Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   AntiVir meldet BOO/Sinowal.D - Fehlalarm? (https://www.trojaner-board.de/74016-antivir-meldet-boo-sinowal-d-fehlalarm.html)

Andrea85 11.06.2009 03:39
AntiVir meldet BOO/Sinowal.D - Fehlalarm?
 
Hallo allerseits,
AntiVir meldete dass diese Malware sich in 2 Bootsektoren befindet. Alternativ habe ich mal bitdefender installiert, welches nun nichts findet. Kann es sein, dass es sich hier um einen Fehlalarm handelt?

Mein gmer log sieht so aus ( für C:)

---- System - GMER 1.0.15 ----

SSDT \??\C:\Programme\BitDefender\BitDefender 2009\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender S.R.L.) ZwOpenProcess [0x9E3CFC90]
SSDT \??\C:\Programme\BitDefender\BitDefender 2009\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender S.R.L.) ZwOpenThread [0x9E3CFD7E]
SSDT \??\C:\Programme\BitDefender\BitDefender 2009\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender S.R.L.) ZwTerminateProcess [0x9E3CFBF4]
SSDT \??\C:\Programme\BitDefender\BitDefender 2009\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender S.R.L.) ZwTerminateThread [0x9E3CFEC4]

---- User code sections - GMER 1.0.15 ----

.text C:\WINDOWS\system32\wdfmgr.exe[248] ADVAPI32.dll!CryptDestroyKey 77DBA544 7 Bytes JMP 00882DFD
.text C:\WINDOWS\system32\wdfmgr.exe[248] ADVAPI32.dll!CryptDecrypt 77DBA7B1 7 Bytes JMP 00882DBA
.text C:\WINDOWS\system32\wdfmgr.exe[248] ADVAPI32.dll!CryptEncrypt 77DC1558 7 Bytes JMP 00882D7E
.text C:\WINDOWS\system32\wdfmgr.exe[248] WS2_32.dll!send 71A1428A 5 Bytes JMP 00882BEF
.text C:\WINDOWS\system32\wdfmgr.exe[248] WS2_32.dll!WSARecv 71A14318 5 Bytes JMP 00882CE1
.text C:\WINDOWS\system32\wdfmgr.exe[248] WS2_32.dll!recv 71A1615A 5 Bytes JMP 00882C27
.text C:\WINDOWS\system32\wdfmgr.exe[248] WS2_32.dll!WSASend 71A16233 5 Bytes JMP 00882C5F
.text C:\WINDOWS\system32\wdfmgr.exe[248] WS2_32.dll!closesocket 71A19639 5 Bytes JMP 00882D63
.text C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe[796] ADVAPI32.dll!CryptDestroyKey 77DBA544 7 Bytes JMP 008B2DFD
.text C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe[796] ADVAPI32.dll!CryptDecrypt 77DBA7B1 7 Bytes JMP 008B2DBA
.text C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe[796] ADVAPI32.dll!CryptEncrypt 77DC1558 7 Bytes JMP 008B2D7E
.text C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe[796] WS2_32.dll!send 71A1428A 5 Bytes JMP 008B2BEF
.text C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe[796] WS2_32.dll!WSARecv 71A14318 5 Bytes JMP 008B2CE1
.text C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe[796] WS2_32.dll!recv 71A1615A 5 Bytes JMP 008B2C27
.text C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe[796] WS2_32.dll!WSASend 71A16233 5 Bytes JMP 008B2C5F
.text C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe[796] WS2_32.dll!closesocket 71A19639 5 Bytes JMP 008B2D63
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe[1120] ADVAPI32.dll!CryptDestroyKey 77DBA544 7 Bytes JMP 00CF2DFD
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe[1120] ADVAPI32.dll!CryptDecrypt 77DBA7B1 7 Bytes JMP 00CF2DBA
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe[1120] ADVAPI32.dll!CryptEncrypt 77DC1558 7 Bytes JMP 00CF2D7E
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe[1120] WS2_32.dll!send 71A1428A 5 Bytes JMP 00CF2BEF
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe[1120] WS2_32.dll!WSARecv 71A14318 5 Bytes JMP 00CF2CE1
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe[1120] WS2_32.dll!recv 71A1615A 5 Bytes JMP 00CF2C27
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe[1120] WS2_32.dll!WSASend 71A16233 5 Bytes JMP 00CF2C5F
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe[1120] WS2_32.dll!closesocket 71A19639 5 Bytes JMP 00CF2D63
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[1192] ADVAPI32.dll!CryptDestroyKey 77DBA544 7 Bytes JMP 5CD12DFD
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[1192] ADVAPI32.dll!CryptDecrypt 77DBA7B1 7 Bytes JMP 5CD12DBA
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[1192] ADVAPI32.dll!CryptEncrypt 77DC1558 7 Bytes JMP 5CD12D7E
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[1192] WS2_32.dll!send 71A1428A 5 Bytes JMP 5CD12BEF
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[1192] WS2_32.dll!WSARecv 71A14318 5 Bytes JMP 5CD12CE1
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[1192] WS2_32.dll!recv 71A1615A 5 Bytes JMP 5CD12C27
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[1192] WS2_32.dll!WSASend 71A16233 5 Bytes JMP 5CD12C5F
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[1192] WS2_32.dll!closesocket 71A19639 5 Bytes JMP 5CD12D63
.text C:\Programme\Gemeinsame Dateien\BitDefender\BitDefender Update Service\livesrv.exe[1592] ADVAPI32.dll!CryptDestroyKey 77DBA544 7 Bytes JMP 018E2DFD
.text C:\Programme\Gemeinsame Dateien\BitDefender\BitDefender Update Service\livesrv.exe[1592] ADVAPI32.dll!CryptDecrypt 77DBA7B1 7 Bytes JMP 018E2DBA
.text C:\Programme\Gemeinsame Dateien\BitDefender\BitDefender Update Service\livesrv.exe[1592] ADVAPI32.dll!CryptEncrypt 77DC1558 7 Bytes JMP 018E2D7E
.text C:\Programme\Gemeinsame Dateien\BitDefender\BitDefender Update Service\livesrv.exe[1592] WS2_32.dll!send 71A1428A 5 Bytes JMP 018E2BEF
.text C:\Programme\Gemeinsame Dateien\BitDefender\BitDefender Update Service\livesrv.exe[1592] WS2_32.dll!WSARecv 71A14318 5 Bytes JMP 018E2CE1
.text C:\Programme\Gemeinsame Dateien\BitDefender\BitDefender Update Service\livesrv.exe[1592] WS2_32.dll!recv 71A1615A 5 Bytes JMP 018E2C27
.text C:\Programme\Gemeinsame Dateien\BitDefender\BitDefender Update Service\livesrv.exe[1592] WS2_32.dll!WSASend 71A16233 5 Bytes JMP 018E2C5F
.text C:\Programme\Gemeinsame Dateien\BitDefender\BitDefender Update Service\livesrv.exe[1592] WS2_32.dll!closesocket 71A19639 5 Bytes JMP 018E2D63
.text C:\Programme\BitDefender\BitDefender 2009\vsserv.exe[1612] ADVAPI32.dll!CryptDestroyKey 77DBA544 7 Bytes JMP 0F3B2DFD
.text C:\Programme\BitDefender\BitDefender 2009\vsserv.exe[1612] ADVAPI32.dll!CryptDecrypt 77DBA7B1 7 Bytes JMP 0F3B2DBA
.text C:\Programme\BitDefender\BitDefender 2009\vsserv.exe[1612] ADVAPI32.dll!CryptEncrypt 77DC1558 7 Bytes JMP 0F3B2D7E
.text C:\Programme\BitDefender\BitDefender 2009\vsserv.exe[1612] WS2_32.dll!send 71A1428A 5 Bytes JMP 0F3B2BEF
.text C:\Programme\BitDefender\BitDefender 2009\vsserv.exe[1612] WS2_32.dll!WSARecv 71A14318 5 Bytes JMP 0F3B2CE1
.text C:\Programme\BitDefender\BitDefender 2009\vsserv.exe[1612] WS2_32.dll!recv 71A1615A 5 Bytes JMP 0F3B2C27
.text C:\Programme\BitDefender\BitDefender 2009\vsserv.exe[1612] WS2_32.dll!WSASend 71A16233 5 Bytes JMP 0F3B2C5F
.text C:\Programme\BitDefender\BitDefender 2009\vsserv.exe[1612] WS2_32.dll!closesocket 71A19639 5 Bytes JMP 0F3B2D63
.text C:\Programme\Canon\CAL\CALMAIN.exe[1816] ADVAPI32.dll!CryptDestroyKey 77DBA544 7 Bytes JMP 00972DFD
.text C:\Programme\Canon\CAL\CALMAIN.exe[1816] ADVAPI32.dll!CryptDecrypt 77DBA7B1 7 Bytes JMP 00972DBA
.text C:\Programme\Canon\CAL\CALMAIN.exe[1816] ADVAPI32.dll!CryptEncrypt 77DC1558 7 Bytes JMP 00972D7E
.text C:\Programme\Canon\CAL\CALMAIN.exe[1816] WS2_32.dll!send 71A1428A 5 Bytes JMP 00972BEF
.text C:\Programme\Canon\CAL\CALMAIN.exe[1816] WS2_32.dll!WSARecv 71A14318 5 Bytes JMP 00972CE1
.text C:\Programme\Canon\CAL\CALMAIN.exe[1816] WS2_32.dll!recv 71A1615A 5 Bytes JMP 00972C27
.text C:\Programme\Canon\CAL\CALMAIN.exe[1816] WS2_32.dll!WSASend 71A16233 5 Bytes JMP 00972C5F
.text C:\Programme\Canon\CAL\CALMAIN.exe[1816] WS2_32.dll!closesocket 71A19639 5 Bytes JMP 00972D63
.text C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[1908] ADVAPI32.dll!CryptDestroyKey 77DBA544 7 Bytes JMP 00B92DFD
.text C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[1908] ADVAPI32.dll!CryptDecrypt 77DBA7B1 7 Bytes JMP 00B92DBA
.text C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[1908] ADVAPI32.dll!CryptEncrypt 77DC1558 7 Bytes JMP 00B92D7E
.text C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[1908] WS2_32.dll!send 71A1428A 5 Bytes JMP 00B92BEF
.text C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[1908] WS2_32.dll!WSARecv 71A14318 5 Bytes JMP 00B92CE1
.text C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[1908] WS2_32.dll!recv 71A1615A 5 Bytes JMP 00B92C27
.text C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[1908] WS2_32.dll!WSASend 71A16233 5 Bytes JMP 00B92C5F
.text C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[1908] WS2_32.dll!closesocket 71A19639 5 Bytes JMP 00B92D63
.text C:\WINDOWS\System32\alg.exe[2216] ADVAPI32.dll!CryptDestroyKey 77DBA544 7 Bytes JMP 00802DFD
.text C:\WINDOWS\System32\alg.exe[2216] ADVAPI32.dll!CryptDecrypt 77DBA7B1 7 Bytes JMP 00802DBA
.text C:\WINDOWS\System32\alg.exe[2216] ADVAPI32.dll!CryptEncrypt 77DC1558 7 Bytes JMP 00802D7E
.text C:\WINDOWS\System32\alg.exe[2216] WS2_32.dll!send 71A1428A 5 Bytes JMP 00802BEF
.text C:\WINDOWS\System32\alg.exe[2216] WS2_32.dll!WSARecv 71A14318 5 Bytes JMP 00802CE1
.text C:\WINDOWS\System32\alg.exe[2216] WS2_32.dll!recv 71A1615A 5 Bytes JMP 00802C27
.text C:\WINDOWS\System32\alg.exe[2216] WS2_32.dll!WSASend 71A16233 5 Bytes JMP 00802C5F
.text C:\WINDOWS\System32\alg.exe[2216] WS2_32.dll!closesocket 71A19639 5 Bytes JMP 00802D63
.text C:\Programme\BitDefender\BitDefender 2009\seccenter.exe[2788] ADVAPI32.dll!CryptDestroyKey 77DBA544 7 Bytes JMP 02FA2DFD
.text C:\Programme\BitDefender\BitDefender 2009\seccenter.exe[2788] ADVAPI32.dll!CryptDecrypt 77DBA7B1 7 Bytes JMP 02FA2DBA
.text C:\Programme\BitDefender\BitDefender 2009\seccenter.exe[2788] ADVAPI32.dll!CryptEncrypt 77DC1558 7 Bytes JMP 02FA2D7E
.text C:\Programme\BitDefender\BitDefender 2009\seccenter.exe[2788] WS2_32.dll!send 71A1428A 5 Bytes JMP 02FA2BEF
.text C:\Programme\BitDefender\BitDefender 2009\seccenter.exe[2788] WS2_32.dll!WSARecv 71A14318 5 Bytes JMP 02FA2CE1
.text C:\Programme\BitDefender\BitDefender 2009\seccenter.exe[2788] WS2_32.dll!recv 71A1615A 5 Bytes JMP 02FA2C27
.text C:\Programme\BitDefender\BitDefender 2009\seccenter.exe[2788] WS2_32.dll!WSASend 71A16233 5 Bytes JMP 02FA2C5F
.text C:\Programme\BitDefender\BitDefender 2009\seccenter.exe[2788] WS2_32.dll!closesocket 71A19639 5 Bytes JMP 02FA2D63
.text C:\WINDOWS\Explorer.EXE[3676] ADVAPI32.dll!CryptDestroyKey 77DBA544 7 Bytes JMP 01382DFD
.text C:\WINDOWS\Explorer.EXE[3676] ADVAPI32.dll!CryptDecrypt 77DBA7B1 7 Bytes JMP 01382DBA
.text C:\WINDOWS\Explorer.EXE[3676] ADVAPI32.dll!CryptEncrypt 77DC1558 7 Bytes JMP 01382D7E
.text C:\WINDOWS\Explorer.EXE[3676] WS2_32.dll!send 71A1428A 5 Bytes JMP 01382BEF
.text C:\WINDOWS\Explorer.EXE[3676] WS2_32.dll!WSARecv 71A14318 5 Bytes JMP 01382CE1
.text C:\WINDOWS\Explorer.EXE[3676] WS2_32.dll!recv 71A1615A 5 Bytes JMP 01382C27
.text C:\WINDOWS\Explorer.EXE[3676] WS2_32.dll!WSASend 71A16233 5 Bytes JMP 01382C5F
.text C:\WINDOWS\Explorer.EXE[3676] WS2_32.dll!closesocket 71A19639 5 Bytes JMP 01382D63
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3824] ntdll.dll!RtlNumberOfSetBits + 4B 7C96E6BB 1 Byte [9B]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3824] ADVAPI32.dll!CryptDestroyKey 77DBA544 7 Bytes JMP 00B72DFD
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3824] ADVAPI32.dll!CryptDecrypt 77DBA7B1 7 Bytes JMP 00B72DBA
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3824] ADVAPI32.dll!CryptEncrypt 77DC1558 7 Bytes JMP 00B72D7E
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3824] WS2_32.dll!send 71A1428A 5 Bytes JMP 00B72BEF
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3824] WS2_32.dll!WSARecv 71A14318 5 Bytes JMP 00B72CE1
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3824] WS2_32.dll!recv 71A1615A 5 Bytes JMP 00B72C27
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3824] WS2_32.dll!WSASend 71A16233 5 Bytes JMP 00B72C5F
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3824] WS2_32.dll!closesocket 71A19639 5 Bytes JMP 00B72D63

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe[312] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [003C2F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe[312] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [003C2CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe[312] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [003C2D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe[312] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [003C2CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Creative\ShareDLL\MediaDet.Exe[1540] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00D22F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Creative\ShareDLL\MediaDet.Exe[1540] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00D22CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Creative\ShareDLL\MediaDet.Exe[1540] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00D22D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Creative\ShareDLL\MediaDet.Exe[1540] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00D22CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe[1668] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [009D2F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe[1668] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [009D2CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe[1668] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [009D2D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe[1668] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [009D2CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Spybot - Search & Destroy\TeaTimer.exe[1852] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [003B2F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Spybot - Search & Destroy\TeaTimer.exe[1852] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [003B2CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)

Andrea85 11.06.2009 03:40
2.Teil:
IAT C:\Programme\Spybot - Search & Destroy\TeaTimer.exe[1852] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [003B2D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Spybot - Search & Destroy\TeaTimer.exe[1852] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [003B2CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\ctfmon.exe[2388] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [009C2F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\ctfmon.exe[2388] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [009C2CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\ctfmon.exe[2388] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [009C2D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\ctfmon.exe[2388] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [009C2CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\Logishrd\LQCVFX\COCIManager.exe[2608] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [01122F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\Logishrd\LQCVFX\COCIManager.exe[2608] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [01122CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\Logishrd\LQCVFX\COCIManager.exe[2608] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [01122D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\Logishrd\LQCVFX\COCIManager.exe[2608] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [01122CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT D:\***\Installationsdateien\1c81vpso.exe[3040] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00802F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT D:\***\Installationsdateien\1c81vpso.exe[3040] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00802CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT D:\***\Installationsdateien\1c81vpso.exe[3040] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00802D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT D:\***\Installationsdateien\1c81vpso.exe[3040] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00802CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00892F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00892CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00892D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00892CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [63602B3E] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [63602A5B] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [63602441] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [63602AA2] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [63602B3E] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [63602A5B] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [63602441] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [63602AA2] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [63602A5B] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [63602AA2] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [63602441] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [63602B3E] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [63602AE9] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!AnimateWindow] [63601740] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenuEx] [636015EF] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcA] [6360208F] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetSysColor] [63601FC4] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcW] [63602065] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenu] [636015C8] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [63602AE9] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [63602B3E] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [63602AA2] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [63602A5B] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [63602441] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcA] [6360208F] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcW] [63602065] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!GetSysColor] [63601FC4] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenu] [636015C8] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenuEx] [636015EF] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\WINDOWS\system32\Ati2evxx.exe[3556] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [009D2F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\Ati2evxx.exe[3556] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [009D2CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\Ati2evxx.exe[3556] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [009D2D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\Ati2evxx.exe[3556] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [009D2CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Explorer.EXE[3676] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00AD2F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Explorer.EXE[3676] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00AD2CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Explorer.EXE[3676] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00AD2D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Explorer.EXE[3676] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00AD2CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\SOINTGR.EXE[3912] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00982F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\SOINTGR.EXE[3912] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00982CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\SOINTGR.EXE[3912] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00982D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\SOINTGR.EXE[3912] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00982CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\LVCOMSX.EXE[3924] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00A42F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\LVCOMSX.EXE[3924] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00A42CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\LVCOMSX.EXE[3924] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00A42D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\LVCOMSX.EXE[3924] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00A42CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Creative\ShareDLL\CtNotify.exe[3948] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00DD2F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Creative\ShareDLL\CtNotify.exe[3948] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00DD2CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Creative\ShareDLL\CtNotify.exe[3948] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00DD2D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Creative\ShareDLL\CtNotify.exe[3948] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00DD2CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe[4008] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00AC2F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe[4008] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00AC2CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe[4008] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00AC2D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe[4008] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00AC2CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\QuickTime\qttask.exe[4020] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [009B2F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\QuickTime\qttask.exe[4020] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [009B2CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\QuickTime\qttask.exe[4020] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [009B2D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\QuickTime\qttask.exe[4020] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [009B2CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Logitech\QuickCam\Quickcam.exe[4052] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00F42F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Logitech\QuickCam\Quickcam.exe[4052] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00F42CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Logitech\QuickCam\Quickcam.exe[4052] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00F42D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Logitech\QuickCam\Quickcam.exe[4052] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00F42CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\LogiShrd\LComMgr\Communications_Helper.exe[4072] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00B02F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\LogiShrd\LComMgr\Communications_Helper.exe[4072] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00B02CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\LogiShrd\LComMgr\Communications_Helper.exe[4072] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00B02D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\LogiShrd\LComMgr\Communications_Helper.exe[4072] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00B02CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)

Andrea85 11.06.2009 03:41
3.Teil
---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Ip bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender LLC)
AttachedDevice \Driver\Tcpip \Device\Tcp bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender LLC)
AttachedDevice \Driver\Tcpip \Device\Udp bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender LLC)
AttachedDevice \Driver\Tcpip \Device\RawIp bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender LLC)

---- Threads - GMER 1.0.15 ----

Thread System [4:1200] 896462D0
Thread System [4:1204] 896329C6
Thread System [4:1208] 89664357
Thread System [4:1212] 89635941
Thread System [4:3392] 896462D0
Thread System [4:3396] 896329C6
Thread System [4:3400] 89664357
Thread System [4:3404] 89635941
Thread System [4:3260] 896462D0
Thread System [4:3096] 896329C6
Thread System [4:3252] 89664357
Thread System [4:3268] 89635941

---- Files - GMER 1.0.15 ----

File C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Crash Reports\pending\f0562edc-b944-4243-84a4-6813ac1cc465.dmp 0 bytes
File C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Crash Reports\pending\f0562edc-b944-4243-84a4-6813ac1cc465.extra 0 bytes
File C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\8cg84vop.default\places.sqlite-journal 111320 bytes

---- EOF - GMER 1.0.15 ----



Das mbr.log sieht so aus:

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.6 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK


Freue mich über Eure Hilfe!


Alle Zeitangaben in WEZ +1. Es ist jetzt 09:21 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131