Home » Computer Probleme, Hilfe & Technik Forum » Betriebssystem bootet nicht » Themenansicht

Betriebssystem bootet nicht
#0
19.12.2008, 11:34
kaonashi
...neu hier

Beiträge: 1
#1 Hallo,

bin neu hier und habe folgendes ernsthafte Problem:

mein Desktop-PC Win-XP bootet nicht, d.h. er läuft bis zu der Stelle, wo sinngemäß "Drücken Sie Del oder F1, um ins Setup zu gelangen", angezeigt wird.

Danach erscheint schwarzer Bildschirm mit Eingabeprompt.

Ich kann jedoch nichts eingeben, d.h. er nimmt keine Buchstaben o.ä. an.
Muß man erst % o.ä. drücken?

"Boot from CD" habe ich auch über BIOS versucht, hat jedoch nicht funktioniert.
Kann das daran liegen, dass ich zwei CD/DVD-Laufwerke habe?

Vorgeschichte:
"Spybot" hatte einen Backdoor-Trojaner detektiert:

win32/ciadoor.cj

Ich glaube, dass die zwei Einträge von "Spybot" gelöscht wurden, wusste aber nicht, ob er sich schon im System eingenistet hatte.

Gestern habe ich nun "McAfeeRootkitDetective" laufen lassen,
welches verschiedene mutmßliche "hooks" fand.

Der Bericht lautete wie folgt:


McAfee(R) Rootkit Detective 1.1 scan report
On 18-12-2008 at 21:41:14
OS-Version 5.1.2600
Service Pack 3.0
====================================

Object-Type: SSDT-hook
Object-Name: ZwAdjustPrivilegesToken
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwClose
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwConnectPort
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwCreateFile
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwCreateKey
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwCreateSymbolicLinkObject
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwCreateThread
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwDeleteKey
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwDeleteValueKey
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwDeviceIoControlFile
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwDuplicateObject
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwEnumerateKey
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwEnumerateValueKey
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwFsControlFile
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwLoadDriver
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwOpenFile
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwOpenKey
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwOpenProcess
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwOpenSection
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwOpenThread
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwQueryKey
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwQueryMultipleValueKey
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwQueryValueKey
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwQueueApcThread
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwReplaceKey
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwRequestWaitReplyPort
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwRestoreKey
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwResumeThread
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwSaveKey
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwSecureConnectPort
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwSetContextThread
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwSetSecurityObject
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwSetSystemInformation
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwSetValueKey
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwSuspendProcess
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwSuspendThread
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwSystemDebugControl
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwTerminateProcess
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: SSDT-hook
Object-Name: ZwWriteVirtualMemory
Object-Path: C:\WINDOWS\system32\drivers\klif.sys

Object-Type: Registry-key
Object-Name: DataINDOWS\system32\drivers\klif.sys
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Protected Storage System Provider\*Local Machine*\Data
Status: Hidden

Object-Type: Registry-key
Object-Name: a5c5c2e4-6bee-4ef9-a0f5-f76a07cce771 System Provider\*Local Machine*\Data
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Protected Storage System Provider\*Local Machine*\Data\a5c5c2e4-6bee-4ef9-a0f5-f76a07cce771
Status: Hidden

Object-Type: Registry-key
Object-Name: 00000000-0000-0000-0000-000000000000 System Provider\*Local Machine*\Data\a5c5c2e4-6bee-4ef9-a0f5-f76a07cce771
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Protected Storage System Provider\*Local Machine*\Data\a5c5c2e4-6bee-4ef9-a0f5-f76a07cce771\00000000-0000-0000-0000-000000000000
Status: Hidden

Object-Type: Registry-key
Object-Name: {6340E680-FF06-435f-8767-B79D88AEBD4D}ystem Provider\*Local Machine*\Data\a5c5c2e4-6bee-4ef9-a0f5-f76a07cce771\00000000-0000-0000-0000-000000000000
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Protected Storage System Provider\*Local Machine*\Data\a5c5c2e4-6bee-4ef9-a0f5-f76a07cce771\00000000-0000-0000-0000-000000000000\{6340E680-FF06-435f-8767-B79D88AEBD4D}
Status: Hidden

Object-Type: Registry-value
Object-Name: Item Data
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Protected Storage System Provider\*Local Machine*\Data\a5c5c2e4-6bee-4ef9-a0f5-f76a07cce771\00000000-0000-0000-0000-000000000000\{6340E680-FF06-435f-8767-B79D88AEBD4D}
Status: Hidden

Object-Type: Registry-value
Object-Name: Display String
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Protected Storage System Provider\*Local Machine*\Data\a5c5c2e4-6bee-4ef9-a0f5-f76a07cce771\00000000-0000-0000-0000-000000000000
Status: Hidden

Object-Type: Registry-value
Object-Name: Display String
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Protected Storage System Provider\*Local Machine*\Data\a5c5c2e4-6bee-4ef9-a0f5-f76a07cce771
Status: Hidden

Object-Type: Registry-key
Object-Name: Data 2RE\Microsoft\Protected Storage System Provider\*Local Machine*\Data\a5c5c2e4-6bee-4ef9-a0f5-f76a07cce771
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Protected Storage System Provider\*Local Machine*\Data 2
Status: Hidden

Object-Type: Registry-key
Object-Name: WindowsE\Microsoft\Protected Storage System Provider\*Local Machine*\Data 2
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Protected Storage System Provider\*Local Machine*\Data 2\Windows
Status: Hidden

Object-Type: Registry-value
Object-Name: Value
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Protected Storage System Provider\*Local Machine*\Data 2\Windows
Status: Hidden

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : SHELL32.dll:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : SHELL32.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : USER32.dll:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : USER32.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : SHDOCVW.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : SHDOCVW.dll:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : msi.dll:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : Secur32.dll:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : Secur32.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : SHLWAPI.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : SHLWAPI.dll:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : GDI32.dll:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : GDI32.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : RPCRT4.dll:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : RPCRT4.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : ADVAPI32.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : ADVAPI32.dll:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : msvcrt.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : VERSION.dll:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : appHelp.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : appHelp.dll:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : MSASN1.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : CRYPT32.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : cscui.dll:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : cscui.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : SETUPAPI.dll:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : SETUPAPI.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : NTMARTA.DLL:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : ole32.dll:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : ole32.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : WININET.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : WININET.dll:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : OLEAUT32.dll:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : OLEAUT32.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : CLBCATQ.DLL:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : WLDAP32.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : WTSAPI32.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : rtutils.dll:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : rtutils.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : iphlpapi.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : IMAGEHLP.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : WINTRUST.dll:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : WINTRUST.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : credui.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : credui.dll:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : WINMM.dll:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : WINMM.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : ATL.DLL:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : ATL.DLL:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : ntshrui.dll:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : LINKINFO.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : LINKINFO.dll:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : CRYPTUI.dll:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : CRYPTUI.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : USERENV.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : USERENV.dll:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : stobject.dll:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : stobject.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : CSCDLL.dll:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : CSCDLL.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : NETSHELL.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : NETSHELL.dll:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : comdlg32.dll:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : comdlg32.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : BROWSEUI.dll:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : BROWSEUI.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : davclnt.dll:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : MLANG.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : MLANG.dll:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : MSGINA.dll:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : MSGINA.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : webcheck.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : webcheck.dll:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : BatMeter.dll:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : MSCTF.dll:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : MSCTF.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : ODBC32.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : sti.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : WZCSAPI.DLL:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : WINSPOOL.DRV:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : WINSPOOL.DRV:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : wdmaud.drv:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : mydocs.dll:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : mydocs.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : actxprxy.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : NETUI0.dll:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : ntlanman.dll:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : MPR.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : WS2_32.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : WS2HELP.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : AcGenral.DLL:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : AcGenral.DLL:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : eappcfg.dll:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : DUSER.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : fxsst.dll:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : FXSAPI.dll:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : olepro32.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : comctl32.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : comctl32.dll:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : themeui.dll:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : themeui.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : UxTheme.dll:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : NETAPI32.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : NETAPI32.dll:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : WINHTTP.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : WINHTTP.dll:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : PGPmapih.dll:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : PGPmapih.dll:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : Explorer.EXE:KERNEL32.dll!LoadLibraryW Should be : KERNEL32.dll:10002300 But is : C:\WINDOWS\system32\kernel32.dll:7C80AEDB
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1564
Details: Import : Function : Explorer.EXE:KERNEL32.dll!LoadLibraryA Should be : KERNEL32.dll:10002330 But is : C:\WINDOWS\system32\kernel32.dll:7C801D7B
Object-Path: C:\WINDOWS\system32\kernel32.dll
Status: Hooked

Object-Type: Process
Object-Name: System Idle Process
Pid: 0
Object-Path:
Status: Visible

Object-Type: Process
Object-Name: spoolsv.exe
Pid: 1024
Object-Path: C:\WINDOWS\system32\spoolsv.exe
Status: Visible

Object-Type: Process
Object-Name: atiptaxx.exe
Pid: 1800
Object-Path: C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
Status: Visible

Object-Type: Process
Object-Name: lsass.exe
Pid: 560
Object-Path: C:\WINDOWS\system32\lsass.exe
Status: Visible

Object-Type: Process
Object-Name: LwbWheel.exe
Pid: 1832
Object-Path: C:\Programme\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe
Status: Visible

Object-Type: Process
Object-Name: acrotray.exe
Pid: 1988
Object-Path: C:\Programme\Adobe\Acrobat 6.0\Distillr\acrotray.exe
Status: Visible

Object-Type: Process
Object-Name: Rootkit_Detecti
Pid: 2608
Object-Path: L:\Rootkit_Detective.exe
Status: Visible

Object-Type: Process
Object-Name: winlogon.exe
Pid: 500
Object-Path: C:\WINDOWS\system32\winlogon.exe
Status: Visible

Object-Type: Process
Object-Name: System
Pid: 4
Object-Path:
Status: Visible

Object-Type: Process
Object-Name: mdm.exe
Pid: 1400
Object-Path: C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
Status: Visible

Object-Type: Process
Object-Name: csrss.exe
Pid: 472
Object-Path: C:\WINDOWS\system32\csrss.exe
Status: Visible

Object-Type: Process
Object-Name: svchost.exe
Pid: 1436
Object-Path: C:\WINDOWS\System32\svchost.exe
Status: Visible

Object-Type: Process
Object-Name: SOUNDMAN.EXE
Pid: 1808
Object-Path: C:\WINDOWS\SOUNDMAN.EXE
Status: Visible

Object-Type: Process
Object-Name: aawservice.exe
Pid: 972
Object-Path: D:\Programme\Lavasoft\Ad-Aware\aawservice.exe
Status: Visible

Object-Type: Process
Object-Name: avp.exe
Pid: 1376
Object-Path: C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
Status: Visible

Object-Type: Process
Object-Name: explorer.exe
Pid: 1564
Object-Path: C:\WINDOWS\Explorer.EXE
Status: Visible

Object-Type: Process
Object-Name: svchost.exe
Pid: 760
Object-Path: C:\WINDOWS\system32\svchost.exe
Status: Visible

Object-Type: Process
Object-Name: ctfmon.exe
Pid: 1908
Object-Path: C:\WINDOWS\system32\ctfmon.exe
Status: Visible

Object-Type: Process
Object-Name: svchost.exe
Pid: 700
Object-Path: C:\WINDOWS\system32\svchost.exe
Status: Visible

Object-Type: Process
Object-Name: avp.exe
Pid: 1848
Object-Path: C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
Status: Visible

Object-Type: Process
Object-Name: smss.exe
Pid: 392
Object-Path: C:\WINDOWS\System32\smss.exe
Status: Visible

Object-Type: Process
Object-Name: services.exe
Pid: 548
Object-Path: C:\WINDOWS\system32\services.exe
Status: Visible

Object-Type: Process
Object-Name: htpatch.exe
Pid: 1792
Object-Path: C:\WINDOWS\htpatch.exe
Status: Visible

Object-Type: Process
Object-Name: TeaTimer.exe
Pid: 1916
Object-Path: D:\Programme\Spybot - Search & Destroy\TeaTimer.exe
Status: Visible

Object-Type: Process
Object-Name: svchost.exe
Pid: 804
Object-Path: C:\WINDOWS\System32\svchost.exe
Status: Visible

Object-Type: Process
Object-Name: svchost.exe
Pid: 928
Object-Path: C:\WINDOWS\System32\svchost.exe
Status: Visible

Scan complete. Hidden registry keys/values: 10

----------------------------------------------------------------------------

Nun habe ich die gefundenen "SSDT-hooks" und "registry-keys" dummerweise mit "rename" behandelt.

Danach neu gestartet, und seitdem das anfangs beschriebene Problem,
Rechner bootet, aber nicht das Betriebssystem (welches ich vermutlich perforiert habe: blame on me... ;( )

Ich wäre für jede Hilfe sehr dankbar, da ich keine Backups meiner auf dem PC befindlichen Daten habe (was natürlich nicht sehr schlau ist, ich weiß...).

Vielen Dank vorab und
beste Grüße,
kaonashi
Seitenanfang Seitenende
19.12.2008, 13:02
Gool
Member
Avatar Gool

Beiträge: 4730
#2 Du kannst versuchen, eine Reparaturinstallation (nicht mit Wiederherstellungskonsole) durchzuführen. Dazu von WinXP-CD starten, auf "Windows installieren" gehen, das Setup sollte dann eine bereits vorhandene Installation finden und Dir vorschlagen, eine Reparaturinstallation durchzuführen. Wenn das Windows XP mit ServicePack X (1, 2 oder 3) war, was Du installiert hast, könnte es sein, dass Du Dir eine entsprechende Installations-CD mit ServicePack erstellen musst. Anleitungen dazu gibt es hier:

http://www.hardwareecke.de/berichte/windows/winxp_sp2_boot_1.php (SP2)
http://www.wintotal.de/Artikel/winxpsp3cd/winxpsp3cd.php (SP3)
__________
Dies ist eine Signatur! Persönlicher Service: Du kommst aus Berlin? Dann melde Dich per PN bei mir, evtl. können wir einen Termin vereinbaren.
Der Grabsteinschubser
Seitenanfang Seitenende
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren:
Seite(n): 1