\I2OExec i2omgmt.SYS (I2O Utility Filter/Microsoft Corporation)
Device \Driver\i2omgmt \Device\I2OExec ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\TcUsb \Device\000000a1 tcusb.sys (TouchChip USB Kernel Driver/UPEK Inc.)
Device \Driver\TcUsb \Device\000000a1 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\usbhub \Device\USBPDO-5 usbhub.sys (Default Hub Driver for USB/Microsoft Corporation)
Device \Driver\usbhub \Device\USBPDO-5 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\TVTPktFilter \Device\{B536963E-0DF4-41DD-985D-60FC12384228} NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
Device \Driver\tvtfilter \Device\TVTFilter tvtfilter.sys (Rescue and Recovery filter driver/Lenovo)
Device \Driver\ACPI \Device\00000057 ACPI.sys (ACPI-Treiber für NT/Microsoft Corporation)
Device \Driver\rdpdr \Device\RdpDr rdpdr.sys (Microsoft RDP Device redirector/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0011 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0011 pci.sys (NT-Plug & Play PCI-Enumerator/Microsoft Corporation)
Device \Driver\ugtdipow \Device\ugtdipow ugtdipow.sys
Device \Driver\ugtdipow \Device\ugtdipow ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\Ftdisk \Device\HarddiskVolume1 ftdisk.sys (FT-Datenträgertreiber/Microsoft Corporation)
Device \Driver\Ftdisk \Device\HarddiskVolume1 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\mdmxsdk \Device\ConexantDiagnosticsServer mdmxsdk.sys (Diagnostic Interface x86 Driver/Conexant)
Device \Driver\mdmxsdk \Device\ConexantDiagnosticsServer ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\ACPI \Device\00000058 ACPI.sys (ACPI-Treiber für NT/Microsoft Corporation)
Device \Driver\CmBatt \Device\AcAdapter0 CmBatt.sys (Control Method Battery Driver/Microsoft Corporation)
Device \Driver\CmBatt \Device\AcAdapter0 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Device\Http\Filter
Device \Device\Http\AppPool
Device \Device\Http\Control
Device \Driver\Ftdisk \Device\HarddiskVolume2 ftdisk.sys (FT-Datenträgertreiber/Microsoft Corporation)
Device \Driver\Ftdisk \Device\HarddiskVolume2 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0013 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0013 pci.sys (NT-Plug & Play PCI-Enumerator/Microsoft Corporation)
Device \Driver\ACPI \Device\00000065 ACPI.sys (ACPI-Treiber für NT/Microsoft Corporation)
Device \FileSystem\Rdbss \Device\FsWrap rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation)
Device \FileSystem\Rdbss \Device\FsWrap ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\TermDD \Device\Termdd termdd.sys (Terminal Server Driver/Microsoft Corporation)
Device \Driver\sysaudio \Device\sysaudio ks.sys (Kernel CSA Library/Microsoft Corporation)
Device \Driver\sysaudio \Device\sysaudio ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\sysaudio \Device\sysaudio sysaudio.sys (System Audio WDM Filter/Microsoft Corporation)
Device \Driver\TVTPktFilter \Device\TVTPktFilter NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0020 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0020 pci.sys (NT-Plug & Play PCI-Enumerator/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0007 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0007 pci.sys (NT-Plug & Play PCI-Enumerator/Microsoft Corporation)
Device \Driver\Ftdisk \Device\HarddiskVolume3 ftdisk.sys (FT-Datenträgertreiber/Microsoft Corporation)
Device \Driver\Ftdisk \Device\HarddiskVolume3 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\iaStor \Device\Ide\iaStor0 iaStor.sys (Intel Matrix Storage Manager driver - ia32/Intel Corporation)
Device \Driver\iaStor \Device\Ide\iaStor0 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\atapi \Device\Ide\IdePort0 atapi.sys (IDE/ATAPI Port Driver/Microsoft Corporation)
Device \Driver\atapi \Device\Ide\IdePort0 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 atapi.sys (IDE/ATAPI Port Driver/Microsoft Corporation)
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\PCIIde \Device\Ide\PciIde0Channel0-0 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\PCIIde \Device\Ide\PciIde0Channel0-0

Die Anti Vir Meldung war zwischendurch mal wieder da!

Alt 28.06.2010, 08:31   #27
Kiesopfer
 
TR/PSW.Zbot.133169.Y alle 11 Minuten Antivir und temp Dateien - Standard

TR/PSW.Zbot.133169.Y alle 11 Minuten Antivir und temp Dateien


Protokoll GMER Teil 4:

Device \Device\Ide\PciIde0
Device \Driver\atmeltpm \Device\TPM0 atmeltpm.sys (Atmel TPM Driver/Atmel, Inc.)
Device \Driver\atmeltpm \Device\TPM0 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\ACPI \Device\00000067 ACPI.sys (ACPI-Treiber für NT/Microsoft Corporation)
Device \Driver\ACPIEC \Device\ACPIEC ACPIEC.sys (ACPI Embedded Controllertreiber/Microsoft Corporation)
Device \Driver\ACPIEC \Device\ACPIEC ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0015 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0015 pci.sys (NT-Plug & Play PCI-Enumerator/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0008 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0008 pci.sys (NT-Plug & Play PCI-Enumerator/Microsoft Corporation)
Device \Driver\PptpMiniport \Device\{AD96B222-A779-47A1-A146-0DC129E2E8A8} NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
Device \Driver\ACPI \Device\00000068 ACPI.sys (ACPI-Treiber für NT/Microsoft Corporation)
Device \Driver\Pcmcia \Device\Pcmcia0 pcmcia.sys (PCMCIA-Treiber/Microsoft Corporation)
Device \Driver\Pcmcia \Device\Pcmcia0 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\PxHelp20 \Device\PxHelperDevice0 PxHelp20.sys (Px Engine Device Driver for Windows 2000/XP/Sonic Solutions)
Device \Driver\CmBatt \Device\ControlMethodBattery0 CmBatt.sys (Control Method Battery Driver/Microsoft Corporation)
Device \Driver\CmBatt \Device\ControlMethodBattery0 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0009 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0009 pci.sys (NT-Plug & Play PCI-Enumerator/Microsoft Corporation)
Device \FileSystem\DRVNDDM \Device\drvnddm DRVNDDM.SYS (Device Driver Manager/Sonic Solutions)
Device \FileSystem\DRVNDDM \Device\drvnddm ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\ACPI \Device\00000069 ACPI.sys (ACPI-Treiber für NT/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0017 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0017 pci.sys (NT-Plug & Play PCI-Enumerator/Microsoft Corporation)
Device \Driver\ACPI \Device\00000077 ACPI.sys (ACPI-Treiber für NT/Microsoft Corporation)
Device \Driver\ACPI \Device\00000090 ACPI.sys (ACPI-Treiber für NT/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0018 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0018 pci.sys (NT-Plug & Play PCI-Enumerator/Microsoft Corporation)
Device \Driver\HSF_DPV \Device\HSF_MDMDevice0 HSF_DPV.sys (HSF_DP driver/Conexant Systems, Inc.)
Device \Driver\HSF_DPV \Device\HSF_MDMDevice0 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\PnpManager \Device\0000003e ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\PnpManager \Device\0000003e ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\TSMAPIP \Device\TSMAPIP TSMAPIP.SYS
Device \Driver\TSMAPIP \Device\TSMAPIP ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\RasPppoe \Device\{9EB255F7-2D72-47A6-AB33-CC1AA0618E35} NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
Device \Driver\NetBT \Device\NetBt_Wins_Export netbt.sys (MBT Transport driver/Microsoft Corporation)
Device \Driver\NetBT \Device\NetBt_Wins_Export ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\adfs \Device\ADVirtualDisk\Volume adfs.SYS (Adobe Drive File System Driver/Adobe Systems, Inc.)
Device \Driver\adfs \Device\ADVirtualDisk\Volume ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\adfs \Device\ADVirtualDisk\Volume ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\adfs \Device\ADVirtualDisk\Control adfs.SYS (Adobe Drive File System Driver/Adobe Systems, Inc.)
Device \Driver\adfs \Device\ADVirtualDisk\Control ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\adfs \Device\ADVirtualDisk\Control ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\ACPI \Device\00000091 ACPI.sys (ACPI-Treiber für NT/Microsoft Corporation)
Device \Driver\TVTPktFilter \Device\{BDF03991-86F2-4481-A746-86A45DCDE557} NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
Device \Driver\PnpManager \Device\0000003f ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\PnpManager \Device\0000003f ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\TDSMAPI \Device\TDSMAPI TDSMAPI.SYS
Device \Driver\TDSMAPI \Device\TDSMAPI ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\ACPI \Device\00000078 ACPI.sys (ACPI-Treiber für NT/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0019 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0019 pci.sys (NT-Plug & Play PCI-Enumerator/Microsoft Corporation)
Device \Driver\NETw4x32 \Device\{9253803D-A826-462C-95FB-54E6608C3F1A} NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
Device \Driver\ACPI \Device\00000092 ACPI.sys (ACPI-Treiber für NT/Microsoft Corporation)
Device \Driver\ACPI \Device\00000079 ACPI.sys (ACPI-Treiber für NT/Microsoft Corporation)
Device \Driver\PnpManager \Device\0000004c ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\PnpManager \Device\0000004c ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\NetBT \Device\NetbiosSmb netbt.sys (MBT Transport driver/Microsoft Corporation)
Device \Driver\NetBT \Device\NetbiosSmb ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\AEAudioService \Device\DsdaFilter AEAudio.sys (Audio Noise Filtering Driver (32-bit)/Andrea Electronics Corporation)
Device \Driver\ACPI \Device\0000005a ACPI.sys (ACPI-Treiber für NT/Microsoft Corporation)
Device \Driver\ACPI \Device\00000093 ACPI.sys (ACPI-Treiber für NT/Microsoft Corporation)
Device \Driver\Shockprf \Device\Shockpf0 Apsx86.sys (Shockproof Disk Driver/Lenovo.)
Device \Driver\PnpManager \Device\0000004d ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\PnpManager \Device\0000004d ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\TPPWRIF \Device\TPPWRIF Tppwrif.sys
Device \Driver\TPPWRIF \Device\TPPWRIF ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\MountMgr \Device\MountPointManager MountMgr.sys (Mount Manager/Microsoft Corporation)
Device \Driver\MountMgr \Device\MountPointManager ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\PnpManager \Device\0000004e ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\PnpManager \Device\0000004e ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\ACPI \Device\0000005b ACPI.sys (ACPI-Treiber für NT/Microsoft Corporation)
Device \Driver\BTKRNL \Device\00000094 btkrnl.sys (Bluetooth Bus Enumerator/Broadcom Corporation.)
Device \Driver\BTKRNL \Device\00000094 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\BTKRNL \Device\00000094 btkrnl.sys (Bluetooth Bus Enumerator/Broadcom Corporation.)
Device \Driver\ssmdrv \Device\ssmctl ssmdrv.sys (AVIRA SnapShot Driver/Avira GmbH)
Device \Driver\ssmdrv \Device\ssmctl ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\EGATHDRV \Device\egathdrv EGATHDRV.SYS (IBM eGatherer Kernel Module/IBM Corporation)
Device \Driver\EGATHDRV \Device\egathdrv ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\PnpManager \Device\0000004f ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\PnpManager \Device\0000004f ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\e1express \Device\{08D58BAD-64B7-468C-97BD-67603609B453} NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
Device \Driver\ACPI \Device\0000005c ACPI.sys (ACPI-Treiber für NT/Microsoft Corporation)
Device \FileSystem\Mup \Device\Mup Mup.sys (Multiple UNC Provider driver/Microsoft Corporation)
Device \FileSystem\Srv \Device\LanmanServer srv.sys (Server driver/Microsoft Corporation)
Device \Driver\Wanarp \Device\WANARP wanarp.sys (MS Remote Access and Routing ARP Driver/Microsoft Corporation)
Device \Driver\Shockprf \Device\ShockMgr Apsx86.sys (Shockproof Disk Driver/Lenovo.)
Device \Driver\ACPI \Device\0000005d ACPI.sys (ACPI-Treiber für NT/Microsoft Corporation)
Device \Driver\HDAudBus \Device\00000096 HDAudBus.sys (High Definition Audio Bus Driver v1.0a/Windows (R) Server 2003 DDK provider)
Device \Driver\e1express \Device\INTELPRO_{08D58BAD-64B7-468C-97BD-67603609B453} NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
Device \Driver\Smapint \Device\Smapi0 Smapint.sys (SMAPI I/O/Microsoft Corporation)
Device \Driver\Smapint \Device\Smapi0 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\Tcpip \Device\Udp tcpip.sys (TCP/IP Protocol Driver/Microsoft Corporation)
Device \Device\Harddisk0\DP(1)0x7e00-0x1bf267a200+2
Device \Driver\Disk \Device\Harddisk0\DR0 CLASSPNP.SYS (SCSI Class System Dll/Microsoft Corporation)
Device \Driver\Disk \Device\Harddisk0\DR0 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\ACPI \Device\0000006a ACPI.sys (ACPI-Treiber für NT/Microsoft Corporation)
Device \Driver\NdisWan \Device\NdisWanIp NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
Device \Driver\irda \Device\IrDA irda.sys (IRDA Protocol Driver/Microsoft Corporation)
Device \Driver\Tcpip \Device\RawIp tcpip.sys (TCP/IP Protocol Driver/Microsoft Corporation)
Device \Device\Harddisk1\DP(1)0x7e00-0x118b0e2200+3
Device \Driver\Disk \Device\Harddisk1\DR1 CLASSPNP.SYS (SCSI Class System Dll/Microsoft Corporation)
Device \Driver\Disk \Device\Harddisk1\DR1 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Device\Harddisk1\DP(2)0x118b0ea000-0x116b38000+4
Device \Driver\PnpManager \Device\00000002 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000002 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\ACPI \Device\0000006b ACPI.sys (ACPI-Treiber für NT/Microsoft Corporation)
Device \Driver\Modem \Device\00000098 Modem.SYS (Modemgerätetreiber/Microsoft Corporation)
Device \Driver\Modem \Device\00000098 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \FileSystem\RAW \Device\RawDisk ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \FileSystem\RAW \Device\RawDisk ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000003 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000003 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\ACPI \Device\0000006c ACPI.sys (ACPI-Treiber für NT/Microsoft Corporation)
Device \Driver\usbhub \Device\00000099 usbhub.sys (Default Hub Driver for USB/Microsoft Corporation)
Device \Driver\usbhub \Device\00000099 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\Null \Device\Null Null.SYS (NULL Driver/Microsoft Corporation)
Device \Driver\Null \Device\Null ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\usbuhci \Device\USBFDO-0 USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation)
Device \Driver\usbuhci \Device\USBFDO-0 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\pmem \Device\PMEM pmemnt.sys (Physical Memory Driver/Microsoft Corporation)
Device \Driver\pmem \Device\PMEM ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\ACPI \Device\0000006d ACPI.sys (ACPI-Treiber für NT/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000004 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000004 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\usbuhci \Device\USBFDO-1 USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation)
Device \Driver\usbuhci \Device\USBFDO-1 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\ANC \Device\{9253803D-A826-462C-95FB-54E6608C3F1A}_ANC83Monitor ANC.SYS (IBM Access Connections - ANC/IBM Corp.)
Device \Driver\ANC \Device\{9253803D-A826-462C-95FB-54E6608C3F1A}_ANC83Monitor ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\IPSec \Device\IPSEC ipsec.sys (IPSec Driver/Microsoft Corporation)
Device \Driver\IPSec \Device\IPSEC ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\ACPI \Device\0000006e ACPI.sys (ACPI-Treiber für NT/Microsoft Corporation)
Device \Driver\ACPI \Device\0000007b ACPI.sys (ACPI-Treiber für NT/Microsoft Corporation)
Device \Driver\dmload \Device\DmLoader dmload.sys (NT Disk Manager Startup Driver/Microsoft Corp., Veritas Software.)
Device \Driver\dmload \Device\DmLoader ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000005 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000005 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\BTDriver \Device\BtPort0 btport.sys (Bluetooth BTPORT Driver for Windows 2000/Broadcom Corporation.)
Device \Driver\BTDriver \Device\BtPort0 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\HSFHWAZL \Device\MICH_AZ0 HSFHWAZL.sys (HSF_HWAZL WDM driver/Conexant Systems, Inc.)
Device \Driver\HSFHWAZL \Device\MICH_AZ0 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\usbuhci \Device\USBFDO-2 USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation)
Device \Driver\usbuhci \Device\USBFDO-2 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\Tcpip \Device\IPMULTICAST tcpip.sys (TCP/IP Protocol Driver/Microsoft Corporation)
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation)
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation)
Device \Driver\NdisWan \Device\NdisWan NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
Device \Driver\NdisTapi \Device\NdisTapi ndistapi.sys (NDIS 3.0 connection wrapper driver/Microsoft Corporation)
Device \Driver\NdisTapi \Device\NdisTapi ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\isapnp \Device\0000006f isapnp.sys (PNP-ISA-Bustreiber/Microsoft Corporation)
Device \Driver\isapnp \Device\0000006f ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\ACPI \Device\0000007c ACPI.sys (ACPI-Treiber für NT/Microsoft Corporation)
Device \Driver\usbuhci \Device\USBFDO-3 USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation)
Device \Driver\usbuhci \Device\USBFDO-3 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\lenovo.smi \Device\lenovo.smi smiif32.sys (SMI Driver for Lenovo system/Lenovo Group Limited)
Device \Driver\lenovo.smi \Device\lenovo.smi ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\DRVMCDB \Device\drvmcdb DRVMCDB.SYS (Device Driver/Sonic Solutions)
Device \Driver\DRVMCDB \Device\drvmcdb ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \FileSystem\MRxSmb \Device\LanmanRedirector mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation)
Device \FileSystem\MRxSmb \Device\LanmanRedirector rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation)
Device \Driver\Gpc \Device\Gpc msgpc.sys (MS General Packet Classifier/Microsoft Corporation)
Device \FileSystem\Npfs \Device\NamedPipe Npfs.SYS (NPFS Driver/Microsoft Corporation)
Device \FileSystem\Npfs \Device\NamedPipe ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\ACPI \Device\0000007d ACPI.sys (ACPI-Treiber für NT/Microsoft Corporation)
Device \Driver\Ftdisk \Device\FtControl ftdisk.sys (FT-Datenträgertreiber/Microsoft Corporation)
Device \Driver\Ftdisk \Device\FtControl ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\usbehci \Device\USBFDO-4 USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation)
Device \Driver\usbehci \Device\USBFDO-4 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\PrivateDisk \Device\PrivateDisk PrivateDiskM.sys (SafeGuard® PrivateDisk Driver/Utimaco Safeware AG)
Device \Driver\PrivateDisk \Device\PrivateDisk ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \FileSystem\Msfs \Device\Mailslot Msfs.SYS (Mailslot driver/Microsoft Corporation)
Device \FileSystem\Msfs \Device\Mailslot ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\TPHKDRV \Device\TPHKDRV TPHKDRV.sys (ThinkPad Hotkey Driver/Lenovo Group Limited)
Device \Driver\TPHKDRV \Device\TPHKDRV ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\Ndisuio \Device\Ndisuio ndisuio.sys (NDIS User mode I/O Driver/Microsoft Corporation)
Device \Driver\Ndisuio \Device\Ndisuio ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\winachsf \Device\Winachsf0 HSF_CNXT.sys (HSF_CNXT driver/Conexant Systems, Inc.)
Device \Driver\winachsf \Device\Winachsf0 ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \FileSystem\RAW \Device\RawCdRom ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \FileSystem\RAW \Device\RawCdRom ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \Driver\AFD \Device\Afd afd.sys (Ancillary Function Driver for WinSock/Microsoft Corporation)
Device \Driver\IBMTPCHK \Device\IBMBLDID IBMBLDID.sys
Device \Driver\IBMTPCHK \Device\IBMBLDID ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \FileSystem\Mup \Device\WinDfs\Root Mup.sys (Multiple UNC Provider driver/Microsoft Corporation)
Device \Driver\ACPI \Device\0000009a ACPI.sys (ACPI-Treiber für NT/Microsoft Corporation)
Device \Driver\avipbb \Device\avipbb avipbb.sys (Avira Driver for RootKit Detection/Avira GmbH)
Device \Driver\avipbb \Device\avipbb ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \
Device \FileSystem\Fastfat \Fat Fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation)
Device \FileSystem\Fastfat \Fat ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \FileSystem\Fastfat \Fat

Alt 28.06.2010, 08:32   #28
Kiesopfer
 
TR/PSW.Zbot.133169.Y alle 11 Minuten Antivir und temp Dateien - Standard

TR/PSW.Zbot.133169.Y alle 11 Minuten Antivir und temp Dateien


Protokoll GMER Teil 5:

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer Fs_Rec.SYS (File System Recognizer Driver/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \FileSystem\avgntflt \FileSystem\Filters\avgntflt avgntflt.sys (Avira Minifilter Driver/Avira GmbH)
Device \FileSystem\Filters\FltMgrMsg
Device \FileSystem\Filters\SystemRestore
Device \FileSystem\FltMgr \FileSystem\Filters\FltMgr fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
Device \FileSystem\FltMgr \FileSystem\Filters\FltMgr fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer Fs_Rec.SYS (File System Recognizer Driver/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer Fs_Rec.SYS (File System Recognizer Driver/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer Fs_Rec.SYS (File System Recognizer Driver/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer Fs_Rec.SYS (File System Recognizer Driver/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \FileSystem\DLAIFS_M \GLOBAL??\DLAIFS DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\DLAIFS_M \GLOBAL??\DLAIFS ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)
Device \FileSystem\DLAIFS_M \GLOBAL??\DLAIFS ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation)

---- Modules - GMER 1.0.15 ----

Module \WINDOWS\system32\ntkrnlpa.exe (NT-Kernel und -System/Microsoft Corporation) 804D7000-806E5000 (2154496 bytes)
Module \WINDOWS\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 806E5000-80705D00 (134400 bytes)
Module \WINDOWS\system32\KDCOM.DLL (Kernel Debugger HW Extension DLL/Microsoft Corporation) BA5A8000-BA5AA000 (8192 bytes)
Module \WINDOWS\system32\BOOTVID.dll (VGA Boot Driver/Microsoft Corporation) BA4B8000-BA4BB000 (12288 bytes)
Module ACPI.sys (ACPI-Treiber für NT/Microsoft Corporation) B9F78000-B9FA7000 (192512 bytes)
Module \WINDOWS\system32\DRIVERS\WMILIB.SYS (WMILIB WMI support library Dll/Microsoft Corporation) BA5AA000-BA5AC000 (8192 bytes)
Module pci.sys (NT-Plug & Play PCI-Enumerator/Microsoft Corporation) B9F67000-B9F78000 (69632 bytes)
Module isapnp.sys (PNP-ISA-Bustreiber/Microsoft Corporation) BA0A8000-BA0B2000 (40960 bytes)
Module compbatt.sys (Composite Battery Driver/Microsoft Corporation) BA4BC000-BA4BF000 (12288 bytes)
Module \WINDOWS\system32\DRIVERS\BATTC.SYS (Battery Class Driver/Microsoft Corporation) BA4C0000-BA4C4000 (16384 bytes)
Module pciide.sys (Allgemeiner PCI IDE Bustreiber/Microsoft Corporation) BA670000-BA671000 (4096 bytes)
Module \WINDOWS\system32\DRIVERS\PCIIDEX.SYS (PCI IDE Bus Driver Extension/Microsoft Corporation) BA328000-BA32F000 (28672 bytes)
Module pcmcia.sys (PCMCIA-Treiber/Microsoft Corporation) B9F49000-B9F67000 (122880 bytes)
Module MountMgr.sys (Mount Manager/Microsoft Corporation) BA0B8000-BA0C3000 (45056 bytes)
Module ftdisk.sys (FT-Datenträgertreiber/Microsoft Corporation) B9F2A000-B9F49000 (126976 bytes)
Module dmload.sys (NT Disk Manager Startup Driver/Microsoft Corp., Veritas Software.) BA5AC000-BA5AE000 (8192 bytes)
Module dmio.sys (E/A-Treiber für NT Datenträgerverwaltung/Microsoft Corp., Veritas Software) B9F04000-B9F2A000 (155648 bytes)
Module PartMgr.sys (Partition Manager/Microsoft Corporation) BA330000-BA335000 (20480 bytes)
Module ACPIEC.sys (ACPI Embedded Controllertreiber/Microsoft Corporation) BA4C4000-BA4C7000 (12288 bytes)
Module \WINDOWS\system32\DRIVERS\OPRGHDLR.SYS (ACPI Operation Registration Driver/Microsoft Corporation) BA671000-BA672000 (4096 bytes)
Module VolSnap.sys (Volumeschattenkopie-Treiber/Microsoft Corporation) BA0C8000-BA0D6000 (57344 bytes)
Module atapi.sys (IDE/ATAPI Port Driver/Microsoft Corporation) B9EEC000-B9F04000 (98304 bytes)
Module iaStor.sys (Intel Matrix Storage Manager driver - ia32/Intel Corporation) B9E11000-B9EEC000 (897024 bytes)
Module disk.sys (PnP Disk Driver/Microsoft Corporation) BA0D8000-BA0E1000 (36864 bytes)
Module \WINDOWS\system32\DRIVERS\CLASSPNP.SYS (SCSI Class System Dll/Microsoft Corporation) BA0E8000-BA0F5000 (53248 bytes)
Module fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) B9DF1000-B9E11000 (131072 bytes)
Module sr.sys (Dateisystemfilter-Treiber der Systemwiederherstellung/Microsoft Corporation) B9DDF000-B9DF1000 (73728 bytes)
Module DRVMCDB.SYS (Device Driver/Sonic Solutions) B9DC9000-B9DDF000 (90112 bytes)
Module PxHelp20.sys (Px Engine Device Driver for Windows 2000/XP/Sonic Solutions) BA0F8000-BA102000 (40960 bytes)
Module KSecDD.sys (Kernel Security Support Provider Interface/Microsoft Corporation) B9DB2000-B9DC9000 (94208 bytes)
Module WudfPf.sys (Windows Driver Foundation - User-mode Driver Framework Platform Driver/Microsoft Corporation) B9D9F000-B9DB2000 (77824 bytes)
Module Ntfs.sys (NT File System Driver/Microsoft Corporation) B9D12000-B9D9F000 (577536 bytes)
Module NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation) B9CE5000-B9D12000 (184320 bytes)
Module Apsx86.sys (Shockproof Disk Driver/Lenovo.) B9CC5000-B9CE5000 (131072 bytes)
Module ApsHM86.sys (ThinkVantage Active Protection System HID Digitizer Activity Monitor Driver/Lenovo.) BA108000-BA111000 (36864 bytes)
Module Mup.sys (Multiple UNC Provider driver/Microsoft Corporation) B9CAB000-B9CC5000 (106496 bytes)
Module \SystemRoot\system32\DRIVERS\intelppm.sys (Prozessorgerätetreiber/Microsoft Corporation) BA218000-BA222000 (40960 bytes)
Module \SystemRoot\system32\DRIVERS\ati2mtag.sys (ATI Radeon WindowsNT Miniport Driver/ATI Technologies Inc.) B9693000-B9BA2000 (5304320 bytes)
Module \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS (Video Port Driver/Microsoft Corporation) B967F000-B9693000 (81920 bytes)
Module \SystemRoot\system32\DRIVERS\HDAudBus.sys (High Definition Audio Bus Driver v1.0a/Windows (R) Server 2003 DDK provider) B9657000-B967F000 (163840 bytes)
Module \SystemRoot\system32\DRIVERS\e1e5132.sys (Intel(R) PRO/1000 Adapter NDIS 5.2 deserialized driver/Intel Corporation) B961A000-B9657000 (249856 bytes)
Module \SystemRoot\system32\DRIVERS\NETw4x32.sys (Intel® Wireless WiFi Link Driver/Intel Corporation) B93FE000-B961A000 (2211840 bytes)
Module \SystemRoot\system32\DRIVERS\usbuhci.sys (UHCI USB Miniport Driver/Microsoft Corporation) BA440000-BA446000 (24576 bytes)
Module \SystemRoot\system32\DRIVERS\USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation) B93DA000-B93FE000 (147456 bytes)
Module \SystemRoot\system32\DRIVERS\usbehci.sys (EHCI eUSB Miniport Driver/Microsoft Corporation) BA470000-BA478000 (32768 bytes)
Module \SystemRoot\system32\DRIVERS\i8042prt.sys (i8042-Anschlusstreiber/Microsoft Corporation) BA248000-BA255000 (53248 bytes)
Module \SystemRoot\system32\DRIVERS\kbdclass.sys (Tastaturklassentreiber/Microsoft Corporation) BA490000-BA497000 (28672 bytes)
Module \SystemRoot\system32\DRIVERS\SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.) B93A2000-B93DA000 (229376 bytes)
Module \SystemRoot\system32\DRIVERS\USBD.SYS (Universal Serial Bus Driver/Microsoft Corporation) BA5D0000-BA5D2000 (8192 bytes)
Module \SystemRoot\system32\DRIVERS\mouclass.sys (Mausklassentreiber/Microsoft Corporation) BA368000-BA36E000 (24576 bytes)
Module \SystemRoot\system32\DRIVERS\atmeltpm.sys (Atmel TPM Driver/Atmel, Inc.) BA370000-BA378000 (32768 bytes)
Module \SystemRoot\system32\DRIVERS\CmBatt.sys (Control Method Battery Driver/Microsoft Corporation) B9BAA000-B9BAE000 (16384 bytes)
Module \SystemRoot\system32\DRIVERS\ibmpmdrv.sys (ThinkPad Power Management Driver/Lenovo.) BA380000-BA385000 (20480 bytes)
Module \SystemRoot\system32\DRIVERS\btkrnl.sys (Bluetooth Bus Enumerator/Broadcom Corporation.) B92D1000-B93A2000 (856064 bytes)
Module \SystemRoot\system32\DRIVERS\tvtpktfilter.sys (TVT NDIS 5.1 Intermediate Miniport Filter Driver/Lenovo Group Limited) BA3F8000-BA3FD000 (20480 bytes)
Module \SystemRoot\system32\DRIVERS\audstub.sys (AudStub Driver/Microsoft Corporation) BA6F3000-BA6F4000 (4096 bytes)
Module \SystemRoot\system32\DRIVERS\rasirda.sys (IrDA WAN Miniport Driver/Microsoft Corporation) BA408000-BA40D000 (20480 bytes)
Module \SystemRoot\system32\DRIVERS\TDI.SYS (TDI Wrapper/Microsoft Corporation) BA418000-BA41D000 (20480 bytes)
Module \SystemRoot\system32\DRIVERS\rasl2tp.sys (RAS L2TP mini-port/call-manager driver/Microsoft Corporation) BA258000-BA265000 (53248 bytes)
Module \SystemRoot\system32\DRIVERS\ndistapi.sys (NDIS 3.0 connection wrapper driver/Microsoft Corporation) BA5A0000-BA5A3000 (12288 bytes)
Module \SystemRoot\system32\DRIVERS\ndiswan.sys (MS PPP Framing Driver (Strong Encryption)/Microsoft Corporation) B92BA000-B92D1000 (94208 bytes)
Module \SystemRoot\system32\DRIVERS\raspppoe.sys (RAS PPPoE mini-port/call-manager driver/Microsoft Corporation) BA268000-BA273000 (45056 bytes)
Module \SystemRoot\system32\DRIVERS\raspptp.sys (Peer-to-Peer Tunneling Protocol/Microsoft Corporation) BA278000-BA284000 (49152 bytes)
Module \SystemRoot\system32\DRIVERS\ptilink.sys (Parallel Technologies DirectParallel IO Library/Parallel Technologies, Inc.) BA468000-BA46D000 (20480 bytes)
Module \SystemRoot\system32\DRIVERS\raspti.sys (PTI DirectParallel(R) mini-port/call-manager driver/Microsoft Corporation) BA480000-BA485000 (20480 bytes)
Module \SystemRoot\system32\DRIVERS\rdpdr.sys (Microsoft RDP Device redirector/Microsoft Corporation) B9262000-B9292000 (196608 bytes)
Module \SystemRoot\system32\DRIVERS\termdd.sys (Terminal Server Driver/Microsoft Corporation) BA288000-BA292000 (40960 bytes)
Module \SystemRoot\system32\DRIVERS\psadd.sys (SMBIOS Driver/Lenovo (United States) Inc.) BA360000-BA366000 (24576 bytes)
Module \SystemRoot\system32\DRIVERS\swenum.sys (Plug and Play Software Device Enumerator/Microsoft Corporation) BA5D8000-BA5DA000 (8192 bytes)
Module \SystemRoot\system32\DRIVERS\ks.sys (Kernel CSA Library/Microsoft Corporation) B923F000-B9262000 (143360 bytes)
Module \SystemRoot\system32\DRIVERS\update.sys (Update Driver/Microsoft Corporation) B91E1000-B923F000 (385024 bytes)
Module \SystemRoot\system32\DRIVERS\mssmbios.sys (System Management BIOS Driver/Microsoft Corporation) B9C6F000-B9C73000 (16384 bytes)
Module \SystemRoot\system32\DRIVERS\btport.sys (Bluetooth BTPORT Driver for Windows 2000/Broadcom Corporation.) BA428000-BA42F000 (28672 bytes)
Module \SystemRoot\System32\Drivers\NDProxy.SYS (NDIS Proxy/Microsoft Corporation) BA2C8000-BA2D2000 (40960 bytes)
Module \SystemRoot\system32\drivers\ADIHdAud.sys (High Definition Audio Function Driver(Release Candidate 1)/Analog Devices, Inc.) B1168000-B1197000 (192512 bytes)
Module \SystemRoot\system32\drivers\portcls.sys (Port Class (Class Driver for Port/Miniport Devices)/Microsoft Corporation) B1144000-B1168000 (147456 bytes)
Module \SystemRoot\system32\drivers\drmk.sys (Microsoft Kernel DRM Descrambler Filter/Microsoft Corporation) BA2F8000-BA307000 (61440 bytes)
Module \SystemRoot\system32\drivers\AEAudio.sys (Audio Noise Filtering Driver (32-bit)/Andrea Electronics Corporation) B112D000-B1144000 (94208 bytes)
Module \SystemRoot\system32\DRIVERS\HSFHWAZL.sys (HSF_HWAZL WDM driver/Conexant Systems, Inc.) B10F9000-B112D000 (212992 bytes)
Module \SystemRoot\system32\DRIVERS\HSF_DPV.sys (HSF_DP driver/Conexant Systems, Inc.) B1007000-B10F9000 (991232 bytes)
Module \SystemRoot\system32\DRIVERS\HSF_CNXT.sys (HSF_CNXT driver/Conexant Systems, Inc.) B0F54000-B1007000 (733184 bytes)
Module \SystemRoot\System32\Drivers\Modem.SYS (Modemgerätetreiber/Microsoft Corporation) BA350000-BA358000 (32768 bytes)
Module \SystemRoot\system32\DRIVERS\usbhub.sys (Default Hub Driver for USB/Microsoft Corporation) BA138000-BA147000 (61440 bytes)
Module \SystemRoot\System32\Drivers\i2omgmt.SYS (I2O Utility Filter/Microsoft Corporation) B92AE000-B92B1000 (12288 bytes)
Module \SystemRoot\System32\Drivers\AFS2K.SYS (Audio File System/Oak Technology Inc.) BA148000-BA152000 (40960 bytes)
Module \SystemRoot\System32\Drivers\DLACDBHM.SYS (Shared Driver Component/Sonic Solutions) BA5EA000-BA5EC000 (8192 bytes)
Module \SystemRoot\System32\Drivers\Fs_Rec.SYS (File System Recognizer Driver/Microsoft Corporation) BA5EE000-BA5F0000 (8192 bytes)
Module \SystemRoot\System32\Drivers\Null.SYS (NULL Driver/Microsoft Corporation) BA75F000-BA760000 (4096 bytes)
Module \SystemRoot\System32\Drivers\Beep.SYS (BEEP Driver/Microsoft Corporation) BA5F2000-BA5F4000 (8192 bytes)
Module \SystemRoot\System32\Drivers\DLARTL_N.SYS (Shared Driver Component/Sonic Solutions) BA3C0000-BA3C6000 (24576 bytes)
Module \SystemRoot\System32\drivers\vga.sys (VGA/Super VGA Video Driver/Microsoft Corporation) BA3D0000-BA3D6000 (24576 bytes)
Module \SystemRoot\System32\Drivers\mnmdd.SYS (Frame buffer simulator/Microsoft Corporation) BA5F6000-BA5F8000 (8192 bytes)
Module \SystemRoot\System32\DRIVERS\RDPCDD.sys (RDP Miniport/Microsoft Corporation) BA5FA000-BA5FC000 (8192 bytes)
Module \SystemRoot\System32\Drivers\Msfs.SYS (Mailslot driver/Microsoft Corporation) BA3E0000-BA3E5000 (20480 bytes)
Module \SystemRoot\System32\Drivers\Npfs.SYS (NPFS Driver/Microsoft Corporation) BA3F0000-BA3F8000 (32768 bytes)
Module \SystemRoot\system32\DRIVERS\rasacd.sys (RAS Automatic Connection Driver/Microsoft Corporation) B929E000-B92A1000 (12288 bytes)
Module \SystemRoot\system32\DRIVERS\ipsec.sys (IPSec Driver/Microsoft Corporation) B0E39000-B0E4C000 (77824 bytes)
Module \SystemRoot\system32\DRIVERS\msgpc.sys (MS General Packet Classifier/Microsoft Corporation) BA168000-BA171000 (36864 bytes)
Module \SystemRoot\system32\DRIVERS\tcpip.sys (TCP/IP Protocol Driver/Microsoft Corporation) B0DE0000-B0E39000 (364544 bytes)
Module \SystemRoot\system32\DRIVERS\netbt.sys (MBT Transport driver/Microsoft Corporation) B0DB8000-B0DE0000 (163840 bytes)
Module \SystemRoot\system32\DRIVERS\ipnat.sys (IP Network Address Translator/Microsoft Corporation) B0D92000-B0DB8000 (155648 bytes)
Module \SystemRoot\system32\DRIVERS\wanarp.sys (MS Remote Access and Routing ARP Driver/Microsoft Corporation) BA178000-BA181000 (36864 bytes)
Module \SystemRoot\System32\drivers\afd.sys (Ancillary Function Driver for WinSock/Microsoft Corporation) B0D70000-B0D92000 (139264 bytes)
Module \SystemRoot\system32\DRIVERS\netbios.sys (NetBIOS interface driver/Microsoft Corporation) BA188000-BA191000 (36864 bytes)
Module \SystemRoot\System32\drivers\TSMAPIP.SYS BA448000-BA44D000 (20480 bytes)
Module \SystemRoot\System32\drivers\Tppwrif.sys BA450000-BA455000 (20480 bytes)
Module \SystemRoot\system32\DRIVERS\TPHKDRV.sys (ThinkPad Hotkey Driver/Lenovo Group Limited) BA460000-BA465000 (20480 bytes)
Module \SystemRoot\System32\drivers\TDSMAPI.SYS BA478000-BA47E000 (24576 bytes)
Module \SystemRoot\system32\DRIVERS\ssmdrv.sys (AVIRA SnapShot Driver/Avira GmbH) BA498000-BA49E000 (24576 bytes)
Module \SystemRoot\System32\drivers\Smapint.sys (SMAPI I/O/Microsoft Corporation) BA4A8000-BA4B0000 (32768 bytes)
Module \SystemRoot\system32\DRIVERS\rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation) B0D25000-B0D50000 (176128 bytes)
Module \SystemRoot\system32\DRIVERS\mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation) B0CB5000-B0D25000 (458752 bytes)
Module \SystemRoot\system32\DRIVERS\smiif32.sys (SMI Driver for Lenovo system/Lenovo Group Limited) BA608000-BA60A000 (8192 bytes)
Module \??\C:\WINDOWS\system32\Drivers\IBMBLDID.sys BA60C000-BA60E000 (8192 bytes)
Module \SystemRoot\System32\Drivers\Fips.SYS (FIPS-Verschlüsselungstreiber/Microsoft Corporation) BA1D8000-BA1E3000 (45056 bytes)
Module \SystemRoot\system32\DRIVERS\avipbb.sys (Avira Driver for RootKit Detection/Avira GmbH) B0C79000-B0C95000 (114688 bytes)
Module \SystemRoot\System32\Drivers\tcusb.sys (TouchChip USB Kernel Driver/UPEK Inc.) BA1F8000-BA203000 (45056 bytes)
Module \??\C:\Programme\Avira\AntiVir_Desktop\avgio.sys (Avira AntiVir Support for Minifilter/Avira GmbH) BA614000-BA616000 (8192 bytes)
Module \SystemRoot\System32\drivers\ANC.SYS (IBM Access Connections - ANC/IBM Corp.) B91B9000-B91BC000 (12288 bytes)
Module \SystemRoot\System32\Drivers\dump_iaStor.sys B0B76000-B0C51000 (897024 bytes)
Module \SystemRoot\System32\win32k.sys (Mehrbenutzer-Win32-Treiber/Microsoft Corporation) BF800000-BF9C4000 (1851392 bytes)
Module \SystemRoot\System32\drivers\Dxapi.sys (DirectX API Driver/Microsoft Corporation) B0C6D000-B0C70000 (12288 bytes)
Module \SystemRoot\System32\watchdog.sys (Watchdog Driver/Microsoft Corporation) BA3E8000-BA3ED000 (20480 bytes)
Module \SystemRoot\System32\drivers\dxg.sys (DirectX Graphics Driver/Microsoft Corporation) BF000000-BF012000 (73728 bytes)
Module \SystemRoot\System32\drivers\dxgthk.sys (DirectX Graphics Driver Thunk/Microsoft Corporation) BA7A8000-BA7A9000 (4096 bytes)
Module \SystemRoot\System32\ati2dvag.dll (ATI Radeon WindowsNT Display Driver/ATI Technologies Inc.) BF012000-BF062000 (327680 bytes)
Module \SystemRoot\System32\ati2cqag.dll (Central Memory Manager / Queue Server Module/ATI Technologies Inc.) BF062000-BF0EB000 (561152 bytes)
Module \SystemRoot\System32\atikvmag.dll (Virtual Command And Memory Manager/ATI Technologies Inc.) BF0EB000-BF158000 (446464 bytes)
Module \SystemRoot\System32\atiok3x2.dll (Ring 0 x2 component/ATI Technologies Inc.) BF158000-BF19B000 (274432 bytes)
Module \SystemRoot\System32\ati3duag.dll (ati3duag.dll/ATI Technologies Inc. ) BF19B000-BF55B000 (3932160 bytes)
Module \SystemRoot\System32\ativvaxx.dll (Radeon Video Acceleration Universal Driver/ATI Technologies Inc. ) BF55B000-BF7A0000 (2379776 bytes)
Module \SystemRoot\System32\ATMFD.DLL (Windows NT OpenType/Type 1 Font Driver/Adobe Systems Incorporated) BFFA0000-BFFE6000 (286720 bytes)
Module \SystemRoot\system32\DRIVERS\avgntflt.sys (Avira Minifilter Driver/Avira GmbH) AE7D2000-AE7E6000 (81920 bytes)
Module \SystemRoot\System32\Drivers\DRVNDDM.SYS (Device Driver Manager/Sonic Solutions) AE8F6000-AE900000 (40960 bytes)
Module \SystemRoot\System32\DLA\DLADResN.SYS (Drive Letter Access Component/Sonic Solutions) BA753000-BA754000 (4096 bytes)
Module \SystemRoot\System32\DLA\DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions) AE7BC000-AE7D2000 (90112 bytes)
Module \SystemRoot\System32\DLA\DLAOPIOM.SYS (Drive Letter Access Component/Sonic Solutions) AE812000-AE816000 (16384 bytes)
Module \SystemRoot\System32\DLA\DLAPoolM.SYS (Drive Letter Access Component/Sonic Solutions) BA5CA000-BA5CC000 (8192 bytes)
Module \SystemRoot\System32\DLA\DLABOIOM.SYS (Drive Letter Access Component/Sonic Solutions) BA390000-BA397000 (28672 bytes)
Module \SystemRoot\System32\DLA\DLAUDFAM.SYS (Drive Letter Access Component/Sonic Solutions) AE77C000-AE794000 (98304 bytes)
Module \SystemRoot\System32\DLA\DLAUDF_M.SYS (Drive Letter Access Component/Sonic Solutions) AE766000-AE77C000 (90112 bytes)
Module \SystemRoot\system32\DRIVERS\irda.sys (IRDA Protocol Driver/Microsoft Corporation) AE4A8000-AE4BE000 (90112 bytes)
Module \SystemRoot\system32\DRIVERS\ndisuio.sys (NDIS User mode I/O Driver/Microsoft Corporation) B0C71000-B0C75000 (16384 bytes)
Module \SystemRoot\system32\drivers\wdmaud.sys (MMSYSTEM Wave/Midi API mapper/Microsoft Corporation) AE303000-AE318000 (86016 bytes)
Module \SystemRoot\system32\drivers\sysaudio.sys (System Audio WDM Filter/Microsoft Corporation) AE400000-AE40F000 (61440 bytes)
Module \SystemRoot\system32\DRIVERS\mrxdav.sys (Windows NT WebDav Minirdr/Microsoft Corporation) AE028000-AE055000 (184320 bytes)
Module \SystemRoot\system32\DRIVERS\PROCDD.SYS (IPS Helper Driver/Lenovo Group Limited) BA410000-BA417000 (28672 bytes)
Module \SystemRoot\System32\Drivers\adfs.SYS (Adobe Drive File System Driver/Adobe Systems, Inc.) ACD3A000-ACD4B000 (69632 bytes)
Module \??\C:\WINDOWS\SYSTEM32\EGATHDRV.SYS (IBM eGatherer Kernel Module/IBM Corporation) BA5BC000-BA5BE000 (8192 bytes)
Module \SystemRoot\system32\DRIVERS\srv.sys (Server driver/Microsoft Corporation) AC898000-AC8EF000 (356352 bytes)
Module \SystemRoot\system32\DRIVERS\mdmxsdk.sys (Diagnostic Interface x86 Driver/Conexant) ACAAD000-ACAB1000 (16384 bytes)
Module \??\C:\WINDOWS\System32\drivers\pmemnt.sys (Physical Memory Driver/Microsoft Corporation) BA5DE000-BA5E0000 (8192 bytes)
Module \??\C:\Programme\Lenovo\SafeGuard_PrivateDisk\PrivateDiskM.sys (SafeGuard® PrivateDisk Driver/Utimaco Safeware AG) ACB15000-ACB24000 (61440 bytes)
Module \??\C:\Programme\SMI2\smi2.sys (SMI BIOS driver/IBM Corp.) BA7DF000-BA7E0000 (4096 bytes)
Module \??\C:\WINDOWS\system32\drivers\tvtfilter.sys (Rescue and Recovery filter driver/Lenovo) AC768000-AC76C000 (16384 bytes)
Module \SystemRoot\System32\Drivers\HTTP.sys (HTTP Protocol Stack/Microsoft Corporation) AC19F000-AC1E0000 (266240 bytes)
Module \??\C:\DOKUME~1\Norman\LOKALE~1\Temp\ugtdipow.sys (GMER) ABB05000-ABB1C000 (94208 bytes)
Module \SystemRoot\System32\Drivers\Fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation) ABAB6000-ABADA000 (147456 bytes)
Module \SystemRoot\system32\drivers\kmixer.sys (Kernel Mode Audio Mixer/Microsoft Corporation) ABA8B000-ABAB6000 (176128 bytes)
Module \WINDOWS\system32\ntdll.dll (DLL für NT-Layer/Microsoft Corporation) 7C910000-7C9C9000 (757760 bytes)

---- Processes - GMER 1.0.15 ----

Process System Idle 0
Process System 4
Process C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe (InstallShield Update Service Scheduler/InstallShield Software Corporation) 244
Library C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe (InstallShield Update Service Scheduler/InstallShield Software Corporation) 0x00400000
Library C:\WINDOWS\system32\ntdll.dll (DLL für NT-Layer/Microsoft Corporation) 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\USER32.dll (Client-DLL für Windows XP USER-API/Microsoft Corporation) 0x7E360000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77EF0000
Library C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation) 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FC0000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76330000
Library C:\WINDOWS\system32\imagehlp.dll (Windows NT Image Helper/Microsoft Corporation) 0x76C50000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77BE0000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE für Windows/Microsoft Corporation) 0x774B0000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F40000
Library C:\WINDOWS\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation) 0x63000000
Library C:\WINDOWS\system32\Normaliz.dll (Unicode Normalization DLL/Microsoft Corporation) 0x003A0000
Library C:\WINDOWS\system32\urlmon.dll (OLE32 Extensions for Win32/Microsoft Corporation) 0x1A400000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x770F0000
Library C:\WINDOWS\system32\iertutil.dll (Run time utility for Internet Explorer/Microsoft Corporation) 0x5DCA0000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x773A0000

Process C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe (scheduler_proxy Application/Lenovo Group Limited) 276
Library C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe (scheduler_proxy Application/Lenovo Group Limited) 0x00400000
Library C:\WINDOWS\system32\ntdll.dll (DLL für NT-Layer/Microsoft Corporation) 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation) 0x7C340000
Library C:\WINDOWS\system32\USER32.dll (Client-DLL für Windows XP USER-API/Microsoft Corporation) 0x7E360000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77EF0000
Library C:\WINDOWS\system32\MFC71U.DLL (MFCDLL Shared Library - Retail Version/Microsoft Corporation) 0x00480000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F40000
Library C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation) 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FC0000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77BE0000
Library C:\WINDOWS\system32\SHELL32.dll (Allgemeine Windows-Shell-DLL/Microsoft Corporation) 0x7E670000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76330000
Library C:\WINDOWS\system32\MFC71DEU.DLL (MFC Language Specific Resources/Microsoft Corporation) 0x5D360000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x773A0000
Library C:\WINDOWS\system32\comctl32.dll (Common Controls Library/Microsoft Corporation) 0x5D450000
Library C:\WINDOWS\system32\imagehlp.dll (Windows NT Image Helper/Microsoft Corporation) 0x76C50000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE für Windows/Microsoft Corporation) 0x774B0000
Library C:\WINDOWS\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation) 0x63000000
Library C:\WINDOWS\system32\Normaliz.dll (Unicode Normalization DLL/Microsoft Corporation) 0x003F0000
Library C:\WINDOWS\system32\urlmon.dll (OLE32 Extensions for Win32/Microsoft Corporation) 0x1A400000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x770F0000
Library C:\WINDOWS\system32\iertutil.dll (Run time utility for Internet Explorer/Microsoft Corporation) 0x5DCA0000
Library C:\WINDOWS\system32\sensapi.dll (SENS Connectivity API DLL/Microsoft Corporation) 0x72240000
Library C:\WINDOWS\system32\wtsapi32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x76F10000
Library C:\WINDOWS\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x76300000
Library C:\WINDOWS\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation)

Alt 28.06.2010, 08:33   #29
Kiesopfer
 
TR/PSW.Zbot.133169.Y alle 11 Minuten Antivir und temp Dateien - Standard

TR/PSW.Zbot.133169.Y alle 11 Minuten Antivir und temp Dateien


Protokoll GMER Teil 6:

Process C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe (ThinkPad EasyEject Support Application/Lenovo Group Ltd.) 356
Library C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe (ThinkPad EasyEject Support Application/Lenovo Group Ltd.) 0x00400000
Library C:\WINDOWS\system32\ntdll.dll (DLL für NT-Layer/Microsoft Corporation) 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F40000
Library C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation) 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FC0000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77EF0000
Library C:\WINDOWS\system32\USER32.dll (Client-DLL für Windows XP USER-API/Microsoft Corporation) 0x7E360000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77BE0000
Library C:\WINDOWS\system32\comdlg32.dll (DLL für gemeinsame Dialoge/Microsoft Corporation) 0x76350000
Library C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation) 0x773A0000
Library C:\WINDOWS\system32\SHELL32.dll (Allgemeine Windows-Shell-DLL/Microsoft Corporation) 0x7E670000
Library C:\WINDOWS\system32\WINSPOOL.DRV (Windows-Spoolertreiber/Microsoft Corporation) 0x72F70000
Library C:\WINDOWS\system32\oledlg.dll (Unterstützung für die Microsoft Windows(R) OLE 2.0-Benutzeroberfläche/Microsoft Corporation) 0x74CB0000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE für Windows/Microsoft Corporation) 0x774B0000
Library C:\WINDOWS\system32\OLEPRO32.DLL (Microsoft Corporation) 0x5F1A0000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x770F0000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76330000
Library C:\WINDOWS\system32\imagehlp.dll (Windows NT Image Helper/Microsoft Corporation) 0x76C50000
Library C:\WINDOWS\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation) 0x63000000
Library C:\WINDOWS\system32\Normaliz.dll (Unicode Normalization DLL/Microsoft Corporation) 0x003E0000
Library C:\WINDOWS\system32\urlmon.dll (OLE32 Extensions for Win32/Microsoft Corporation) 0x1A400000
Library C:\WINDOWS\system32\iertutil.dll (Run time utility for Internet Explorer/Microsoft Corporation) 0x5DCA0000
Library C:\WINDOWS\system32\uxtheme.dll (Microsoft UxTheme-Bibliothek/Microsoft Corporation) 0x5B0F0000
Library C:\PROGRA~1\ThinkPad\UTILIT~1\GR\EzMApRes.dll (Resources for EzEjMnAp.exe/Lenovo Group Ltd.) 0x10000000
Library C:\WINDOWS\system32\CfgMgr32.dll (Configuration Manager Forwarder DLL/Microsoft Corporation) 0x74A60000
Library C:\WINDOWS\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) 0x77B10000
Library C:\WINDOWS\system32\msctfime.ime (Microsoft Text Frame Work Service IME/Microsoft Corporation) 0x75250000
Library C:\WINDOWS\system32\setupapi.dll (Windows Setup-API/Microsoft Corporation) 0x778F0000

Process C:\Programme\ThinkPad\ConnectUtilities\ACWLIcon.exe (Access Connections Tray Status Application/Lenovo ) 380
Library C:\Programme\ThinkPad\ConnectUtilities\ACWLIcon.exe (Access Connections Tray Status Application/Lenovo ) 0x00400000
Library C:\WINDOWS\system32\ntdll.dll (DLL für NT-Layer/Microsoft Corporation) 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation) 0x7C800000
Library C:\Programme\ThinkPad\ConnectUtilities\AcLocSettings.dll (Access Connections Location Settings Module/Lenovo ) 0x0A000000
Library C:\WINDOWS\system32\MSVCP71.dll (Microsoft® C++ Runtime Library/Microsoft Corporation) 0x7C3A0000
Library C:\WINDOWS\system32\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation) 0x7C340000
Library C:\Programme\ThinkPad\ConnectUtilities\ACGUIHlpr.dll (Access Connections GUI Helper Module/Lenovo ) 0x10000000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E50000
Library C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation) 0x77DA0000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FC0000
Library C:\Programme\ThinkPad\ConnectUtilities\AcSvcStub.dll (Access Connections Main Service Stub Module/Lenovo ) 0x00380000
Library C:\Programme\ThinkPad\ConnectUtilities\ACHelper.dll (Access Connections Helper Module/Lenovo ) 0x003B0000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77BD0000
Library C:\WINDOWS\system32\USER32.dll (Client-DLL für Windows XP USER-API/Microsoft Corporation) 0x7E360000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77EF0000
Library C:\WINDOWS\system32\SHELL32.dll (Allgemeine Windows-Shell-DLL/Microsoft Corporation) 0x7E670000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77BE0000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F40000
Library C:\Programme\ThinkPad\ConnectUtilities\AcCryptHlpr.dll (Access Connections Crypt Helper Module/Lenovo ) 0x00430000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE für Windows/Microsoft Corporation) 0x774B0000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x770F0000
Library C:\WINDOWS\system32\MFC71U.DLL (MFCDLL Shared Library - Retail Version/Microsoft Corporation) 0x004B0000
Library C:\WINDOWS\system32\MSIMG32.dll (GDIEXT Client DLL/Microsoft Corporation) 0x76320000
Library C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation) 0x773A0000
Library C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgr.dll (Access Connections Profile Manager Module/Lenovo ) 0x08000000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76330000
Library C:\WINDOWS\system32\MFC71DEU.DLL (MFC Language Specific Resources/Microsoft Corporation) 0x5D360000
Library C:\Programme\ThinkPad\ConnectUtilities\Res\GR\GUIHlprRes.dll 0x00B30000
Library C:\WINDOWS\system32\imagehlp.dll (Windows NT Image Helper/Microsoft Corporation) 0x76C50000
Library C:\WINDOWS\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation) 0x63000000
Library C:\WINDOWS\system32\Normaliz.dll (Unicode Normalization DLL/Microsoft Corporation) 0x00C50000
Library C:\WINDOWS\system32\urlmon.dll (OLE32 Extensions for Win32/Microsoft Corporation) 0x1A400000
Library C:\WINDOWS\system32\iertutil.dll (Run time utility for Internet Explorer/Microsoft Corporation) 0x5DCA0000
Library C:\WINDOWS\system32\uxtheme.dll (Microsoft UxTheme-Bibliothek/Microsoft Corporation) 0x5B0F0000
Library C:\Programme\ThinkPad\ConnectUtilities\Res\GR\IconRes.dll 0x00FD0000

Process C:\WINDOWS\system32\wuauclt.exe (Windows Update/Microsoft Corporation) 456
Library C:\WINDOWS\system32\wuauclt.exe (Windows Update/Microsoft Corporation) 0x00400000
Library C:\WINDOWS\system32\ntdll.dll (DLL für NT-Layer/Microsoft Corporation) 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77BE0000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE für Windows/Microsoft Corporation) 0x774B0000
Library C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation) 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FC0000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77EF0000
Library C:\WINDOWS\system32\USER32.dll (Client-DLL für Windows XP USER-API/Microsoft Corporation) 0x7E360000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x770F0000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F40000
Library C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) 0x5CF00000
Library C:\WINDOWS\AppPatch\AcGenral.DLL (Windows Compatibility DLL/Microsoft Corporation) 0x6FD90000
Library C:\WINDOWS\system32\WINMM.dll (MCI API-DLL/Microsoft Corporation) 0x76AF0000
Library C:\WINDOWS\system32\MSACM32.dll (Microsoft ACM-Audiofilter/Microsoft Corporation) 0x77BB0000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77BD0000
Library C:\WINDOWS\system32\SHELL32.dll (Allgemeine Windows-Shell-DLL/Microsoft Corporation) 0x7E670000
Library C:\WINDOWS\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x76620000
Library C:\WINDOWS\system32\UxTheme.dll (Microsoft UxTheme-Bibliothek/Microsoft Corporation) 0x5B0F0000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76330000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x773A0000
Library C:\WINDOWS\system32\imagehlp.dll (Windows NT Image Helper/Microsoft Corporation) 0x76C50000
Library C:\WINDOWS\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation) 0x63000000
Library C:\WINDOWS\system32\Normaliz.dll (Unicode Normalization DLL/Microsoft Corporation) 0x003C0000
Library C:\WINDOWS\system32\urlmon.dll (OLE32 Extensions for Win32/Microsoft Corporation) 0x1A400000
Library C:\WINDOWS\system32\iertutil.dll (Run time utility for Internet Explorer/Microsoft Corporation) 0x5DCA0000
Library C:\WINDOWS\system32\mswsock.dll (Microsoft Windows Sockets 2.0-Dienstanbieter/Microsoft Corporation) 0x719B0000
Library C:\WINDOWS\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x71A10000
Library C:\WINDOWS\system32\WS2HELP.dll (Windows Socket 2.0 Helper für Windows NT/Microsoft Corporation) 0x71A00000
Library C:\WINDOWS\system32\wsock32.dll (Windows Socket-32-Bit-DLL/Microsoft Corporation) 0x71A30000
Library C:\WINDOWS\system32\wuaueng.dll (Windows Update Agent/Microsoft Corporation) 0x50040000
Library C:\WINDOWS\system32\ESENT.dll (Server-Datenbankspeichermodul/Microsoft Corporation) 0x5E200000
Library C:\WINDOWS\system32\WTSAPI32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x76F10000
Library C:\WINDOWS\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x76300000
Library C:\WINDOWS\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x597D0000
Library C:\WINDOWS\system32\WINSPOOL.DRV (Windows-Spoolertreiber/Microsoft Corporation) 0x72F70000
Library C:\WINDOWS\system32\IPHLPAPI.DLL (IP-Hilfs-API/Microsoft Corporation) 0x76D20000
Library C:\WINDOWS\system32\WINHTTP.dll (Windows HTTP Services/Microsoft Corporation) 0x4D5C0000
Library C:\WINDOWS\system32\WINTRUST.dll (Microsoft Vertrauensverifizierungs-APIs/Microsoft Corporation) 0x76BF0000
Library C:\WINDOWS\system32\CRYPT32.dll (Krypto-API32/Microsoft Corporation) 0x77A50000
Library C:\WINDOWS\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x77AF0000
Library C:\WINDOWS\system32\Cabinet.dll (Microsoft® Cabinet File API/Microsoft Corporation) 0x750D0000
Library C:\WINDOWS\system32\mspatcha.dll (Microsoft(R) Patch Engine/Microsoft Corporation) 0x604A0000
Library C:\WINDOWS\system32\xpsp2res.dll (Service Pack 2-Meldungen/Microsoft Corporation) 0x00FC0000
Library C:\WINDOWS\system32\CLBCATQ.DLL (Microsoft Corporation) 0x76F90000
Library C:\WINDOWS\system32\COMRes.dll (Microsoft Corporation) 0x77010000
Library C:\WINDOWS\system32\hnetcfg.dll (Heimnetzwerkkonfigurations-Manager/Microsoft Corporation) 0x66710000
Library C:\WINDOWS\System32\wshtcpip.dll (Windows Sockets Helper DLL/Microsoft Corporation) 0x719F0000
Library C:\WINDOWS\system32\wups2.dll (Windows Update client proxy stub 2/Microsoft Corporation) 0x50F00000

Process C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 484
Library C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 0x01000000
Library C:\WINDOWS\system32\ntdll.dll (DLL für NT-Layer/Microsoft Corporation) 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation) 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FC0000
Library C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) 0x5CF00000
Library C:\WINDOWS\AppPatch\AcGenral.DLL (Windows Compatibility DLL/Microsoft Corporation) 0x6FD90000
Library C:\WINDOWS\system32\USER32.dll (Client-DLL für Windows XP USER-API/Microsoft Corporation) 0x7E360000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77EF0000
Library C:\WINDOWS\system32\WINMM.dll (MCI API-DLL/Microsoft Corporation) 0x76AF0000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE für Windows/Microsoft Corporation) 0x774B0000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77BE0000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x770F0000
Library C:\WINDOWS\system32\MSACM32.dll (Microsoft ACM-Audiofilter/Microsoft Corporation) 0x77BB0000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77BD0000
Library C:\WINDOWS\system32\SHELL32.dll (Allgemeine Windows-Shell-DLL/Microsoft Corporation) 0x7E670000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F40000
Library C:\WINDOWS\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x76620000
Library C:\WINDOWS\system32\UxTheme.dll (Microsoft UxTheme-Bibliothek/Microsoft Corporation) 0x5B0F0000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76330000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x773A0000
Library C:\WINDOWS\system32\comctl32.dll (Common Controls Library/Microsoft Corporation) 0x5D450000
Library C:\WINDOWS\system32\imagehlp.dll (Windows NT Image Helper/Microsoft Corporation) 0x76C50000
Library C:\WINDOWS\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation) 0x63000000
Library C:\WINDOWS\system32\Normaliz.dll (Unicode Normalization DLL/Microsoft Corporation) 0x00760000
Library C:\WINDOWS\system32\urlmon.dll (OLE32 Extensions for Win32/Microsoft Corporation) 0x1A400000
Library C:\WINDOWS\system32\iertutil.dll (Run time utility for Internet Explorer/Microsoft Corporation) 0x5DCA0000
Library C:\WINDOWS\system32\NTMARTA.DLL (Windows NT MARTA-Anbieter/Microsoft Corporation) 0x77660000
Library C:\WINDOWS\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x71B70000
Library C:\WINDOWS\system32\WLDAP32.dll (Win32 LDAP-API-DLL/Microsoft Corporation) 0x76F20000
Library C:\WINDOWS\system32\xpsp2res.dll (Service Pack 2-Meldungen/Microsoft Corporation) 0x008D0000
Library c:\windows\system32\webclnt.dll (Web DAV Service DLL/Microsoft Corporation) 0x5AA50000
Library c:\windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x71A10000
Library c:\windows\system32\WS2HELP.dll (Windows Socket 2.0 Helper für Windows NT/Microsoft Corporation) 0x71A00000
Library C:\WINDOWS\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x68000000

Process C:\WINDOWS\System32\smss.exe (Windows NT-Sitzungs-Manager/Microsoft Corporation) 580
Library C:\WINDOWS\System32\smss.exe (Windows NT-Sitzungs-Manager/Microsoft Corporation) 0x48580000
Library C:\WINDOWS\system32\ntdll.dll (DLL für NT-Layer/Microsoft Corporation) 0x7C910000

Process C:\Programme\Picasa2\PicasaMediaDetector.exe (Picasa/Google Inc.) 604
Library C:\Programme\Picasa2\PicasaMediaDetector.exe (Picasa/Google Inc.) 0x00400000
Library C:\WINDOWS\system32\ntdll.dll (DLL für NT-Layer/Microsoft Corporation) 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\STI.dll (Digitalbildgeräte-Client-DLL/Microsoft Corporation) 0x73B10000
Library C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation) 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FC0000
Library C:\WINDOWS\system32\CFGMGR32.dll (Configuration Manager Forwarder DLL/Microsoft Corporation) 0x74A60000
Library C:\WINDOWS\system32\setupapi.DLL (Windows Setup-API/Microsoft Corporation) 0x778F0000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77EF0000
Library C:\WINDOWS\system32\USER32.dll (Client-DLL für Windows XP USER-API/Microsoft Corporation) 0x7E360000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77BE0000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE für Windows/Microsoft Corporation) 0x774B0000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x770F0000
Library C:\WINDOWS\system32\SHELL32.dll (Allgemeine Windows-Shell-DLL/Microsoft Corporation) 0x7E670000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F40000
Library C:\WINDOWS\system32\comdlg32.dll (DLL für gemeinsame Dialoge/Microsoft Corporation) 0x76350000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation) 0x773A0000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76330000
Library C:\WINDOWS\system32\imagehlp.dll (Windows NT Image Helper/Microsoft Corporation) 0x76C50000
Library C:\WINDOWS\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation) 0x63000000
Library C:\WINDOWS\system32\Normaliz.dll (Unicode Normalization DLL/Microsoft Corporation) 0x003C0000
Library C:\WINDOWS\system32\urlmon.dll (OLE32 Extensions for Win32/Microsoft Corporation) 0x1A400000
Library C:\WINDOWS\system32\iertutil.dll (Run time utility for Internet Explorer/Microsoft Corporation) 0x5DCA0000
Library C:\WINDOWS\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x76620000
Library C:\WINDOWS\system32\uxtheme.dll (Microsoft UxTheme-Bibliothek/Microsoft Corporation) 0x5B0F0000
Library C:\WINDOWS\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) 0x77B10000
Library C:\WINDOWS\system32\msctfime.ime (Microsoft Text Frame Work Service IME/Microsoft Corporation) 0x75250000
Library C:\WINDOWS\system32\CLBCATQ.DLL (Microsoft Corporation) 0x76F90000
Library C:\WINDOWS\system32\COMRes.dll (Microsoft Corporation) 0x77010000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77BD0000
Library C:\WINDOWS\system32\xpsp2res.dll (Service Pack 2-Meldungen/Microsoft Corporation) 0x00DB0000
Library C:\WINDOWS\system32\WINTRUST.dll (Microsoft Vertrauensverifizierungs-APIs/Microsoft Corporation) 0x76BF0000
Library C:\WINDOWS\system32\CRYPT32.dll (Krypto-API32/Microsoft Corporation) 0x77A50000
Library C:\WINDOWS\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation)

Alt 28.06.2010, 08:34   #30
Kiesopfer
 
TR/PSW.Zbot.133169.Y alle 11 Minuten Antivir und temp Dateien - Standard

TR/PSW.Zbot.133169.Y alle 11 Minuten Antivir und temp Dateien


Protokoll GMER Teil 7:

Process C:\WINDOWS\system32\csrss.exe (Client Server Runtime Process/Microsoft Corporation) 628
Library C:\WINDOWS\system32\csrss.exe (Client Server Runtime Process/Microsoft Corporation) 0x4A680000
Library C:\WINDOWS\system32\ntdll.dll (DLL für NT-Layer/Microsoft Corporation) 0x7C910000
Library C:\WINDOWS\system32\CSRSRV.dll (Client Server Runtime Process/Microsoft Corporation) 0x75AE0000
Library C:\WINDOWS\system32\basesrv.dll (Windows NT BASE API Server DLL/Microsoft Corporation) 0x75AF0000
Library C:\WINDOWS\system32\winsrv.dll (Windows-Server-DLL/Microsoft Corporation) 0x75B00000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77EF0000
Library C:\WINDOWS\system32\KERNEL32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\USER32.dll (Client-DLL für Windows XP USER-API/Microsoft Corporation) 0x7E360000
Library C:\WINDOWS\system32\sxs.dll (Fusion 2.5/Microsoft Corporation) 0x76970000
Library C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation) 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FC0000
Library C:\WINDOWS\system32\Apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) 0x77B10000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77BD0000

Process C:\WINDOWS\system32\winlogon.exe (Windows NT-Anmeldung/Microsoft Corporation) 660
Library C:\WINDOWS\system32\winlogon.exe (Windows NT-Anmeldung/Microsoft Corporation) 0x01000000
Library C:\WINDOWS\system32\ntdll.dll (DLL für NT-Layer/Microsoft Corporation) 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation) 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FC0000
Library C:\WINDOWS\system32\AUTHZ.dll (Authorization Framework/Microsoft Corporation) 0x77690000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77BE0000
Library C:\WINDOWS\system32\CRYPT32.dll (Krypto-API32/Microsoft Corporation) 0x77A50000
Library C:\WINDOWS\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x77AF0000
Library C:\WINDOWS\system32\USER32.dll (Client-DLL für Windows XP USER-API/Microsoft Corporation) 0x7E360000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77EF0000
Library C:\WINDOWS\system32\NDdeApi.dll (Netzwerk-DDE Share Management-APIs/Microsoft Corporation) 0x758E0000
Library C:\WINDOWS\system32\PROFMAP.dll (Userenv/Microsoft Corporation) 0x758D0000
Library C:\WINDOWS\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x597D0000
Library C:\WINDOWS\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x76620000
Library C:\WINDOWS\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76BB0000
Library C:\WINDOWS\system32\REGAPI.dll (Registry Configuration APIs/Microsoft Corporation) 0x76B70000
Library C:\WINDOWS\system32\SETUPAPI.dll (Windows Setup-API/Microsoft Corporation) 0x778F0000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77BD0000
Library C:\WINDOWS\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x76300000
Library C:\WINDOWS\system32\WINTRUST.dll (Microsoft Vertrauensverifizierungs-APIs/Microsoft Corporation) 0x76BF0000
Library C:\WINDOWS\system32\IMAGEHLP.dll (Windows NT Image Helper/Microsoft Corporation) 0x76C50000
Library C:\WINDOWS\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x71A10000
Library C:\WINDOWS\system32\WS2HELP.dll (Windows Socket 2.0 Helper für Windows NT/Microsoft Corporation) 0x71A00000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76330000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE für Windows/Microsoft Corporation) 0x774B0000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F40000
Library C:\WINDOWS\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation) 0x63000000
Library C:\WINDOWS\system32\Normaliz.dll (Unicode Normalization DLL/Microsoft Corporation) 0x005F0000
Library C:\WINDOWS\system32\urlmon.dll (OLE32 Extensions for Win32/Microsoft Corporation) 0x1A400000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x770F0000
Library C:\WINDOWS\system32\iertutil.dll (Run time utility for Internet Explorer/Microsoft Corporation) 0x5DCA0000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x773A0000
Library C:\WINDOWS\system32\MSGINA.dll (Windows-Anmeldungs-GINA-DLL/Microsoft Corporation) 0x75910000
Library C:\WINDOWS\system32\COMCTL32.dll (Common Controls Library/Microsoft Corporation) 0x5D450000
Library C:\WINDOWS\system32\ODBC32.dll (Microsoft Data Access - ODBC Driver Manager/Microsoft Corporation) 0x745D0000
Library C:\WINDOWS\system32\comdlg32.dll (DLL für gemeinsame Dialoge/Microsoft Corporation) 0x76350000
Library C:\WINDOWS\system32\SHELL32.dll (Allgemeine Windows-Shell-DLL/Microsoft Corporation) 0x7E670000
Library C:\WINDOWS\system32\odbcint.dll (Microsoft Data Access - ODBC Ressourcen/Microsoft Corporation) 0x1F840000
Library C:\WINDOWS\system32\SHSVCS.dll (Windows-Shelldienste-DLL/Microsoft Corporation) 0x776B0000
Library C:\WINDOWS\system32\sfc.dll (Windows File Protection/Microsoft Corporation) 0x76B60000
Library C:\WINDOWS\system32\sfc_os.dll (Windows-Dateischutz/Microsoft Corporation) 0x76C20000
Library C:\WINDOWS\system32\Apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) 0x77B10000
Library C:\WINDOWS\system32\msctfime.ime (Microsoft Text Frame Work Service IME/Microsoft Corporation) 0x75250000
Library C:\WINDOWS\system32\WINSCARD.DLL (Microsoft Smartcard-API/Microsoft Corporation) 0x72360000
Library C:\WINDOWS\system32\WTSAPI32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x76F10000
Library C:\WINDOWS\system32\sxs.dll (Fusion 2.5/Microsoft Corporation) 0x76970000
Library C:\WINDOWS\system32\WINMM.dll (MCI API-DLL/Microsoft Corporation) 0x76AF0000
Library C:\WINDOWS\system32\uxtheme.dll (Microsoft UxTheme-Bibliothek/Microsoft Corporation) 0x5B0F0000
Library C:\WINDOWS\system32\Ati2evxx.dll (ATI External Event Utility DLL Module/ATI Technologies Inc.) 0x10000000
Library C:\WINDOWS\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x68000000
Library C:\WINDOWS\system32\cscdll.dll (Offlinenetzwerk-Agent/Microsoft Corporation) 0x765A0000
Library C:\WINDOWS\System32\dimsntfy.dll (DIMS Notification Handler/Microsoft Corporation) 0x47120000
Library C:\WINDOWS\system32\WlNotify.dll (Common DLL to receive Winlogon notifications/Microsoft Corporation) 0x758F0000
Library C:\WINDOWS\system32\MPR.dll (Router-DLL für Mehrfachanbieter/Microsoft Corporation) 0x71A80000
Library C:\WINDOWS\system32\WINSPOOL.DRV (Windows-Spoolertreiber/Microsoft Corporation) 0x72F70000
Library C:\WINDOWS\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x71B70000
Library C:\Programme\Gemeinsame Dateien\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll (Adobe Drive Network Provider/Adobe Systems Incorporated) 0x01F30000
Library C:\WINDOWS\system32\cscui.dll (Clientseitige Cachebenutzeroberfläche/Microsoft Corporation) 0x779F0000
Library C:\WINDOWS\system32\msv1_0.dll (Microsoft Authentication Package v1.0/Microsoft Corporation) 0x77C40000
Library C:\WINDOWS\system32\cryptdll.dll (Cryptography Manager/Microsoft Corporation) 0x76740000
Library C:\WINDOWS\system32\iphlpapi.dll (IP-Hilfs-API/Microsoft Corporation) 0x76D20000
Library C:\WINDOWS\system32\xpsp2res.dll (Service Pack 2-Meldungen/Microsoft Corporation) 0x01790000
Library C:\Programme\Lenovo\AwayTask\AwayNotify.dll (Away Manager notification package./Lenovo Group Limited) 0x014D0000
Library C:\WINDOWS\system32\NTMARTA.DLL (Windows NT MARTA-Anbieter/Microsoft Corporation) 0x77660000
Library C:\WINDOWS\system32\WLDAP32.dll (Win32 LDAP-API-DLL/Microsoft Corporation) 0x76F20000
Library C:\WINDOWS\system32\wdmaud.drv (WDM Audio driver mapper/Microsoft Corporation) 0x72C90000
Library C:\WINDOWS\system32\msacm32.drv (Microsoft Soundmapper/Microsoft Corporation) 0x72C80000
Library C:\WINDOWS\system32\MSACM32.dll (Microsoft ACM-Audiofilter/Microsoft Corporation) 0x77BB0000
Library C:\WINDOWS\system32\midimap.dll (Microsoft MIDI-Mapper/Microsoft Corporation) 0x77BA0000
Library C:\WINDOWS\system32\COMRes.dll (Microsoft Corporation) 0x77010000
Library C:\WINDOWS\system32\CLBCATQ.DLL (Microsoft Corporation) 0x76F90000

Process C:\WINDOWS\system32\services.exe (Anwendung für Dienste und Controller/Microsoft Corporation) 708
Library C:\WINDOWS\system32\services.exe (Anwendung für Dienste und Controller/Microsoft Corporation) 0x01000000
Library C:\WINDOWS\system32\ntdll.dll (DLL für NT-Layer/Microsoft Corporation) 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation) 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FC0000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77BE0000
Library C:\WINDOWS\system32\NCObjAPI.DLL (Microsoft Corporation) 0x5FB60000
Library C:\WINDOWS\system32\MSVCP60.dll (Microsoft (R) C++ Runtime Library/Microsoft Corporation) 0x76020000
Library C:\WINDOWS\system32\SCESRV.dll (Windows-Sicherheitskonfigurations-Editormodul/Microsoft Corporation) 0x77B40000
Library C:\WINDOWS\system32\AUTHZ.dll (Authorization Framework/Microsoft Corporation) 0x77690000
Library C:\WINDOWS\system32\USER32.dll (Client-DLL für Windows XP USER-API/Microsoft Corporation) 0x7E360000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77EF0000
Library C:\WINDOWS\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x76620000
Library C:\WINDOWS\system32\umpnpmgr.dll (Plug & Play-Dienst (Benutzermodus)/Microsoft Corporation) 0x7DBB0000
Library C:\WINDOWS\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x76300000
Library C:\WINDOWS\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x597D0000
Library C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) 0x5CF00000
Library C:\WINDOWS\AppPatch\AcAdProc.dll (Windows Compatibility DLL/Microsoft Corporation) 0x47440000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76330000
Library C:\WINDOWS\system32\imagehlp.dll (Windows NT Image Helper/Microsoft Corporation) 0x76C50000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE für Windows/Microsoft Corporation) 0x774B0000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F40000
Library C:\WINDOWS\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation) 0x63000000
Library C:\WINDOWS\system32\Normaliz.dll (Unicode Normalization DLL/Microsoft Corporation) 0x003B0000
Library C:\WINDOWS\system32\urlmon.dll (OLE32 Extensions for Win32/Microsoft Corporation) 0x1A400000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x770F0000
Library C:\WINDOWS\system32\iertutil.dll (Run time utility for Internet Explorer/Microsoft Corporation) 0x5DCA0000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x773A0000
Library C:\WINDOWS\system32\Apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) 0x77B10000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77BD0000
Library C:\WINDOWS\system32\eventlog.dll (Ereignisprotokolldienst/Microsoft Corporation) 0x772D0000
Library C:\WINDOWS\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76BB0000
Library C:\WINDOWS\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x71A10000
Library C:\WINDOWS\system32\WS2HELP.dll (Windows Socket 2.0 Helper für Windows NT/Microsoft Corporation) 0x71A00000
Library C:\WINDOWS\system32\wtsapi32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x76F10000

Process C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) 720
Library C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) 0x01000000
Library C:\WINDOWS\system32\ntdll.dll (DLL für NT-Layer/Microsoft Corporation) 0x7C910000
Library C:\WINDOWS\system32\kernel32.dll (Client-DLL für Windows NT-Basis-API/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\ADVAPI32.dll (Erweitertes Windows 32 Base-API/Microsoft Corporation) 0x77DA0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E50000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FC0000
Library C:\WINDOWS\system32\LSASRV.dll (LSA-Server-DLL/Microsoft Corporation) 0x753D0000
Library C:\WINDOWS\system32\MPR.dll (Router-DLL für Mehrfachanbieter/Microsoft Corporation) 0x71A80000
Library C:\WINDOWS\system32\USER32.dll (Client-DLL für Windows XP USER-API/Microsoft Corporation) 0x7E360000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77EF0000
Library C:\WINDOWS\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x77AF0000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77BE0000
Library C:\WINDOWS\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x597D0000
Library C:\WINDOWS\system32\NTDSAPI.dll (NT5DS/Microsoft Corporation) 0x76750000
Library C:\WINDOWS\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x76EE0000
Library C:\WINDOWS\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x71A10000
Library C:\WINDOWS\system32\WS2HELP.dll (Windows Socket 2.0 Helper für Windows NT/Microsoft Corporation) 0x71A00000
Library C:\WINDOWS\system32\WLDAP32.dll (Win32 LDAP-API-DLL/Microsoft Corporation) 0x76F20000
Library C:\WINDOWS\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x71B70000
Library C:\WINDOWS\system32\SAMSRV.dll (SAM Server-DLL/Microsoft Corporation) 0x743C0000
Library C:\WINDOWS\system32\cryptdll.dll (Cryptography Manager/Microsoft Corporation) 0x76740000
Library C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) 0x5CF00000
Library C:\WINDOWS\AppPatch\AcGenral.DLL (Windows Compatibility DLL/Microsoft Corporation) 0x6FD90000
Library C:\WINDOWS\system32\WINMM.dll (MCI API-DLL/Microsoft Corporation) 0x76AF0000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE für Windows/Microsoft Corporation) 0x774B0000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x770F0000
Library C:\WINDOWS\system32\MSACM32.dll (Microsoft ACM-Audiofilter/Microsoft Corporation) 0x77BB0000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77BD0000
Library C:\WINDOWS\system32\SHELL32.dll (Allgemeine Windows-Shell-DLL/Microsoft Corporation) 0x7E670000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F40000
Library C:\WINDOWS\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x76620000
Library C:\WINDOWS\system32\UxTheme.dll (Microsoft UxTheme-Bibliothek/Microsoft Corporation) 0x5B0F0000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76330000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x773A0000
Library C:\WINDOWS\system32\comctl32.dll (Common Controls Library/Microsoft Corporation) 0x5D450000
Library C:\WINDOWS\system32\imagehlp.dll (Windows NT Image Helper/Microsoft Corporation) 0x76C50000
Library C:\WINDOWS\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation) 0x63000000
Library C:\WINDOWS\system32\Normaliz.dll (Unicode Normalization DLL/Microsoft Corporation) 0x00680000
Library C:\WINDOWS\system32\urlmon.dll (OLE32 Extensions for Win32/Microsoft Corporation) 0x1A400000
Library C:\WINDOWS\system32\iertutil.dll (Run time utility for Internet Explorer/Microsoft Corporation) 0x5DCA0000
Library C:\WINDOWS\system32\msprivs.dll (Microsoft Privilege Translations/Microsoft Corporation) 0x4D200000
Library C:\WINDOWS\system32\kerberos.dll (Kerberos Security Package/Microsoft Corporation) 0x71C70000
Library C:\WINDOWS\system32\msv1_0.dll (Microsoft Authentication Package v1.0/Microsoft Corporation) 0x77C40000
Library C:\WINDOWS\system32\iphlpapi.dll (IP-Hilfs-API/Microsoft Corporation) 0x76D20000
Library C:\WINDOWS\system32\netlogon.dll (Net Logon Services DLL/Microsoft Corporation) 0x74430000
Library C:\WINDOWS\system32\w32time.dll (Windows-Zeitdienst/Microsoft Corporation) 0x76770000
Library C:\WINDOWS\system32\MSVCP60.dll (Microsoft (R) C++ Runtime Library/Microsoft Corporation) 0x76020000
Library C:\WINDOWS\system32\schannel.dll (TLS / SSL Security Provider/Microsoft Corporation) 0x767A0000
Library C:\WINDOWS\system32\CRYPT32.dll (Krypto-API32/Microsoft Corporation) 0x77A50000
Library C:\WINDOWS\system32\wdigest.dll (Microsoft Digest Access/Microsoft Corporation) 0x7F000000
Library C:\WINDOWS\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x68000000
Library C:\WINDOWS\system32\setupapi.dll (Windows Setup-API/Microsoft Corporation) 0x778F0000
Library C:\WINDOWS\system32\scecli.dll (Clientmodul für Windows-Sicherheitskonfigurations-Editor/Microsoft Corporation) 0x7D520000
Library C:\WINDOWS\system32\ipsecsvc.dll (Windows IPSec-SPD-Server-DLL/Microsoft Corporation) 0x74350000
Library C:\WINDOWS\system32\AUTHZ.dll (Authorization Framework/Microsoft Corporation) 0x77690000
Library C:\WINDOWS\system32\oakley.DLL (Oakley-Schlüssel-Manager/Microsoft Corporation) 0x756C0000
Library C:\WINDOWS\system32\WINIPSEC.DLL (Windows IPSec SPD Client DLL/Microsoft Corporation) 0x742E0000
Library C:\WINDOWS\system32\pstorsvc.dll (Server für den Dienst für den geschützten Speicher/Microsoft Corporation) 0x74310000
Library C:\WINDOWS\system32\mswsock.dll (Microsoft Windows Sockets 2.0-Dienstanbieter/Microsoft Corporation) 0x719B0000
Library C:\WINDOWS\system32\hnetcfg.dll (Heimnetzwerkkonfigurations-Manager/Microsoft Corporation) 0x66710000
Library C:\WINDOWS\System32\wshtcpip.dll (Windows Sockets Helper DLL/Microsoft Corporation) 0x719F0000
Library C:\WINDOWS\system32\dssenh.dll (Microsoft Enhanced DSS and Diffie-Hellman Cryptographic Provider/Microsoft Corporation) 0x68100000
Library C:\WINDOWS\system32\psbase.dll (Standardanbieter für den geschützten Speicher/Microsoft Corporation)

Antwort
Seite 2 von 7 1 2 34 Letzte »

Themen zu TR/PSW.Zbot.133169.Y alle 11 Minuten Antivir und temp Dateien
aktiv, antivir, befallen, dateien, diverse, gelöscht, java, meldung, minute, minuten, neue, neuen, neuste, ordner, programm, programme, sperrt, stelle, system, temp, temporäre dateien, thema, tr/psw.zbot., tr/psw.zbot.133169.y temporäre dateien windows trojaner 11 minuten, update, version, virus, ähnliches


« HiJackThis Log. Mozilla öffnet immer neue Werbe-Fenster von alleine! | Cpu last auf 100% »


Ähnliche Themen: TR/PSW.Zbot.133169.Y alle 11 Minuten Antivir und temp Dateien


  1. Internet geht ca alle 10 minuten aus
    Plagegeister aller Art und deren Bekämpfung - 19.11.2012 (19)
  2. TR/ATRAPS.Gen2 und TR/ATRAPS.Gen wird alle paar Minuten von Antivir gemeldet
    Plagegeister aller Art und deren Bekämpfung - 21.08.2012 (22)
  3. antivir meldet alle paar minuten den fund TR/ATRAPS.Gen und TR/ATRAPS.Gen2
    Log-Analyse und Auswertung - 01.08.2012 (4)
  4. Computer öffnet .exe Dateien nicht , IE - Popups öffnen sich alle 2 Minuten > Folgen von Viren?
    Alles rund um Windows - 04.04.2011 (3)
  5. Antivir meldet C:\Windows\temp\xxxx.tmp (TR/Crypt.ZPACK.Gen) alle paar Minuten
    Plagegeister aller Art und deren Bekämpfung - 10.10.2010 (4)
  6. Trojaner/Virus befällt alle .exe Dateien / AntiVir ohne Wirkung / Malware?
    Plagegeister aller Art und deren Bekämpfung - 05.09.2010 (11)
  7. Antivir meldet alle 10min. TR/PSW.Zbot.133169.Y
    Plagegeister aller Art und deren Bekämpfung - 14.07.2010 (29)
  8. AntiVir findet dauernd "TR/PSW.Zbot.133169.Y"
    Plagegeister aller Art und deren Bekämpfung - 06.07.2010 (8)
  9. Antivir meldet alle paar Minuten "TR/PSW.Zbot.133169.Y"
    Plagegeister aller Art und deren Bekämpfung - 04.07.2010 (3)
  10. TR/PSW.Zbot.133169.Y alle paar Antivir und temp Dateien
    Plagegeister aller Art und deren Bekämpfung - 30.06.2010 (28)
  11. Pc Stürzt alle 10 Minuten ab
    Plagegeister aller Art und deren Bekämpfung - 06.06.2010 (1)
  12. Antivir gibt alle paar Minuten Warnungen raus
    Log-Analyse und Auswertung - 04.04.2010 (5)
  13. Alle 5 Minuten Trojaner Meldung über Avira AntiVir
    Plagegeister aller Art und deren Bekämpfung - 23.12.2009 (48)
  14. Antivir meldet C:\Windows\temp\xxxx.tmp (TR/Crypt.ZPACK.Gen) alle 10 Minuten
    Plagegeister aller Art und deren Bekämpfung - 04.11.2009 (6)
  15. CPU 100% alle 3 Minuten
    Log-Analyse und Auswertung - 31.07.2008 (6)
  16. mx_**.temp dateien in windows/temp ordner?
    Plagegeister aller Art und deren Bekämpfung - 27.06.2007 (1)
  17. Alle 20 Minuten Startet der PC neu
    Mülltonne - 20.05.2007 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema TR/PSW.Zbot.133169.Y alle 11 Minuten Antivir und temp Dateien - Schritt 1 Temp File Cleaner Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop. Schließe nun alle offenen Programme und trenne Dich von dem - TR/PSW.Zbot.133169.Y alle 11 Minuten Antivir und temp Dateien...
Archiv
Du betrachtest: TR/PSW.Zbot.133169.Y alle 11 Minuten Antivir und temp Dateien auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54