| |
| |||||||
Log-Analyse und Auswertung: Vermutlich Virus der PC blockiert, bilder, Programme etc. flackern .....Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
21.12.2007, 21:42
| #1 |
 |  Vermutlich Virus der PC blockiert, bilder, Programme etc. flackern ..... Hallo zusammen  habe vermutlich einen Virus aufm Rechner. Es macht sich dann so bemerkbar, dass alle Programme anfangen zu flackern, vorneweg immer das Router-Programm. Gelegentlich endet der Spuk und ich kann weiterarbeiten, allerdings dauert es meist nicht lange, bis es wieder los geht. Bei einem Homepageprogramm meldet der PC "Eine benötigte Ressource ist nicht verfügbar" beim hijack.log wird "Canvas does not allow drawing" gemeckert etc. Auffällig, dass dabei immer gern der Windows-Explorer geschlossen wird. Ein OnlineAntivirenprogramm fand 3 Dateien, 2 konnte ich entfernen, eine 3. Geschichte war im win/system, leider erinnere ich die genaue Datei nicht mehr, sorry. Zudem noch eine grundsätzlich Frage: Ist eine Firewall erforderlich oder ratsam, auch wenn ich über einen Router ins Internet gehe? Hier nun mein Log mit der Bitte um Eure Ratschläge und Tipps: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:33:45, on 21.12.2007 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Boot mode: Normal Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\System32\svchost.exe C:\WINNT\system32\spoolsv.exe F:\Programme\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Programme\AntiVir PersonalEdition Classic\sched.exe C:\WINNT\system32\drivers\CDAC11BA.EXE C:\WINNT\system32\hidserv.exe C:\WINNT\system32\nvsvc32.exe F:\Programme\R-Undelete20\rloginsrv.exe C:\WINNT\system32\MSTask.exe C:\WINNT\system32\stisvc.exe F:\Programme\HanseNet\HanseNet-Produkte\app\TangoService.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\system32\svchost.exe C:\WINNT\System32\svchost.exe C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe C:\Programme\Java\jre1.5.0_08\bin\jusched.exe C:\WINNT\system32\wfxsnt40.exe C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe C:\Programme\ScanSoft\PaperPort\pptd40nt.exe C:\Programme\Brother\ControlCenter2\brctrcen.exe C:\Programme\Trust\MI-2500X OPTICAL MOUSE\Mouse32a.exe F:\Programme\Lavasoft\Ad-Aware 2007\AAWTray.exe C:\WINNT\system32\internat.exe C:\Programme\MSN Messenger\MsnMsgr.Exe C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe F:\Programme\NETGEAR\WG111v2\WG111v2.exe C:\WINNT\System32\SCardSvr.exe C:\Programme\Java\jre1.5.0_08\bin\jucheck.exe C:\Programme\Internet Explorer\iexplore.exe C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe C:\Programme\AntiVir PersonalEdition Classic\avguard.exe F:\Programme\Mozilla1.7.2\mozilla.exe C:\WINNT\system32\drwtsn32.exe F:\Programme\NetObjects\NetObjects Fusion 8\Fusion.exe F:\Programme\thunderbirdneu\thunderbird.exe C:\WINNT\explorer.exe F:\Programme\eMule\Incoming\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://www.xxx.com/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 148.xxx.236:3128 R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\tbu3\toolbaru.dll R3 - URLSearchHook: Coolstreaming Tool-Bar v1.0 Toolbar - {bd0e4d83-654e-4213-965b-fcbe887061f4} - C:\Programme\Coolstreaming_Tool-Bar_v1.0\tbCoo0.dll O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-DC8493744B1D} - C:\Programme\ICQToolbar\tbu3\toolbaru.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: VIPTToolbarManager Class - {1A2641AE-2C42-4C51-A5F-EC3FDC94D} - F:\Programme\Visual IP Trace\VisualIPTraceIE.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - f:\Programme\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: WsftpBrowserHelper Class - {601ED020-11D3-87D8-0050DA59922B} - E:\Programme\WS_FTP Pro\wsbho2K0.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_08\bin\ssv.dll O2 - BHO: (no name) - {7EA6FFFE-B3A3-42A0-98F2-F13331133D62} - C:\WINNT\system32\fde32.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar4.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69D-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: Coolstreaming Tool-Bar v1.0 Toolbar - {bd0e4d83-654e-4213-965b-fcbe887061f4} - C:\Programme\Coolstreaming_Tool-Bar_v1.0\tbCoo0.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: @msdxmLC.dll,-1@1031,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file) O3 - Toolbar: Visual IP Trace - {E70C26AE-DFF1-40A8-8D37-19180F56F0AA} - F:\Programme\Visual IP Trace\VisualIPTraceIE.dll O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\tbu3\toolbaru.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar4.dll O3 - Toolbar: Coolstreaming Tool-Bar v1.0 Toolbar - {bd0e4d83-654e-4213-965b-fcbe887061f4} - C:\Programme\Coolstreaming_Tool-Bar_v1.0\tbCoo0.dll O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\UsrPrmpt.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.5.0_08\bin\jusched.exe" O4 - HKLM\..\Run: [WinFaxAppPortStarter] wfxsnt40.exe O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [PaperPort PTD] C:\Programme\ScanSoft\PaperPort\pptd40nt.exe O4 - HKLM\..\Run: [IndexSearch] C:\Programme\ScanSoft\PaperPort\IndexSearch.exe O4 - HKLM\..\Run: [SetDefPrt] F:\Programme\Brother\Brmfl05a\BrStDvPt.exe O4 - HKLM\..\Run: [ControlCenter2.0] C:\Programme\Brother\ControlCenter2\brctrcen.exe /autorun O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Programme\Trust\MI-2500X OPTICAL MOUSE\Mouse32a.exe O4 - HKLM\..\Run: [QuickTime Task] "F:\Programme\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AAWTray] F:\Programme\Lavasoft\Ad-Aware 2007\AAWTray.exe O4 - HKCU\..\Run: [internat.exe] internat.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Programme\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [BitTorrent] "F:\Programme\BitTorrent\bittorrent.exe" --force_start_minimized O4 - HKCU\..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Vidalia] "F:\Programme\Vidalia Bundle\Vidalia\vidalia.exe" O4 - HKUS\.DEFAULT\..\Run: [internat.exe] internat.exe (User 'Default user') O4 - HKUS\.DEFAULT\..\Run: [Inters Configuration Loader] RCL0ADERS.exe (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Programme\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user') O4 - Global Startup: Lexware Info Service.lnk = C:\Programme\Gemeinsame Dateien\Lexware\Update Manager\LxUpdateManager.exe O4 - Global Startup: NETGEAR WG111v2 Smart Wizard.lnk = F:\Programme\NETGEAR\WG111v2\WG111v2.exe O4 - Global Startup: PalStart.lnk = C:\Programme\Paltalk Messenger\palstart.exe O4 - Global Startup: Privoxy.lnk = F:\Programme\Vidalia Bundle\Privoxy\privoxy.exe O4 - Global Startup: Status Monitor.lnk = C:\Programme\Brother\Brmfcmon\BrMfcWnd.exe O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML O8 - Extra context menu item: &NeoTrace It! - F:\PROGRA~1\NEOTRA~1\NTXcontext.htm O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://F:\PROGRA~1\Office\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Sothink SWF Catcher - C:\Programme\Gemeinsame Dateien\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_08\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_08\bin\ssv.dll O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Programme\Paltalk Messenger\Paltalk.exe O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - F:\PROGRA~1\ICQ\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - F:\PROGRA~1\ICQ\ICQ.exe O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\Office\OFFICE11\REFIEBAR.DLL O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Programme\Gemeinsame Dateien\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Programme\Gemeinsame Dateien\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - F:\PROGRA~1\NEOTRA~1\NTXtoolbar.htm (HKCU) O16 - DPF: {00B71CFB-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {14B87622-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab O16 - DPF: {2BC66F54-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,81/mcinsctl.cab O16 - DPF: {4F1E5B1A-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: {56336BCB-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/0264c81d7166d1dadf05/netzip/RdxIE601_de.cab O16 - DPF: {6414512B-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1173804631718 O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - http://www.kodakgallery.de/downloads/BUM/BUM_WIN_IE_1/axofupld.cab O16 - DPF: {79E0C1C0-11D5-A72A-006097BFA1AC} (EPSON Web Printer-SelfTest Control Class) - http://esupport.epson-europe.com/selftest/de/Prg/ESTPTest.cab O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {9A9307A0-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,19/mcgdmgr.cab O16 - DPF: {E36C5562-4220-BCB2-1C671E3A5916} - http://www.seagate.com/support/disc/asp/tools/en/bin/npseatools.cab O16 - DPF: {EF791A6B-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/1,5,0,4358/mcfscan.cab O16 - DPF: {F49DA492-463F-B389-CA9A02F6DA76} - http://www.seagate.com/support/disc/asp/tools/de/bin/npseatools.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{78D7E635-36A9-4488-8C1D-12A4C4384DE2}: NameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{78D7E635-36A9-4488-8C1D-12A4C4384DE2}: NameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{78D7E635-36A9-4488-8C1D-12A4C4384DE2}: NameServer = 192.168.1.1 O20 - Winlogon Notify: wineak32 - wineak32.dll (file missing) O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - F:\Programme\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Adobe LM Service - Unknown owner - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: MSSvc asnetclient (asnetclient) - Unknown owner - C:\winnt\system32\dllcache\MSSvc.EXE (file missing) O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINNT\system32\drivers\CDAC11BA.EXE O23 - Service: DirectUpdate engine (DirectUpdate) - http://www.directupdate.net/ - F:\PROGRA~1\DIRECT~1\DUService.exe O23 - Service: Verwaltungsdienst für die Verwaltung logischer Datenträger (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINNT\system32\drivers\KodakCCS.exe O23 - Service: MSSvc ntsysvers (ntsysvers) - Unknown owner - C:\winnt\system32\dllcache\MSSvc.EXE (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe O23 - Service: R-Studio Login Server - Unknown owner - F:\Programme\R-Undelete20\rloginsrv.exe O23 - Service: MSSvc runbatch (runbatch) - Unknown owner - C:\winnt\system32\dllcache\MSSvc.EXE (file missing) O23 - Service: MSSvc stopradmin2 (stopradmin2) - Unknown owner - C:\winnt\system32\dllcache\MSSvc.EXE (file missing) O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\SymWSC.exe O23 - Service: Tango Service (TangoService) - Unknown owner - F:\Programme\HanseNet\HanseNet-Produkte\app\TangoService.exe O23 - Service: WebTrends Alerting and Monitoring for Analysis Series 7.0 (WTAMSVC_Analysis Series 7.0) - Unknown owner - F:\Programme\WebTrends Analysis Series\wtam_service.exe Vielen dank im voraus. Chantal |
|
21.12.2007, 21:46
| #2 | |
| Administrator > Competence Manager  | Vermutlich Virus der PC blockiert, bilder, Programme etc. flackern ..... Als erstes brauchen wir mehr Informationen zu deinem System, arbeite dazu folgende Anleitungen ab: Dateien Online überprüfen lassen: * Suche die Seite Virtustotal auf, klicke auf den Button „Durchsuchen“ und suche folgende Datei/Dateien: (lass auch die versteckten Dateien anzeigen!) Zitat:
* Poste im Anschluss das Ergebnis der Auswertung, alles abkopieren und in einen Beitrag einfügen. (Wichtig: Auch die Größenangabe sowie den HASH mit kopieren!) RootkitRevealer scannen lassen * Lade kasserver.com runter und entpacke das Archiv in einen eigenen Ordner, z.B. C:\programme\rootkitrevealer. * Starte in diesem Ordner RootkitReavealer.exe. Alle anderen Programme schließen. * Starte durch Klick auf "Scan". * Wenn der Scan fertig ist das Logfile mit File -> Save abspeichern. Gmer scannen lassen * Lade dir GMER von dieser Seite runter und entpacke es auf deinen Desktop. * Starte gmer.exe und gehe zum Tab Rootkit. Alle anderen Programme sollen geschlossen sein. * Stelle sicher, daß in der Leiste rechts alles von "System" bis "ADS" angehakt ist (Wichtig: "Show all" darf nicht angehakt sein) und starte den Scan mit "Scan". Mache nichts am Computer während der Scan läuft. * Wenn der Scan fertig ist klicke auf "Copy" um das Log in die Zwischenablage zu kopieren. Mit "Ok" wird GMER beendet. * Füge das Log aus der Zwischenablage in deine Antwort hier ein. MWAV (eScan) - Free Antivirus -Lies dir folgende Anleitung genau durch und arbeite sie ab -> Anleitung eScan Wichtig: Poste im Anschluss das Ergebnis mit Hilfe der *find.bat'. (rechte Maustaste auf den LINK 'find.bat' , dann "Ziel Speichern unter" -> Desktop)
__________________ |
|
22.12.2007, 17:15
| #3 |
| | Vermutlich Virus der PC blockiert, bilder, Programme etc. flackern ..... fde32.dll
__________________Antivirus Version letzte aktualisierung Ergebnis AhnLab-V3 2007.12.22.10 2007.12.21 - AntiVir 7.6.0.46 2007.12.22 ADSPY/Bho.aa.1 Authentium 4.93.8 2007.12.22 W32/Downloader.MNI Avast 4.7.1098.0 2007.12.21 Win32:Trojano-3384 AVG 7.5.0.503 2007.12.21 Collected.11.AD BitDefender 7.2 2007.12.22 Trojan.BHO.WebPrefix.A CAT-QuickHeal 9.00 2007.12.22 - ClamAV 0.91.2 2007.12.22 AdWare.BHO-2 DrWeb 4.44.0.09170 2007.12.22 Adware.Bho eSafe 7.0.15.0 2007.12.20 - eTrust-Vet 31.3.5395 2007.12.21 - Ewido 4.0 2007.12.22 Trojan.BHO.b FileAdvisor 1 2007.12.22 - Fortinet 3.14.0.0 2007.12.22 Adware/KeenValue F-Prot 4.4.2.54 2007.12.21 W32/Downloader.MNI F-Secure 6.70.13030.0 2007.12.21 - Ikarus T3.1.1.15 2007.12.22 AdWare.Win32.BHO.aa Kaspersky 7.0.0.125 2007.12.22 not-a-virus:AdWare.Win32.BHO.aa McAfee 5191 2007.12.21 potentially unwanted program Adware-KeenValue Microsoft 1.3109 2007.12.22 BrowserModifier:Win32/KeenValuePerfectNav NOD32v2 2742 2007.12.22 a variant of Win32/Adware.BHO.AA Norman 5.80.02 2007.12.21 W32/BHO.X Panda 9.0.0.4 2007.12.22 Adware/KeenValue Prevx1 V2 2007.12.22 - Rising 20.23.52.00 2007.12.22 Trojan.DL.Agent.kpx Sophos 4.24.0 2007.12.22 Mapkon Sunbelt 2.2.907.0 2007.12.21 - Symantec 10 2007.12.22 Adware.Webprefix TheHacker 6.2.9.167 2007.12.21 Adware/BHO.aa VBA32 3.12.2.5 2007.12.21 suspected of Trojan-Downloader.Agent.47 VirusBuster 4.3.26:9 2007.12.21 Adware.BHO.JT Webwasher-Gateway 6.6.2 2007.12.22 Ad-Spyware.Bho.aa.1 weitere Informationen File size: 30202 bytes MD5: e39f018fda7752d58242e894f4051da8 SHA1: 45f10e57aafc15c24d616321f1cbdd3fc61c4b47 PEiD: - rloginsrv.exe Antivirus Version letzte aktualisierung Ergebnis AhnLab-V3 2007.12.22.10 2007.12.21 - AntiVir 7.6.0.46 2007.12.22 - Authentium 4.93.8 2007.12.22 - Avast 4.7.1098.0 2007.12.21 - AVG 7.5.0.503 2007.12.21 - BitDefender 7.2 2007.12.22 - CAT-QuickHeal 9.00 2007.12.22 - ClamAV 0.91.2 2007.12.22 - DrWeb 4.44.0.09170 2007.12.22 - eSafe 7.0.15.0 2007.12.20 - eTrust-Vet 31.3.5395 2007.12.21 - Ewido 4.0 2007.12.22 - FileAdvisor 1 2007.12.22 - Fortinet 3.14.0.0 2007.12.22 - F-Prot 4.4.2.54 2007.12.21 - F-Secure 6.70.13030.0 2007.12.21 - Ikarus T3.1.1.15 2007.12.22 - Kaspersky 7.0.0.125 2007.12.22 - McAfee 5191 2007.12.21 - Microsoft 1.3109 2007.12.22 - NOD32v2 2742 2007.12.22 - Norman 5.80.02 2007.12.21 - Panda 9.0.0.4 2007.12.22 - Prevx1 V2 2007.12.22 - Rising 20.23.52.00 2007.12.22 - Sophos 4.24.0 2007.12.22 - Sunbelt 2.2.907.0 2007.12.21 - Symantec 10 2007.12.22 - TheHacker 6.2.9.167 2007.12.21 - VBA32 3.12.2.5 2007.12.21 - VirusBuster 4.3.26:9 2007.12.21 - Webwasher-Gateway 6.6.2 2007.12.22 - weitere Informationen File size: 57344 bytes MD5: d99aaed6512e7b69113754bd65fce56a SHA1: 3dbbeb3c891027f22f457acc79f46922781f95db PEiD: Armadillo v1.71 Rest folgt gleich .... |
|
23.12.2007, 13:20
| #4 |
| | fmer 1 GMER 1.0.13.12551 - http://www.gmer.net Rootkit scan 2007-12-23 13:17:52 Windows 5.0.2195 Service Pack 4 ---- System - GMER 1.0.13 ---- SSDT a347bus.sys ZwClose SSDT a347bus.sys ZwCreateKey SSDT a347bus.sys ZwCreatePagingFile SSDT a347bus.sys ZwEnumerateKey SSDT a347bus.sys ZwEnumerateValueKey SSDT a347bus.sys ZwOpenFile SSDT a347bus.sys ZwOpenKey SSDT a347bus.sys ZwQueryKey SSDT a347bus.sys ZwQueryValueKey SSDT a347bus.sys ZwSetSystemPowerState ---- Kernel code sections - GMER 1.0.13 ---- ? C:\WINNT\system32\Drivers\RKREVEAL150.SYS Das System kann die angegebene Datei nicht finden. ---- User IAT/EAT - GMER 1.0.13 ---- IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\ADVAPI32.DLL [KERNEL32.DLL!LoadLibraryExW] [760B7955] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\ADVAPI32.DLL [KERNEL32.DLL!CreateProcessA] [23021346] C:\WINNT\AppPatch\AcLayers.DLL IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\ADVAPI32.DLL [KERNEL32.DLL!CreateProcessW] [230214FD] C:\WINNT\AppPatch\AcLayers.DLL IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\ADVAPI32.DLL [KERNEL32.DLL!LoadLibraryW] [760B786F] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\ADVAPI32.DLL [KERNEL32.DLL!FreeLibrary] [760B7A04] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\ADVAPI32.DLL [KERNEL32.DLL!LoadLibraryA] [760B7800] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\ADVAPI32.DLL [KERNEL32.DLL!GetProcAddress] [760B771E] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\RPCRT4.DLL [KERNEL32.DLL!LoadLibraryW] [760B786F] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\RPCRT4.DLL [KERNEL32.DLL!FreeLibrary] [760B7A04] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\RPCRT4.DLL [KERNEL32.DLL!GetProcAddress] [760B771E] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\RPCRT4.DLL [KERNEL32.DLL!LoadLibraryA] [760B7800] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\GDI32.DLL [KERNEL32.DLL!LoadLibraryExW] [760B7955] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\GDI32.DLL [KERNEL32.DLL!LoadLibraryA] [760B7800] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\GDI32.DLL [KERNEL32.DLL!FreeLibrary] [760B7A04] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\GDI32.DLL [KERNEL32.DLL!GetProcAddress] [760B771E] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\GDI32.DLL [KERNEL32.DLL!LoadLibraryW] [760B786F] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\USER32.DLL [KERNEL32.DLL!LoadLibraryExW] [760B7955] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\USER32.DLL [KERNEL32.DLL!CreateProcessW] [230214FD] C:\WINNT\AppPatch\AcLayers.DLL IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\USER32.DLL [KERNEL32.DLL!LoadLibraryA] [760B7800] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\USER32.DLL [KERNEL32.DLL!LoadLibraryW] [760B786F] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\USER32.DLL [KERNEL32.DLL!GetProcAddress] [760B771E] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\USER32.DLL [KERNEL32.DLL!FreeLibrary] [760B7A04] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\SHLWAPI.DLL [KERNEL32.dll!LoadLibraryExA] [760B78DE] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\SHLWAPI.DLL [KERNEL32.dll!LoadLibraryExW] [760B7955] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\SHLWAPI.DLL [KERNEL32.dll!LoadLibraryW] [760B786F] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\SHLWAPI.DLL [KERNEL32.dll!CreateProcessA] [23021346] C:\WINNT\AppPatch\AcLayers.DLL IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\SHLWAPI.DLL [KERNEL32.dll!CreateProcessW] [230214FD] C:\WINNT\AppPatch\AcLayers.DLL IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\SHLWAPI.DLL [KERNEL32.dll!FreeLibrary] [760B7A04] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\SHLWAPI.DLL [KERNEL32.dll!LoadLibraryA] [760B7800] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\SHLWAPI.DLL [KERNEL32.dll!GetProcAddress] [760B771E] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\SHELL32.dll [KERNEL32.DLL!CreateProcessW] [230214FD] C:\WINNT\AppPatch\AcLayers.DLL IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\SHELL32.dll [KERNEL32.DLL!LoadLibraryExW] [760B7955] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\SHELL32.dll [KERNEL32.DLL!LoadLibraryA] [760B7800] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\SHELL32.dll [KERNEL32.DLL!GetProcAddress] [760B771E] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\SHELL32.dll [KERNEL32.DLL!LoadLibraryW] [760B786F] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\SHELL32.dll [KERNEL32.DLL!FreeLibrary] [760B7A04] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\OLE32.DLL [KERNEL32.dll!GetProcAddress] [760B771E] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\OLE32.DLL [KERNEL32.dll!LoadLibraryA] [760B7800] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\OLE32.DLL [KERNEL32.dll!FreeLibrary] [760B7A04] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\OLE32.DLL [KERNEL32.dll!LoadLibraryW] [760B786F] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\OLE32.DLL [KERNEL32.dll!LoadLibraryExW] [760B7955] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\OLE32.DLL [KERNEL32.dll!CreateProcessW] [230214FD] C:\WINNT\AppPatch\AcLayers.DLL IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\USERENV.DLL [KERNEL32.dll!LoadLibraryW] [760B786F] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\USERENV.DLL [KERNEL32.dll!LoadLibraryExW] [760B7955] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\USERENV.DLL [KERNEL32.dll!LoadLibraryA] [760B7800] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\USERENV.DLL [KERNEL32.dll!CreateProcessW] [230214FD] C:\WINNT\AppPatch\AcLayers.DLL IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\USERENV.DLL [KERNEL32.dll!FreeLibrary] [760B7A04] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\USERENV.DLL [KERNEL32.dll!GetProcAddress] [760B771E] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\WININET.DLL [KERNEL32.dll!LoadLibraryW] [760B786F] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\WININET.DLL [KERNEL32.dll!GetProcAddress] [760B771E] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\WININET.DLL [KERNEL32.dll!LoadLibraryA] [760B7800] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\WININET.DLL [KERNEL32.dll!FreeLibrary] [760B7A04] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\CRYPT32.dll [KERNEL32.DLL!GetProcAddress] [760B771E] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\CRYPT32.dll [KERNEL32.DLL!LoadLibraryA] [760B7800] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\CRYPT32.dll [KERNEL32.DLL!LoadLibraryExW] [760B7955] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\CRYPT32.dll [KERNEL32.DLL!LoadLibraryExA] [760B78DE] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\CRYPT32.dll [KERNEL32.DLL!FreeLibrary] [760B7A04] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\WS2_32.dll [KERNEL32.DLL!FreeLibrary] [760B7A04] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\WS2_32.dll [KERNEL32.DLL!LoadLibraryA] [760B7800] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\WS2_32.dll [KERNEL32.DLL!GetProcAddress] [760B771E] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\WS2HELP.DLL [KERNEL32.DLL!FreeLibrary] [760B7A04] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\WS2HELP.DLL [KERNEL32.DLL!LoadLibraryA] [760B7800] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\WS2HELP.DLL [KERNEL32.DLL!GetProcAddress] [760B771E] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\NETAPI32.DLL [KERNEL32.DLL!LoadLibraryW] [760B786F] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\NETAPI32.DLL [KERNEL32.DLL!GetProcAddress] [760B771E] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\NETAPI32.DLL [KERNEL32.DLL!FreeLibrary] [760B7A04] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\SECUR32.DLL [KERNEL32.DLL!LoadLibraryA] [760B7800] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\SECUR32.DLL [KERNEL32.DLL!GetProcAddress] [760B771E] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\SECUR32.DLL [KERNEL32.DLL!FreeLibrary] [760B7A04] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\SECUR32.DLL [KERNEL32.DLL!LoadLibraryW] [760B786F] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\iphlpapi.dll [KERNEL32.DLL!FreeLibrary] [760B7A04] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\iphlpapi.dll [KERNEL32.DLL!LoadLibraryA] [760B7800] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\iphlpapi.dll [KERNEL32.DLL!GetProcAddress] [760B771E] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\PSAPI.DLL [KERNEL32.DLL!LoadLibraryA] [760B7800] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\PSAPI.DLL [KERNEL32.DLL!FreeLibrary] [760B7A04] C:\WINNT\system32\shim.dll IAT C:\WINNT\Explorer.EXE[260] @ C:\WINNT\system32\PSAPI.DLL [KERNEL32.DLL!GetProcAddress] [760B771E] C:\WINNT\system32\shim.dll IAT F:\Programme\Mozilla1.7.2\mozilla.exe[2120] @ C:\WINNT\system32\ADVAPI32.dll [KERNEL32.DLL!LoadLibraryA] [012D7376] F:\Programme\Mozilla1.7.2\components\FULLSOFT.DLL IAT F:\Programme\Mozilla1.7.2\mozilla.exe[2120] @ C:\WINNT\system32\RPCRT4.DLL [KERNEL32.DLL!LoadLibraryA] [012D7376] F:\Programme\Mozilla1.7.2\components\FULLSOFT.DLL IAT F:\Programme\Mozilla1.7.2\mozilla.exe[2120] @ C:\WINNT\system32\WS2_32.DLL [KERNEL32.DLL!LoadLibraryA] [012D7376] F:\Programme\Mozilla1.7.2\components\FULLSOFT.DLL IAT F:\Programme\Mozilla1.7.2\mozilla.exe[2120] @ C:\WINNT\system32\WS2HELP.DLL [KERNEL32.DLL!LoadLibraryA] [012D7376] F:\Programme\Mozilla1.7.2\components\FULLSOFT.DLL IAT F:\Programme\Mozilla1.7.2\mozilla.exe[2120] @ C:\WINNT\system32\USER32.dll [KERNEL32.DLL!LoadLibraryA] [012D7376] F:\Programme\Mozilla1.7.2\components\FULLSOFT.DLL IAT F:\Programme\Mozilla1.7.2\mozilla.exe[2120] @ C:\WINNT\system32\GDI32.DLL [KERNEL32.DLL!LoadLibraryA] [012D7376] F:\Programme\Mozilla1.7.2\components\FULLSOFT.DLL IAT F:\Programme\Mozilla1.7.2\mozilla.exe[2120] @ C:\WINNT\system32\SHELL32.dll [KERNEL32.DLL!LoadLibraryA] [012D7376] F:\Programme\Mozilla1.7.2\components\FULLSOFT.DLL IAT F:\Programme\Mozilla1.7.2\mozilla.exe[2120] @ C:\WINNT\system32\SHLWAPI.DLL [KERNEL32.dll!LoadLibraryA] [012D7376] F:\Programme\Mozilla1.7.2\components\FULLSOFT.DLL IAT F:\Programme\Mozilla1.7.2\mozilla.exe[2120] @ C:\WINNT\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [012D7376] F:\Programme\Mozilla1.7.2\components\FULLSOFT.DLL IAT F:\Programme\Mozilla1.7.2\mozilla.exe[2120] @ C:\WINNT\system32\iphlpapi.dll [KERNEL32.DLL!LoadLibraryA] [012D7376] F:\Programme\Mozilla1.7.2\components\FULLSOFT.DLL IAT F:\Programme\Mozilla1.7.2\mozilla.exe[2120] @ C:\WINNT\system32\SECUR32.DLL [KERNEL32.DLL!LoadLibraryA] [012D7376] F:\Programme\Mozilla1.7.2\components\FULLSOFT.DLL IAT F:\Programme\Mozilla1.7.2\mozilla.exe[2120] @ C:\WINNT\system32\USERENV.DLL [KERNEL32.dll!LoadLibraryA] [012D7376] F:\Programme\Mozilla1.7.2\components\FULLSOFT.DLL IAT F:\Programme\Mozilla1.7.2\mozilla.exe[2120] @ C:\WINNT\system32\CRYPT32.dll [KERNEL32.DLL!LoadLibraryA] [012D7376] F:\Programme\Mozilla1.7.2\components\FULLSOFT.DLL Geändert von Chantal (23.12.2007 um 13:55 Uhr) |
|
23.12.2007, 13:57
| #5 |
| | gmer 2 Device \FileSystem\Ntfs \Ntfs IRP_MJ_READ 81F33270 AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE [EB8189CE] avgntmgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_NAMED_PIPE [EB818956] avgntmgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE [EB8196C0] avgntmgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_READ [EB818956] avgntmgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE [EB818956] avgntmgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION [EB818956] avgntmgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION [EB818956] avgntmgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA [EB818956] avgntmgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA [EB818956] avgntmgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS [EB818956] avgntmgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION [EB818956] avgntmgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION [EB818956] avgntmgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL [EB818956] avgntmgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL [EB81994A] avgntmgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL [EB818956] avgntmgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_INTERNAL_DEVICE_CONTROL [EB818956] avgntmgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN [EB818956] avgntmgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL [EB818956] avgntmgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP [EB818956] avgntmgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_MAILSLOT [EB818956] avgntmgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY [EB818956] avgntmgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY [EB818956] avgntmgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_POWER [EB818956] avgntmgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SYSTEM_CONTROL [EB818956] avgntmgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CHANGE [EB818956] avgntmgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA [EB818956] avgntmgr.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA [EB818956] avgntmgr.sys Device \FileSystem\Udfs \UdfsCdRom IRP_MJ_READ 815C4E90 Device \FileSystem\meiudf \MeiUDF_Disk IRP_MJ_READ 815C4C50 Device \FileSystem\meiudf \MeiUDF_CdRom IRP_MJ_READ 815C4C50 Device \FileSystem\Udfs \UdfsDisk IRP_MJ_READ 815C4E90 Device \Device\0000001c IRP_MJ_CREATE [BFFB6554] ACPI.sys Device \Device\0000001c IRP_MJ_CREATE_NAMED_PIPE [BFFB6554] ACPI.sys Device \Device\0000001c IRP_MJ_CLOSE [BFFB6554] ACPI.sys Device \Device\0000001c IRP_MJ_READ [BFFB6554] ACPI.sys Device \Device\0000001c IRP_MJ_WRITE [BFFB6554] ACPI.sys Device \Device\0000001c IRP_MJ_QUERY_INFORMATION [BFFB6554] ACPI.sys Device \Device\0000001c IRP_MJ_SET_INFORMATION [BFFB6554] ACPI.sys Device \Device\0000001c IRP_MJ_QUERY_EA [BFFB6554] ACPI.sys Device \Device\0000001c IRP_MJ_SET_EA [BFFB6554] ACPI.sys Device \Device\0000001c IRP_MJ_FLUSH_BUFFERS [BFFB6554] ACPI.sys Device \Device\0000001c IRP_MJ_QUERY_VOLUME_INFORMATION [BFFB6554] ACPI.sys Device \Device\0000001c IRP_MJ_SET_VOLUME_INFORMATION [BFFB6554] ACPI.sys Device \Device\0000001c IRP_MJ_DIRECTORY_CONTROL [BFFB6554] ACPI.sys Device \Device\0000001c IRP_MJ_FILE_SYSTEM_CONTROL [BFFB6554] ACPI.sys Device \Device\0000001c IRP_MJ_DEVICE_CONTROL [BFFB6554] ACPI.sys Device \Device\0000001c IRP_MJ_INTERNAL_DEVICE_CONTROL [BFFB6554] ACPI.sys Device \Device\0000001c IRP_MJ_SHUTDOWN [BFFB6554] ACPI.sys Device \Device\0000001c IRP_MJ_LOCK_CONTROL [BFFB6554] ACPI.sys Device \Device\0000001c IRP_MJ_CLEANUP [BFFB6554] ACPI.sys Device \Device\0000001c IRP_MJ_CREATE_MAILSLOT [BFFB6554] ACPI.sys Device \Device\0000001c IRP_MJ_QUERY_SECURITY [BFFB6554] ACPI.sys Device \Device\0000001c IRP_MJ_SET_SECURITY [BFFB6554] ACPI.sys Device \Device\0000001c IRP_MJ_POWER [BFFB6554] ACPI.sys Device \Device\0000001c IRP_MJ_SYSTEM_CONTROL [BFFB6554] ACPI.sys Device \Device\0000001c IRP_MJ_DEVICE_CHANGE [BFFB6554] ACPI.sys Device \Device\0000001c IRP_MJ_QUERY_QUOTA [BFFB6554] ACPI.sys Device \Device\0000001c IRP_MJ_SET_QUOTA [BFFB6554] ACPI.sys Device \Device\0000001c IRP_MJ_PNP [BFFB6554] ACPI.sys Device \Device\0000001c FastIoDetachDevice [BFFB69EE] ACPI.sys Device \Device\0000001d IRP_MJ_CREATE [BFFB6554] ACPI.sys Device \Device\0000001d IRP_MJ_CREATE_NAMED_PIPE [BFFB6554] ACPI.sys Device \Device\0000001d IRP_MJ_CLOSE [BFFB6554] ACPI.sys Device \Device\0000001d IRP_MJ_READ [BFFB6554] ACPI.sys Device \Device\0000001d IRP_MJ_WRITE [BFFB6554] ACPI.sys Device \Device\0000001d IRP_MJ_QUERY_INFORMATION [BFFB6554] ACPI.sys Device \Device\0000001d IRP_MJ_SET_INFORMATION [BFFB6554] ACPI.sys Device \Device\0000001d IRP_MJ_QUERY_EA [BFFB6554] ACPI.sys Device \Device\0000001d IRP_MJ_SET_EA [BFFB6554] ACPI.sys Device \Device\0000001d IRP_MJ_FLUSH_BUFFERS [BFFB6554] ACPI.sys Device \Device\0000001d IRP_MJ_QUERY_VOLUME_INFORMATION [BFFB6554] ACPI.sys Device \Device\0000001d IRP_MJ_SET_VOLUME_INFORMATION [BFFB6554] ACPI.sys Device \Device\0000001d IRP_MJ_DIRECTORY_CONTROL [BFFB6554] ACPI.sys Device \Device\0000001d IRP_MJ_FILE_SYSTEM_CONTROL [BFFB6554] ACPI.sys Device \Device\0000001d IRP_MJ_DEVICE_CONTROL [BFFB6554] ACPI.sys Device \Device\0000001d IRP_MJ_INTERNAL_DEVICE_CONTROL [BFFB6554] ACPI.sys Device \Device\0000001d IRP_MJ_SHUTDOWN [BFFB6554] ACPI.sys Device \Device\0000001d IRP_MJ_LOCK_CONTROL [BFFB6554] ACPI.sys Device \Device\0000001d IRP_MJ_CLEANUP [BFFB6554] ACPI.sys Device \Device\0000001d IRP_MJ_CREATE_MAILSLOT [BFFB6554] ACPI.sys Device \Device\0000001d IRP_MJ_QUERY_SECURITY [BFFB6554] ACPI.sys Device \Device\0000001d IRP_MJ_SET_SECURITY [BFFB6554] ACPI.sys Device \Device\0000001d IRP_MJ_POWER [BFFB6554] ACPI.sys Device \Device\0000001d IRP_MJ_SYSTEM_CONTROL [BFFB6554] ACPI.sys Device \Device\0000001d IRP_MJ_DEVICE_CHANGE [BFFB6554] ACPI.sys Device \Device\0000001d IRP_MJ_QUERY_QUOTA [BFFB6554] ACPI.sys Device \Device\0000001d IRP_MJ_SET_QUOTA [BFFB6554] ACPI.sys Device \Device\0000001d IRP_MJ_PNP [BFFB6554] ACPI.sys Device \Device\0000001d FastIoDetachDevice [BFFB69EE] ACPI.sys Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE 81E3CDC8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE_NAMED_PIPE 81E3CDC8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLOSE 81E3CDC8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_READ 81B896D0 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_WRITE 81E3CDC8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_INFORMATION 81E3CDC8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_INFORMATION 81E3CDC8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_EA 81E3CDC8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_EA 81E3CDC8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FLUSH_BUFFERS 81E3CDC8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_VOLUME_INFORMATION 81E3CDC8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_VOLUME_INFORMATION 81E3CDC8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DIRECTORY_CONTROL 81E3CDC8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FILE_SYSTEM_CONTROL 81E3CDC8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CONTROL 81B8A890 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_INTERNAL_DEVICE_CONTROL 81E3CDC8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SHUTDOWN 81E3CDC8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_LOCK_CONTROL 81E3CDC8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLEANUP 81E3CDC8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE_MAILSLOT 81E3CDC8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_SECURITY 81E3CDC8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_SECURITY 81E3CDC8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_POWER 81E3CDC8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SYSTEM_CONTROL 81E3CDC8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CHANGE 81E3CDC8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_QUOTA 81E3CDC8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_QUOTA 81E3CDC8 Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_PNP 81E3CDC8 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE 81E3CDC8 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE_NAMED_PIPE 81E3CDC8 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CLOSE 81E3CDC8 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_READ 81B896D0 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_WRITE 81E3CDC8 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_INFORMATION 81E3CDC8 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_INFORMATION 81E3CDC8 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_EA 81E3CDC8 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_EA 81E3CDC8 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_FLUSH_BUFFERS 81E3CDC8 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_VOLUME_INFORMATION |
|
23.12.2007, 14:03
| #6 |
| | gmer 3 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_VOLUME_INFORMATION 81E3CDC8 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DIRECTORY_CONTROL 81E3CDC8 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_FILE_SYSTEM_CONTROL 81E3CDC8 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DEVICE_CONTROL 81B8A890 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_INTERNAL_DEVICE_CONTROL 81E3CDC8 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SHUTDOWN 81E3CDC8 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_LOCK_CONTROL 81E3CDC8 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CLEANUP 81E3CDC8 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE_MAILSLOT 81E3CDC8 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_SECURITY 81E3CDC8 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_SECURITY 81E3CDC8 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_POWER 81E3CDC8 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SYSTEM_CONTROL 81E3CDC8 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DEVICE_CHANGE 81E3CDC8 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_QUOTA 81E3CDC8 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_QUOTA 81E3CDC8 Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_PNP 81E3CDC8 Device \Device\Ide\IdeDeviceP0T0L0-2 IRP_MJ_CREATE 81E4E6A8 Device \Device\Ide\IdeDeviceP0T0L0-2 IRP_MJ_CREATE_NAMED_PIPE 81E4E6A8 Device \Device\Ide\IdeDeviceP0T0L0-2 IRP_MJ_CLOSE 81E4E6A8 Device \Device\Ide\IdeDeviceP0T0L0-2 IRP_MJ_READ 81E4E6A8 Device \Device\Ide\IdeDeviceP0T0L0-2 IRP_MJ_WRITE 81E4E6A8 Device \Device\Ide\IdeDeviceP0T0L0-2 IRP_MJ_QUERY_INFORMATION 81E4E6A8 Device \Device\Ide\IdeDeviceP0T0L0-2 IRP_MJ_SET_INFORMATION 81E4E6A8 Device \Device\Ide\IdeDeviceP0T0L0-2 IRP_MJ_QUERY_EA 81E4E6A8 Device \Device\Ide\IdeDeviceP0T0L0-2 IRP_MJ_SET_EA 81E4E6A8 Device \Device\Ide\IdeDeviceP0T0L0-2 IRP_MJ_FLUSH_BUFFERS 81E4E6A8 Device \Device\Ide\IdeDeviceP0T0L0-2 IRP_MJ_QUERY_VOLUME_INFORMATION 81E4E6A8 Device \Device\Ide\IdeDeviceP0T0L0-2 IRP_MJ_SET_VOLUME_INFORMATION 81E4E6A8 Device \Device\Ide\IdeDeviceP0T0L0-2 IRP_MJ_DIRECTORY_CONTROL 81E4E6A8 Device \Device\Ide\IdeDeviceP0T0L0-2 IRP_MJ_FILE_SYSTEM_CONTROL 81E4E6A8 Device \Device\Ide\IdeDeviceP0T0L0-2 IRP_MJ_DEVICE_CONTROL 81E4E6A8 Device \Device\Ide\IdeDeviceP0T0L0-2 IRP_MJ_INTERNAL_DEVICE_CONTROL 81B73F90 Device \Device\Ide\IdeDeviceP0T0L0-2 IRP_MJ_SHUTDOWN 81E4E6A8 Device \Device\Ide\IdeDeviceP0T0L0-2 IRP_MJ_LOCK_CONTROL 81E4E6A8 Device \Device\Ide\IdeDeviceP0T0L0-2 IRP_MJ_CLEANUP 81E4E6A8 Device \Device\Ide\IdeDeviceP0T0L0-2 IRP_MJ_CREATE_MAILSLOT 81E4E6A8 Device \Device\Ide\IdeDeviceP0T0L0-2 IRP_MJ_QUERY_SECURITY 81E4E6A8 Device \Device\Ide\IdeDeviceP0T0L0-2 IRP_MJ_SET_SECURITY 81E4E6A8 Device \Device\Ide\IdeDeviceP0T0L0-2 IRP_MJ_POWER 81E4E6A8 Device \Device\Ide\IdeDeviceP0T0L0-2 IRP_MJ_SYSTEM_CONTROL 81E4E6A8 Device \Device\Ide\IdeDeviceP0T0L0-2 IRP_MJ_DEVICE_CHANGE 81E4E6A8 Device \Device\Ide\IdeDeviceP0T0L0-2 IRP_MJ_QUERY_QUOTA 81E4E6A8 Device \Device\Ide\IdeDeviceP0T0L0-2 IRP_MJ_SET_QUOTA 81E4E6A8 Device \Device\Ide\IdeDeviceP0T0L0-2 IRP_MJ_PNP 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CREATE 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CREATE_NAMED_PIPE 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CLOSE 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_READ 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_WRITE 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_QUERY_INFORMATION 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SET_INFORMATION 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_QUERY_EA 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SET_EA 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_FLUSH_BUFFERS 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_QUERY_VOLUME_INFORMATION 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SET_VOLUME_INFORMATION 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_DIRECTORY_CONTROL 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_FILE_SYSTEM_CONTROL 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_DEVICE_CONTROL 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_INTERNAL_DEVICE_CONTROL 81B73F90 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SHUTDOWN 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_LOCK_CONTROL 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CLEANUP 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CREATE_MAILSLOT 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_QUERY_SECURITY 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SET_SECURITY 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_POWER 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SYSTEM_CONTROL 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_DEVICE_CHANGE 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_QUERY_QUOTA 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SET_QUOTA 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_PNP 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CREATE 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CREATE_NAMED_PIPE 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CLOSE 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_READ 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_WRITE 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_QUERY_INFORMATION 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SET_INFORMATION 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_QUERY_EA 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SET_EA 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_FLUSH_BUFFERS 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_QUERY_VOLUME_INFORMATION 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SET_VOLUME_INFORMATION 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_DIRECTORY_CONTROL 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_FILE_SYSTEM_CONTROL 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_DEVICE_CONTROL 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_INTERNAL_DEVICE_CONTROL 81B73F90 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SHUTDOWN 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_LOCK_CONTROL 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CLEANUP 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CREATE_MAILSLOT 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_QUERY_SECURITY 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SET_SECURITY 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_POWER 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SYSTEM_CONTROL 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_DEVICE_CHANGE 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_QUERY_QUOTA 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SET_QUOTA 81E4E6A8 Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_PNP 81E4E6A8 Device \Device\Ide\IdeDeviceP1T0L0-c IRP_MJ_CREATE 81E4E6A8 Device \Device\Ide\IdeDeviceP1T0L0-c IRP_MJ_CREATE_NAMED_PIPE 81E4E6A8 Device \Device\Ide\IdeDeviceP1T0L0-c IRP_MJ_CLOSE 81E4E6A8 Device \Device\Ide\IdeDeviceP1T0L0-c IRP_MJ_READ 81E4E6A8 Device \Device\Ide\IdeDeviceP1T0L0-c IRP_MJ_WRITE 81E4E6A8 Device \Device\Ide\IdeDeviceP1T0L0-c IRP_MJ_QUERY_INFORMATION 81E4E6A8 Device \Device\Ide\IdeDeviceP1T0L0-c IRP_MJ_SET_INFORMATION 81E4E6A8 Device \Device\Ide\IdeDeviceP1T0L0-c IRP_MJ_QUERY_EA 81E4E6A8 Device \Device\Ide\IdeDeviceP1T0L0-c IRP_MJ_SET_EA 81E4E6A8 |
|
23.12.2007, 14:04
| #7 |
| | gmer 4 Device \Device\Ide\IdeDeviceP1T0L0-c IRP_MJ_FLUSH_BUFFERS 81E4E6A8 Device \Device\Ide\IdeDeviceP1T0L0-c IRP_MJ_QUERY_VOLUME_INFORMATION 81E4E6A8 Device \Device\Ide\IdeDeviceP1T0L0-c IRP_MJ_SET_VOLUME_INFORMATION 81E4E6A8 Device \Device\Ide\IdeDeviceP1T0L0-c IRP_MJ_DIRECTORY_CONTROL 81E4E6A8 Device \Device\Ide\IdeDeviceP1T0L0-c IRP_MJ_FILE_SYSTEM_CONTROL 81E4E6A8 Device \Device\Ide\IdeDeviceP1T0L0-c IRP_MJ_DEVICE_CONTROL 81E4E6A8 Device \Device\Ide\IdeDeviceP1T0L0-c IRP_MJ_INTERNAL_DEVICE_CONTROL 81B73F90 Device \Device\Ide\IdeDeviceP1T0L0-c IRP_MJ_SHUTDOWN 81E4E6A8 Device \Device\Ide\IdeDeviceP1T0L0-c IRP_MJ_LOCK_CONTROL 81E4E6A8 Device \Device\Ide\IdeDeviceP1T0L0-c IRP_MJ_CLEANUP 81E4E6A8 Device \Device\Ide\IdeDeviceP1T0L0-c IRP_MJ_CREATE_MAILSLOT 81E4E6A8 Device \Device\Ide\IdeDeviceP1T0L0-c IRP_MJ_QUERY_SECURITY 81E4E6A8 Device \Device\Ide\IdeDeviceP1T0L0-c IRP_MJ_SET_SECURITY 81E4E6A8 Device \Device\Ide\IdeDeviceP1T0L0-c IRP_MJ_POWER 81E4E6A8 Device \Device\Ide\IdeDeviceP1T0L0-c IRP_MJ_SYSTEM_CONTROL 81E4E6A8 Device \Device\Ide\IdeDeviceP1T0L0-c IRP_MJ_DEVICE_CHANGE 81E4E6A8 Device \Device\Ide\IdeDeviceP1T0L0-c IRP_MJ_QUERY_QUOTA 81E4E6A8 Device \Device\Ide\IdeDeviceP1T0L0-c IRP_MJ_SET_QUOTA 81E4E6A8 Device \Device\Ide\IdeDeviceP1T0L0-c IRP_MJ_PNP 81E4E6A8 Device \Device\Ide\IdeDeviceP1T1L0-14 IRP_MJ_CREATE 81E4E6A8 Device \Device\Ide\IdeDeviceP1T1L0-14 IRP_MJ_CREATE_NAMED_PIPE 81E4E6A8 Device \Device\Ide\IdeDeviceP1T1L0-14 IRP_MJ_CLOSE 81E4E6A8 Device \Device\Ide\IdeDeviceP1T1L0-14 IRP_MJ_READ 81E4E6A8 Device \Device\Ide\IdeDeviceP1T1L0-14 IRP_MJ_WRITE 81E4E6A8 Device \Device\Ide\IdeDeviceP1T1L0-14 IRP_MJ_QUERY_INFORMATION 81E4E6A8 Device \Device\Ide\IdeDeviceP1T1L0-14 IRP_MJ_SET_INFORMATION 81E4E6A8 Device \Device\Ide\IdeDeviceP1T1L0-14 IRP_MJ_QUERY_EA 81E4E6A8 Device \Device\Ide\IdeDeviceP1T1L0-14 IRP_MJ_SET_EA 81E4E6A8 Device \Device\Ide\IdeDeviceP1T1L0-14 IRP_MJ_FLUSH_BUFFERS 81E4E6A8 Device \Device\Ide\IdeDeviceP1T1L0-14 IRP_MJ_QUERY_VOLUME_INFORMATION 81E4E6A8 Device \Device\Ide\IdeDeviceP1T1L0-14 IRP_MJ_SET_VOLUME_INFORMATION 81E4E6A8 Device \Device\Ide\IdeDeviceP1T1L0-14 IRP_MJ_DIRECTORY_CONTROL 81E4E6A8 Device \Device\Ide\IdeDeviceP1T1L0-14 IRP_MJ_FILE_SYSTEM_CONTROL 81E4E6A8 Device \Device\Ide\IdeDeviceP1T1L0-14 IRP_MJ_DEVICE_CONTROL 81E4E6A8 Device \Device\Ide\IdeDeviceP1T1L0-14 IRP_MJ_INTERNAL_DEVICE_CONTROL 81B73F90 Device \Device\Ide\IdeDeviceP1T1L0-14 IRP_MJ_SHUTDOWN 81E4E6A8 Device \Device\Ide\IdeDeviceP1T1L0-14 IRP_MJ_LOCK_CONTROL 81E4E6A8 Device \Device\Ide\IdeDeviceP1T1L0-14 IRP_MJ_CLEANUP 81E4E6A8 Device \Device\Ide\IdeDeviceP1T1L0-14 IRP_MJ_CREATE_MAILSLOT 81E4E6A8 Device \Device\Ide\IdeDeviceP1T1L0-14 IRP_MJ_QUERY_SECURITY 81E4E6A8 Device \Device\Ide\IdeDeviceP1T1L0-14 IRP_MJ_SET_SECURITY 81E4E6A8 Device \Device\Ide\IdeDeviceP1T1L0-14 IRP_MJ_POWER 81E4E6A8 Device \Device\Ide\IdeDeviceP1T1L0-14 IRP_MJ_SYSTEM_CONTROL 81E4E6A8 Device \Device\Ide\IdeDeviceP1T1L0-14 IRP_MJ_DEVICE_CHANGE 81E4E6A8 Device \Device\Ide\IdeDeviceP1T1L0-14 IRP_MJ_QUERY_QUOTA 81E4E6A8 Device \Device\Ide\IdeDeviceP1T1L0-14 IRP_MJ_SET_QUOTA 81E4E6A8 Device \Device\Ide\IdeDeviceP1T1L0-14 IRP_MJ_PNP 81E4E6A8 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CREATE 81E3CDC8 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CREATE_NAMED_PIPE 81E3CDC8 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CLOSE 81E3CDC8 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_READ 81B896D0 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_WRITE 81E3CDC8 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_QUERY_INFORMATION 81E3CDC8 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SET_INFORMATION 81E3CDC8 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_QUERY_EA 81E3CDC8 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SET_EA 81E3CDC8 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_FLUSH_BUFFERS 81E3CDC8 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_QUERY_VOLUME_INFORMATION 81E3CDC8 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SET_VOLUME_INFORMATION 81E3CDC8 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_DIRECTORY_CONTROL 81E3CDC8 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_FILE_SYSTEM_CONTROL 81E3CDC8 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_DEVICE_CONTROL 81B8A890 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_INTERNAL_DEVICE_CONTROL 81E3CDC8 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SHUTDOWN 81E3CDC8 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_LOCK_CONTROL 81E3CDC8 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CLEANUP 81E3CDC8 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CREATE_MAILSLOT 81E3CDC8 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_QUERY_SECURITY 81E3CDC8 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SET_SECURITY 81E3CDC8 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_POWER 81E3CDC8 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SYSTEM_CONTROL 81E3CDC8 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_DEVICE_CHANGE 81E3CDC8 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_QUERY_QUOTA 81E3CDC8 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SET_QUOTA 81E3CDC8 Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_PNP 81E3CDC8 Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_CREATE 81E3CDC8 Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_CREATE_NAMED_PIPE 81E3CDC8 Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_CLOSE 81E3CDC8 Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_READ 81B896D0 Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_WRITE 81E3CDC8 Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_QUERY_INFORMATION 81E3CDC8 Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_SET_INFORMATION 81E3CDC8 Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_QUERY_EA 81E3CDC8 Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_SET_EA 81E3CDC8 Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_FLUSH_BUFFERS 81E3CDC8 Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_QUERY_VOLUME_INFORMATION 81E3CDC8 Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_SET_VOLUME_INFORMATION 81E3CDC8 Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_DIRECTORY_CONTROL 81E3CDC8 Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_FILE_SYSTEM_CONTROL 81E3CDC8 Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_DEVICE_CONTROL 81B8A890 Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_INTERNAL_DEVICE_CONTROL 81E3CDC8 Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_SHUTDOWN 81E3CDC8 Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_LOCK_CONTROL 81E3CDC8 Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_CLEANUP 81E3CDC8 Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_CREATE_MAILSLOT 81E3CDC8 Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_QUERY_SECURITY 81E3CDC8 Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_SET_SECURITY 81E3CDC8 Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_POWER 81E3CDC8 Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_SYSTEM_CONTROL 81E3CDC8 Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_DEVICE_CHANGE 81E3CDC8 Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_QUERY_QUOTA 81E3CDC8 Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_SET_QUOTA 81E3CDC8 Device \Driver\Cdrom \Device\CdRom3 IRP_MJ_PNP 81E3CDC8 Device \FileSystem\Srv \Device\LanmanServer IRP_MJ_READ 812B5950 Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_READ 815AEF10 Device \Device\00000020 IRP_MJ_CREATE [BFFB6554] ACPI.sys Device \Device\00000020 IRP_MJ_CREATE_NAMED_PIPE [BFFB6554] ACPI.sys Device \Device\00000020 IRP_MJ_CLOSE [BFFB6554] ACPI.sys Device \Device\00000020 IRP_MJ_READ [BFFB6554] ACPI.sys Device \Device\00000020 IRP_MJ_WRITE [BFFB6554] ACPI.sys Device \Device\00000020 IRP_MJ_QUERY_INFORMATION [BFFB6554] ACPI.sys Device \Device\00000020 IRP_MJ_SET_INFORMATION [BFFB6554] ACPI.sys Device \Device\00000020 IRP_MJ_QUERY_EA [BFFB6554] ACPI.sys Device \Device\00000020 IRP_MJ_SET_EA [BFFB6554] ACPI.sys Device \Device\00000020 IRP_MJ_FLUSH_BUFFERS [BFFB6554] ACPI.sys Device \Device\00000020 IRP_MJ_QUERY_VOLUME_INFORMATION [BFFB6554] ACPI.sys Device \Device\00000020 IRP_MJ_SET_VOLUME_INFORMATION [BFFB6554] ACPI.sys Device \Device\00000020 IRP_MJ_DIRECTORY_CONTROL [BFFB6554] ACPI.sys Device \Device\00000020 IRP_MJ_FILE_SYSTEM_CONTROL [BFFB6554] ACPI.sys Device \Device\00000020 IRP_MJ_DEVICE_CONTROL [BFFB6554] ACPI.sys Device \Device\00000020 IRP_MJ_INTERNAL_DEVICE_CONTROL [BFFB6554] ACPI.sys Device \Device\00000020 IRP_MJ_SHUTDOWN [BFFB6554] ACPI.sys Device \Device\00000020 IRP_MJ_LOCK_CONTROL [BFFB6554] ACPI.sys Device \Device\00000020 IRP_MJ_CLEANUP [BFFB6554] ACPI.sys Device \Device\00000020 IRP_MJ_CREATE_MAILSLOT [BFFB6554] ACPI.sys Device \Device\00000020 IRP_MJ_QUERY_SECURITY [BFFB6554] ACPI.sys Device \Device\00000020 IRP_MJ_SET_SECURITY [BFFB6554] ACPI.sys Device \Device\00000020 IRP_MJ_POWER [BFFB6554] ACPI.sys Device \Device\00000020 IRP_MJ_SYSTEM_CONTROL [BFFB6554] ACPI.sys |
|
23.12.2007, 14:07
| #8 |
| | gmer 5 Device \Device\00000020 IRP_MJ_DEVICE_CHANGE [BFFB6554] ACPI.sys Device \Device\00000020 IRP_MJ_QUERY_QUOTA [BFFB6554] ACPI.sys Device \Device\00000020 IRP_MJ_SET_QUOTA [BFFB6554] ACPI.sys Device \Device\00000020 IRP_MJ_PNP [BFFB6554] ACPI.sys Device \Device\00000020 FastIoDetachDevice [BFFB69EE] ACPI.sys Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_READ 815C0EB0 Device \Driver\dvdram \Device\DVDRAM0\XDisk IRP_MJ_CREATE 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XDisk IRP_MJ_CREATE_NAMED_PIPE 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XDisk IRP_MJ_CLOSE 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XDisk IRP_MJ_READ 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XDisk IRP_MJ_WRITE 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XDisk IRP_MJ_QUERY_INFORMATION 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XDisk IRP_MJ_SET_INFORMATION 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XDisk IRP_MJ_QUERY_EA 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XDisk IRP_MJ_SET_EA 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XDisk IRP_MJ_FLUSH_BUFFERS 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XDisk IRP_MJ_QUERY_VOLUME_INFORMATION 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XDisk IRP_MJ_SET_VOLUME_INFORMATION 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XDisk IRP_MJ_DIRECTORY_CONTROL 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XDisk IRP_MJ_FILE_SYSTEM_CONTROL 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XDisk IRP_MJ_DEVICE_CONTROL 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XDisk IRP_MJ_INTERNAL_DEVICE_CONTROL 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XDisk IRP_MJ_SHUTDOWN 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XDisk IRP_MJ_LOCK_CONTROL 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XDisk IRP_MJ_CLEANUP 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XDisk IRP_MJ_CREATE_MAILSLOT 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XDisk IRP_MJ_QUERY_SECURITY 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XDisk IRP_MJ_SET_SECURITY 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XDisk IRP_MJ_POWER 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XDisk IRP_MJ_SYSTEM_CONTROL 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XDisk IRP_MJ_DEVICE_CHANGE 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XDisk IRP_MJ_QUERY_QUOTA 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XDisk IRP_MJ_SET_QUOTA 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XDisk IRP_MJ_PNP 8179ED68 Device \Device\DVDRAM0\XCdRom IRP_MJ_CREATE 8179ED68 Device \Device\DVDRAM0\XCdRom IRP_MJ_CREATE_NAMED_PIPE 8179ED68 Device \Device\DVDRAM0\XCdRom IRP_MJ_CLOSE 8179ED68 Device \Device\DVDRAM0\XCdRom IRP_MJ_READ 8179ED68 Device \Device\DVDRAM0\XCdRom IRP_MJ_WRITE 8179ED68 Device \Device\DVDRAM0\XCdRom IRP_MJ_QUERY_INFORMATION 8179ED68 Device \Device\DVDRAM0\XCdRom IRP_MJ_SET_INFORMATION 8179ED68 Device \Device\DVDRAM0\XCdRom IRP_MJ_QUERY_EA 8179ED68 Device \Device\DVDRAM0\XCdRom IRP_MJ_SET_EA 8179ED68 Device \Device\DVDRAM0\XCdRom IRP_MJ_FLUSH_BUFFERS 8179ED68 Device \Device\DVDRAM0\XCdRom IRP_MJ_QUERY_VOLUME_INFORMATION 8179ED68 Device \Device\DVDRAM0\XCdRom IRP_MJ_SET_VOLUME_INFORMATION 8179ED68 Device \Device\DVDRAM0\XCdRom IRP_MJ_DIRECTORY_CONTROL 8179ED68 Device \Device\DVDRAM0\XCdRom IRP_MJ_FILE_SYSTEM_CONTROL 8179ED68 Device \Device\DVDRAM0\XCdRom IRP_MJ_DEVICE_CONTROL 8179ED68 Device \Device\DVDRAM0\XCdRom IRP_MJ_INTERNAL_DEVICE_CONTROL 8179ED68 Device \Device\DVDRAM0\XCdRom IRP_MJ_SHUTDOWN 8179ED68 Device \Device\DVDRAM0\XCdRom IRP_MJ_LOCK_CONTROL 8179ED68 Device \Device\DVDRAM0\XCdRom IRP_MJ_CLEANUP 8179ED68 Device \Device\DVDRAM0\XCdRom IRP_MJ_CREATE_MAILSLOT 8179ED68 Device \Device\DVDRAM0\XCdRom IRP_MJ_QUERY_SECURITY 8179ED68 Device \Device\DVDRAM0\XCdRom IRP_MJ_SET_SECURITY 8179ED68 Device \Device\DVDRAM0\XCdRom IRP_MJ_POWER 8179ED68 Device \Device\DVDRAM0\XCdRom IRP_MJ_SYSTEM_CONTROL 8179ED68 Device \Device\DVDRAM0\XCdRom IRP_MJ_DEVICE_CHANGE 8179ED68 Device \Device\DVDRAM0\XCdRom IRP_MJ_QUERY_QUOTA 8179ED68 Device \Device\DVDRAM0\XCdRom IRP_MJ_SET_QUOTA 8179ED68 Device \Device\DVDRAM0\XCdRom IRP_MJ_PNP 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XRoot IRP_MJ_CREATE 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XRoot IRP_MJ_CREATE_NAMED_PIPE 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XRoot IRP_MJ_CLOSE 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XRoot IRP_MJ_READ 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XRoot IRP_MJ_WRITE 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XRoot IRP_MJ_QUERY_INFORMATION 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XRoot IRP_MJ_SET_INFORMATION 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XRoot IRP_MJ_QUERY_EA 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XRoot IRP_MJ_SET_EA 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XRoot IRP_MJ_FLUSH_BUFFERS 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XRoot IRP_MJ_QUERY_VOLUME_INFORMATION 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XRoot IRP_MJ_SET_VOLUME_INFORMATION 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XRoot IRP_MJ_DIRECTORY_CONTROL 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XRoot IRP_MJ_FILE_SYSTEM_CONTROL 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XRoot IRP_MJ_DEVICE_CONTROL 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XRoot IRP_MJ_INTERNAL_DEVICE_CONTROL 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XRoot IRP_MJ_SHUTDOWN 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XRoot IRP_MJ_LOCK_CONTROL 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XRoot IRP_MJ_CLEANUP 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XRoot IRP_MJ_CREATE_MAILSLOT 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XRoot IRP_MJ_QUERY_SECURITY 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XRoot IRP_MJ_SET_SECURITY 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XRoot IRP_MJ_POWER 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XRoot IRP_MJ_SYSTEM_CONTROL 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XRoot IRP_MJ_DEVICE_CHANGE 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XRoot IRP_MJ_QUERY_QUOTA 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XRoot IRP_MJ_SET_QUOTA 8179ED68 Device \Driver\dvdram \Device\DVDRAM0\XRoot IRP_MJ_PNP 8179ED68 Device \Driver\St320hg \Device\Scsi\St320hg1 IRP_MJ_CREATE 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1 IRP_MJ_CREATE_NAMED_PIPE 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1 IRP_MJ_CLOSE 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1 IRP_MJ_READ 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1 IRP_MJ_WRITE 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1 IRP_MJ_QUERY_INFORMATION 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1 IRP_MJ_SET_INFORMATION 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1 IRP_MJ_QUERY_EA 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1 IRP_MJ_SET_EA 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1 IRP_MJ_FLUSH_BUFFERS 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1 IRP_MJ_QUERY_VOLUME_INFORMATION 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1 IRP_MJ_SET_VOLUME_INFORMATION 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1 IRP_MJ_DIRECTORY_CONTROL 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1 IRP_MJ_FILE_SYSTEM_CONTROL 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1 IRP_MJ_DEVICE_CONTROL 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1 IRP_MJ_INTERNAL_DEVICE_CONTROL 81782330 Device \Driver\St320hg \Device\Scsi\St320hg1 IRP_MJ_SHUTDOWN 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1 IRP_MJ_LOCK_CONTROL 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1 IRP_MJ_CLEANUP 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1 IRP_MJ_CREATE_MAILSLOT 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1 IRP_MJ_QUERY_SECURITY 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1 IRP_MJ_SET_SECURITY 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1 IRP_MJ_POWER 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1 IRP_MJ_SYSTEM_CONTROL 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1 IRP_MJ_DEVICE_CHANGE 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1 IRP_MJ_QUERY_QUOTA 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1 IRP_MJ_SET_QUOTA 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1 IRP_MJ_PNP 817C2A68 Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_CREATE 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_CREATE_NAMED_PIPE 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_CLOSE 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_READ 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_WRITE 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_QUERY_INFORMATION 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_SET_INFORMATION 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_QUERY_EA 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_SET_EA 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_FLUSH_BUFFERS 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_QUERY_VOLUME_INFORMATION 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_SET_VOLUME_INFORMATION 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_DIRECTORY_CONTROL 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_FILE_SYSTEM_CONTROL 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_DEVICE_CONTROL 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_INTERNAL_DEVICE_CONTROL 82064DF0 Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_SHUTDOWN 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_LOCK_CONTROL 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_CLEANUP 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_CREATE_MAILSLOT 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_QUERY_SECURITY 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_SET_SECURITY 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_POWER 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_SYSTEM_CONTROL 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_DEVICE_CHANGE |
|
23.12.2007, 14:09
| #9 |
| | gmer 6 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_QUERY_QUOTA 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_SET_QUOTA 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_PNP 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_CREATE 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_CREATE_NAMED_PIPE 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_CLOSE 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_READ 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_WRITE 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_QUERY_INFORMATION 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_SET_INFORMATION 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_QUERY_EA 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_SET_EA 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_FLUSH_BUFFERS 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_QUERY_VOLUME_INFORMATION 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_SET_VOLUME_INFORMATION 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_DIRECTORY_CONTROL 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_FILE_SYSTEM_CONTROL 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_DEVICE_CONTROL 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_INTERNAL_DEVICE_CONTROL 82064DF0 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_SHUTDOWN 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_LOCK_CONTROL 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_CLEANUP 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_CREATE_MAILSLOT 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_QUERY_SECURITY 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_SET_SECURITY 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_POWER 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_SYSTEM_CONTROL 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_DEVICE_CHANGE 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_QUERY_QUOTA 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_SET_QUOTA 817B0B08 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port3Path0Target0Lun0 IRP_MJ_PNP 817B0B08 Device \Driver\St320hg \Device\Scsi\St320hg1Port0Path0Target0Lun0 IRP_MJ_CREATE 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1Port0Path0Target0Lun0 IRP_MJ_CREATE_NAMED_PIPE 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1Port0Path0Target0Lun0 IRP_MJ_CLOSE 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1Port0Path0Target0Lun0 IRP_MJ_READ 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1Port0Path0Target0Lun0 IRP_MJ_WRITE 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1Port0Path0Target0Lun0 IRP_MJ_QUERY_INFORMATION 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1Port0Path0Target0Lun0 IRP_MJ_SET_INFORMATION 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1Port0Path0Target0Lun0 IRP_MJ_QUERY_EA 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1Port0Path0Target0Lun0 IRP_MJ_SET_EA 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1Port0Path0Target0Lun0 IRP_MJ_FLUSH_BUFFERS 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1Port0Path0Target0Lun0 IRP_MJ_QUERY_VOLUME_INFORMATION 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1Port0Path0Target0Lun0 IRP_MJ_SET_VOLUME_INFORMATION 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1Port0Path0Target0Lun0 IRP_MJ_DIRECTORY_CONTROL 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1Port0Path0Target0Lun0 IRP_MJ_FILE_SYSTEM_CONTROL 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1Port0Path0Target0Lun0 IRP_MJ_DEVICE_CONTROL 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1Port0Path0Target0Lun0 IRP_MJ_INTERNAL_DEVICE_CONTROL 81782330 Device \Driver\St320hg \Device\Scsi\St320hg1Port0Path0Target0Lun0 IRP_MJ_SHUTDOWN 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1Port0Path0Target0Lun0 IRP_MJ_LOCK_CONTROL 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1Port0Path0Target0Lun0 IRP_MJ_CLEANUP 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1Port0Path0Target0Lun0 IRP_MJ_CREATE_MAILSLOT 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1Port0Path0Target0Lun0 IRP_MJ_QUERY_SECURITY 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1Port0Path0Target0Lun0 IRP_MJ_SET_SECURITY 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1Port0Path0Target0Lun0 IRP_MJ_POWER 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1Port0Path0Target0Lun0 IRP_MJ_SYSTEM_CONTROL 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1Port0Path0Target0Lun0 IRP_MJ_DEVICE_CHANGE 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1Port0Path0Target0Lun0 IRP_MJ_QUERY_QUOTA 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1Port0Path0Target0Lun0 IRP_MJ_SET_QUOTA 817C2A68 Device \Driver\St320hg \Device\Scsi\St320hg1Port0Path0Target0Lun0 IRP_MJ_PNP 817C2A68 Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer IRP_MJ_READ 814F9F10 Device \FileSystem\Fs_Rec \FileSystem\FatRecognizer IRP_MJ_READ 814F9F10 Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer IRP_MJ_READ 814F9F10 Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer IRP_MJ_READ 814F9F10 Device \FileSystem\Cdfs \Cdfs IRP_MJ_READ 8116D370 ---- Modules - GMER 1.0.13 ---- Module _________ BFF33000-BFF49000 (90112 bytes) ---- Registry - GMER 1.0.13 ---- Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ C:\WINNT\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@cd042efbbd7f7af1647644e76e06692b 0xE2 0x63 0x26 0xF1 ... Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ C:\WINNT\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@bca643cdc5c2726b20d2ecedcc62c59b 0x46 0x47 0x15 0xB0 ... Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ C:\WINNT\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@2c81e34222e8052573023a60d06dd016 0x25 0xDA 0xEC 0x7E ... Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ C:\WINNT\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@2582ae41fb52324423be06337561aa48 0x3E 0x1E 0x9E 0xE0 ... Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ C:\WINNT\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@caaeda5fd7a9ed7697d9686d4b818472 0xCD 0x44 0xCD 0xB9 ... Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ C:\WINNT\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@a4a1bcf2cc2b8bc3716b74b2b4522f5d 0xB0 0x18 0xED 0xA7 ... Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ C:\WINNT\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@4d370831d2c43cd13623e232fed27b7b 0x31 0x77 0xE1 0xBA ... Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ C:\WINNT\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@1d68fe701cdea33e477eb204b76f993d 0x83 0x6C 0x56 0x8B ... Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ C:\WINNT\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@1fac81b91d8e3c5aa4b0a51804d844a3 0xF6 0x0F 0x4E 0x58 ... Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ C:\WINNT\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@f5f62a6129303efb32fbe080bb27835b 0xB1 0xCD 0x45 0x5A ... Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ C:\WINNT\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@fd4e2e1a3940b94dceb5a6a021f2e3c6 0x2A 0xB7 0xCC 0xB5 ... Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ThreadingModel Apartment Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ C:\WINNT\system32\OLE32.DLL Reg \Registry\MACHINE\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@8a8aec57dd6508a385616fbc86791ec2 0x6C 0x43 0x2D 0x1E ... ---- EOF - GMER 1.0.13 ---- |
|
23.12.2007, 22:06
| #10 |
| | Vermutlich Virus der PC blockiert, bilder, Programme etc. flackern ..... Abschliessend noch der escan. Leider kann find.bat nach Doppelklick aufgrund sprachlicher Probleme nichts erstellen. Ich hatte allerdings deutsch ausgewählt. Soll ich stattdessen den Inhalt des mwav.logs posten? |
|
27.12.2007, 15:24
| #11 |
| | Vermutlich Virus der PC blockiert, bilder, Programme etc. flackern ..... Wäre nett, wenn sich das jemand anschauen könnte. Werden noch weitere Daten benötigt? |
|
| Themen zu Vermutlich Virus der PC blockiert, bilder, Programme etc. flackern ..... |
| 1.exe, ad-aware, adobe, alle programme, analysis, antivirus, antivirus scan, avg, avira, bho, blockiert, computer, controlcenter, drivers, entfernen, excel, firewall, flackern, frage, google, helper, hijackthis, internet, internet explorer, lexware, mein log, mozilla, netgear, nvidia, pc blockiert, rundll, security, security center, software, symantec, torrent.exe, trend micro, urlsearchhook, virus, windows-explorer |
Linear-Darstellung
