Home » Viren, Trojaner & Malware Forum » Generic Host Process for Win32 Services beendet Internetconnection » Themenansicht
Generic Host Process for Win32 Services beendet Internetconnection |
||
|---|---|---|
| #0
| ||
|
13.08.2006, 19:01
Ehrenmitglied
 Beiträge: 29434 |
||
 
|
|
|
|
13.08.2006, 19:05
Ehrenmitglied
Beiträge: 29434 |
#17
DonSchmitzo
1. das anwenden http://virus-protect.org/windsdoorcleaner.html 2. Start - Einstellungen - Systemsteuerung - Verwaltung - Computerverwaltung - und dann den Eintrag Dienste auswählen Automatische Updates Aktiviert den Download und die Installation von Windows-Updates. Wenn dieser Dienst deaktiviert wird, kann weder die automatische Updatefunktionalität noch die Windows Update-Website verwendet werden. Ausführende Datei: \WINDOWS\System32\svchost.exe -k netsvcs Startarten: Manuell, automatisch, deaktiviert Standard-Einstellung: Automatisch __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
13.08.2006, 19:24
...neu hier
Beiträge: 5 |
#18
Im übrigen haben wir genau dasselbe Problem, seit gestern halb 10. Wir warten aber erstmal ab, ob die Problemlösungen bei den anderen funktionieren
|
|
|
|
|
|
|
13.08.2006, 20:18
...neu hier
Beiträge: 6 |
#19
Also ich habe die Q17 entfernt und auch die IPs aus meinen Internetverbindungseinstellungen. Aber das Problem besteht weiterhin, leider.
 Den F-Secure Scan kann nicht nicht beenden weil die Internetverbindung immer vorher abbricht. dennoch der Bericht: Scanning Report Sunday, August 13, 2006 19:42:24 - 20:07:46 Computer name: CHRIS Scanning type: Scan system for viruses, rootkits, spyware Target: C:\ D:\ E:\ F:\ G:\ H:\ Result: 4 malware found Possible Browser Hijack attempt (spyware) * System Tracking Cookie (spyware) * System (Disinfected) * System * System (Submitted) Statistics Scanned: * Files: 24821 * System: 3877 * Not scanned: 2 Actions: * Disinfected: 1 * Renamed: 0 * Deleted: 0 * None: 3 * Submitted: 1 Files not scanned: * C:\PAGEFILE.SYS * C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT Options Scanning engines: * F-Secure AVP: 6.0.171, 2006-08-13 * F-Secure Libra: 2.4.1, 2006-08-11 * F-Secure Orion: 1.2.37, 2006-08-09 * F-Secure Blacklight: 1.0.31, 0000-00-00 * F-Secure Pegasus: 1.19.0, 2006-06-05 * F-Secure Draco: 1.0.35, 2006-08-07 Scanning options: * Scan defined files: COM EXE SYS OV? BIN SCR DLL SHS HTM HTML HTT VBS JS INF VXD DO? XL? RTF CPL WIZ HTA PP? PWZ P?T MSO PIF . ACM ASP AX CNV CSC DRV INI MDB MPD MPP MPT OBD OBT OCX PCI TLB TSP WBK WBT WPC WSH VWP WML BOO HLP TD0 TT6 MSG ASD JSE VBE WSC CHM EML PRC SHB LNK WSF {* PDF ZL? XML ZIP XXX * Use Advanced heuristics Copyright © 1998-2006 Product support |Send virus sample to F-Secure F-Secure assumes no responsibility for material created or published by third parties that F-Secure World Wide Web pages have a link to. Unless you have clearly stated otherwise, by submitting material to any of our servers, for example by E-mail or via our F-Secure's CGI E-mail, you agree that the material you make available may be published in the F-Secure World Wide Pages or hard-copy publications. You will reach F-Secure public web site by clicking on underlined links. While doing this, your access will be logged to our private access statistics with your domain name.This information will not be given to any third party. You agree not to take action against us in relation to material that you submit. Unless you have clearly stated otherwise, by submitting material you warrant that F-Secure may incorporate any concepts described in it in the F-Secure products/publications without liability. Logfile of HijackThis v1.99.1 Scan saved at 20:10:05, on 13.08.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe D:\System\AntiVir PersonalEdition Classic\sched.exe D:\System\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE D:\Grafik\PowerDVD\PDVDServ.exe D:\System\Audio\SB Audigy 2\Surround Mixer\CTSysVol.exe D:\System\Audio\SB Audigy 2\DVDAudio\CTDVDDet.EXE C:\Programme\Microsoft IntelliType Pro\type32.exe D:\System\Daemon Tool\daemon.exe C:\Programme\Java\jre1.5.0_04\bin\jusched.exe D:\System\Logitec MX510\MouseWare\system\em_exec.exe C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe C:\Programme\ATI Technologies\ATI.ACE\cli.exe D:\System\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\wscntfy.exe D:\Internet\ICQLite\ICQLite.exe E:\Adventure\World of Warcraft\BLASC\BLASC.exe C:\Programme\Messenger\msmsgs.exe C:\Programme\ATI Technologies\ATI.ACE\cli.exe C:\Programme\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\system32\dwwin.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Dokumente und Einstellungen\Christian\Desktop\GHPfWS\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\Internet\ICQToolbar\toolbaru.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Grafik\Adobe Reader 7.0\ActiveX\AcroIEHelper.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - D:\System\Canon PIXMA 2000\Easy-WebPrint\Toolband.dll O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\Internet\ICQToolbar\toolbaru.dll O4 - HKLM\..\Run: [RemoteControl] D:\Grafik\PowerDVD\PDVDServ.exe O4 - HKLM\..\Run: [CTSysVol] D:\System\Audio\SB Audigy 2\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [CTDVDDET] D:\System\Audio\SB Audigy 2\DVDAudio\CTDVDDet.EXE O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [type32] "C:\Programme\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [DAEMON Tools-1033] "D:\System\Daemon Tool\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_04\bin\jusched.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [ATICCC] "C:\Programme\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [avgnt] "D:\System\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [ICQ Lite] "D:\Internet\ICQLite\ICQLite.exe" -minimize O4 - HKCU\..\Run: [BLASC] "E:\Adventure\World of Warcraft\BLASC\BLASC.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background O4 - Global Startup: Adobe Reader - Schnellstart.lnk = D:\Grafik\Adobe Reader 7.0\Reader\reader_sl.exe O4 - Global Startup: NaturalColorLoad.lnk = ? O8 - Extra context menu item: &ICQ Toolbar Search - res://D:\Internet\ICQToolbar\toolbaru.dll/SEARCH.HTML O8 - Extra context menu item: Easy-WebPrint - Drucken - res://D:\System\Canon PIXMA 2000\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - res://D:\System\Canon PIXMA 2000\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint - Vorschau - res://D:\System\Canon PIXMA 2000\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - res://D:\System\Canon PIXMA 2000\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://D:\System\Office\MICROS~1\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Internet\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Internet\ICQLite\ICQLite.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-secure.com/ols3/fscax.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{456841A3-FD86-4F5D-A904-367E62FC61EB}: NameServer = 217.237.151.115 217.237.150.188 O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - D:\System\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - AVIRA GmbH - D:\System\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Creative Service for CDROM Access - Unknown owner - C:\WINDOWS\System32\CTsvcCDA.exe (file missing) O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - D:\Audio\iPod\bin\iPodService.exe also nächstes werde ich mir mal die Wiederherstellungspunkte anschauen. Vielleicht bringt es was das System auf letzte Woche wo ich das Prob nicht hatte zurückroll zu lassen. |
|
|
|
|
|
|
13.08.2006, 20:22
...neu hier
Beiträge: 2 |
#20
Ich hab das Problem auch seit gestern Abend,
ich bin jetzt 1 stunde ohne Fehler Online ich hoffe es bleibt so Hoffe ihr findet eine lösung
|
|
|
|
|
|
|
13.08.2006, 20:33
...neu hier
Beiträge: 3 |
#21
Hallo,
vorab: bin brand-new hier und habe leider auch keine ahnung von meinem laptop, wenn´s an software, system etc. geht. Leider habe ich exakt das gleiche problem. ist das denn nun eigentlich ein virus? oder ist das jetzt schon eine total blöde frage??? also, habe die beiträge gelesen und nur wirklich wenig verstanden. habe den tipp von sabina an heima befolgt und über gmer, rootkit den scan durchgeführt. Nun habe ich das ergebnis und frage mich, wie ich das hier rein kopieren kann. und soll es dann die show all variante sein; das ist ja tierisch viel! herzlichen dank im vorraus!! |
|
|
|
|
|
|
13.08.2006, 20:35
Ehrenmitglied
Beiträge: 29434 |
#22
Graf KiZz
die Internetverbindung ist schon mal o.k. 1. Windows Worms Doors Cleaner http://virus-protect.org/windsdoorcleaner.html 2. scanne mit ewido und poste den scanreport http://virus-protect.org/ewido.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
13.08.2006, 20:36
Ehrenmitglied
Beiträge: 29434 |
#23
mysty
hast du alle WindowsUpdates geladen ? wenn nein, so hole es fix nach. + zusaetzlich: http://virus-protect.org/windsdoorcleaner.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
13.08.2006, 20:37
Ehrenmitglied
Beiträge: 29434 |
#24
___sun___
fang erst mal mit dem Log vom HijackTHis an........... Hijackthis http://computercops.biz/zx/Merijn/hijackthis.zip http://virus-protect.org/hjtkurz.html Lade/entpacke HijackThis in einem Ordner --> None of the above just start the program --> Save--> Savelog -->es öffnet sich der Editor nun das KOMPLETTE Log mit rechtem Mausklick abkopieren und ins Forum mit rechtem Mausklick "einfügen" __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
13.08.2006, 21:19
...neu hier
Beiträge: 6 |
#25
Sabina Chef,
alle Aktion wie empfohlen ausgeführt. Melde gehorsamst folgenden Bericht: --------------------------------------------------------- ewido anti-spyware - Scan-Bericht --------------------------------------------------------- + Erstellt um: 21:16:10 13.08.2006 + Scan-Ergebnis: C:\RECYCLER\S-1-5-21-776561741-1078081533-725345543-1003\DC2.0XE -> Downloader.Small.tc : Mit Backup gesäubert (unter Quarantäne gestellt). C:\Dokumente und Einstellungen\Christian\Cookies\christian@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Gesäubert. :mozilla.18:C:\Dokumente und Einstellungen\Christian\Anwendungsdaten\Mozilla\Firefox\Profiles\5qqyyn9a.default\cookies.txt -> TrackingCookie.71i : Gesäubert. :mozilla.44:C:\Dokumente und Einstellungen\Christian\Anwendungsdaten\Mozilla\Firefox\Profiles\5qqyyn9a.default\cookies.txt -> TrackingCookie.Adition : Gesäubert. edit Ob ich jetzt gut schlafen kann? |
|
|
|
|
|
|
13.08.2006, 21:40
Ehrenmitglied
Beiträge: 29434 |
#26
Graf KiZz
im Grunde muesste nun alles wieder o.k. sein. ueberpruefe, wenn die Meldung wieder kommt, die Ports und kopiere den Text ab http://virus-protect.org/artikel/tools/icesword.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
13.08.2006, 21:51
...neu hier
Beiträge: 3 |
#27
So, nachdem ich mal wieder alles runterfahren musste, wg. eben dieses Fehlers, habe ich Deine Anweisungen befolgt. Hier die Kopie:
Logfile of HijackThis v1.99.1 Scan saved at 21:39:58, on 13.08.2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\System32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\igfxtray.exe C:\WINDOWS\System32\hkcmd.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\AGRSMMSG.exe C:\Programme\Apoint2K\Apoint.exe C:\PROGRA~1\LAUNCH~1\CPLBCL53.EXE C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe C:\Programme\QuickTime\qttask.exe C:\Programme\Gemeinsame Dateien\G DATA\AVKTray\AVKTray.exe C:\Programme\T-Online\DSL-Manager\TODslMgr.exe C:\Programme\BearShare\BearShare.exe C:\Programme\Java\jre1.5.0_06\bin\jusched.exe C:\WINDOWS\System32\ctfmon.exe C:\Programme\Messenger\msmsgs.exe C:\Programme\Microsoft ActiveSync\wcescomm.exe C:\Programme\Adobe\Acrobat 6.0\Distillr\acrotray.exe C:\Programme\Apoint2K\Apntex.exe C:\PROGRA~1\MICROS~3\rapimgr.exe C:\Programme\Gemeinsame Dateien\EPSON\EBAPI\eEBSVC.exe C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\AVKProxy.exe C:\Programme\AntiVirusProfiPaket\AVKService.exe C:\Programme\AntiVirusProfiPaket\AVKWCtl.exe C:\Programme\Cisco Systems\VPN Client\cvpnd.exe C:\Programme\Gemeinsame Dateien\EPSON\EBAPI\SAgent2.exe C:\Programme\T-Online\DSL-Manager\TODslSvc.exe C:\PROGRAMME\INTERNET EXPLORER\IEXPLORE.EXE C:\Programme\Microsoft Office\Office10\OUTLOOK.EXE C:\Dokumente und Einstellungen\Pascale\Lokale Einstellungen\Temp\Temporäres Verzeichnis 1 für hijackthis.zip\HijackThis.exe C:\WINDOWS\System32\svchost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://login.1und1.de/xml/config/Login;jsessionid=C3FFB30BBB1D115ADD7CEF367D52077C.TC42b?__frame=_top O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O4 - HKLM\..\Run: [LaunchApp] Alaunch O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [Apoint] C:\Programme\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\CPLBCL53.EXE O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe O4 - HKLM\..\Run: [ALDI_SUED_FotoSuite_Download] "C:\Programme\ALDI Sued Foto Service\ALDI_Foto_Service\FotoSuite.exe" /autorun O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [AVKTray] "C:\Programme\Gemeinsame Dateien\G DATA\AVKTray\AVKTray.exe" O4 - HKLM\..\Run: [T-Online DSL-Manager] "C:\Programme\T-Online\DSL-Manager\TODslMgr.exe" O4 - HKLM\..\Run: [BearShare] "C:\Programme\BearShare\BearShare.exe" /pause O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_06\bin\jusched.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programme\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [updateMgr] "C:\Programme\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1 O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Programme\Cisco Systems\VPN Client\vpngui.exe O4 - Global Startup: EPSON Status Monitor 3 Environment Check(2).lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE O4 - Global Startup: Acrobat Assistant.lnk = C:\Programme\Adobe\Acrobat 6.0\Distillr\acrotray.exe O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra 'Tools' menuitem: Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O10 - Unknown file in Winsock LSP: c:\windows\system32\spacklsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\spacklsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\spacklsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\spacklsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\spacklsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\spacklsp.dll O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-12.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1143116046903 O16 - DPF: {7CD66D2D-8AB1-4F3A-9133-F7BE30A27498} - https://www.openbc.com/sync/index.cab O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - http://cm4all01.kundenserver.de/app/static/activex/msxml4.cab O16 - DPF: {ABC1D8DE-CAB5-4FB7-BCD0-137BAB9F09DC} (aldisued-fotos-druck_de_bilduebertragung) - http://www.aldisued-fotos-druck.de/upload/aldi_sued_bilduebertragung.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{8C44CCA6-9918-4170-A20B-47F115EA55B4}: NameServer = 217.237.151.225 217.237.150.225 O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: AVKProxy - G DATA Software AG - C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\AVKProxy.exe O23 - Service: AVK Service (AVKService) - Unknown owner - C:\Programme\AntiVirusProfiPaket\AVKService.exe O23 - Service: AVK Wächter (AVKWCtl) - Unknown owner - C:\Programme\AntiVirusProfiPaket\AVKWCtl.exe O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Programme\Cisco Systems\VPN Client\cvpnd.exe O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Programme\Gemeinsame Dateien\EPSON\EBAPI\eEBSVC.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Programme\Gemeinsame Dateien\EPSON\EBAPI\SAgent2.exe O23 - Service: Pml Driver - HP - C:\WINDOWS\System32\HPHipm09.exe O23 - Service: T-Online DSL-Manager (TODslService) - T-Systems International GmbH - C:\Programme\T-Online\DSL-Manager\TODslSvc.exe Bin gespannt auf die Antwort. Danke! |
|
|
|
|
|
|
13.08.2006, 22:05
...neu hier
Beiträge: 2 |
#28
ich hatte keine Probleme mehr nach dem Windowsupdate und bin immernoch fehlerfrei Online^^
hoffe ich konnte helfen |
|
|
|
|
|
|
13.08.2006, 23:25
Ehrenmitglied
Beiträge: 29434 |
#29
___sun___
alle WindowsUpdates laden - SP2 (falls der Rechner vorher runterfaehrt, lade SP2 von CD, wird immer wieder mal in PC.-Zeitschriften angeboten), falls dein XP das nicht erlaubt, bewege dich in Richtung Computerladen oder per Internet (mit einem anderen Rechner, klar) ...und gebe ca. 80 Euronen fuer ein XP-Home + Key aus . Die Virenkiddies machen den guten Bill Gates noch ein bisschen reicher  ...oder steig um auf Linux.+ zusaetzlich: http://virus-protect.org/windsdoorcleaner.html und C:\Programme\BearShare - solltest du deinstallieren........ __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
14.08.2006, 00:47
...neu hier
Beiträge: 5 |
#30
hier mein gmer scan:
GMER 1.0.10.10122 - http://www.gmer.net Rootkit 2006-08-13 00:43:45 Windows 5.1.2600 Service Pack 2 ---- System - GMER 1.0.10 ---- SSDT \??\C:\Programme\Softwin\BitDefender9\bdrsdrv.sys ZwClose SSDT \??\C:\Programme\Softwin\BitDefender9\bdrsdrv.sys ZwCreateKey SSDT \??\C:\Programme\Softwin\BitDefender9\bdrsdrv.sys ZwDeleteKey SSDT \??\C:\Programme\Softwin\BitDefender9\bdrsdrv.sys ZwDeleteValueKey SSDT \??\C:\Programme\Softwin\BitDefender9\bdrsdrv.sys ZwEnumerateKey SSDT \??\C:\Programme\Softwin\BitDefender9\bdrsdrv.sys ZwEnumerateValueKey SSDT \??\C:\Programme\Softwin\BitDefender9\bdrsdrv.sys ZwFlushKey SSDT \??\C:\Programme\Softwin\BitDefender9\bdrsdrv.sys ZwLoadKey SSDT \??\C:\Programme\Softwin\BitDefender9\bdfsdrv.sys ZwOpenFile SSDT \??\C:\Programme\Softwin\BitDefender9\bdrsdrv.sys ZwOpenKey SSDT \??\C:\Programme\Softwin\BitDefender9\bdrsdrv.sys ZwQueryKey SSDT \??\C:\Programme\Softwin\BitDefender9\bdrsdrv.sys ZwQueryValueKey SSDT \??\C:\Programme\Softwin\BitDefender9\bdrsdrv.sys ZwSetValueKey SSDT \??\C:\Programme\Softwin\BitDefender9\bdrsdrv.sys ZwUnloadKey ---- Devices - GMER 1.0.10 ---- Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE 86799EB0 Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CREATE 861FE0E8 Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_CREATE 8679A9C0 Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_CREATE 8679A9C0 Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_CREATE 8679A9C0 Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_CREATE 8679A9C0 Device \Driver\nvatabus \Device\00000070 IRP_MJ_CREATE 8679A450 Device \Driver\nvatabus \Device\00000070 IRP_MJ_CREATE_NAMED_PIPE 8679A450 Device \Driver\nvatabus \Device\00000070 IRP_MJ_CLOSEIRP_MJ_READ 8679A450 Device \Driver\nvatabus \Device\00000070 IRP_MJ_WRITE 8679A450 Device \Driver\nvatabus \Device\00000070 IRP_MJ_QUERY_INFORMATION 8679A450 Device \Driver\nvatabus \Device\00000070 IRP_MJ_SET_INFORMATION 8679A450 Device \Driver\nvatabus \Device\00000070 IRP_MJ_QUERY_EA 8679A450 Device \Driver\nvatabus \Device\00000070 IRP_MJ_SET_EA 8679A450 Device \Driver\nvatabus \Device\00000070 IRP_MJ_FLUSH_BUFFERS 8679A450 Device \Driver\nvatabus \Device\00000070 IRP_MJ_QUERY_VOLUME_INFORMATION 8679A450 Device \Driver\nvatabus \Device\00000070 IRP_MJ_SET_VOLUME_INFORMATION 8679A450 Device \Driver\nvatabus \Device\00000070 IRP_MJ_DIRECTORY_CONTROL 8679A450 Device \Driver\nvatabus \Device\00000070 IRP_MJ_FILE_SYSTEM_CONTROL 8679A450 Device \Driver\nvatabus \Device\00000070 IRP_MJ_DEVICE_CONTROL 8679A450 Device \Driver\nvatabus \Device\00000070 IRP_MJ_INTERNAL_DEVICE_CONTROL 8679A450 Device \Driver\nvatabus \Device\00000070 IRP_MJ_SHUTDOWN [F786CD60] sfsync02.sys Device \Driver\nvatabus \Device\00000070 IRP_MJ_LOCK_CONTROL 8679A450 Device \Driver\nvatabus \Device\00000070 IRP_MJ_CLEANUP 8679A450 Device \Driver\nvatabus \Device\00000070 IRP_MJ_CREATE_MAILSLOT 8679A450 Device \Driver\nvatabus \Device\00000070 IRP_MJ_QUERY_SECURITY 8679A450 Device \Driver\nvatabus \Device\00000070 IRP_MJ_SET_SECURITY 8679A450 Device \Driver\nvatabus \Device\00000070 IRP_MJ_POWER 8679A450 Device \Driver\nvatabus \Device\00000070 IRP_MJ_SYSTEM_CONTROL 8679A450 Device \Driver\nvatabus \Device\00000070 IRP_MJ_DEVICE_CHANGE 8679A450 Device \Driver\nvatabus \Device\00000070 IRP_MJ_QUERY_QUOTA 8679A450 Device \Driver\nvatabus \Device\00000070 IRP_MJ_SET_QUOTA 8679A450 Device \Driver\nvatabus \Device\00000070 IRP_MJ_PNP 8679A450 Device \Driver\nvatabus \Device\00000070 IRP_MJ_PNP_POWER 8679A450 Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CREATE 8679AC78 Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CREATE 8679AC78 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE 86536730 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_CREATE 862EA0E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_CREATE_NAMED_PIPE 862EA0E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_CLOSEIRP_MJ_READ 862EA0E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_WRITE 862EA0E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_QUERY_INFORMATION 862EA0E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SET_INFORMATION 862EA0E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_QUERY_EA 862EA0E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SET_EA 862EA0E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_FLUSH_BUFFERS 862EA0E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_QUERY_VOLUME_INFORMATION 862EA0E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SET_VOLUME_INFORMATION 862EA0E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_DIRECTORY_CONTROL 862EA0E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_FILE_SYSTEM_CONTROL 862EA0E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_DEVICE_CONTROL 862EA0E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_INTERNAL_DEVICE_CONTROL 862EA0E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SHUTDOWN 862EA0E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_LOCK_CONTROL 862EA0E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_CLEANUP 862EA0E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_CREATE_MAILSLOT 862EA0E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_QUERY_SECURITY 862EA0E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SET_SECURITY 862EA0E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_POWER 862EA0E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SYSTEM_CONTROL 862EA0E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_DEVICE_CHANGE 862EA0E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_QUERY_QUOTA 862EA0E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SET_QUOTA 862EA0E8 Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_PNP 862EA0E8 Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_CREATE 8679AC78 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE 86536730 Device \Driver\Ftdisk \Device\HarddiskVolume4 IRP_MJ_CREATE 8679AC78 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CREATE 86536730 Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_CREATE 86536730 Device \Driver\Cdrom \Device\CdRom4 IRP_MJ_CREATE 86536730 Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CREATE 863090E8 Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CREATE 863090E8 Device \Driver\00000040 \Device\0000004e IRP_MJ_SYSTEM_CONTROL [F7417EA8] sptd.sys Device \Driver\00000040 \Device\0000004e IRP_MJ_DEVICE_CHANGE [F742BA70] sptd.sys Device \Driver\00000040 \Device\0000004e IRP_MJ_PNP_POWER [F7424728] sptd.sys Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_CREATE 867990E8 Device \Driver\NetBT \Device\NetBT_Tcpip_{2DE40C7C-2DB1-47BE-B994-8E759B2E8837} IRP_MJ_CREATE 863090E8 Device \Driver\Disk \Device\Harddisk1\DR1 IRP_MJ_CREATE 867990E8 Device \Driver\NetBT \Device\NetBT_Tcpip_{43358609-8686-49CA-A6BD-432AF4ED20CE} IRP_MJ_CREATE 863090E8 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_CREATE 8679A450 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_CREATE_NAMED_PIPE 8679A450 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_CLOSEIRP_MJ_READ 8679A450 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_WRITE 8679A450 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_QUERY_INFORMATION 8679A450 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_SET_INFORMATION 8679A450 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_QUERY_EA 8679A450 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_SET_EA 8679A450 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_FLUSH_BUFFERS 8679A450 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_QUERY_VOLUME_INFORMATION 8679A450 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_SET_VOLUME_INFORMATION 8679A450 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_DIRECTORY_CONTROL 8679A450 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_FILE_SYSTEM_CONTROL 8679A450 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_DEVICE_CONTROL 8679A450 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_INTERNAL_DEVICE_CONTROL 8679A450 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_SHUTDOWN [F786CD60] sfsync02.sys Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_LOCK_CONTROL 8679A450 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_CLEANUP 8679A450 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_CREATE_MAILSLOT 8679A450 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_QUERY_SECURITY 8679A450 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_SET_SECURITY 8679A450 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_POWER 8679A450 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_SYSTEM_CONTROL 8679A450 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_DEVICE_CHANGE 8679A450 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_QUERY_QUOTA 8679A450 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_SET_QUOTA 8679A450 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_PNP 8679A450 Device \Driver\nvatabus \Device\NvAta0 IRP_MJ_PNP_POWER 8679A450 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE_NAMED_PIPE 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CLOSEIRP_MJ_READ 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_WRITE 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_INFORMATION 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_INFORMATION 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_EA 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_EA 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_FLUSH_BUFFERS 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_VOLUME_INFORMATION 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_VOLUME_INFORMATION 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DIRECTORY_CONTROL 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_FILE_SYSTEM_CONTROL 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DEVICE_CONTROL 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_INTERNAL_DEVICE_CONTROL 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SHUTDOWN 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_LOCK_CONTROL 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CLEANUP 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE_MAILSLOT 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_SECURITY 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_SECURITY 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_POWER 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SYSTEM_CONTROL 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DEVICE_CHANGE 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_QUOTA 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_QUOTA 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_PNP 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_PNP_POWER 862BBCA0 Device \Driver\nvatabus \Device\0000006e IRP_MJ_CREATE 8679A450 Device \Driver\nvatabus \Device\0000006e IRP_MJ_CREATE_NAMED_PIPE 8679A450 Device \Driver\nvatabus \Device\0000006e IRP_MJ_CLOSEIRP_MJ_READ 8679A450 Device \Driver\nvatabus \Device\0000006e IRP_MJ_WRITE 8679A450 Device \Driver\nvatabus \Device\0000006e IRP_MJ_QUERY_INFORMATION 8679A450 Device \Driver\nvatabus \Device\0000006e IRP_MJ_SET_INFORMATION 8679A450 Device \Driver\nvatabus \Device\0000006e IRP_MJ_QUERY_EA 8679A450 Device \Driver\nvatabus \Device\0000006e IRP_MJ_SET_EA 8679A450 Device \Driver\nvatabus \Device\0000006e IRP_MJ_FLUSH_BUFFERS 8679A450 Device \Driver\nvatabus \Device\0000006e IRP_MJ_QUERY_VOLUME_INFORMATION 8679A450 Device \Driver\nvatabus \Device\0000006e IRP_MJ_SET_VOLUME_INFORMATION 8679A450 Device \Driver\nvatabus \Device\0000006e IRP_MJ_DIRECTORY_CONTROL 8679A450 Device \Driver\nvatabus \Device\0000006e IRP_MJ_FILE_SYSTEM_CONTROL 8679A450 Device \Driver\nvatabus \Device\0000006e IRP_MJ_DEVICE_CONTROL 8679A450 Device \Driver\nvatabus \Device\0000006e IRP_MJ_INTERNAL_DEVICE_CONTROL 8679A450 Device \Driver\nvatabus \Device\0000006e IRP_MJ_SHUTDOWN [F786CD60] sfsync02.sys Device \Driver\nvatabus \Device\0000006e IRP_MJ_LOCK_CONTROL 8679A450 Device \Driver\nvatabus \Device\0000006e IRP_MJ_CLEANUP 8679A450 Device \Driver\nvatabus \Device\0000006e IRP_MJ_CREATE_MAILSLOT 8679A450 Device \Driver\nvatabus \Device\0000006e IRP_MJ_QUERY_SECURITY 8679A450 Device \Driver\nvatabus \Device\0000006e IRP_MJ_SET_SECURITY 8679A450 Device \Driver\nvatabus \Device\0000006e IRP_MJ_POWER 8679A450 Device \Driver\nvatabus \Device\0000006e IRP_MJ_SYSTEM_CONTROL 8679A450 Device \Driver\nvatabus \Device\0000006e IRP_MJ_DEVICE_CHANGE 8679A450 Device \Driver\nvatabus \Device\0000006e IRP_MJ_QUERY_QUOTA 8679A450 Device \Driver\nvatabus \Device\0000006e IRP_MJ_SET_QUOTA 8679A450 Device \Driver\nvatabus \Device\0000006e IRP_MJ_PNP 8679A450 Device \Driver\nvatabus \Device\0000006e IRP_MJ_PNP_POWER 8679A450 Device \Driver\nvatabus \Device\NvAta1 IRP_MJ_CREATE 8679A450 Device \Driver\nvatabus \Device\NvAta1 IRP_MJ_CREATE_NAMED_PIPE 8679A450 Device \Driver\nvatabus \Device\NvAta1 IRP_MJ_CLOSEIRP_MJ_READ 8679A450 Device \Driver\nvatabus \Device\NvAta1 IRP_MJ_WRITE 8679A450 Device \Driver\nvatabus \Device\NvAta1 IRP_MJ_QUERY_INFORMATION 8679A450 Device \Driver\nvatabus \Device\NvAta1 IRP_MJ_SET_INFORMATION 8679A450 Device \Driver\nvatabus \Device\NvAta1 IRP_MJ_QUERY_EA 8679A450 Device \Driver\nvatabus \Device\NvAta1 IRP_MJ_SET_EA 8679A450 Device \Driver\nvatabus \Device\NvAta1 IRP_MJ_FLUSH_BUFFERS 8679A450 Device \Driver\nvatabus \Device\NvAta1 IRP_MJ_QUERY_VOLUME_INFORMATION 8679A450 Device \Driver\nvatabus \Device\NvAta1 IRP_MJ_SET_VOLUME_INFORMATION 8679A450 Device \Driver\nvatabus \Device\NvAta1 IRP_MJ_DIRECTORY_CONTROL 8679A450 Device \Driver\nvatabus \Device\NvAta1 IRP_MJ_FILE_SYSTEM_CONTROL 8679A450 Device \Driver\nvatabus \Device\NvAta1 IRP_MJ_DEVICE_CONTROL 8679A450 Device \Driver\nvatabus \Device\NvAta1 IRP_MJ_INTERNAL_DEVICE_CONTROL 8679A450 Device \Driver\nvatabus \Device\NvAta1 IRP_MJ_SHUTDOWN [F786CD60] sfsync02.sys Device \Driver\nvatabus \Device\NvAta1 IRP_MJ_LOCK_CONTROL 8679A450 Device \Driver\nvatabus \Device\NvAta1 IRP_MJ_CLEANUP 8679A450 Device \Driver\nvatabus \Device\NvAta1 IRP_MJ_CREATE_MAILSLOT 8679A450 Device \Driver\nvatabus \Device\NvAta1 IRP_MJ_QUERY_SECURITY 8679A450 Device \Driver\nvatabus \Device\NvAta1 IRP_MJ_SET_SECURITY 8679A450 Device \Driver\nvatabus \Device\NvAta1 IRP_MJ_POWER 8679A450 Device \Driver\nvatabus \Device\NvAta1 IRP_MJ_SYSTEM_CONTROL 8679A450 Device \Driver\nvatabus \Device\NvAta1 IRP_MJ_DEVICE_CHANGE 8679A450 Device \Driver\nvatabus \Device\NvAta1 IRP_MJ_QUERY_QUOTA 8679A450 Device \Driver\nvatabus \Device\NvAta1 IRP_MJ_SET_QUOTA 8679A450 Device \Driver\nvatabus \Device\NvAta1 IRP_MJ_PNP 8679A450 Device \Driver\nvatabus \Device\NvAta1 IRP_MJ_PNP_POWER 8679A450 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE_NAMED_PIPE 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CLOSEIRP_MJ_READ 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_WRITE 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_INFORMATION 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_INFORMATION 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_EA 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_EA 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_FLUSH_BUFFERS 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_VOLUME_INFORMATION 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_VOLUME_INFORMATION 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DIRECTORY_CONTROL 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_FILE_SYSTEM_CONTROL 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DEVICE_CONTROL 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_INTERNAL_DEVICE_CONTROL 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SHUTDOWN 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_LOCK_CONTROL 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CLEANUP 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE_MAILSLOT 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_SECURITY 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_SECURITY 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_POWER 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SYSTEM_CONTROL 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DEVICE_CHANGE 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_QUOTA 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_QUOTA 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_PNP 862BBCA0 Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_PNP_POWER 862BBCA0 Device \Driver\nvatabus \Device\0000006f IRP_MJ_CREATE 8679A450 Device \Driver\nvatabus \Device\0000006f IRP_MJ_CREATE_NAMED_PIPE 8679A450 Device \Driver\nvatabus \Device\0000006f IRP_MJ_CLOSEIRP_MJ_READ 8679A450 Device \Driver\nvatabus \Device\0000006f IRP_MJ_WRITE 8679A450 Device \Driver\nvatabus \Device\0000006f IRP_MJ_QUERY_INFORMATION 8679A450 Device \Driver\nvatabus \Device\0000006f IRP_MJ_SET_INFORMATION 8679A450 Device \Driver\nvatabus \Device\0000006f IRP_MJ_QUERY_EA 8679A450 Device \Driver\nvatabus \Device\0000006f IRP_MJ_SET_EA 8679A450 Device \Driver\nvatabus \Device\0000006f IRP_MJ_FLUSH_BUFFERS 8679A450 Device \Driver\nvatabus \Device\0000006f IRP_MJ_QUERY_VOLUME_INFORMATION 8679A450 Device \Driver\nvatabus \Device\0000006f IRP_MJ_SET_VOLUME_INFORMATION 8679A450 Device \Driver\nvatabus \Device\0000006f IRP_MJ_DIRECTORY_CONTROL 8679A450 Device \Driver\nvatabus \Device\0000006f IRP_MJ_FILE_SYSTEM_CONTROL 8679A450 Device \Driver\nvatabus \Device\0000006f IRP_MJ_DEVICE_CONTROL 8679A450 Device \Driver\nvatabus \Device\0000006f IRP_MJ_INTERNAL_DEVICE_CONTROL 8679A450 Device \Driver\nvatabus \Device\0000006f IRP_MJ_SHUTDOWN [F786CD60] sfsync02.sys Device \Driver\nvatabus \Device\0000006f IRP_MJ_LOCK_CONTROL 8679A450 Device \Driver\nvatabus \Device\0000006f IRP_MJ_CLEANUP 8679A450 Device \Driver\nvatabus \Device\0000006f IRP_MJ_CREATE_MAILSLOT 8679A450 Device \Driver\nvatabus \Device\0000006f IRP_MJ_QUERY_SECURITY 8679A450 Device \Driver\nvatabus \Device\0000006f IRP_MJ_SET_SECURITY 8679A450 Device \Driver\nvatabus \Device\0000006f IRP_MJ_POWER 8679A450 Device \Driver\nvatabus \Device\0000006f IRP_MJ_SYSTEM_CONTROL 8679A450 Device \Driver\nvatabus \Device\0000006f IRP_MJ_DEVICE_CHANGE 8679A450 Device \Driver\nvatabus \Device\0000006f IRP_MJ_QUERY_QUOTA 8679A450 Device \Driver\nvatabus \Device\0000006f IRP_MJ_SET_QUOTA 8679A450 Device \Driver\nvatabus \Device\0000006f IRP_MJ_PNP 8679A450 Device \Driver\nvatabus \Device\0000006f IRP_MJ_PNP_POWER 8679A450 Device \Driver\nvatabus \Device\NvAta2 IRP_MJ_CREATE 8679A450 Device \Driver\nvatabus \Device\NvAta2 IRP_MJ_CREATE_NAMED_PIPE 8679A450 Device \Driver\nvatabus \Device\NvAta2 IRP_MJ_CLOSEIRP_MJ_READ 8679A450 Device \Driver\nvatabus \Device\NvAta2 IRP_MJ_WRITE 8679A450 Device \Driver\nvatabus \Device\NvAta2 IRP_MJ_QUERY_INFORMATION 8679A450 Device \Driver\nvatabus \Device\NvAta2 IRP_MJ_SET_INFORMATION 8679A450 Device \Driver\nvatabus \Device\NvAta2 IRP_MJ_QUERY_EA 8679A450 Device \Driver\nvatabus \Device\NvAta2 IRP_MJ_SET_EA 8679A450 Device \Driver\nvatabus \Device\NvAta2 IRP_MJ_FLUSH_BUFFERS 8679A450 Device \Driver\nvatabus \Device\NvAta2 IRP_MJ_QUERY_VOLUME_INFORMATION 8679A450 Device \Driver\nvatabus \Device\NvAta2 IRP_MJ_SET_VOLUME_INFORMATION 8679A450 Device \Driver\nvatabus \Device\NvAta2 IRP_MJ_DIRECTORY_CONTROL 8679A450 Device \Driver\nvatabus \Device\NvAta2 IRP_MJ_FILE_SYSTEM_CONTROL 8679A450 Device \Driver\nvatabus \Device\NvAta2 IRP_MJ_DEVICE_CONTROL 8679A450 Device \Driver\nvatabus \Device\NvAta2 IRP_MJ_INTERNAL_DEVICE_CONTROL 8679A450 Device \Driver\nvatabus \Device\NvAta2 IRP_MJ_SHUTDOWN [F786CD60] sfsync02.sys Device \Driver\nvatabus \Device\NvAta2 IRP_MJ_LOCK_CONTROL 8679A450 Device \Driver\nvatabus \Device\NvAta2 IRP_MJ_CLEANUP 8679A450 Device \Driver\nvatabus \Device\NvAta2 IRP_MJ_CREATE_MAILSLOT 8679A450 Device \Driver\nvatabus \Device\NvAta2 IRP_MJ_QUERY_SECURITY 8679A450 Device \Driver\nvatabus \Device\NvAta2 IRP_MJ_SET_SECURITY 8679A450 Device \Driver\nvatabus \Device\NvAta2 IRP_MJ_POWER 8679A450 Device \Driver\nvatabus \Device\NvAta2 IRP_MJ_SYSTEM_CONTROL 8679A450 Device \Driver\nvatabus \Device\NvAta2 IRP_MJ_DEVICE_CHANGE 8679A450 Device \Driver\nvatabus \Device\NvAta2 IRP_MJ_QUERY_QUOTA 8679A450 Device \Driver\nvatabus \Device\NvAta2 IRP_MJ_SET_QUOTA 8679A450 Device \Driver\nvatabus \Device\NvAta2 IRP_MJ_PNP 8679A450 Device \Driver\nvatabus \Device\NvAta2 IRP_MJ_PNP_POWER 8679A450 Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_CREATE 861DD0E8 Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_CREATE_NAMED_PIPE 861DD0E8 Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_CLOSEIRP_MJ_READ 861DD0E8 Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_WRITE 861DD0E8 Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_QUERY_INFORMATION 861DD0E8 Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_SET_INFORMATION 861DD0E8 Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_QUERY_EA 861DD0E8 Device \Driver\Ftdisk \Device\FtControl IRP_MJ_CREATE 8679AC78 Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_CREATE 8648EEB0 Device \Driver\dtscsi \Device\Scsi\dtscsi1Port3Path0Target1Lun0 IRP_MJ_CREATE 862ED0E8 Device \Driver\dtscsi \Device\Scsi\dtscsi1Port3Path0Target1Lun0 IRP_MJ_SHUTDOWN [F786CD60] sfsync02.sys Device \Driver\dtscsi \Device\Scsi\dtscsi1Port3Path0Target3Lun0 IRP_MJ_CREATE 862ED0E8 Device \Driver\dtscsi \Device\Scsi\dtscsi1Port3Path0Target3Lun0 IRP_MJ_SHUTDOWN [F786CD60] sfsync02.sys Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_CREATE 862ED0E8 Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_SHUTDOWN [F786CD60] sfsync02.sys Device \Driver\dtscsi \Device\Scsi\dtscsi1Port3Path0Target2Lun0 IRP_MJ_CREATE 862ED0E8 Device \Driver\dtscsi \Device\Scsi\dtscsi1Port3Path0Target2Lun0 IRP_MJ_SHUTDOWN [F786CD60] sfsync02.sys Device \Driver\dtscsi \Device\Scsi\dtscsi1Port3Path0Target0Lun0 IRP_MJ_CREATE 862ED0E8 Device \Driver\dtscsi \Device\Scsi\dtscsi1Port3Path0Target0Lun0 IRP_MJ_SHUTDOWN [F786CD60] sfsync02.sys Device \FileSystem\Fastfat \Fat IRP_MJ_CREATE 861FE0E8 Device \FileSystem\Cdfs \Cdfs IRP_MJ_CREATE 863BC0E8 ---- Files - GMER 1.0.10 ---- File C:\System Volume Information\MountPointManagerRemoteDatabase File C:\System Volume Information\tracking.log File C:\System Volume Information\_restore{7E204FD8-AEB7-472B-A4A5-189A6B69A536} File F:\System Volume Information\MountPointManagerRemoteDatabase File F:\System Volume Information\tracking.log File F:\System Volume Information\_restore{7E204FD8-AEB7-472B-A4A5-189A6B69A536} File G:\System Volume Information\MountPointManagerRemoteDatabase File G:\System Volume Information\tracking.log File G:\System Volume Information\_restore{7E204FD8-AEB7-472B-A4A5-189A6B69A536} ---- EOF - GMER 1.0.10 ---- danke vielmals |
|
|
|
|
|
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!
bitte erst » hier kostenlos registrieren!!
Folgende Themen könnten Dich auch interessieren:
Copyright © 2024, Protecus.de - Protecus Team - Impressum / Mediadaten
fuer dich geht es hier weiter
http://board.protecus.de/t24794-1.htm#236330
setze unten ein Haekchen, dass du bei Antwort per Mail benachrichtigt wirst
__________
MfG Sabina
rund um die PC-Sicherheit