Basti0201 | 19.11.2013 13:27 | GMER Code:
GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-11-19 13:03:22
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.PB3O 298,09GB
Running: et08iymj.exe; Driver: C:\Users\Acer\AppData\Local\Temp\kgldrpob.sys
---- System - GMER 2.1 ----
SSDT \??\C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys ZwAllocateVirtualMemory [0x924980BE]
SSDT \??\C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys ZwAlpcConnectPort [0x9249B566]
SSDT \??\C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys ZwAlpcSendWaitReceivePort [0x9249B09C]
SSDT \??\C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys ZwAssignProcessToJobObject [0x92498C88]
SSDT \??\C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys ZwClose [0x9249BB8C]
SSDT \??\C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys ZwConnectPort [0x9249A418]
SSDT \??\C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys ZwCreateFile [0x9249995C]
SSDT \??\C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys ZwCreateKey [0x9249AB10]
SSDT \??\C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys ZwCreateProcess [0x92498EDE]
SSDT \??\C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys ZwCreateProcessEx [0x92498F94]
SSDT \??\C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys ZwCreateSection [0x9249927E]
SSDT \??\C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys ZwCreateThread [0x92497A2E]
SSDT \??\C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys ZwCreateThreadEx [0x9249BDA8]
SSDT \??\C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys ZwDeviceIoControlFile [0x9249AC80]
SSDT \??\C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys ZwDuplicateObject [0x9249F11A]
SSDT \??\C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys ZwFsControlFile [0x9249AF38]
SSDT \??\C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys ZwLoadDriver [0x92498594]
SSDT \??\C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys ZwMakeTemporaryObject [0x9249B934]
SSDT \??\C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys ZwOpenFile [0x9249974E]
SSDT \??\C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys ZwOpenProcess [0x9249EB72]
SSDT \??\C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys ZwOpenSection [0x9249904E]
SSDT \??\C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys ZwOpenThread [0x9249EE22]
SSDT \??\C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys ZwProtectVirtualMemory [0x92497F42]
SSDT \??\C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys ZwQueueApcThread [0x92498DB0]
SSDT \??\C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys ZwReplaceKey [0x9249B782]
SSDT \??\C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys ZwRequestPort [0x9249A586]
SSDT \??\C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys ZwRequestWaitReplyPort [0x92499F1A]
SSDT \??\C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys ZwRestoreKey [0x9249B80C]
SSDT \??\C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys ZwSecureConnectPort [0x9249A9A0]
SSDT \??\C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys ZwSetContextThread [0x92497B9E]
SSDT \??\C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys ZwSetSecurityObject [0x9249B6DC]
SSDT \??\C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys ZwSetSystemInformation [0x9249878E]
SSDT \??\C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys ZwShutdownSystem [0x9249B89E]
SSDT \??\C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys ZwSuspendProcess [0x92497E1A]
SSDT \??\C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys ZwSuspendThread [0x92497CF4]
SSDT \??\C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys ZwSystemDebugControl [0x92498BBA]
SSDT \??\C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys ZwTerminateProcess [0x9249EA6A]
SSDT \??\C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys ZwTerminateThread [0x9249F30C]
SSDT \??\C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys ZwUnloadDriver [0x9249B9CA]
SSDT \??\C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys ZwWriteVirtualMemory [0x924978B2]
SYSENTER \SystemRoot\system32\DRIVERS\avc3.sys 8B986000
---- Kernel code sections - GMER 2.1 ----
.text ntkrnlpa.exe!ZwRollbackEnlistment + 142D 8304CA15 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 83086212 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!KeRemoveQueueEx + 10F3 8308D488 4 Bytes [BE, 80, 49, 92]
.text ntkrnlpa.exe!KeRemoveQueueEx + 10FF 8308D494 4 Bytes [66, B5, 49, 92] {MOV CH, 0x49; XCHG EDX, EAX}
.text ntkrnlpa.exe!KeRemoveQueueEx + 1143 8308D4D8 4 Bytes [9C, B0, 49, 92] {PUSHF ; MOV AL, 0x49; XCHG EDX, EAX}
.text ntkrnlpa.exe!KeRemoveQueueEx + 1153 8308D4E8 4 Bytes [88, 8C, 49, 92]
.text ntkrnlpa.exe!KeRemoveQueueEx + 116F 8308D504 4 Bytes [8C, BB, 49, 92]
.text ...
---- User code sections - GMER 2.1 ----
.text C:\Program Files\LSI SoftModem\agrsmsvc.exe[1120] ntdll.dll!NtLoadDriver + 8 76F25BA0 2 Bytes [89, FC] {MOV ESP, EDI}
.text C:\Windows\system32\notepad.exe[1148] ntdll.dll!NtLoadDriver + 8 76F25BA0 2 Bytes [89, FC] {MOV ESP, EDI}
.text C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe[1360] ntdll.dll!NtLoadDriver + 8 76F25BA0 2 Bytes [89, FC] {MOV ESP, EDI}
.text C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe[1360] WS2_32.dll!WahWriteLSPEvent 7704145D 1 Byte [E9]
.text C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe[1360] WS2_32.dll!connect 77046BDD 1 Byte [E9]
.text C:\Windows\system32\taskhost.exe[1436] ntdll.dll!NtLoadDriver + 8 76F25BA0 2 Bytes [89, FC] {MOV ESP, EDI}
.text C:\Windows\system32\svchost.exe[1560] ntdll.dll!NtLoadDriver + 8 76F25BA0 2 Bytes [89, FC] {MOV ESP, EDI}
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[1788] ntdll.dll!NtLoadDriver + 8 76F25BA0 2 Bytes [89, FC] {MOV ESP, EDI}
.text C:\Windows\system32\Dwm.exe[1940] kernel32.dll!Process32NextW + 3 753B00C5 2 Bytes [40, FE]
.text C:\Windows\System32\spoolsv.exe[1996] ntdll.dll!NtLoadDriver + 8 76F25BA0 2 Bytes [89, FC] {MOV ESP, EDI}
.text C:\Windows\system32\svchost.exe[2024] ntdll.dll!NtLoadDriver + 8 76F25BA0 2 Bytes [89, FC] {MOV ESP, EDI}
.text C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2076] ntdll.dll!NtLoadDriver + 8 76F25BA0 2 Bytes [89, FC] {MOV ESP, EDI}
.text C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe[2076] WS2_32.dll!connect 77046BDD 1 Byte [E9]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtCreateFile + 6 76F2560E 4 Bytes [28, 9C, 3B, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtCreateFile + B 76F25613 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtMapViewOfSection + 6 76F25C6E 4 Bytes [28, 9F, 3B, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtMapViewOfSection + B 76F25C73 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtOpenFile + 6 76F25D1E 4 Bytes [68, 9C, 3B, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtOpenFile + B 76F25D23 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtOpenProcess + 6 76F25DCE 4 Bytes [A8, 9D, 3B, 00] {TEST AL, 0x9d; CMP EAX, [EAX]}
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtOpenProcess + B 76F25DD3 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtOpenProcessToken + 6 76F25DDE 4 Bytes CALL 75F29980 C:\Windows\system32\SHELL32.dll
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtOpenProcessToken + B 76F25DE3 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtOpenProcessTokenEx + 6 76F25DEE 4 Bytes [A8, 9E, 3B, 00] {TEST AL, 0x9e; CMP EAX, [EAX]}
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtOpenProcessTokenEx + B 76F25DF3 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtOpenThread + 6 76F25E4E 4 Bytes [68, 9D, 3B, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtOpenThread + B 76F25E53 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtOpenThreadToken + 6 76F25E5E 4 Bytes [68, 9E, 3B, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtOpenThreadToken + B 76F25E63 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtOpenThreadTokenEx + 6 76F25E6E 4 Bytes CALL 75F29A11 C:\Windows\system32\SHELL32.dll
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtOpenThreadTokenEx + B 76F25E73 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtQueryAttributesFile + 6 76F25F7E 4 Bytes [A8, 9C, 3B, 00] {TEST AL, 0x9c; CMP EAX, [EAX]}
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtQueryAttributesFile + B 76F25F83 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtQueryFullAttributesFile + 6 76F2602E 4 Bytes CALL 75F29BCF C:\Windows\system32\SHELL32.dll
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtQueryFullAttributesFile + B 76F26033 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtSetInformationFile + 6 76F2667E 4 Bytes [28, 9D, 3B, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtSetInformationFile + B 76F26683 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtSetInformationThread + 6 76F266DE 4 Bytes [28, 9E, 3B, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtSetInformationThread + B 76F266E3 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtUnmapViewOfSection + 6 76F269FE 4 Bytes [68, 9F, 3B, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2128] ntdll.dll!NtUnmapViewOfSection + B 76F26A03 1 Byte [E2]
.text C:\Windows\system32\svchost.exe[2144] ntdll.dll!NtLoadDriver + 8 76F25BA0 2 Bytes [89, FC] {MOV ESP, EDI}
.text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2268] ntdll.dll!NtLoadDriver + 8 76F25BA0 2 Bytes [89, FC] {MOV ESP, EDI}
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtCreateFile + 6 76F2560E 4 Bytes [28, 34, CB, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtCreateFile + B 76F25613 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtMapViewOfSection + 6 76F25C6E 4 Bytes [28, 37, CB, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtMapViewOfSection + B 76F25C73 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtOpenFile + 6 76F25D1E 4 Bytes [68, 34, CB, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtOpenFile + B 76F25D23 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtOpenProcess + 6 76F25DCE 4 Bytes [A8, 35, CB, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtOpenProcess + B 76F25DD3 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtOpenProcessToken + 6 76F25DDE 4 Bytes CALL 75F32918 C:\Windows\system32\SHELL32.dll
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtOpenProcessToken + B 76F25DE3 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtOpenProcessTokenEx + 6 76F25DEE 4 Bytes [A8, 36, CB, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtOpenProcessTokenEx + B 76F25DF3 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtOpenThread + 6 76F25E4E 4 Bytes [68, 35, CB, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtOpenThread + B 76F25E53 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtOpenThreadToken + 6 76F25E5E 4 Bytes [68, 36, CB, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtOpenThreadToken + B 76F25E63 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtOpenThreadTokenEx + 6 76F25E6E 4 Bytes CALL 75F329A9 C:\Windows\system32\SHELL32.dll
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtOpenThreadTokenEx + B 76F25E73 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtQueryAttributesFile + 6 76F25F7E 4 Bytes [A8, 34, CB, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtQueryAttributesFile + B 76F25F83 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtQueryFullAttributesFile + 6 76F2602E 4 Bytes CALL 75F32B67 C:\Windows\system32\SHELL32.dll
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtQueryFullAttributesFile + B 76F26033 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtSetInformationFile + 6 76F2667E 4 Bytes [28, 35, CB, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtSetInformationFile + B 76F26683 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtSetInformationThread + 6 76F266DE 4 Bytes [28, 36, CB, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtSetInformationThread + B 76F266E3 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtUnmapViewOfSection + 6 76F269FE 4 Bytes [68, 37, CB, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtUnmapViewOfSection + B 76F26A03 1 Byte [E2]
.text C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe[2500] ntdll.dll!NtLoadDriver + 8 76F25BA0 2 Bytes [89, FC] {MOV ESP, EDI}
.text C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe[2500] WS2_32.dll!connect 77046BDD 1 Byte [E9]
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[2580] ntdll.dll!NtLoadDriver + 8 76F25BA0 2 Bytes [89, FC] {MOV ESP, EDI}
.text C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe[2592] ntdll.dll!NtLoadDriver + 8 76F25BA0 2 Bytes [89, FC] {MOV ESP, EDI}
.text C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe[2592] WS2_32.dll!WahWriteLSPEvent 7704145D 1 Byte [E9]
.text C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe[2592] WS2_32.dll!connect 77046BDD 1 Byte [E9]
.text C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[2616] ntdll.dll!NtLoadDriver + 8 76F25BA0 2 Bytes [89, FC] {MOV ESP, EDI}
.text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[2764] ntdll.dll!NtLoadDriver + 8 76F25BA0 2 Bytes [89, FC] {MOV ESP, EDI}
.text C:\Program Files\Citrix\ICA Client\concentr.exe[2792] ntdll.dll!NtLoadDriver + 8 76F25BA0 2 Bytes [89, FC] {MOV ESP, EDI}
.text C:\Program Files\Citrix\ICA Client\concentr.exe[2792] WS2_32.dll!connect 77046BDD 1 Byte [E9]
.text C:\Windows\System32\igfxtray.exe[2804] ntdll.dll!NtLoadDriver + 8 76F25BA0 2 Bytes [89, FC] {MOV ESP, EDI}
.text C:\Program Files\Citrix\Receiver\Receiver.exe[3004] ntdll.dll!NtLoadDriver + 8 76F25BA0 2 Bytes [89, FC] {MOV ESP, EDI}
.text C:\Windows\System32\hkcmd.exe[3028] ntdll.dll!NtLoadDriver + 8 76F25BA0 2 Bytes [89, FC] {MOV ESP, EDI}
.text C:\Windows\System32\igfxpers.exe[3056] ntdll.dll!NtLoadDriver + 8 76F25BA0 2 Bytes [89, FC] {MOV ESP, EDI}
.text C:\Windows\System32\svchost.exe[3096] ntdll.dll!NtLoadDriver + 8 76F25BA0 2 Bytes [89, FC] {MOV ESP, EDI}
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3132] ntdll.dll!NtCreateFile + 6 76F2560E 4 Bytes [28, 20, 81, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3132] ntdll.dll!NtCreateFile + B 76F25613 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3132] ntdll.dll!NtMapViewOfSection + 6 76F25C6E 4 Bytes [28, 23, 81, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3132] ntdll.dll!NtMapViewOfSection + B 76F25C73 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3132] ntdll.dll!NtOpenFile + 6 76F25D1E 4 Bytes [68, 20, 81, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3132] ntdll.dll!NtOpenFile + B 76F25D23 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3132] ntdll.dll!NtOpenProcess + 6 76F25DCE 4 Bytes [A8, 21, 81, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3132] ntdll.dll!NtOpenProcess + B 76F25DD3 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3132] ntdll.dll!NtOpenProcessToken + 6 76F25DDE 4 Bytes CALL 75F2DF04 C:\Windows\system32\SHELL32.dll
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3132] ntdll.dll!NtOpenProcessToken + B 76F25DE3 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3132] ntdll.dll!NtOpenProcessTokenEx + 6 76F25DEE 4 Bytes [A8, 22, 81, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3132] ntdll.dll!NtOpenProcessTokenEx + B 76F25DF3 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3132] ntdll.dll!NtOpenThread + 6 76F25E4E 4 Bytes [68, 21, 81, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3132] ntdll.dll!NtOpenThread + B 76F25E53 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3132] ntdll.dll!NtOpenThreadToken + 6 76F25E5E 4 Bytes [68, 22, 81, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3132] ntdll.dll!NtOpenThreadToken + B 76F25E63 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3132] ntdll.dll!NtOpenThreadTokenEx + 6 76F25E6E 4 Bytes CALL 75F2DF95 C:\Windows\system32\SHELL32.dll
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3132] ntdll.dll!NtOpenThreadTokenEx + B 76F25E73 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3132] ntdll.dll!NtQueryAttributesFile + 6 76F25F7E 4 Bytes [A8, 20, 81, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3132] ntdll.dll!NtQueryAttributesFile + B 76F25F83 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3132] ntdll.dll!NtQueryFullAttributesFile + 6 76F2602E 4 Bytes CALL 75F2E153 C:\Windows\system32\SHELL32.dll
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3132] ntdll.dll!NtQueryFullAttributesFile + B 76F26033 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3132] ntdll.dll!NtSetInformationFile + 6 76F2667E 4 Bytes [28, 21, 81, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3132] ntdll.dll!NtSetInformationFile + B 76F26683 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3132] ntdll.dll!NtSetInformationThread + 6 76F266DE 4 Bytes [28, 22, 81, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3132] ntdll.dll!NtSetInformationThread + B 76F266E3 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3132] ntdll.dll!NtUnmapViewOfSection + 6 76F269FE 4 Bytes [68, 23, 81, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3132] ntdll.dll!NtUnmapViewOfSection + B 76F26A03 1 Byte [E2]
.text C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3732] ntdll.dll!NtLoadDriver + 8 76F25BA0 2 Bytes [89, FC] {MOV ESP, EDI}
.text C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe[3924] ntdll.dll!NtLoadDriver + 8 76F25BA0 2 Bytes [89, FC] {MOV ESP, EDI}
.text C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe[3924] WS2_32.dll!connect 77046BDD 1 Byte [E9]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3944] ntdll.dll!NtCreateFile + 6 76F2560E 4 Bytes [28, 50, E9, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3944] ntdll.dll!NtCreateFile + B 76F25613 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3944] ntdll.dll!NtMapViewOfSection + 6 76F25C6E 4 Bytes [28, 53, E9, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3944] ntdll.dll!NtMapViewOfSection + B 76F25C73 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3944] ntdll.dll!NtOpenFile + 6 76F25D1E 4 Bytes [68, 50, E9, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3944] ntdll.dll!NtOpenFile + B 76F25D23 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3944] ntdll.dll!NtOpenProcess + 6 76F25DCE 4 Bytes [A8, 51, E9, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3944] ntdll.dll!NtOpenProcess + B 76F25DD3 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3944] ntdll.dll!NtOpenProcessToken + 6 76F25DDE 4 Bytes CALL 75F34734 C:\Windows\system32\SHELL32.dll
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3944] ntdll.dll!NtOpenProcessToken + B 76F25DE3 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3944] ntdll.dll!NtOpenProcessTokenEx + 6 76F25DEE 4 Bytes [A8, 52, E9, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3944] ntdll.dll!NtOpenProcessTokenEx + B 76F25DF3 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3944] ntdll.dll!NtOpenThread + 6 76F25E4E 4 Bytes [68, 51, E9, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3944] ntdll.dll!NtOpenThread + B 76F25E53 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3944] ntdll.dll!NtOpenThreadToken + 6 76F25E5E 4 Bytes [68, 52, E9, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3944] ntdll.dll!NtOpenThreadToken + B 76F25E63 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3944] ntdll.dll!NtOpenThreadTokenEx + 6 76F25E6E 4 Bytes CALL 75F347C5 C:\Windows\system32\SHELL32.dll
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3944] ntdll.dll!NtOpenThreadTokenEx + B 76F25E73 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3944] ntdll.dll!NtQueryAttributesFile + 6 76F25F7E 4 Bytes [A8, 50, E9, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3944] ntdll.dll!NtQueryAttributesFile + B 76F25F83 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3944] ntdll.dll!NtQueryFullAttributesFile + 6 76F2602E 4 Bytes CALL 75F34983 C:\Windows\system32\SHELL32.dll
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3944] ntdll.dll!NtQueryFullAttributesFile + B 76F26033 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3944] ntdll.dll!NtSetInformationFile + 6 76F2667E 4 Bytes [28, 51, E9, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3944] ntdll.dll!NtSetInformationFile + B 76F26683 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3944] ntdll.dll!NtSetInformationThread + 6 76F266DE 4 Bytes [28, 52, E9, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3944] ntdll.dll!NtSetInformationThread + B 76F266E3 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3944] ntdll.dll!NtUnmapViewOfSection + 6 76F269FE 4 Bytes [68, 53, E9, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[3944] ntdll.dll!NtUnmapViewOfSection + B 76F26A03 1 Byte [E2]
.text C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[4272] ntdll.dll!NtLoadDriver + 8 76F25BA0 2 Bytes [89, FC] {MOV ESP, EDI}
.text C:\Users\Acer\Downloads\et08iymj.exe[4312] ntdll.dll!NtLoadDriver + 8 76F25BA0 2 Bytes [89, FC] {MOV ESP, EDI}
.text C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe[4368] ntdll.dll!NtLoadDriver + 8 76F25BA0 2 Bytes [89, FC] {MOV ESP, EDI}
.text C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe[4440] ntdll.dll!NtLoadDriver + 8 76F25BA0 2 Bytes [89, FC] {MOV ESP, EDI}
.text C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe[4440] ws2_32.dll!WahWriteLSPEvent 7704145D 1 Byte [E9]
.text C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe[4440] ws2_32.dll!connect 77046BDD 1 Byte [E9]
.text C:\Program Files\Citrix\SelfServicePlugin\SelfServicePlugin.exe[4636] ntdll.dll!NtLoadDriver + 8 76F25BA0 2 Bytes [89, FC] {MOV ESP, EDI}
.text C:\Program Files\Citrix\ICA Client\wfcrun32.exe[4720] ntdll.dll!NtLoadDriver + 8 76F25BA0 2 Bytes [89, FC] {MOV ESP, EDI}
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[4932] ntdll.dll!NtLoadDriver + 8 76F25BA0 2 Bytes [89, FC] {MOV ESP, EDI}
.text C:\Users\Acer\Downloads\FRST.exe[5000] ntdll.dll!NtLoadDriver + 8 76F25BA0 2 Bytes [89, FC] {MOV ESP, EDI}
.text C:\Users\Acer\Downloads\FRST.exe[5000] WS2_32.dll!connect 77046BDD 1 Byte [E9]
.text C:\Windows\system32\svchost.exe[5264] ntdll.dll!NtLoadDriver + 8 76F25BA0 2 Bytes [89, FC] {MOV ESP, EDI}
.text C:\Windows\System32\svchost.exe[5600] ntdll.dll!NtLoadDriver + 8 76F25BA0 2 Bytes [89, FC] {MOV ESP, EDI}
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5776] ntdll.dll!NtCreateFile + 6 76F2560E 4 Bytes [28, C0, A9, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5776] ntdll.dll!NtCreateFile + B 76F25613 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5776] ntdll.dll!NtMapViewOfSection + 6 76F25C6E 4 Bytes [28, C3, A9, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5776] ntdll.dll!NtMapViewOfSection + B 76F25C73 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5776] ntdll.dll!NtOpenFile + 6 76F25D1E 4 Bytes [68, C0, A9, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5776] ntdll.dll!NtOpenFile + B 76F25D23 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5776] ntdll.dll!NtOpenProcess + 6 76F25DCE 4 Bytes [A8, C1, A9, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5776] ntdll.dll!NtOpenProcess + B 76F25DD3 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5776] ntdll.dll!NtOpenProcessToken + 6 76F25DDE 4 Bytes CALL 75F307A4 C:\Windows\system32\SHELL32.dll
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5776] ntdll.dll!NtOpenProcessToken + B 76F25DE3 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5776] ntdll.dll!NtOpenProcessTokenEx + 6 76F25DEE 4 Bytes [A8, C2, A9, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5776] ntdll.dll!NtOpenProcessTokenEx + B 76F25DF3 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5776] ntdll.dll!NtOpenThread + 6 76F25E4E 4 Bytes [68, C1, A9, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5776] ntdll.dll!NtOpenThread + B 76F25E53 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5776] ntdll.dll!NtOpenThreadToken + 6 76F25E5E 4 Bytes [68, C2, A9, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5776] ntdll.dll!NtOpenThreadToken + B 76F25E63 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5776] ntdll.dll!NtOpenThreadTokenEx + 6 76F25E6E 4 Bytes CALL 75F30835 C:\Windows\system32\SHELL32.dll
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5776] ntdll.dll!NtOpenThreadTokenEx + B 76F25E73 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5776] ntdll.dll!NtQueryAttributesFile + 6 76F25F7E 4 Bytes [A8, C0, A9, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5776] ntdll.dll!NtQueryAttributesFile + B 76F25F83 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5776] ntdll.dll!NtQueryFullAttributesFile + 6 76F2602E 4 Bytes CALL 75F309F3 C:\Windows\system32\SHELL32.dll
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5776] ntdll.dll!NtQueryFullAttributesFile + B 76F26033 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5776] ntdll.dll!NtSetInformationFile + 6 76F2667E 4 Bytes [28, C1, A9, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5776] ntdll.dll!NtSetInformationFile + B 76F26683 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5776] ntdll.dll!NtSetInformationThread + 6 76F266DE 4 Bytes [28, C2, A9, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5776] ntdll.dll!NtSetInformationThread + B 76F266E3 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5776] ntdll.dll!NtUnmapViewOfSection + 6 76F269FE 4 Bytes [68, C3, A9, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5776] ntdll.dll!NtUnmapViewOfSection + B 76F26A03 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5872] ntdll.dll!NtCreateFile + 6 76F2560E 4 Bytes [28, B4, CD, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5872] ntdll.dll!NtCreateFile + B 76F25613 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5872] ntdll.dll!NtMapViewOfSection + 6 76F25C6E 4 Bytes [28, B7, CD, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5872] ntdll.dll!NtMapViewOfSection + B 76F25C73 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5872] ntdll.dll!NtOpenFile + 6 76F25D1E 4 Bytes [68, B4, CD, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5872] ntdll.dll!NtOpenFile + B 76F25D23 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5872] ntdll.dll!NtOpenProcess + 6 76F25DCE 4 Bytes [A8, B5, CD, 00] {TEST AL, 0xb5; INT 0x0}
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5872] ntdll.dll!NtOpenProcess + B 76F25DD3 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5872] ntdll.dll!NtOpenProcessToken + 6 76F25DDE 4 Bytes CALL 75F32B98 C:\Windows\system32\SHELL32.dll
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5872] ntdll.dll!NtOpenProcessToken + B 76F25DE3 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5872] ntdll.dll!NtOpenProcessTokenEx + 6 76F25DEE 4 Bytes [A8, B6, CD, 00] {TEST AL, 0xb6; INT 0x0}
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5872] ntdll.dll!NtOpenProcessTokenEx + B 76F25DF3 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5872] ntdll.dll!NtOpenThread + 6 76F25E4E 4 Bytes [68, B5, CD, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5872] ntdll.dll!NtOpenThread + B 76F25E53 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5872] ntdll.dll!NtOpenThreadToken + 6 76F25E5E 4 Bytes [68, B6, CD, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5872] ntdll.dll!NtOpenThreadToken + B 76F25E63 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5872] ntdll.dll!NtOpenThreadTokenEx + 6 76F25E6E 4 Bytes CALL 75F32C29 C:\Windows\system32\SHELL32.dll
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5872] ntdll.dll!NtOpenThreadTokenEx + B 76F25E73 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5872] ntdll.dll!NtQueryAttributesFile + 6 76F25F7E 4 Bytes [A8, B4, CD, 00] {TEST AL, 0xb4; INT 0x0}
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5872] ntdll.dll!NtQueryAttributesFile + B 76F25F83 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5872] ntdll.dll!NtQueryFullAttributesFile + 6 76F2602E 4 Bytes CALL 75F32DE7 C:\Windows\system32\SHELL32.dll
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5872] ntdll.dll!NtQueryFullAttributesFile + B 76F26033 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5872] ntdll.dll!NtSetInformationFile + 6 76F2667E 4 Bytes [28, B5, CD, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5872] ntdll.dll!NtSetInformationFile + B 76F26683 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5872] ntdll.dll!NtSetInformationThread + 6 76F266DE 4 Bytes [28, B6, CD, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5872] ntdll.dll!NtSetInformationThread + B 76F266E3 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5872] ntdll.dll!NtUnmapViewOfSection + 6 76F269FE 4 Bytes [68, B7, CD, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5872] ntdll.dll!NtUnmapViewOfSection + B 76F26A03 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5972] ntdll.dll!NtCreateFile + 6 76F2560E 4 Bytes [28, 90, FB, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5972] ntdll.dll!NtCreateFile + B 76F25613 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5972] ntdll.dll!NtMapViewOfSection + 6 76F25C6E 4 Bytes [28, 93, FB, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5972] ntdll.dll!NtMapViewOfSection + B 76F25C73 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5972] ntdll.dll!NtOpenFile + 6 76F25D1E 4 Bytes [68, 90, FB, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5972] ntdll.dll!NtOpenFile + B 76F25D23 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5972] ntdll.dll!NtOpenProcess + 6 76F25DCE 4 Bytes [A8, 91, FB, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5972] ntdll.dll!NtOpenProcess + B 76F25DD3 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5972] ntdll.dll!NtOpenProcessToken + 6 76F25DDE 4 Bytes CALL 75F35974 C:\Windows\system32\SHELL32.dll
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5972] ntdll.dll!NtOpenProcessToken + B 76F25DE3 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5972] ntdll.dll!NtOpenProcessTokenEx + 6 76F25DEE 4 Bytes [A8, 92, FB, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5972] ntdll.dll!NtOpenProcessTokenEx + B 76F25DF3 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5972] ntdll.dll!NtOpenThread + 6 76F25E4E 4 Bytes [68, 91, FB, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5972] ntdll.dll!NtOpenThread + B 76F25E53 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5972] ntdll.dll!NtOpenThreadToken + 6 76F25E5E 4 Bytes [68, 92, FB, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5972] ntdll.dll!NtOpenThreadToken + B 76F25E63 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5972] ntdll.dll!NtOpenThreadTokenEx + 6 76F25E6E 4 Bytes CALL 75F35A05 C:\Windows\system32\SHELL32.dll
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5972] ntdll.dll!NtOpenThreadTokenEx + B 76F25E73 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5972] ntdll.dll!NtQueryAttributesFile + 6 76F25F7E 4 Bytes [A8, 90, FB, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5972] ntdll.dll!NtQueryAttributesFile + B 76F25F83 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5972] ntdll.dll!NtQueryFullAttributesFile + 6 76F2602E 4 Bytes CALL 75F35BC3 C:\Windows\system32\SHELL32.dll
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5972] ntdll.dll!NtQueryFullAttributesFile + B 76F26033 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5972] ntdll.dll!NtSetInformationFile + 6 76F2667E 4 Bytes [28, 91, FB, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5972] ntdll.dll!NtSetInformationFile + B 76F26683 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5972] ntdll.dll!NtSetInformationThread + 6 76F266DE 4 Bytes [28, 92, FB, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5972] ntdll.dll!NtSetInformationThread + B 76F266E3 1 Byte [E2]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5972] ntdll.dll!NtUnmapViewOfSection + 6 76F269FE 4 Bytes [68, 93, FB, 00]
.text C:\Program Files\Google\Chrome\Application\chrome.exe[5972] ntdll.dll!NtUnmapViewOfSection + B 76F26A03 1 Byte [E2]
.text C:\Windows\system32\notepad.exe[5992] ntdll.dll!NtLoadDriver + 8 76F25BA0 2 Bytes [89, FC] {MOV ESP, EDI}
---- Devices - GMER 2.1 ----
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys
---- EOF - GMER 2.1 ---- Addition Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 18-11-2013
Ran by Acer at 2013-11-19 12:38:53
Running from C:\Users\Acer\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Bitdefender Virenschutz (Enabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
FW: Bitdefender Firewall (Enabled) {A364D236-8096-DCCF-EF3F-4E4DBCD170CF}
==================== Installed Programs ======================
Update for Microsoft Office 2007 (KB2508958)
Acer eAudio Management (Version: 3.0.3007)
Acer eDataSecurity Management (Version: 3.0.3060)
Acer Empowering Technology (Version: 3.0.3006)
Acer ePower Management (Version: 3.0.3008)
Acer eRecovery Management (Version: 3.0.3013)
Acer Mobility Center Plug-In (Version: 3.0.3000)
Acer Product Registration (Version: 3.0.0.10)
Acer ScreenSaver (Version: 1.12.0506)
Acer System Information (Version: 1.0.0)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
Adobe Reader 9.5.5 - Deutsch (Version: 9.5.5)
Agere Systems HDA Modem
Alt.Binz 0.39.4 (Version: 0.39.4)
Atheros WiFi Driver Installation (Version: 3.0)
Bitdefender Internet Security 2013 (Version: 16.34.0.1913)
Broadcom Gigabit Integrated Controller (Version: 11.11.03)
CDBurnerXP (Version: 4.5.2.4255)
Choice Guard (Version: 1.2.87.0)
Citrix Access Gateway Endpoint Analysis (Version: 10.0.74.4)
Citrix Authentication Manager (Version: 4.0.0.53726)
Citrix Receiver (DV) (Version: 13.4.0.25)
Citrix Receiver (HDX Flash-Umleitung) (Version: 13.4.0.25)
Citrix Receiver (USB) (Version: 13.4.0.25)
Citrix Receiver (Version: 13.4.0.25)
Citrix Receiver Inside (Version: 3.4.0.29585)
Citrix Receiver Updater (Version: 3.4.0.29577)
Citrix Receiver(Aero) (Version: 13.4.0.25)
com! Update Pack Builder 5.0.7
Driver Genius (Version: 12.0)
Google Chrome (Version: 31.0.1650.57)
Google Update Helper (Version: 1.3.21.165)
Intel(R) Graphics Media Accelerator Driver
Intel(R) Rapid Storage Technology (Version: 11.0.0.1032)
Java 7 Update 45 (Version: 7.0.450)
Java Auto Updater (Version: 2.1.9.8)
JDownloader 0.9 (Version: 0.9)
JMicron JMB38X Flash Media Controller (Version: 1.00.10.04)
Joulemeter (Version: 1.2.0)
Junk Mail filter update (Version: 14.0.8050.1202)
LightScribe 1.4.142.1 (Version: 1.4.142.1)
LSI HDA Modem (Version: 2.2.96)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office XP Media Content (Version: 10.0.2619.0)
Microsoft Office XP Professional (Version: 10.0.2701.01)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 08.05.0822)
Mobistel_Cynus F3 Drivers(x86) (Version: 2.00)
Mozilla Firefox 25.0.1 (x86 de) (Version: 25.0.1)
Mozilla Maintenance Service (Version: 25.0.1)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NTI Backup Now 5 (Version: 5.1.2.503)
NTI Backup Now Standard (Version: 5.1.2.503)
NTI Media Maker 8 (Version: 8.0.2.6322)
Online Plug-in (Version: 13.4.0.25)
Realtek High Definition Audio Driver (Version: 6.0.1.6804)
Self-Service Plug-in (Version: 3.4.0.33684)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
Spybot - Search & Destroy (Version: 2.2.25)
Synaptics Pointing Device Driver (Version: 15.0.6.0)
TomTom HOME (Version: 2.9.6)
TomTom HOME Visual Studio Merge Modules (Version: 1.0.2)
TuneUp Utilities 2014 (de-DE) (Version: 14.0.1000.55)
TuneUp Utilities 2014 (Version: 14.0.1000.107)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4.5 (KB2750147) (Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805221) (Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805226) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Word 2007 (KB974631)
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
VirtualCloneDrive (Version: 5.4.7.0)
VLC media player 2.0.8 (Version: 2.0.8)
Winbond CIR Device Drivers (Version: 7.60.1012)
Windows Live Anmelde-Assistent (Version: 5.000.817.1)
Windows Live Call (Version: 14.0.8050.1202)
Windows Live Communications Platform (Version: 14.0.8050.1202)
Windows Live Essentials (Version: 14.0.8050.1202)
Windows Live Fotogalerie (Version: 14.0.8051.1204)
Windows Live Mail (Version: 14.0.8050.1202)
Windows Live Sync (Version: 14.0.8050.1202)
Windows Live Writer (Version: 14.0.8050.1202)
Windows Live-Uploadtool (Version: 14.0.8014.1029)
WinRAR 4.20 (32-Bit) (Version: 4.20.0)
==================== Restore Points =========================
11-11-2013 17:57:38 Windows Update
11-11-2013 20:57:48 Windows Update
14-11-2013 06:04:24 Windows Update
14-11-2013 06:40:42 Windows Update
19-11-2013 10:21:08 Installed Joulemeter
==================== Hosts content: ==========================
2006-11-02 11:23 - 2013-11-09 11:27 - 00000790 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 www.driver-soft.com
==================== Scheduled Tasks (whitelisted) =============
Task: {045320C2-FC7D-4084-BAA9-F21EC6B8143A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09] (Adobe Systems Incorporated)
Task: {0746CCD4-8F89-4B18-B11F-F1C66B8916CA} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\TuneUp Utilities 2014\OneClick.exe [2013-09-09] (TuneUp Software)
Task: {0B80D332-7429-462B-B7CC-7E1054D3C469} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {2862F6D4-9FD8-4442-B629-C8CCC9452860} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-04-25] (Google Inc.)
Task: {3DFD0124-98BF-4D59-9D3B-E1D99581E21F} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {484DD0BD-30EE-4BFD-8E35-D072FD49B569} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-11] (Microsoft Corporation)
Task: {561375CB-FF5A-417B-B297-BA73DE149581} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs
Task: {AA14603B-F3CC-4438-A0BD-C129A17F572D} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe [2013-11-04] ()
Task: {CA28D09D-76DB-4441-9220-60BAF9E69A3D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-04-25] (Google Inc.)
Task: {CDF71DB9-6098-4C72-9498-F752FA927383} - System32\Tasks\Check for updates (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs
Task: {F282E337-1A3D-4DD7-8652-BC44AB8EF321} - System32\Tasks\Refresh immunization (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
==================== Loaded Modules (whitelisted) =============
2013-05-08 14:51 - 2013-05-08 14:51 - 00019056 _____ () C:\Program Files\Adobe\Reader 9.0\Reader\viewerps.dll
2013-11-15 17:48 - 2013-08-07 18:51 - 00204280 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\txmlutil.dll
2013-11-15 17:48 - 2012-04-27 16:08 - 00093040 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\bdmetrics.dll
2013-11-17 11:44 - 2013-11-14 12:28 - 00702416 _____ () C:\Program Files\Google\Chrome\Application\31.0.1650.57\libglesv2.dll
2013-11-17 11:44 - 2013-11-14 12:28 - 00099792 _____ () C:\Program Files\Google\Chrome\Application\31.0.1650.57\libegl.dll
2013-11-17 11:45 - 2013-11-14 12:29 - 04055504 _____ () C:\Program Files\Google\Chrome\Application\31.0.1650.57\pdf.dll
2013-11-17 11:53 - 2013-11-14 12:29 - 00399312 _____ () C:\Program Files\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll
2013-11-17 11:41 - 2013-11-14 12:28 - 01619408 _____ () C:\Program Files\Google\Chrome\Application\31.0.1650.57\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\Acer\Downloads\Defogger.exe:BDU
AlternateDataStreams: C:\Users\Acer\Downloads\et08iymj.exe:BDU
AlternateDataStreams: C:\Users\Acer\Downloads\FRST.exe:BDU
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/19/2013 00:20:04 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/19/2013 11:09:35 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/19/2013 10:45:51 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/18/2013 10:33:34 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d6727a7
Name des fehlerhaften Moduls: MSONSEXT.DLL, Version: 10.145.3810.0, Zeitstempel: 0x3a8524e8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0004f5b7
ID des fehlerhaften Prozesses: 0x1f64
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Error: (11/18/2013 10:33:17 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d6727a7
Name des fehlerhaften Moduls: pkmws.dll, Version: 10.145.3722.0, Zeitstempel: 0x3a6c1885
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000a27d
ID des fehlerhaften Prozesses: 0x16c
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Error: (11/18/2013 08:33:27 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/18/2013 07:16:07 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/17/2013 07:59:56 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/17/2013 10:39:30 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d6727a7
Name des fehlerhaften Moduls: MSONSEXT.DLL, Version: 10.145.3810.0, Zeitstempel: 0x3a8524e8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0004ff35
ID des fehlerhaften Prozesses: 0x180
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Error: (11/17/2013 10:38:21 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (11/19/2013 00:18:31 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (11/19/2013 00:18:31 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.
Error: (11/19/2013 00:16:59 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 19.11.2013 um 12:14:46 unerwartet heruntergefahren.
Error: (11/18/2013 08:33:06 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (11/18/2013 08:33:06 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.
Error: (11/17/2013 10:48:11 AM) (Source: Microsoft-Windows-Application-Experience) (User: NT-AUTORITÄT)
Description: Der Dienst "Programmkompatibilitäts-Assistent" konnte Phase 2 nicht initialisieren.
Error: (11/16/2013 09:39:48 PM) (Source: Microsoft-Windows-Application-Experience) (User: NT-AUTORITÄT)
Description: Der Dienst "Programmkompatibilitäts-Assistent" konnte Phase 2 nicht initialisieren.
Error: (11/16/2013 09:39:48 PM) (Source: Microsoft-Windows-Application-Experience) (User: NT-AUTORITÄT)
Description: Der Dienst "Programmkompatibilitäts-Assistent" konnte Phase 2 nicht initialisieren.
Error: (11/16/2013 10:35:51 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (11/16/2013 10:35:51 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2012-04-27 15:11:06.279
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\SysHook.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-04-27 15:11:06.024
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\SysHook.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 40%
Total physical RAM: 3000.86 MB
Available physical RAM: 1774.09 MB
Total Pagefile: 6000.02 MB
Available Pagefile: 4250.28 MB
Total Virtual: 2047.88 MB
Available Virtual: 1895.04 MB
==================== Drives ================================
Drive c: (ACER) (Fixed) (Total:142.69 GB) (Free:91.56 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:142.7 GB) (Free:127.94 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: EE02EA24)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=143 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=143 GB) - (Type=07 NTFS)
==================== End Of Log ============================ |