GMER Auswertung meines Systems?
Hallo Leute,
ich hatte einige Viren auf dem Rechner, keine Ahnung woher. Surfe nur auf bekannten Seiten. Konnte jetz alle mit Malwarebytes entfernen. Es waren Passwort Trojaner in der Registry. Dann noch dll Dateien im Appdata Ordner und auch eine .exe Datei.
Jetz habe ich mich hier eingelesen und mein System mit GMER checken lassen. Kann mit der Logfile jedoch nichts anfangen. Könnt ihr mir da helfen?
Oder soll ich doch lieber formatieren da ich auch Onlinebanking betreibe?
Logfile:
GMER Logfile: Code:
GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2011-11-29 01:50:30
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 SAMSUNG_ rev.2AK1
Running: l4owi2kc.exe; Driver: C:\Users\Selcuk\AppData\Local\Temp\pfdiqpog.sys
---- System - GMER 1.0.15 ----
SSDT 93258FC6 ZwCreateSection
SSDT 93258FD0 ZwRequestWaitReplyPort
SSDT 93258FCB ZwSetContextThread
SSDT 93258FD5 ZwSetSecurityObject
SSDT 93258FDA ZwSystemDebugControl
SSDT 93258F67 ZwTerminateProcess
---- Kernel code sections - GMER 1.0.15 ----
.text ntoskrnl.exe!ZwSaveKey + 13CD 830359C9 1 Byte [06]
.text ntoskrnl.exe!KiDispatchInterrupt + 5A2 830554E2 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntoskrnl.exe!KeRemoveQueueEx + 14BF 8305C85C 2 Bytes [C6, 8F]
.text ntoskrnl.exe!KeRemoveQueueEx + 14C2 8305C85F 1 Byte [93]
.text ntoskrnl.exe!KeRemoveQueueEx + 181B 8305CBB8 4 Bytes [D0, 8F, 25, 93]
.text ntoskrnl.exe!KeRemoveQueueEx + 185F 8305CBFC 4 Bytes [CB, 8F, 25, 93]
.text ntoskrnl.exe!KeRemoveQueueEx + 18DB 8305CC78 4 Bytes [D5, 8F, 25, 93]
.text ...
? System32\drivers\mkgeue.sys Das System kann den angegebenen Pfad nicht finden. !
.text kernel32.dll!CreateProcessW 76C2204D 6 Bytes [FF, 25, 1E, 00, A8, 71] {JMP [0x71a8001e]}
.text kernel32.dll!CreateProcessA 76C22082 6 Bytes [FF, 25, 1E, 00, AE, 71] {JMP [0x71ae001e]}
.text KernelBase.dll!FreeLibrary + B3 75EB8B4D 4 Bytes [0A, 00, 3F, 00]
---- User code sections - GMER 1.0.15 ----
.text C:\Windows\system32\svchost.exe[108] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A80F5A
.text C:\Windows\system32\svchost.exe[108] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Windows\system32\svchost.exe[312] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A80F5A
.text C:\Windows\system32\svchost.exe[312] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Windows\system32\wininit.exe[492] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A80F5A
.text C:\Windows\system32\wininit.exe[492] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Windows\system32\services.exe[540] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A80F5A
.text C:\Windows\system32\services.exe[540] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Windows\system32\lsass.exe[564] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A80F5A
.text C:\Windows\system32\lsass.exe[564] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Windows\system32\lsm.exe[572] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A80F5A
.text C:\Windows\system32\lsm.exe[572] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Windows\system32\winlogon.exe[596] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A80F5A
.text C:\Windows\system32\winlogon.exe[596] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[620] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A90F5A
.text C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[620] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AF0F5A
.text C:\Windows\system32\svchost.exe[720] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A80F5A
.text C:\Windows\system32\svchost.exe[720] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Windows\system32\svchost.exe[808] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A80F5A
.text C:\Windows\system32\svchost.exe[808] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Windows\System32\svchost.exe[872] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A80F5A
.text C:\Windows\System32\svchost.exe[872] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Windows\System32\svchost.exe[956] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A80F5A
.text C:\Windows\System32\svchost.exe[956] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[996] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A80F5A
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe[996] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Windows\system32\svchost.exe[1004] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A80F5A
.text C:\Windows\system32\svchost.exe[1004] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Windows\system32\svchost.exe[1128] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A80F5A
.text C:\Windows\system32\svchost.exe[1128] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Windows\system32\svchost.exe[1216] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A80F5A
.text C:\Windows\system32\svchost.exe[1216] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Windows\System32\spoolsv.exe[1384] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A80F5A
.text C:\Windows\System32\spoolsv.exe[1384] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Windows\system32\svchost.exe[1452] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A80F5A
.text C:\Windows\system32\svchost.exe[1452] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[1504] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A80F5A
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[1504] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1524] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A80F5A
.text C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe[1524] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Windows\system32\taskhost.exe[1552] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A40F5A
.text C:\Windows\system32\taskhost.exe[1552] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Windows\system32\Dwm.exe[1600] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71990F5A
.text C:\Windows\system32\Dwm.exe[1600] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71A80F5A
.text C:\Windows\system32\taskeng.exe[1612] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A80F5A
.text C:\Windows\system32\taskeng.exe[1612] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Windows\Explorer.EXE[1640] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A40F5A
.text C:\Windows\Explorer.EXE[1640] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1860] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A80F5A
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1860] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1908] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A40F5A
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[1908] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe[1932] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A40F5A
.text C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe[1932] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[1948] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A80F5A
.text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[1948] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Program Files\Bonjour\mDNSResponder.exe[1964] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A80F5A
.text C:\Program Files\Bonjour\mDNSResponder.exe[1964] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe[1976] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A40F5A
.text C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe[1976] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[2232] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A80F5A
.text C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe[2232] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Windows\System32\svchost.exe[2244] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A80F5A
.text C:\Windows\System32\svchost.exe[2244] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Windows\system32\igfxext.exe[2340] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A80F5A
.text C:\Windows\system32\igfxext.exe[2340] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Windows\system32\igfxsrvc.exe[2376] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A80F5A
.text C:\Windows\system32\igfxsrvc.exe[2376] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Windows\system32\conhost.exe[2596] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A80F5A
.text C:\Windows\system32\conhost.exe[2596] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Windows\system32\svchost.exe[2856] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A80F5A
.text C:\Windows\system32\svchost.exe[2856] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2980] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A80F5A
.text C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe[2980] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Windows\System32\rundll32.exe[3028] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A80F5A
.text C:\Windows\System32\rundll32.exe[3028] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3116] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A40F5A
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3116] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3164] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A40F5A
.text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3164] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3220] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A80F5A
.text C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3220] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Program Files\Logitech\SetPointP\SetPoint.exe[3312] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A40F5A
.text C:\Program Files\Logitech\SetPointP\SetPoint.exe[3312] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Windows\System32\igfxtray.exe[3336] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A80F5A
.text C:\Windows\System32\igfxtray.exe[3336] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Windows\System32\hkcmd.exe[3344] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A80F5A
.text C:\Windows\System32\hkcmd.exe[3344] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Windows\System32\igfxpers.exe[3380] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A80F5A
.text C:\Windows\System32\igfxpers.exe[3380] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Windows\System32\svchost.exe[3556] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A80F5A
.text C:\Windows\System32\svchost.exe[3556] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3604] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A80F5A
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3604] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE[3792] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A40F5A
.text C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE[3792] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3904] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 719B0F5A
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3904] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Windows\system32\DllHost.exe[4008] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A80F5A
.text C:\Windows\system32\DllHost.exe[4008] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe[4080] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A50F5A
.text C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe[4080] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AF0F5A
.text C:\Windows\system32\wuauclt.exe[4264] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A80F5A
.text C:\Windows\system32\wuauclt.exe[4264] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\PROGRA~1\samsung\SAMSUN~1\SUPNOT~1.EXE[4808] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A90F5A
.text C:\PROGRA~1\samsung\SAMSUN~1\SUPNOT~1.EXE[4808] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AF0F5A
.text C:\Program Files\Spybot - Search & Destroy 2\SDHookSvc.exe[4900] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A90F5A
.text C:\Program Files\Spybot - Search & Destroy 2\SDHookSvc.exe[4900] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AF0F5A
.text C:\Windows\system32\taskhost.exe[5180] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A90F5A
.text C:\Windows\system32\taskhost.exe[5180] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AF0F5A
.text C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[5456] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A40F5A
.text C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[5456] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AE0F5A
.text C:\Users\Selcuk\Downloads\l4owi2kc.exe[12068] kernel32.dll!CreateProcessW 76C2204D 6 Bytes JMP 71A90F5A
.text C:\Users\Selcuk\Downloads\l4owi2kc.exe[12068] kernel32.dll!CreateProcessA 76C22082 6 Bytes JMP 71AF0F5A
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\Windows\System32\rundll32.exe[3028] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [75B3FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[3028] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [75B3FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[3028] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [75B3FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[3028] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [75B3FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[5456] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [75B3FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[5456] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [75B3FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[5456] @ C:\Windows\system32\advapi32.dll [KERNEL32.dll!GetProcAddress] [75B3FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[5456] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [75B3FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[5456] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [75B3FFF6] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Kernelmodustreiber-Frameworklaufzeit/Microsoft Corporation)
Device \Driver\ACPI_HAL \Device\00000051 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
---- EOF - GMER 1.0.15 ----
--- --- --- |
