Code:
Alles auswählen Aufklappen ATTFilter
IAT C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE[1516] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 008D46C2
IAT C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE[1516] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 008D4684
IAT C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE[1516] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateThread] 008D4651
IAT C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE[1516] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!GetClipboardData] 008D36FF
IAT C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE[1516] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!TranslateMessage] 008D39DE
IAT C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE[1516] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TranslateMessage] 008D39DE
IAT C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE[1516] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetClipboardData] 008D36FF
IAT C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE[1516] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 008D39DE
IAT C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE[1516] @ C:\WINDOWS\system32\WS2HELP.dll [ntdll.dll!NtQueryDirectoryFile] 008D4730
IAT C:\WINDOWS\system32\nvsvc32.exe[1536] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 008A4730
IAT C:\WINDOWS\system32\nvsvc32.exe[1536] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 008A46C2
IAT C:\WINDOWS\system32\nvsvc32.exe[1536] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 008A4684
IAT C:\WINDOWS\system32\nvsvc32.exe[1536] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateThread] 008A4651
IAT C:\WINDOWS\system32\nvsvc32.exe[1536] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TranslateMessage] 008A39DE
IAT C:\WINDOWS\system32\nvsvc32.exe[1536] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetClipboardData] 008A36FF
IAT C:\WINDOWS\system32\nvsvc32.exe[1536] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 008A39DE
IAT C:\WINDOWS\system32\nvsvc32.exe[1536] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!GetClipboardData] 008A36FF
IAT C:\WINDOWS\system32\nvsvc32.exe[1536] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!TranslateMessage] 008A39DE
IAT C:\WINDOWS\system32\nvsvc32.exe[1536] @ C:\WINDOWS\system32\WS2HELP.dll [ntdll.dll!NtQueryDirectoryFile] 008A4730
IAT C:\WINDOWS\system32\svchost.exe[1620] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 00884730
IAT C:\WINDOWS\system32\svchost.exe[1620] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 008846C2
IAT C:\WINDOWS\system32\svchost.exe[1620] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 00884684
IAT C:\WINDOWS\system32\svchost.exe[1620] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateThread] 00884651
IAT C:\WINDOWS\system32\svchost.exe[1620] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!GetClipboardData] 008836FF
IAT C:\WINDOWS\system32\svchost.exe[1620] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!TranslateMessage] 008839DE
IAT C:\WINDOWS\system32\svchost.exe[1620] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TranslateMessage] 008839DE
IAT C:\WINDOWS\system32\svchost.exe[1620] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetClipboardData] 008836FF
IAT C:\WINDOWS\system32\svchost.exe[1620] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 008839DE
IAT C:\WINDOWS\system32\svchost.exe[1620] @ C:\WINDOWS\system32\WS2HELP.dll [ntdll.dll!NtQueryDirectoryFile] 00884730
IAT C:\WINDOWS\system32\wdfmgr.exe[1660] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 00644730
IAT C:\WINDOWS\system32\wdfmgr.exe[1660] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 006446C2
IAT C:\WINDOWS\system32\wdfmgr.exe[1660] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 00644684
IAT C:\WINDOWS\system32\wdfmgr.exe[1660] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateThread] 00644651
IAT C:\WINDOWS\system32\wdfmgr.exe[1660] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!TranslateMessage] 006439DE
IAT C:\WINDOWS\system32\wdfmgr.exe[1660] @ C:\WINDOWS\system32\shell32.dll [USER32.dll!GetClipboardData] 006436FF
IAT C:\WINDOWS\system32\wdfmgr.exe[1660] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 006439DE
IAT C:\WINDOWS\system32\wdfmgr.exe[1660] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!GetClipboardData] 006436FF
IAT C:\WINDOWS\system32\wdfmgr.exe[1660] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!TranslateMessage] 006439DE
IAT C:\WINDOWS\system32\wdfmgr.exe[1660] @ C:\WINDOWS\system32\WS2HELP.dll [ntdll.dll!NtQueryDirectoryFile] 00644730
IAT C:\WINDOWS\Explorer.EXE[1960] @ C:\WINDOWS\Explorer.EXE [USER32.dll!TranslateMessage] 018C39DE
IAT C:\WINDOWS\Explorer.EXE[1960] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 018C4730
IAT C:\WINDOWS\Explorer.EXE[1960] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 018C46C2
IAT C:\WINDOWS\Explorer.EXE[1960] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 018C4684
IAT C:\WINDOWS\Explorer.EXE[1960] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateThread] 018C4651
IAT C:\WINDOWS\Explorer.EXE[1960] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!GetClipboardData] 018C36FF
IAT C:\WINDOWS\Explorer.EXE[1960] @ C:\WINDOWS\system32\ole32.dll [USER32.dll!TranslateMessage] 018C39DE
IAT C:\WINDOWS\Explorer.EXE[1960] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 018C39DE
IAT C:\WINDOWS\Explorer.EXE[1960] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TranslateMessage] 018C39DE
IAT C:\WINDOWS\Explorer.EXE[1960] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetClipboardData] 018C36FF
IAT C:\WINDOWS\Explorer.EXE[1960] @ C:\WINDOWS\system32\WS2HELP.dll [ntdll.dll!NtQueryDirectoryFile] 018C4730
---- Devices - GMER 1.0.15 ----
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 sfsync04.sys (FrontLine Synchronization Driver/Protection Technology (StarForce))
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 sfsync04.sys (FrontLine Synchronization Driver/Protection Technology (StarForce))
Device \Driver\atapi \Device\Ide\IdePort0 sfsync04.sys (FrontLine Synchronization Driver/Protection Technology (StarForce))
Device \Driver\atapi \Device\Ide\IdePort1 sfsync04.sys (FrontLine Synchronization Driver/Protection Technology (StarForce))
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f sfsync04.sys (FrontLine Synchronization Driver/Protection Technology (StarForce))
Device \Driver\USBSTOR \Device\0000006d sfsync04.sys (FrontLine Synchronization Driver/Protection Technology (StarForce))
Device \Driver\USBSTOR \Device\0000006e sfsync04.sys (FrontLine Synchronization Driver/Protection Technology (StarForce))
---- Threads - GMER 1.0.15 ----
Thread winlogon.exe [608:1980] 011A3BB3
Thread winlogon.exe [608:1984] 011AD331
Thread svchost.exe [856:1988] 0077EE3C
Thread svchost.exe [856:2040] 0077D331
Thread svchost.exe [856:176] 0077BC2E
Thread svchost.exe [856:1948] 00776361
Thread svchost.exe [856:1952] 0077B480
Thread svchost.exe [856:1956] 0077B10A
Thread svchost.exe [856:1968] 0077F49A
Thread svchost.exe [856:1972] 00774119
---- Files - GMER 1.0.15 ----
File C:\WINDOWS\system32\ntos.exe 466944 bytes executable
File C:\WINDOWS\system32\wsnpoem 0 bytes
File C:\WINDOWS\system32\wsnpoem\audio(2)(2).dll 1424038 bytes
File C:\WINDOWS\system32\wsnpoem\audio(2)(3).dll 1417434 bytes
File C:\WINDOWS\system32\wsnpoem\audio(2)(4).dll 7116 bytes
File C:\WINDOWS\system32\wsnpoem\audio(2)(5).dll 35781 bytes
File C:\WINDOWS\system32\wsnpoem\audio(3)(2).dll 1423700 bytes
File C:\WINDOWS\system32\wsnpoem\audio(3)(3).dll 1417299 bytes
File C:\WINDOWS\system32\wsnpoem\audio(4)(2).dll 1417549 bytes
File C:\WINDOWS\system32\wsnpoem\audio.dll 100587 bytes
File C:\WINDOWS\system32\wsnpoem\audio.dll.cla 4981 bytes
File C:\WINDOWS\system32\wsnpoem\video.dll 61011 bytes
---- EOF - GMER 1.0.15 ----
Grüße...
08.11.2009, 15:40
Baum-Darstellung