Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Neue Warnung (gkmixern.sys)

Neue Warnung (gkmixern.sys)


Log-Analyse und Auswertung: Neue Warnung (gkmixern.sys)

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 19.01.2007, 19:17   #1
Toady
 
Neue Warnung (gkmixern.sys) - Standard

Neue Warnung (gkmixern.sys)


Guten Abend,
habe folgendes zu berichten:

Mein AntiVir hat heut beim Scan die Datei gkmixern.sys als Warnung gegeben da es sie nicht öffnen könne.Nun das wäre ja nicht das problem aber ich hatte heute Mittag schon einen Scan laufen da war die besagte datei nicht im report erwähnt worden.also schliesse ich daraus das die datei zwischen dem vohrigen scan und dem letzten scan sich ein plätzchen auf meinem rechner gefunden hat.habe die datei auch mit einem online scanner (Kaspersky) checken lassen aber der sagte sie wäre ok...jedoch wenn man googelt findet man berichte darüber das es ein backdoor trojaner wäre.naja ich hoffe ihr könnt mir helfen, hier mein HijackThis-log

Logfile of HijackThis v1.99.1
Scan saved at 19:03:26, on 19.01.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Programme\Nero\Nero 7\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Programme\Canon\CAL\CALMAIN.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\V0230Mon.exe
C:\Programme\Creative\Creative Live! Cam\VideoFX\StartFX.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\WISPTIS.EXE
C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe
C:\Programme\ICQLite\ICQLite.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Dokumente und Einstellungen\***\Desktop\Secure\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_10\bin\ssv.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [V0230Mon.exe] C:\WINDOWS\system32\V0230Mon.exe
O4 - HKLM\..\Run: [AVFX Engine] C:\Programme\Creative\Creative Live! Cam\VideoFX\StartFX.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe" -start
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Programme\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -trayboot
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Programme\Canon\CAL\CALMAIN.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - Unknown owner - C:\MAGIX\Common\Database\bin\fbserver.exe (file missing)
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Programme\Nero\Nero 7\InCD\InCDsrv.exe

AntiVir-Log kann bei Bedarf auch noch gesendet werden
Danke schonmal im Vorraus Tobi
__________________
V iren
I nfektionen
S pyware
T rojaner
A dware

Alt 19.01.2007, 22:44   #2
raman
 
Neue Warnung (gkmixern.sys) - Standard

Neue Warnung (gkmixern.sys)


Mache auf verdacht ein Rootkitscan mit gmer:
http://www.majorgeeks.com/GMER_d5198.html

Einfach entpacken, starten, scan druecken und erzeugtes Report(sofern eines da ist) mit Copy kopieren und hier einfuegen.
__________________

__________________
Alt 19.01.2007, 23:12   #3
Toady
 
Neue Warnung (gkmixern.sys) - Standard

Neue Warnung (gkmixern.sys)


GMER 1.0.12.12011 - GMER
Rootkit scan 2007-01-19 23:09:44
Windows 5.1.2600 Service Pack 2


---- Files - GMER 1.0.12 ----

ADS C:\Dokumente und Einstellungen\Tobias\Favoriten\Bibelsprüche.url:favicon
ADS C:\Dokumente und Einstellungen\Tobias\Favoriten\Germanwings.url:favicon
ADS C:\Dokumente und Einstellungen\Tobias\Favoriten\Hauptseite - Wikipedia.url:favicon
ADS C:\Dokumente und Einstellungen\Tobias\Favoriten\HijackThis Logfileauswertung.url:favicon
ADS C:\Dokumente und Einstellungen\Tobias\Favoriten\HiQ Computer Onlineshop - Hardware, Software und Beratung.url:favicon
ADS C:\Dokumente und Einstellungen\Tobias\Favoriten\Knuddels.url:favicon
ADS C:\Dokumente und Einstellungen\Tobias\Favoriten\Rechnung Online - T-Com.url:favicon
ADS C:\Dokumente und Einstellungen\Tobias\Favoriten\Trojaner-Board .url:favicon
ADS C:\Dokumente und Einstellungen\Tobias\Favoriten\YouTube - Broadcast Yourself..url:favicon
ADS C:\Programme\ATI Technologies\ATI.ACE\skins\CATALYST_Quicksilver\CATALYST_Quicksilver.uis_Scrollbar:Smaller.WB4
ADS C:\System Volume Information\_restore{215ACFE1-F8F4-464B-BFF4-809B5EF3FD96}\RP16\A0004702.com:SummaryInformation
ADS ...

---- EOF - GMER 1.0.12 ----


Naja, nich grad hilfreich...Aber ich denke das Problem hatt sich eh erledigt, da ich nach einem Pc Neustart die genannte Datei oben löschen konnte. Danke nochmal raman.
__________________
__________________
Alt 21.02.2007, 11:51   #4
Elkowski
 
Neue Warnung (gkmixern.sys) - Standard

Neue Warnung (gkmixern.sys)


GMER 1.0.12.12027 - http://www.gmer.net
Rootkit scan 2007-02-21 11:43:35
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.12 ----

---- Kernel code sections - GMER 1.0.12 ----

.text USBPORT.SYS!DllUnload F729E7AE 5 Bytes JMP 866201C8
.text ntdll.dll!NtClose 7C91D586 5 Bytes JMP 7203407A
.text ntdll.dll!NtCreateProcess 7C91D754 5 Bytes JMP 72034205
.text ntdll.dll!NtCreateProcessEx 7C91D769 5 Bytes JMP 720340E9
.text ntdll.dll!NtCreateSection 7C91D793 5 Bytes JMP 72034098

---- User code sections - GMER 1.0.12 ----

.text C:\WINDOWS\system32\ctfmon.exe[232] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 10003140 C:\WINDOWS\system32\sockspy.dll
.text C:\Programme\Creative\MediaSource\RemoteControl\RcMan.exe[256] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 10003140 C:\WINDOWS\system32\sockspy.dll
.text C:\Programme\Creative\MediaSource\Detector\CTDetect.exe[284] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 00843140 .text C:\Programme\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe[312] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 10003140 C:\WINDOWS\system32\sockspy.dll
.text C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe[392] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 10003140 C:\WINDOWS\system32\sockspy.dll
.text C:\WINDOWS\system32\winlogon.exe[528] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 10003140 C:\WINDOWS\system32\sockspy.dll
.text C:\WINDOWS\system32\winlogon.exe[528] WS2_32.dll!sendto 71A12C69 5 Bytes JMP 10002D70 C:\WINDOWS\system32\sockspy.dll
.text C:\WINDOWS\system32\winlogon.exe[528] WS2_32.dll!recvfrom 71A12D0F 5 Bytes JMP 10002D00 C:\WINDOWS\system32\sockspy.dll
.text C:\WINDOWS\system32\winlogon.exe[528] WS2_32.dll!bind 71A13E00 5 Bytes JMP 100030D0 C:\WINDOWS\system32\sockspy.dll
.text C:\WINDOWS\system32\winlogon.exe[528] WS2_32.dll!connect 71A1406A 5 Bytes JMP 10002E00 C:\WINDOWS\system32\sockspy.dll
.text C:\WINDOWS\system32\winlogon.exe[528] WS2_32.dll!send 71A1428A 5 Bytes JMP 10002B00 C:\WINDOWS\system32\sockspy.dll
.text C:\WINDOWS\system32\winlogon.exe[528] WS2_32.dll!gethostbyname 71A14FD4 5 Bytes JMP 10002DD0 C:\WINDOWS\system32\sockspy.dll
.text C:\WINDOWS\system32\winlogon.exe[528] WS2_32.dll!listen 71A188D3 5 Bytes JMP 10002AC0 C:\WINDOWS\system32\sockspy.dll
.text C:\WINDOWS\system32\winlogon.exe[528] WS2_32.dll!closesocket 71A19639 5 Bytes JMP 10003110 C:\WINDOWS\system32\sockspy.dll
.text C:\WINDOWS\system32\winlogon.exe[528] WS2_32.dll!accept 71A21028 5 Bytes JMP 10002FE0 C:\WINDOWS\system32\sockspy.dll
.text C:\WINDOWS\system32\services.exe[572] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 10003140 C:\WINDOWS\system32\sockspy.dll
.text C:\WINDOWS\system32\lsass.exe[584] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 10003140 C:\WINDOWS\system32\sockspy.dll
.text C:\WINDOWS\system32\lsass.exe[584] WS2_32.dll!sendto 71A12C69 5 Bytes JMP 10002D70 C:\WINDOWS\system32\sockspy.dll
.text C:\WINDOWS\system32\lsass.exe[584] WS2_32.dll!recvfrom 71A12D0F 5 Bytes JMP 10002D00 C:\WINDOWS\system32\sockspy.dll
.text C:\WINDOWS\system32\lsass.exe[584] WS2_32.dll!bind 71A13E00 5 Bytes JMP 100030D0 C:\WINDOWS\system32\sockspy.dll
.text C:\WINDOWS\system32\lsass.exe[584] WS2_32.dll!connect 71A1406A 5 Bytes JMP 10002E00 C:\WINDOWS\system32\sockspy.dll
.text C:\WINDOWS\system32\lsass.exe[584] WS2_32.dll!send 71A1428A 5 Bytes JMP 10002B00 C:\WINDOWS\system32\sockspy.dll
.text C:\WINDOWS\system32\lsass.exe[584] WS2_32.dll!gethostbyname 71A14FD4 5 Bytes JMP 10002DD0 C:\WINDOWS\system32\sockspy.dll
.text C:\WINDOWS\system32\lsass.exe[584] WS2_32.dll!listen 71A188D3 5 Bytes JMP 10002AC0 C:\WINDOWS\system32\sockspy.dll
.text C:\WINDOWS\system32\lsass.exe[584] WS2_32.dll!closesocket 71A19639 5 Bytes JMP 10003110 C:\WINDOWS\system32\sockspy.dll
.text C:\WINDOWS\system32\lsass.exe[584] WS2_32.dll!accept 71A21028 5 Bytes JMP 10002FE0 C:\WINDOWS\system32\sockspy.dll
.text C:\Programme\Creative\MediaSource\RemoteControl\OSDMenu.exe[736] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 10003140 C:\WINDOWS\system32\sockspy.dll
.text C:\WINDOWS\explorer.exe[1264] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 10003140 C:\WINDOWS\system32\sockspy.dll
.text C:\WINDOWS\explorer.exe[1264] WS2_32.dll!sendto 71A12C69 5 Bytes JMP 10002D70 C:\WINDOWS\system32\sockspy.dll
.text C:\WINDOWS\explorer.exe[1264] WS2_32.dll!recvfrom 71A12D0F 5 Bytes JMP 10002D00 C:\WINDOWS\system32\sockspy.dll
.text C:\WINDOWS\explorer.exe[1264] WS2_32.dll!bind 71A13E00 5 Bytes JMP 100030D0 C:\WINDOWS\system32\sockspy.dll
.text C:\WINDOWS\explorer.exe[1264] WS2_32.dll!connect 71A1406A 5 Bytes JMP 10002E00 C:\WINDOWS\system32\sockspy.dll
.text C:\WINDOWS\explorer.exe[1264] WS2_32.dll!send 71A1428A 5 Bytes JMP 10002B00 C:\WINDOWS\system32\sockspy.dll
.text C:\WINDOWS\explorer.exe[1264] WS2_32.dll!gethostbyname 71A14FD4 5 Bytes JMP 10002DD0 C:\WINDOWS\system32\sockspy.dll
.text C:\WINDOWS\explorer.exe[1264] WS2_32.dll!listen 71A188D3 5 Bytes JMP 10002AC0 C:\WINDOWS\system32\sockspy.dll
.text C:\WINDOWS\explorer.exe[1264] WS2_32.dll!closesocket 71A19639 5 Bytes JMP 10003110 C:\WINDOWS\system32\sockspy.dll
.text C:\WINDOWS\explorer.exe[1264] WS2_32.dll!accept 71A21028 5 Bytes JMP 10002FE0 C:\WINDOWS\system32\sockspy.dll
.text C:\WINDOWS\system32\CTSVCCDA.EXE[1336] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 10003140 C:\WINDOWS\system32\sockspy.dll
.text C:\WINDOWS\system32\nvsvc32.exe[1432] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 10003140 C:\WINDOWS\system32\sockspy.dll
.text C:\WINDOWS\system32\wdfmgr.exe[1536] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 10003140 C:\WINDOWS\system32\sockspy.dll
.text C:\WINDOWS\system32\MsPMSPSv.exe[1588] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 10003140 C:\WINDOWS\system32\sockspy.dll
.text C:\WINDOWS\system32\alg.exe[1744] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 10003140 C:\WINDOWS\System32\sockspy.dll
.text C:\WINDOWS\system32\alg.exe[1744] WS2_32.dll!sendto 71A12C69 5 Bytes JMP 10002D70 C:\WINDOWS\System32\sockspy.dll
.text C:\WINDOWS\system32\alg.exe[1744] WS2_32.dll!recvfrom 71A12D0F 5 Bytes JMP 10002D00 C:\WINDOWS\System32\sockspy.dll
.text C:\WINDOWS\system32\alg.exe[1744] WS2_32.dll!bind 71A13E00 5 Bytes JMP 100030D0 C:\WINDOWS\System32\sockspy.dll
.text C:\WINDOWS\system32\alg.exe[1744] WS2_32.dll!connect 71A1406A 5 Bytes JMP 10002E00 C:\WINDOWS\System32\sockspy.dll
.text C:\WINDOWS\system32\alg.exe[1744] WS2_32.dll!send 71A1428A 5 Bytes JMP 10002B00 C:\WINDOWS\System32\sockspy.dll
.text C:\WINDOWS\system32\alg.exe[1744] WS2_32.dll!gethostbyname 71A14FD4 5 Bytes JMP 10002DD0 C:\WINDOWS\System32\sockspy.dll
.text C:\WINDOWS\system32\alg.exe[1744] WS2_32.dll!listen 71A188D3 5 Bytes JMP 10002AC0 C:\WINDOWS\System32\sockspy.dll
.text C:\WINDOWS\system32\alg.exe[1744] WS2_32.dll!closesocket 71A19639 5 Bytes JMP 10003110 C:\WINDOWS\System32\sockspy.dll
.text C:\WINDOWS\system32\alg.exe[1744] WS2_32.dll!accept 71A21028 5 Bytes JMP 10002FE0 C:\WINDOWS\System32\sockspy.dll
.text C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Scan Server\bdss.exe[1768] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 00603140 C:\WINDOWS\system32\sockspy.dll
.text C:\Programme\CyberLink DVD Solution\PowerDVD\PDVDServ.exe[1868] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 10003140 C:\WINDOWS\system32\sockspy.dll
.text C:\WINDOWS\CTHELPER.EXE[1916] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 10003140 C:\WINDOWS\system32\sockspy.dll
.text C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe[1976] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 10003140 C:\WINDOWS\system32\sockspy.dll
.text C:\Programme\Java\jre1.5.0_10\bin\jusched.exe[1984] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 10003140 C:\WINDOWS\system32\sockspy.dll
.text ...
.text C:\Dokumente und Einstellungen\Elkowski\Desktop\temp\gmer.exe[2152] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 10003140 C:\WINDOWS\system32\sockspy.dll
.text C:\WINDOWS\system32\wuauclt.exe[2184] kernel32.dll!LoadLibraryA 7C801D77 5 Bytes JMP 10003140 C:\WINDOWS\system32\sockspy.dll
.text C:\WINDOWS\system32\wuauclt.exe[2184] WS2_32.dll!sendto 71A12C69 5 Bytes JMP 10002D70 C:\WINDOWS\system32\sockspy.dll
.text C:\WINDOWS\system32\wuauclt.exe[2184] WS2_32.dll!recvfrom 71A12D0F 5 Bytes JMP 10002D00 C:\WINDOWS\system32\sockspy.dll
.text C:\WINDOWS\system32\wuauclt.exe[2184] WS2_32.dll!bind 71A13E00 5 Bytes JMP 100030D0 C:\WINDOWS\system32\sockspy.dll
.text C:\WINDOWS\system32\wuauclt.exe[2184] WS2_32.dll!connect 71A1406A 5 Bytes JMP 10002E00 C:\WINDOWS\system32\sockspy.dll
.text C:\WINDOWS\system32\wuauclt.exe[2184] WS2_32.dll!send 71A1428A 5 Bytes JMP 10002B00 C:\WINDOWS\system32\sockspy.dll
.text C:\WINDOWS\system32\wuauclt.exe[2184] WS2_32.dll!gethostbyname 71A14FD4 5 Bytes JMP 10002DD0 C:\WINDOWS\system32\sockspy.dll
.text C:\WINDOWS\system32\wuauclt.exe[2184] WS2_32.dll!listen 71A188D3 5 Bytes JMP 10002AC0 C:\WINDOWS\system32\sockspy.dll
.text C:\WINDOWS\system32\wuauclt.exe[2184] WS2_32.dll!closesocket 71A19639 5 Bytes JMP 10003110 C:\WINDOWS\system32\sockspy.dll
.text C:\WINDOWS\system32\wuauclt.exe[2184] WS2_32.dll!accept 71A21028 5 Bytes JMP 10002FE0 C:\WINDOWS\system32\sockspy.dll

Alt 21.02.2007, 11:53   #5
Elkowski
 
Neue Warnung (gkmixern.sys) - Standard

Neue Warnung (gkmixern.sys)


---- Devices - GMER 1.0.12 ----

Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE 867631E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE 867631E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_READ 867631E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE 867631E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION 867631E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION 867631E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA 867631E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA 867631E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS 867631E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION 867631E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION 867631E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL 867631E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL 867631E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL 867631E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN 867631E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL 867631E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP 867631E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY 867631E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY 867631E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA 867631E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA 867631E8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_PNP 867631E8
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_CREATE 865A71E8
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_CLOSE 865A71E8
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_DEVICE_CONTROL 865A71E8
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_INTERNAL_DEVICE_CONTROL 865A71E8
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_POWER 865A71E8
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_SYSTEM_CONTROL 865A71E8
Device \Driver\usbohci \Device\USBPDO-0 IRP_MJ_PNP 865A71E8
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_CREATE 865A71E8
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_CLOSE 865A71E8
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_DEVICE_CONTROL 865A71E8
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_INTERNAL_DEVICE_CONTROL 865A71E8
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_POWER 865A71E8
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_SYSTEM_CONTROL 865A71E8
Device \Driver\usbohci \Device\USBPDO-1 IRP_MJ_PNP 865A71E8

Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_CREATE 866141E8
Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_CLOSE 866141E8
Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_DEVICE_CONTROL 866141E8
Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_INTERNAL_DEVICE_CONTROL 866141E8
Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_POWER 866141E8
Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_SYSTEM_CONTROL 866141E8
Device \Driver\usbehci \Device\USBPDO-2 IRP_MJ_PNP 866141E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CREATE 867651E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_READ 867651E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_WRITE 867651E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_FLUSH_BUFFERS 867651E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_DEVICE_CONTROL 867651E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_INTERNAL_DEVICE_CONTROL 867651E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SHUTDOWN 867651E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CLEANUP 867651E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_POWER 867651E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SYSTEM_CONTROL 867651E8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_PNP 867651E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE 866361E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLOSE 866361E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_READ 866361E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_WRITE 866361E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FLUSH_BUFFERS 866361E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CONTROL 866361E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_INTERNAL_DEVICE_CONTROL 866361E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SHUTDOWN 866361E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_POWER 866361E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SYSTEM_CONTROL 866361E8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_PNP 866361E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CREATE 867651E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_READ 867651E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_WRITE 867651E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_FLUSH_BUFFERS 867651E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_DEVICE_CONTROL 867651E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_INTERNAL_DEVICE_CONTROL 867651E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SHUTDOWN 867651E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CLEANUP 867651E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_POWER 867651E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SYSTEM_CONTROL 867651E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_PNP 867651E8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_CREATE 867651E8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_READ 867651E8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_WRITE 867651E8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_FLUSH_BUFFERS 867651E8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_DEVICE_CONTROL 867651E8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_INTERNAL_DEVICE_CONTROL 867651E8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_SHUTDOWN 867651E8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_CLEANUP 867651E8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_POWER 867651E8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_SYSTEM_CONTROL 867651E8
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_PNP 867651E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CREATE 867641E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CLOSE 867641E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_DEVICE_CONTROL 867641E8


Alt 21.02.2007, 11:55   #6
Elkowski
 
Neue Warnung (gkmixern.sys) - Standard

Neue Warnung (gkmixern.sys)


Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_INTERNAL_DEVICE_CONTROL 867641E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_POWER 867641E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SYSTEM_CONTROL 867641E8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_PNP 867641E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_CREATE 867641E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_CLOSE 867641E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_DEVICE_CONTROL 867641E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_INTERNAL_DEVICE_CONTROL 867641E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_POWER 867641E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_SYSTEM_CONTROL 867641E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_PNP 867641E8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CREATE 867641E8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CLOSE 867641E8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_DEVICE_CONTROL 867641E8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_INTERNAL_DEVICE_CONTROL 867641E8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_POWER 867641E8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SYSTEM_CONTROL 867641E8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_PNP 867641E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_CREATE 867641E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_CLOSE 867641E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_DEVICE_CONTROL 867641E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_INTERNAL_DEVICE_CONTROL 867641E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_POWER 867641E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_SYSTEM_CONTROL 867641E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_PNP 867641E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-17 IRP_MJ_CREATE 867641E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-17 IRP_MJ_CLOSE 867641E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-17 IRP_MJ_DEVICE_CONTROL 867641E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-17 IRP_MJ_INTERNAL_DEVICE_CONTROL 867641E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-17 IRP_MJ_POWER 867641E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-17 IRP_MJ_SYSTEM_CONTROL 867641E8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-17 IRP_MJ_PNP 867641E8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CREATE 852C1980
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CLOSE 852C1980
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_DEVICE_CONTROL 852C1980
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_INTERNAL_DEVICE_CONTROL 852C1980
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CLEANUP 852C1980
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_PNP 852C1980
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CREATE 852C1980
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CLOSE 852C1980
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_DEVICE_CONTROL 852C1980
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_INTERNAL_DEVICE_CONTROL 852C1980
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CLEANUP 852C1980
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_PNP 852C1980
Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_CREATE 865A71E8
Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_CLOSE 865A71E8
Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_DEVICE_CONTROL 865A71E8
Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_INTERNAL_DEVICE_CONTROL 865A71E8
Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_POWER 865A71E8
Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_SYSTEM_CONTROL 865A71E8
Device \Driver\usbohci \Device\USBFDO-0 IRP_MJ_PNP 865A71E8
Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_CREATE 865A71E8
Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_CLOSE 865A71E8
Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_DEVICE_CONTROL 865A71E8
Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_INTERNAL_DEVICE_CONTROL 865A71E8
Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_POWER 865A71E8
Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_SYSTEM_CONTROL 865A71E8
Device \Driver\usbohci \Device\USBFDO-1 IRP_MJ_PNP 865A71E8
Device \Driver\usbehci \Device\USBFDO-2 IRP_MJ_CREATE 866141E8
Device \Driver\usbehci \Device\USBFDO-2 IRP_MJ_CLOSE 866141E8
Device \Driver\usbehci \Device\USBFDO-2 IRP_MJ_DEVICE_CONTROL 866141E8
Device \Driver\usbehci \Device\USBFDO-2 IRP_MJ_INTERNAL_DEVICE_CONTROL 866141E8
Device \Driver\usbehci \Device\USBFDO-2 IRP_MJ_POWER 866141E8
Device \Driver\usbehci \Device\USBFDO-2 IRP_MJ_SYSTEM_CONTROL 866141E8
Device \Driver\usbehci \Device\USBFDO-2 IRP_MJ_PNP 866141E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE_NAMED_PIPE 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CLOSE 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_READ 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_WRITE 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_INFORMATION 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_INFORMATION 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_EA 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_EA 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_FLUSH_BUFFERS 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_VOLUME_INFORMATION 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_VOLUME_INFORMATION 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DIRECTORY_CONTROL 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_FILE_SYSTEM_CONTROL 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DEVICE_CONTROL 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_INTERNAL_DEVICE_CONTROL 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SHUTDOWN 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_LOCK_CONTROL 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CLEANUP 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE_MAILSLOT 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_SECURITY 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_SECURITY 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_POWER 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SYSTEM_CONTROL 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DEVICE_CHANGE 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_QUOTA 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_QUOTA 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_PNP 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE_NAMED_PIPE 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CLOSE 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_READ 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_WRITE 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_INFORMATION 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_INFORMATION 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_EA 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_EA 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_FLUSH_BUFFERS 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_VOLUME_INFORMATION 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_VOLUME_INFORMATION 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DIRECTORY_CONTROL 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_FILE_SYSTEM_CONTROL 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DEVICE_CONTROL 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_INTERNAL_DEVICE_CONTROL 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SHUTDOWN 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_LOCK_CONTROL 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CLEANUP 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE_MAILSLOT 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_SECURITY 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_SECURITY 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_POWER 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SYSTEM_CONTROL 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DEVICE_CHANGE 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_QUOTA 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_QUOTA 852BC1E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_PNP 852BC1E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_CREATE 867651E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_READ 867651E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_WRITE 867651E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_FLUSH_BUFFERS 867651E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_DEVICE_CONTROL 867651E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_INTERNAL_DEVICE_CONTROL 867651E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_SHUTDOWN 867651E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_CLEANUP 867651E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_POWER 867651E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_SYSTEM_CONTROL 867651E8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_PNP 867651E8
Device \FileSystem\Cdfs \Cdfs IRP_MJ_CREATE 8644E3A0
Device \FileSystem\Cdfs \Cdfs IRP_MJ_CLOSE 8644E3A0
Device \FileSystem\Cdfs \Cdfs IRP_MJ_READ 8644E3A0
Device \FileSystem\Cdfs \Cdfs IRP_MJ_QUERY_INFORMATION 8644E3A0
Device \FileSystem\Cdfs \Cdfs IRP_MJ_SET_INFORMATION 8644E3A0
Device \FileSystem\Cdfs \Cdfs IRP_MJ_QUERY_VOLUME_INFORMATION 8644E3A0
Device \FileSystem\Cdfs \Cdfs IRP_MJ_DIRECTORY_CONTROL 8644E3A0
Device \FileSystem\Cdfs \Cdfs IRP_MJ_FILE_SYSTEM_CONTROL 8644E3A0
Device \FileSystem\Cdfs \Cdfs IRP_MJ_DEVICE_CONTROL 8644E3A0
Device \FileSystem\Cdfs \Cdfs IRP_MJ_SHUTDOWN 8644E3A0
Device \FileSystem\Cdfs \Cdfs IRP_MJ_LOCK_CONTROL 8644E3A0
Device \FileSystem\Cdfs \Cdfs IRP_MJ_CLEANUP 8644E3A0
Device \FileSystem\Cdfs \Cdfs IRP_MJ_PNP 8644E3A0

---- EOF - GMER 1.0.12 ----

Ich habe das gleiche Problem...
Kann einer damit was anfangen und mir weiterhelfen??
Der Text dardunter gehört dazu

Alt 21.02.2007, 12:46   #7
undoreal
/// AVZ-Toolkit Guru
 
Neue Warnung (gkmixern.sys) - Standard

Neue Warnung (gkmixern.sys)


Hab ich hier was verpasst oder schiebt Elkowski irgedwelche Filme?

PS: Eroeffne bitte einen neuen Thread und poste ein etwas uebersichtlicheres logFile. Wenn du damit ueberhaupt anfangen moechtest...

Gruss

Undoreal
__________________
- Sämtliche Hilfestellungen im Forum werden ohne Gewährleistung oder Haftung gegeben -
Alt 02.03.2007, 11:53   #8
Elkowski
 
Neue Warnung (gkmixern.sys) - Standard

Neue Warnung (gkmixern.sys)


sorry für das heilloses durcheinander.
Ich habe eine Neuinstallation gemacht und nun ist mein Problem behoben

Alt 02.03.2007, 17:44   #9
undoreal
/// AVZ-Toolkit Guru
 
Neue Warnung (gkmixern.sys) - Standard

Neue Warnung (gkmixern.sys)


Danke

Hätte ich auch gemacht..

mfg

Undoreal
__________________
- Sämtliche Hilfestellungen im Forum werden ohne Gewährleistung oder Haftung gegeben -
Antwort

Themen zu Neue Warnung (gkmixern.sys)
adobe, antivir, avira, backdoor, backdoor trojaner, bho, canon, desktop, einstellungen, excel, explorer, helfen, helper, hijack, internet, internet explorer, kaspersky, magix, nicht öffnen, pdf, problem, scan, server, software, symantec, system, trojaner, warnung, windows, windows xp


« logfile bitte um durchsicht | IE7, beim Start öffnet sich automatisch ein neuer Reiter »


Ähnliche Themen: Neue Warnung (gkmixern.sys)


  1. Firefox lädt ständig - ununterbrochen neu/Werbung/neue Tabs/neue Fenster
    Log-Analyse und Auswertung - 28.10.2015 (11)
  2. Windows 7: Ständig neue Werbeanzeigen sowie neue Fenster öffnen sich in Chrome
    Plagegeister aller Art und deren Bekämpfung - 12.03.2015 (15)
  3. Windows 7: Ständig neue Werbeanzeigen sowie neue Fenster öffnen sich in Chrome.
    Plagegeister aller Art und deren Bekämpfung - 13.01.2015 (10)
  4. Trojaner-Warnung: Vodafone E-Mail mit "Ihre neue Rechnung als PDF"
    Diskussionsforum - 03.06.2014 (0)
  5. Windows 7 Ultimate: Google Chrome öffnet von alleine neue Fenster mit Werbung oder neue Tabs
    Plagegeister aller Art und deren Bekämpfung - 28.04.2014 (19)
  6. Remote angriff / neue user erscheinen , neue files , bluescreens
    Plagegeister aller Art und deren Bekämpfung - 14.02.2012 (1)
  7. ständig neue "neue" viren TR/Dropper.Gen;TR/Crypt.XPACK.Gen;TR/Crypt.PEPM.Gen;BDS/Backdoor.Gen2...
    Plagegeister aller Art und deren Bekämpfung - 03.12.2010 (2)
  8. Der neue Personalausweis
    Überwachung, Datenschutz und Spam - 25.10.2010 (1)
  9. Neue Regierung, neue Hoffnung für britischen "UFO-Hacker"
    Nachrichten - 21.05.2010 (0)
  10. Neue Sicherheitslücke in FF 1.5.0.3....
    Alles rund um Windows - 15.05.2006 (1)
  11. neue member!
    Mülltonne - 17.03.2006 (0)
  12. Warum neue URL ?
    Lob, Kritik und Wünsche - 13.12.2003 (1)
  13. Neue Features
    Lob, Kritik und Wünsche - 06.05.2003 (20)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Neue Warnung (gkmixern.sys) - Guten Abend, habe folgendes zu berichten: Mein AntiVir hat heut beim Scan die Datei gkmixern.sys als Warnung gegeben da es sie nicht öffnen könne.Nun das wäre ja nicht das problem - Neue Warnung (gkmixern.sys)...
Archiv
Du betrachtest: Neue Warnung (gkmixern.sys) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131