Zurück   Trojaner-Board > Malware entfernen > Antiviren-, Firewall- und andere Schutzprogramme
ports 135 und 445: listening

ports 135 und 445: listening


Antiviren-, Firewall- und andere Schutzprogramme: ports 135 und 445: listening

Windows 7 Sämtliche Fragen zur Bedienung von Firewalls, Anti-Viren Programmen, Anti Malware und Anti Trojaner Software sind hier richtig. Dies ist ein Diskussionsforum für Sicherheitslösungen für Windows Rechner. Benötigst du Hilfe beim Trojaner entfernen oder weil du dir einen Virus eingefangen hast, erstelle ein Thema in den oberen Bereinigungsforen.

Antwort
Alt 08.09.2005, 20:14   #1
eva
 
ports 135 und 445: listening - Standard

ports 135 und 445: listening


ich hab mit uptimer 4 gerade festgestellt, dass einige ports connections offen haben oder lauschen, u.a 135 und 445 (listening), die mir als krtitisch bekannt und daher ungeheuer sind.
hier läuft xpsp2 mit einer streng eingestellten sw-firewall (ausnahmeslos jede anwendung muss fragen), der rechner ist sauber.
was kann/soll ich hier trotzdem verbessern?
eva
Miniaturansicht angehängter Grafiken
ports 135 und 445: listening-netstat.jpg  

Alt 08.09.2005, 20:18   #2
Chris14
 
ports 135 und 445: listening - Standard

ports 135 und 445: listening


Port 135 listening? ich glaube das wird doch durch die SW geblockt. trotzdem; dein system sicher konfigurieren mit tools wie www.dingens.org oder www.ntsvcfg.de oder durch sicheres manuelles konfigurieren mit anleitungen wie www.ports-schliessen.de.vu oder http://www.ntsvcfg.de/kss_xp/kss_xp.html
Trotzalledem könnte hier ein trojaner oder backdoor sein unwesen treiben oder gar eine abart von diesen beiden gerade die firewall kompromittieren.
poste deswegen doch gleich mal ein HijackThis Logfile.
__________________
Alt 08.09.2005, 20:23   #3
eva
 
ports 135 und 445: listening - Standard

ports 135 und 445: listening


hab ich mir schon angeschaut, sieht meiner meinung nach ok aus:
Logfile of HijackThis v1.99.1
Scan saved at 21:21:44, on 08.09.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\AVPersonal\AVWUPSRV.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Programme\Real\RealPlayer\RealPlay.exe
C:\Programme\Java\j2re1.4.2_01\bin\jusched.exe
C:\Programme\QuickTime\qttask.exe
C:\Programme\AVPersonal\AVSched32.EXE
C:\Programme\AVPersonal\AVGNT.EXE
C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Ulead Systems\Ulead PhotoImpact 5\ABMTSR.EXE
C:\Programme\Caere\OmniPagePro90\EREG\REMIND32.EXE
C:\Programme\OpenOffice.org1.1.3\program\soffice.exe
C:\Programme\AVPersonal\AVGUARD.EXE
C:\Programme\Windows Media Player\wmplayer.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Dokumente und Einstellungen\k***\Desktop\Nicht verwendete Desktopverknüpfungen\uptimer4\Uptimer4.exe
C:\DOKUME~1\k***\LOKALE~1\Temp\Temporäres Verzeichnis 6 für hijackthis.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://www.chello.at/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\apps\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [RealTray] C:\Programme\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\j2re1.4.2_01\bin\jusched.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Programme\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVSCHED32] C:\Programme\AVPersonal\AVSched32.EXE /min
O4 - HKLM\..\Run: [AVGCtrl] "C:\Programme\AVPersonal\AVGNT.EXE" /min
O4 - HKLM\..\Run: [Zone Labs Client] C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: OpenOffice.org 1.1.3.lnk = C:\Programme\OpenOffice.org1.1.3\program\quickstart.exe
O4 - Startup: reminder-ScanSoft Produkt Registrierung.lnk = C:\Programme\Caere\OmniPagePro90\EREG\REMIND32.EXE
O4 - Global Startup: Album Fast Start.lnk = C:\Programme\Ulead Systems\Ulead PhotoImpact 5\ABMTSR.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Packard Bell - {1D49B7D4-524D-4ac9-BC34-B4822CAE4BB1} - C:\Apps\IECustom\script.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{B25D8C8F-98C9-4F18-957E-7BC8BF8B50BB}: NameServer = 195.34.133.10,195.34.133.11
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Programme\AVPersonal\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Programme\AVPersonal\AVWUPSRV.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
__________________
Alt 08.09.2005, 20:25   #4
Chris14
 
ports 135 und 445: listening - Standard

ports 135 und 445: listening


hmmm..
dann führe mal escan gemäß der anleitung aus.
wenn der wirklich n gegenüber hat mit dem der kommuniziert obwohl die firewall läuft stimmt hier was nicht!

Alt 08.09.2005, 20:54   #5
eva
 
ports 135 und 445: listening - Standard

ports 135 und 445: listening


Object "gain.gator Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "kazaa Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "mybar Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "mybar Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "MyWay Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "claria Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "Cydoor Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "gain.gator Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "kazaa Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "kazaa Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "my way speedbar Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "perfectnav Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "TopSearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "altnet Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "altnetbde Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "altnetbde Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "EasySearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\cmmgr32.exe" refers to invalid object "C:\WINDOWS\System32\cmmgr32.exe". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\gimp-2.0.exe" refers to invalid object "C:\Programme\GIMP-2.0\bin\gimp-2.0.exe". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\ORUN32.EXE" refers to invalid object "C:\WINDOWS\ORUN32.EXE". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\PhotoStitch.Exe" refers to invalid object "C:\Programme\Canon\PhotoStitch\PhotoStitch.Exe". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\yourapp.Exe" refers to invalid object "C:\Programme\Canon\PowerShot A200 WIA\yourapp.Exe". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Gemeinsame Dateien\Symantec Shared\Script Blocking\". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Norton Internet Security\". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".-Fleischmarkt". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".Aphrodite". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".BUP". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".cdl". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".cr2". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".crw". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".ctg". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".idx". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".IFO". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".INSfingerweg". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".INS_fingerweg". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".lck". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".lng". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".org/debian-cd/". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".org/pub/". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".part". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".raw". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".sav". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".scm". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".tmp". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".VDF". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object "OpenWithList". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "ieupdate". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB810217". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB821557". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB823182". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB823559". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB823980". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB824105". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB824141". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB824146". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB825119". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB826939". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB828028". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB828035". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB828741". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB835732". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB837001". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB839643". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB839645". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB840315". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB840374". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB841873". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB842773". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Mozilla Firefox (1.0)". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Mozilla Firefox (1.0.1)". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Mozilla Firefox (1.0.2)". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Mozilla Firefox (1.0PR)". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "oeupdate". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "P2P Networking". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q307274". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q308387". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q308402". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q308677". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q308678". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q309521". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q311889". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q311967". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q313450". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q314862". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q315000". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q315403". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q316134". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q317277". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q318138". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q319580". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q323172". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q324096". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q324380". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q326830". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q328310". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q328940". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q329048". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q329115". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q329170". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q329390". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q329441". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q329834". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q331953". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q810577". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q811493". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q815021". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q817606". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q819696". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q828026". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{130AD1E2-9BDE-4862-AB8B-4B03C21A02C3}". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{014DA6C9-189F-421a-88CD-07CFE51CFF10}" refers to invalid object "C:\Programme\MyWay\myBar\1.bin\MYBAR.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{014DA6CD-189F-421a-88CD-07CFE51CFF10}" refers to invalid object "C:\Programme\MyWay\myBar\1.bin\MYBAR.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0494D0D2-F8E0-41ad-92A3-14154ECE70AC}" refers to invalid object "C:\Programme\MyWay\myBar\1.bin\MYBAR.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0494D0D3-F8E0-41ad-92A3-14154ECE70AC}" refers to invalid object "C:\Programme\MyWay\myBar\1.bin\MYBAR.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0494D0D5-F8E0-41ad-92A3-14154ECE70AC}" refers to invalid object "C:\Programme\MyWay\myBar\1.bin\MYBAR.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0494D0D7-F8E0-41ad-92A3-14154ECE70AC}" refers to invalid object "C:\Programme\MyWay\myBar\1.bin\MYBAR.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0494D0D9-F8E0-41ad-92A3-14154ECE70AC}" refers to invalid object "C:\Programme\MyWay\myBar\1.bin\MYBAR.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0494D0DB-F8E0-41ad-92A3-14154ECE70AC}" refers to invalid object "C:\Programme\MyWay\myBar\1.bin\MYBAR.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{05075450-8A7A-40EC-8D30-7839F47796DA}" refers to invalid object "C:\Cabs\living.exe". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{83D4679F-B6D7-11D2-BF36-00C04FB90A03}" refers to invalid object "C:\Programme\Messenger\rtcimsp.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B8A23E08-0B26-4348-AA96-33395A51DDD9}" refers to invalid object "C:\Cabs\living.exe". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{D60F93E6-8A7B-11D0-8B13-008048808AB0}" refers to invalid object "C:\Programme\MouseWare\System\lffmouse.dll". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{0494D0D0-F8E0-41AD-92A3-14154ECE70AC}" refers to invalid object "C:\Programme\MyWay\myBar\1.bin\MYBAR.DLL". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{47F59201-8783-11D2-8343-00A0C945A819}" refers to invalid object "C:\Programme\Internet Explorer\PLUGINS\RichFX\Player\nprfxins.dll". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{4E5A5CBD-2CE8-4085-B515-A20137D70D3D}" refers to invalid object "C:\Programme\Norton Internet Security\ACDisp.dll". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{EB62A634-348A-47DF-A87D-8AD98969E1C9}" refers to invalid object "C:\Cabs\living.exe". Action Taken: No Action Taken.
Entry "HKCR\.acl" refers to invalid object "ACLFile". Action Taken: No Action Taken.
Entry "HKCR\.aw" refers to invalid object "AWFile". Action Taken: No Action Taken.
Entry "HKCR\.col" refers to invalid object "COLFile". Action Taken: No Action Taken.
Entry "HKCR\.det" refers to invalid object "DETFile". Action Taken: No Action Taken.
Entry "HKCR\.elm" refers to invalid object "ELMFile". Action Taken: No Action Taken.
Entry "HKCR\.ffa" refers to invalid object "FFAFile". Action Taken: No Action Taken.
Entry "HKCR\.ffl" refers to invalid object "FFLFile". Action Taken: No Action Taken.
Entry "HKCR\.fft" refers to invalid object "FFTFile". Action Taken: No Action Taken.
Entry "HKCR\.ffx" refers to invalid object "FFXFile". Action Taken: No Action Taken.
Entry "HKCR\.frg" refers to invalid object "Access.Fragment". Action Taken: No Action Taken.
Entry "HKCR\.gst" refers to invalid object "MSMap.Datainst.8". Action Taken: No Action Taken.
Entry "HKCR\.idc" refers to invalid object "idcfile". Action Taken: No Action Taken.
Entry "HKCR\.ldb" refers to invalid object "Access.LockFile.9". Action Taken: No Action Taken.
Entry "HKCR\.lex" refers to invalid object "LEXFile". Action Taken: No Action Taken.
Entry "HKCR\.opc" refers to invalid object "OPCFile". Action Taken: No Action Taken.
Entry "HKCR\.pcb" refers to invalid object "PCBFile". Action Taken: No Action Taken.
Entry "HKCR\.pip" refers to invalid object "PIPFile". Action Taken: No Action Taken.
Entry "HKCR\.sll" refers to invalid object "SSLFile". Action Taken: No Action Taken.
Entry "HKCR\.stf" refers to invalid object "STFFile". Action Taken: No Action Taken.
Entry "HKCR\.tuw" refers to invalid object "TUWFile". Action Taken: No Action Taken.
Entry "HKCR\.wll" refers to invalid object "Word.Addin.8". Action Taken: No Action Taken.
Entry "HKCR\ActMsg.Session" refers to invalid object "{3FA7DEB3-6438-101B-ACC1-00AA00423326}". Action Taken: No Action Taken.
Entry "HKCR\ADM25.ADM25.1" refers to invalid object "{1D3BCE37-7834-4579-8169-E67681420A98}". Action Taken: No Action Taken.
Entry "HKCR\ADM4.ADM4.1" refers to invalid object "{DEF37997-D9C9-4A4B-BF3C-88F99EACEEC2}". Action Taken: No Action Taken.
Entry "HKCR\Alg.AlgSetup" refers to invalid object "{27D0BCCC-344D-4287-AF37-0C72C161C14C}". Action Taken: No Action Taken.
Entry "HKCR\Alg.AlgSetup.1" refers to invalid object "{27D0BCCC-344D-4287-AF37-0C72C161C14C}". Action Taken: No Action Taken.
Entry "HKCR\CDDBControlApple.CddbFullName.1" refers to invalid object "{63338267-37c4-44cf-8e46-756fbe9c8fdc}". Action Taken: No Action Taken.
Entry "HKCR\CDDBControlApple.FullName" refers to invalid object "{63338267-37c4-44cf-8e46-756fbe9c8fdc}". Action Taken: No Action Taken.
Entry "HKCR\Connection Manager Profile\shell\open\command" refers to invalid object "C:\WINDOWS\System32\CMMGR32.EXE "%1"". Action Taken: No Action Taken.
Entry "HKCR\MailFileAtt" refers to invalid object "{00020D05-0000-0000-C000-000000000046}". Action Taken: No Action Taken.
Entry "HKCR\mapifvbx.object" refers to invalid object "{41116C00-8B90-101B-96CD-00AA003B14FC}". Action Taken: No Action Taken.
Entry "HKCR\mapifvbx.object.1" refers to invalid object "{41116C00-8B90-101B-96CD-00AA003B14FC}". Action Taken: No Action Taken.
Entry "HKCR\msbackupfile\shell\open\command" refers to invalid object "%SystemRoot%\system32\ntbackup.exe". Action Taken: No Action Taken.
Entry "HKCR\PhotoBase.Document" refers to invalid object "{F90E7260-9545-11D0-87A0-444553540000}". Action Taken: No Action Taken.
Entry "HKCR\PhotoBase.Document\shell\open\command" refers to invalid object "C:\Programme\ArcSoft\PhotoBase\PhotoBase\PHBASE.EXE "%1"". Action Taken: No Action Taken.
Entry "HKCR\PhotoRecord.Album" refers to invalid object "{FEDCFFC1-BEC4-11D1-93B9-0060979C8AB8}". Action Taken: No Action Taken.
Entry "HKCR\Plenoptic.Plenoptic" refers to invalid object "{607C27E9-AB27-11d3-A116-A0EA50C10801}". Action Taken: No Action Taken.
Entry "HKCR\Plenoptic.Plenoptic.1" refers to invalid object "{607C27E9-AB27-11d3-A116-A0EA50C10801}". Action Taken: No Action Taken.
Entry "HKCR\ppifile\shell\open\command" refers to invalid object "%SystemRoot%\System32\msppcnfg.exe /Config %1". Action Taken: No Action Taken.
Entry "HKCR\RTCCore.RTCClient" refers to invalid object "{7a42ea29-a2b7-40c4-b091-f6f024aa89be}". Action Taken: No Action Taken.
Entry "HKCR\RTCCore.RTCClient.1" refers to invalid object "{7a42ea29-a2b7-40c4-b091-f6f024aa89be}". Action Taken: No Action Taken.
Entry "HKCR\sig2dat\shell\open\command" refers to invalid object ""C:\Programme\Kazaa Lite K++\ksig.exe" "%1"". Action Taken: No Action Taken.
Entry "HKCR\WMPPublsihCntr.WMPPublsihCntr" refers to invalid object "{939438A9-CF0F-44d8-9140-599736F0D3A2}". Action Taken: No Action Taken.
Entry "HKCR\WMPPublsihCntr.WMPPublsihCntr.1" refers to invalid object "{939438A9-CF0F-44d8-9140-599736F0D3A2}". Action Taken: No Action Taken.
Entry "HKCR\WMPShell.HWEventHandler" refers to invalid object "{9B186A8F-F520-4eeb-B553-118304AC46C5}". Action Taken: No Action Taken.
Entry "HKCR\WMPShell.HWEventHandler.1" refers to invalid object "{9B186A8F-F520-4eeb-B553-118304AC46C5}". Action Taken: No Action Taken.
Entry "HKCR\ZoomBrowserEX.Document" refers to invalid object "{476A6961-6FF1-11D0-9742-00A0246B6561}". Action Taken: No Action Taken.
File C:\WINDOWS\RESTORE.INS tagged as not-a-virus:NetTool.Win32.PsKill. No Action Taken.



?????????????????????


Alt 08.09.2005, 21:01   #6
Haui45
 
ports 135 und 445: listening - Standard

ports 135 und 445: listening


Poste bitte die Statistiken, oder verwende am besten gleich die Find.bat

Antwort

Themen zu ports 135 und 445: listening
anwendung, connections, festgestellt, frage, fragen, gestellt, liste, offen, ports, rechner, verbessern


« windows xp firewall | WIN XP Firewall schaltet sich aus beim Start. »


Ähnliche Themen: ports 135 und 445: listening


  1. Windows 7 x86 / 32-Bit Offene Ports es werden keine Dienste zu den Ports angezeigt! Trojaner?
    Alles rund um Windows - 31.12.2012 (11)
  2. Ports
    Alles rund um Windows - 23.02.2009 (1)
  3. Frage zu den Ports
    Netzwerk und Hardware - 17.01.2009 (7)
  4. Ports gesperrt?
    Plagegeister aller Art und deren Bekämpfung - 16.12.2008 (8)
  5. ports freigeben
    Netzwerk und Hardware - 03.09.2007 (7)
  6. Ports schließen.
    Antiviren-, Firewall- und andere Schutzprogramme - 15.08.2006 (6)
  7. Ports
    Antiviren-, Firewall- und andere Schutzprogramme - 19.06.2006 (34)
  8. ports schliessen
    Alles rund um Windows - 07.10.2005 (1)
  9. IPtables - sensible Ports...
    Alles rund um Mac OSX & Linux - 06.07.2005 (1)
  10. ports 139 & 445
    Antiviren-, Firewall- und andere Schutzprogramme - 05.07.2005 (3)
  11. UDP komisch Ports (Help)
    Plagegeister aller Art und deren Bekämpfung - 30.06.2005 (7)
  12. Netstat - listening - Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 30.05.2005 (2)
  13. Ports
    Plagegeister aller Art und deren Bekämpfung - 19.05.2005 (4)
  14. Offene Ports
    Alles rund um Windows - 19.12.2004 (2)
  15. Offene Ports
    Netzwerk und Hardware - 02.04.2003 (7)
  16. TCP 1025 listening
    Alles rund um Windows - 10.02.2003 (11)
  17. Ports schließen?
    Alles rund um Windows - 08.02.2003 (0)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema ports 135 und 445: listening - ich hab mit uptimer 4 gerade festgestellt, dass einige ports connections offen haben oder lauschen, u.a 135 und 445 (listening), die mir als krtitisch bekannt und daher ungeheuer sind. hier - ports 135 und 445: listening...
Archiv
Du betrachtest: ports 135 und 445: listening auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19