Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   AntiVir meldet BOO/Sinowal.D - Fehlalarm? (https://www.trojaner-board.de/74016-antivir-meldet-boo-sinowal-d-fehlalarm.html)

Andrea85 11.06.2009 03:39
AntiVir meldet BOO/Sinowal.D - Fehlalarm?
 
Hallo allerseits,
AntiVir meldete dass diese Malware sich in 2 Bootsektoren befindet. Alternativ habe ich mal bitdefender installiert, welches nun nichts findet. Kann es sein, dass es sich hier um einen Fehlalarm handelt?

Mein gmer log sieht so aus ( für C:)

---- System - GMER 1.0.15 ----

SSDT \??\C:\Programme\BitDefender\BitDefender 2009\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender S.R.L.) ZwOpenProcess [0x9E3CFC90]
SSDT \??\C:\Programme\BitDefender\BitDefender 2009\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender S.R.L.) ZwOpenThread [0x9E3CFD7E]
SSDT \??\C:\Programme\BitDefender\BitDefender 2009\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender S.R.L.) ZwTerminateProcess [0x9E3CFBF4]
SSDT \??\C:\Programme\BitDefender\BitDefender 2009\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender S.R.L.) ZwTerminateThread [0x9E3CFEC4]

---- User code sections - GMER 1.0.15 ----

.text C:\WINDOWS\system32\wdfmgr.exe[248] ADVAPI32.dll!CryptDestroyKey 77DBA544 7 Bytes JMP 00882DFD
.text C:\WINDOWS\system32\wdfmgr.exe[248] ADVAPI32.dll!CryptDecrypt 77DBA7B1 7 Bytes JMP 00882DBA
.text C:\WINDOWS\system32\wdfmgr.exe[248] ADVAPI32.dll!CryptEncrypt 77DC1558 7 Bytes JMP 00882D7E
.text C:\WINDOWS\system32\wdfmgr.exe[248] WS2_32.dll!send 71A1428A 5 Bytes JMP 00882BEF
.text C:\WINDOWS\system32\wdfmgr.exe[248] WS2_32.dll!WSARecv 71A14318 5 Bytes JMP 00882CE1
.text C:\WINDOWS\system32\wdfmgr.exe[248] WS2_32.dll!recv 71A1615A 5 Bytes JMP 00882C27
.text C:\WINDOWS\system32\wdfmgr.exe[248] WS2_32.dll!WSASend 71A16233 5 Bytes JMP 00882C5F
.text C:\WINDOWS\system32\wdfmgr.exe[248] WS2_32.dll!closesocket 71A19639 5 Bytes JMP 00882D63
.text C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe[796] ADVAPI32.dll!CryptDestroyKey 77DBA544 7 Bytes JMP 008B2DFD
.text C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe[796] ADVAPI32.dll!CryptDecrypt 77DBA7B1 7 Bytes JMP 008B2DBA
.text C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe[796] ADVAPI32.dll!CryptEncrypt 77DC1558 7 Bytes JMP 008B2D7E
.text C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe[796] WS2_32.dll!send 71A1428A 5 Bytes JMP 008B2BEF
.text C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe[796] WS2_32.dll!WSARecv 71A14318 5 Bytes JMP 008B2CE1
.text C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe[796] WS2_32.dll!recv 71A1615A 5 Bytes JMP 008B2C27
.text C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe[796] WS2_32.dll!WSASend 71A16233 5 Bytes JMP 008B2C5F
.text C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe[796] WS2_32.dll!closesocket 71A19639 5 Bytes JMP 008B2D63
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe[1120] ADVAPI32.dll!CryptDestroyKey 77DBA544 7 Bytes JMP 00CF2DFD
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe[1120] ADVAPI32.dll!CryptDecrypt 77DBA7B1 7 Bytes JMP 00CF2DBA
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe[1120] ADVAPI32.dll!CryptEncrypt 77DC1558 7 Bytes JMP 00CF2D7E
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe[1120] WS2_32.dll!send 71A1428A 5 Bytes JMP 00CF2BEF
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe[1120] WS2_32.dll!WSARecv 71A14318 5 Bytes JMP 00CF2CE1
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe[1120] WS2_32.dll!recv 71A1615A 5 Bytes JMP 00CF2C27
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe[1120] WS2_32.dll!WSASend 71A16233 5 Bytes JMP 00CF2C5F
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe[1120] WS2_32.dll!closesocket 71A19639 5 Bytes JMP 00CF2D63
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[1192] ADVAPI32.dll!CryptDestroyKey 77DBA544 7 Bytes JMP 5CD12DFD
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[1192] ADVAPI32.dll!CryptDecrypt 77DBA7B1 7 Bytes JMP 5CD12DBA
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[1192] ADVAPI32.dll!CryptEncrypt 77DC1558 7 Bytes JMP 5CD12D7E
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[1192] WS2_32.dll!send 71A1428A 5 Bytes JMP 5CD12BEF
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[1192] WS2_32.dll!WSARecv 71A14318 5 Bytes JMP 5CD12CE1
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[1192] WS2_32.dll!recv 71A1615A 5 Bytes JMP 5CD12C27
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[1192] WS2_32.dll!WSASend 71A16233 5 Bytes JMP 5CD12C5F
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[1192] WS2_32.dll!closesocket 71A19639 5 Bytes JMP 5CD12D63
.text C:\Programme\Gemeinsame Dateien\BitDefender\BitDefender Update Service\livesrv.exe[1592] ADVAPI32.dll!CryptDestroyKey 77DBA544 7 Bytes JMP 018E2DFD
.text C:\Programme\Gemeinsame Dateien\BitDefender\BitDefender Update Service\livesrv.exe[1592] ADVAPI32.dll!CryptDecrypt 77DBA7B1 7 Bytes JMP 018E2DBA
.text C:\Programme\Gemeinsame Dateien\BitDefender\BitDefender Update Service\livesrv.exe[1592] ADVAPI32.dll!CryptEncrypt 77DC1558 7 Bytes JMP 018E2D7E
.text C:\Programme\Gemeinsame Dateien\BitDefender\BitDefender Update Service\livesrv.exe[1592] WS2_32.dll!send 71A1428A 5 Bytes JMP 018E2BEF
.text C:\Programme\Gemeinsame Dateien\BitDefender\BitDefender Update Service\livesrv.exe[1592] WS2_32.dll!WSARecv 71A14318 5 Bytes JMP 018E2CE1
.text C:\Programme\Gemeinsame Dateien\BitDefender\BitDefender Update Service\livesrv.exe[1592] WS2_32.dll!recv 71A1615A 5 Bytes JMP 018E2C27
.text C:\Programme\Gemeinsame Dateien\BitDefender\BitDefender Update Service\livesrv.exe[1592] WS2_32.dll!WSASend 71A16233 5 Bytes JMP 018E2C5F
.text C:\Programme\Gemeinsame Dateien\BitDefender\BitDefender Update Service\livesrv.exe[1592] WS2_32.dll!closesocket 71A19639 5 Bytes JMP 018E2D63
.text C:\Programme\BitDefender\BitDefender 2009\vsserv.exe[1612] ADVAPI32.dll!CryptDestroyKey 77DBA544 7 Bytes JMP 0F3B2DFD
.text C:\Programme\BitDefender\BitDefender 2009\vsserv.exe[1612] ADVAPI32.dll!CryptDecrypt 77DBA7B1 7 Bytes JMP 0F3B2DBA
.text C:\Programme\BitDefender\BitDefender 2009\vsserv.exe[1612] ADVAPI32.dll!CryptEncrypt 77DC1558 7 Bytes JMP 0F3B2D7E
.text C:\Programme\BitDefender\BitDefender 2009\vsserv.exe[1612] WS2_32.dll!send 71A1428A 5 Bytes JMP 0F3B2BEF
.text C:\Programme\BitDefender\BitDefender 2009\vsserv.exe[1612] WS2_32.dll!WSARecv 71A14318 5 Bytes JMP 0F3B2CE1
.text C:\Programme\BitDefender\BitDefender 2009\vsserv.exe[1612] WS2_32.dll!recv 71A1615A 5 Bytes JMP 0F3B2C27
.text C:\Programme\BitDefender\BitDefender 2009\vsserv.exe[1612] WS2_32.dll!WSASend 71A16233 5 Bytes JMP 0F3B2C5F
.text C:\Programme\BitDefender\BitDefender 2009\vsserv.exe[1612] WS2_32.dll!closesocket 71A19639 5 Bytes JMP 0F3B2D63
.text C:\Programme\Canon\CAL\CALMAIN.exe[1816] ADVAPI32.dll!CryptDestroyKey 77DBA544 7 Bytes JMP 00972DFD
.text C:\Programme\Canon\CAL\CALMAIN.exe[1816] ADVAPI32.dll!CryptDecrypt 77DBA7B1 7 Bytes JMP 00972DBA
.text C:\Programme\Canon\CAL\CALMAIN.exe[1816] ADVAPI32.dll!CryptEncrypt 77DC1558 7 Bytes JMP 00972D7E
.text C:\Programme\Canon\CAL\CALMAIN.exe[1816] WS2_32.dll!send 71A1428A 5 Bytes JMP 00972BEF
.text C:\Programme\Canon\CAL\CALMAIN.exe[1816] WS2_32.dll!WSARecv 71A14318 5 Bytes JMP 00972CE1
.text C:\Programme\Canon\CAL\CALMAIN.exe[1816] WS2_32.dll!recv 71A1615A 5 Bytes JMP 00972C27
.text C:\Programme\Canon\CAL\CALMAIN.exe[1816] WS2_32.dll!WSASend 71A16233 5 Bytes JMP 00972C5F
.text C:\Programme\Canon\CAL\CALMAIN.exe[1816] WS2_32.dll!closesocket 71A19639 5 Bytes JMP 00972D63
.text C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[1908] ADVAPI32.dll!CryptDestroyKey 77DBA544 7 Bytes JMP 00B92DFD
.text C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[1908] ADVAPI32.dll!CryptDecrypt 77DBA7B1 7 Bytes JMP 00B92DBA
.text C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[1908] ADVAPI32.dll!CryptEncrypt 77DC1558 7 Bytes JMP 00B92D7E
.text C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[1908] WS2_32.dll!send 71A1428A 5 Bytes JMP 00B92BEF
.text C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[1908] WS2_32.dll!WSARecv 71A14318 5 Bytes JMP 00B92CE1
.text C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[1908] WS2_32.dll!recv 71A1615A 5 Bytes JMP 00B92C27
.text C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[1908] WS2_32.dll!WSASend 71A16233 5 Bytes JMP 00B92C5F
.text C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[1908] WS2_32.dll!closesocket 71A19639 5 Bytes JMP 00B92D63
.text C:\WINDOWS\System32\alg.exe[2216] ADVAPI32.dll!CryptDestroyKey 77DBA544 7 Bytes JMP 00802DFD
.text C:\WINDOWS\System32\alg.exe[2216] ADVAPI32.dll!CryptDecrypt 77DBA7B1 7 Bytes JMP 00802DBA
.text C:\WINDOWS\System32\alg.exe[2216] ADVAPI32.dll!CryptEncrypt 77DC1558 7 Bytes JMP 00802D7E
.text C:\WINDOWS\System32\alg.exe[2216] WS2_32.dll!send 71A1428A 5 Bytes JMP 00802BEF
.text C:\WINDOWS\System32\alg.exe[2216] WS2_32.dll!WSARecv 71A14318 5 Bytes JMP 00802CE1
.text C:\WINDOWS\System32\alg.exe[2216] WS2_32.dll!recv 71A1615A 5 Bytes JMP 00802C27
.text C:\WINDOWS\System32\alg.exe[2216] WS2_32.dll!WSASend 71A16233 5 Bytes JMP 00802C5F
.text C:\WINDOWS\System32\alg.exe[2216] WS2_32.dll!closesocket 71A19639 5 Bytes JMP 00802D63
.text C:\Programme\BitDefender\BitDefender 2009\seccenter.exe[2788] ADVAPI32.dll!CryptDestroyKey 77DBA544 7 Bytes JMP 02FA2DFD
.text C:\Programme\BitDefender\BitDefender 2009\seccenter.exe[2788] ADVAPI32.dll!CryptDecrypt 77DBA7B1 7 Bytes JMP 02FA2DBA
.text C:\Programme\BitDefender\BitDefender 2009\seccenter.exe[2788] ADVAPI32.dll!CryptEncrypt 77DC1558 7 Bytes JMP 02FA2D7E
.text C:\Programme\BitDefender\BitDefender 2009\seccenter.exe[2788] WS2_32.dll!send 71A1428A 5 Bytes JMP 02FA2BEF
.text C:\Programme\BitDefender\BitDefender 2009\seccenter.exe[2788] WS2_32.dll!WSARecv 71A14318 5 Bytes JMP 02FA2CE1
.text C:\Programme\BitDefender\BitDefender 2009\seccenter.exe[2788] WS2_32.dll!recv 71A1615A 5 Bytes JMP 02FA2C27
.text C:\Programme\BitDefender\BitDefender 2009\seccenter.exe[2788] WS2_32.dll!WSASend 71A16233 5 Bytes JMP 02FA2C5F
.text C:\Programme\BitDefender\BitDefender 2009\seccenter.exe[2788] WS2_32.dll!closesocket 71A19639 5 Bytes JMP 02FA2D63
.text C:\WINDOWS\Explorer.EXE[3676] ADVAPI32.dll!CryptDestroyKey 77DBA544 7 Bytes JMP 01382DFD
.text C:\WINDOWS\Explorer.EXE[3676] ADVAPI32.dll!CryptDecrypt 77DBA7B1 7 Bytes JMP 01382DBA
.text C:\WINDOWS\Explorer.EXE[3676] ADVAPI32.dll!CryptEncrypt 77DC1558 7 Bytes JMP 01382D7E
.text C:\WINDOWS\Explorer.EXE[3676] WS2_32.dll!send 71A1428A 5 Bytes JMP 01382BEF
.text C:\WINDOWS\Explorer.EXE[3676] WS2_32.dll!WSARecv 71A14318 5 Bytes JMP 01382CE1
.text C:\WINDOWS\Explorer.EXE[3676] WS2_32.dll!recv 71A1615A 5 Bytes JMP 01382C27
.text C:\WINDOWS\Explorer.EXE[3676] WS2_32.dll!WSASend 71A16233 5 Bytes JMP 01382C5F
.text C:\WINDOWS\Explorer.EXE[3676] WS2_32.dll!closesocket 71A19639 5 Bytes JMP 01382D63
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3824] ntdll.dll!RtlNumberOfSetBits + 4B 7C96E6BB 1 Byte [9B]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3824] ADVAPI32.dll!CryptDestroyKey 77DBA544 7 Bytes JMP 00B72DFD
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3824] ADVAPI32.dll!CryptDecrypt 77DBA7B1 7 Bytes JMP 00B72DBA
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3824] ADVAPI32.dll!CryptEncrypt 77DC1558 7 Bytes JMP 00B72D7E
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3824] WS2_32.dll!send 71A1428A 5 Bytes JMP 00B72BEF
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3824] WS2_32.dll!WSARecv 71A14318 5 Bytes JMP 00B72CE1
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3824] WS2_32.dll!recv 71A1615A 5 Bytes JMP 00B72C27
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3824] WS2_32.dll!WSASend 71A16233 5 Bytes JMP 00B72C5F
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3824] WS2_32.dll!closesocket 71A19639 5 Bytes JMP 00B72D63

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe[312] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [003C2F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe[312] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [003C2CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe[312] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [003C2D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe[312] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [003C2CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Creative\ShareDLL\MediaDet.Exe[1540] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00D22F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Creative\ShareDLL\MediaDet.Exe[1540] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00D22CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Creative\ShareDLL\MediaDet.Exe[1540] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00D22D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Creative\ShareDLL\MediaDet.Exe[1540] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00D22CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe[1668] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [009D2F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe[1668] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [009D2CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe[1668] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [009D2D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe[1668] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [009D2CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Spybot - Search & Destroy\TeaTimer.exe[1852] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [003B2F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Spybot - Search & Destroy\TeaTimer.exe[1852] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [003B2CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)

Andrea85 11.06.2009 03:40
2.Teil:
IAT C:\Programme\Spybot - Search & Destroy\TeaTimer.exe[1852] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [003B2D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Spybot - Search & Destroy\TeaTimer.exe[1852] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [003B2CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\ctfmon.exe[2388] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [009C2F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\ctfmon.exe[2388] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [009C2CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\ctfmon.exe[2388] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [009C2D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\ctfmon.exe[2388] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [009C2CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\Logishrd\LQCVFX\COCIManager.exe[2608] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [01122F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\Logishrd\LQCVFX\COCIManager.exe[2608] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [01122CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\Logishrd\LQCVFX\COCIManager.exe[2608] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [01122D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\Logishrd\LQCVFX\COCIManager.exe[2608] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [01122CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT D:\***\Installationsdateien\1c81vpso.exe[3040] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00802F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT D:\***\Installationsdateien\1c81vpso.exe[3040] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00802CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT D:\***\Installationsdateien\1c81vpso.exe[3040] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00802D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT D:\***\Installationsdateien\1c81vpso.exe[3040] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00802CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00892F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00892CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00892D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00892CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [63602B3E] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [63602A5B] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [63602441] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [63602AA2] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [63602B3E] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [63602A5B] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [63602441] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [63602AA2] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [63602A5B] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [63602AA2] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [63602441] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [63602B3E] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [63602AE9] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!AnimateWindow] [63601740] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenuEx] [636015EF] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcA] [6360208F] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetSysColor] [63601FC4] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcW] [63602065] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenu] [636015C8] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [63602AE9] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [63602B3E] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [63602AA2] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [63602A5B] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [63602441] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcA] [6360208F] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcW] [63602065] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!GetSysColor] [63601FC4] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenu] [636015C8] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenuEx] [636015EF] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\WINDOWS\system32\Ati2evxx.exe[3556] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [009D2F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\Ati2evxx.exe[3556] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [009D2CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\Ati2evxx.exe[3556] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [009D2D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\Ati2evxx.exe[3556] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [009D2CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Explorer.EXE[3676] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00AD2F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Explorer.EXE[3676] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00AD2CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Explorer.EXE[3676] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00AD2D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Explorer.EXE[3676] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00AD2CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\SOINTGR.EXE[3912] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00982F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\SOINTGR.EXE[3912] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00982CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\SOINTGR.EXE[3912] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00982D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\SOINTGR.EXE[3912] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00982CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\LVCOMSX.EXE[3924] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00A42F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\LVCOMSX.EXE[3924] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00A42CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\LVCOMSX.EXE[3924] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00A42D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\LVCOMSX.EXE[3924] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00A42CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Creative\ShareDLL\CtNotify.exe[3948] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00DD2F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Creative\ShareDLL\CtNotify.exe[3948] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00DD2CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Creative\ShareDLL\CtNotify.exe[3948] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00DD2D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Creative\ShareDLL\CtNotify.exe[3948] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00DD2CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe[4008] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00AC2F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe[4008] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00AC2CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe[4008] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00AC2D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe[4008] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00AC2CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\QuickTime\qttask.exe[4020] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [009B2F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\QuickTime\qttask.exe[4020] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [009B2CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\QuickTime\qttask.exe[4020] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [009B2D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\QuickTime\qttask.exe[4020] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [009B2CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Logitech\QuickCam\Quickcam.exe[4052] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00F42F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Logitech\QuickCam\Quickcam.exe[4052] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00F42CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Logitech\QuickCam\Quickcam.exe[4052] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00F42D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Logitech\QuickCam\Quickcam.exe[4052] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00F42CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\LogiShrd\LComMgr\Communications_Helper.exe[4072] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00B02F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\LogiShrd\LComMgr\Communications_Helper.exe[4072] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00B02CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\LogiShrd\LComMgr\Communications_Helper.exe[4072] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00B02D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\LogiShrd\LComMgr\Communications_Helper.exe[4072] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00B02CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)

Andrea85 11.06.2009 03:41
3.Teil
---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Ip bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender LLC)
AttachedDevice \Driver\Tcpip \Device\Tcp bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender LLC)
AttachedDevice \Driver\Tcpip \Device\Udp bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender LLC)
AttachedDevice \Driver\Tcpip \Device\RawIp bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender LLC)

---- Threads - GMER 1.0.15 ----

Thread System [4:1200] 896462D0
Thread System [4:1204] 896329C6
Thread System [4:1208] 89664357
Thread System [4:1212] 89635941
Thread System [4:3392] 896462D0
Thread System [4:3396] 896329C6
Thread System [4:3400] 89664357
Thread System [4:3404] 89635941
Thread System [4:3260] 896462D0
Thread System [4:3096] 896329C6
Thread System [4:3252] 89664357
Thread System [4:3268] 89635941

---- Files - GMER 1.0.15 ----

File C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Crash Reports\pending\f0562edc-b944-4243-84a4-6813ac1cc465.dmp 0 bytes
File C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Crash Reports\pending\f0562edc-b944-4243-84a4-6813ac1cc465.extra 0 bytes
File C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\8cg84vop.default\places.sqlite-journal 111320 bytes

---- EOF - GMER 1.0.15 ----



Das mbr.log sieht so aus:

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.6 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK


Freue mich über Eure Hilfe!


Alle Zeitangaben in WEZ +1. Es ist jetzt 18:04 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58