01.06.2011, 23:56
|
#5 |
| |  Generic Host Process for Win32 service Absturtz nach start +kein Ton+Firewall deaktiviert
Hier ist die GMER DATEI Zitat:
GMER 1.0.15.15640 - hxxp://www.gmer.net
Rootkit scan 2011-06-02 00:55:49
Windows 5.1.2600 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 ST980825 rev.3.12
Running: sxwm5wbz.exe; Driver: C:\DOKUME~1\hp\LOKALE~1\Temp\pwpyiaob.sys
---- System - GMER 1.0.15 ----
SSDT PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwCreateKey [0xF732193E]
SSDT PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwCreateProcess [0xF72FB0CC]
SSDT PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwCreateProcessEx [0xF72FB394]
SSDT PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwDeleteKey [0xF73222F8]
SSDT PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwDeleteValueKey [0xF7322682]
SSDT PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwOpenKey [0xF7320B7C]
SSDT PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwRenameKey [0xF7322BC6]
SSDT PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwSetValueKey [0xF7321CFC]
SSDT PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwTerminateProcess [0xF72FAB3C]
---- Kernel code sections - GMER 1.0.15 ----
init C:\WINDOWS\system32\drivers\tifm21.sys entry point in "init" section [0xF619DEBF]
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 eabfiltr.sys (QLB PS/2 Keyboard filter driver/Hewlett-Packard Development Company, L.P.)
Device \FileSystem\Cdfs \Cdfs DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)
|
|
Baum-Darstellung