Home » Viren, Trojaner & Malware Forum » TR/Obfuscated.29996C » Themenansicht

Firefox Tipp: Instantfox - Quick Search Add-On!

Seite(n): 1 2 3

Antworten

TR/Obfuscated.29996C

24.02.2011, 18:52

virenfinder

Member

Beiträge: 3716

#31 nur scannen :-)

24.02.2011, 21:23

vienisa

Member

Themenstarter

Beiträge: 22

#32 bin etwas verzweifelt

hab gmer gestartet, aber so wie es in deinem Link steht, muss ich gar nicht auf scan klicken? reicht nur der ganz schnelle scan den er automatisch nach dem start macht? oder muss ich diese 4 stunden langen scan machen?

25.02.2011, 07:51

vienisa

Member

Themenstarter

Beiträge: 22

#33 hab den langen scan gemacht. log:

Code

GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2011-02-25 05:59:28
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 WDC_WD2500KS-00MJB0 rev.02.01C03
Running: o4p98rcw.exe; Driver: C:\DOCUME~1\VARTOT~1\LOCALS~1\Temp\pxtdapob.sys


---- System - GMER 1.0.15 ----

SSDT    F7C563FE                                                                                                                                                   ZwCreateKey
SSDT    F7C563F4                                                                                                                                                   ZwCreateThread
SSDT    F7C56403                                                                                                                                                   ZwDeleteKey
SSDT    F7C5640D                                                                                                                                                   ZwDeleteValueKey
SSDT    sptd.sys                                                                                                                                                   ZwEnumerateKey [0xF73C984C]
SSDT    sptd.sys                                                                                                                                                   ZwEnumerateValueKey [0xF73C9BEC]
SSDT    F7C56412                                                                                                                                                   ZwLoadKey
SSDT    sptd.sys                                                                                                                                                   ZwOpenKey [0xF73C4090]
SSDT    F7C563E0                                                                                                                                                   ZwOpenProcess
SSDT    F7C563E5                                                                                                                                                   ZwOpenThread
SSDT    sptd.sys                                                                                                                                                   ZwQueryKey [0xF73C9CC4]
SSDT    sptd.sys                                                                                                                                                   ZwQueryValueKey [0xF73C9B44]
SSDT    F7C5641C                                                                                                                                                   ZwReplaceKey
SSDT    F7C56417                                                                                                                                                   ZwRestoreKey
SSDT    F7C56408                                                                                                                                                   ZwSetValueKey

Code    8767D4FC                                                                                                                                                   NlsAnsiCodePage

---- Kernel code sections - GMER 1.0.15 ----

?       C:\WINDOWS\system32\drivers\sptd.sys                                                                                                                       The process cannot access the file because it is being used by another process.
.text   C:\WINDOWS\system32\DRIVERS\nv4_mini.sys                                                                                                                   section is writeable [0xF6D0B360, 0x240F7E, 0xE8000020]
.text   USBPORT.SYS!DllUnload                                                                                                                                      F6CAF8AC 5 Bytes  JMP 86FC53C8 
?       System32\Drivers\a15it5j0.SYS                                                                                                                              The system cannot find the path specified. !

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT     atapi.sys[HAL.dll!READ_PORT_UCHAR]                                                                                                                         [F73C4ABA] sptd.sys
IAT     atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT]                                                                                                                 [F73C4C00] sptd.sys
IAT     atapi.sys[HAL.dll!READ_PORT_USHORT]                                                                                                                        [F73C4B82] sptd.sys
IAT     atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT]                                                                                                                [F73C572E] sptd.sys
IAT     atapi.sys[HAL.dll!WRITE_PORT_UCHAR]                                                                                                                        [F73C5604] sptd.sys
IAT     \SystemRoot\System32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR]                                                                                         [F73D7B9A] sptd.sys

---- User IAT/EAT - GMER 1.0.15 ----

IAT     C:\Documents and Settings\Vartotojas\Desktop\o4p98rcw.exe[716] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                 [00802E70] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Documents and Settings\Vartotojas\Desktop\o4p98rcw.exe[716] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                        [00802C30] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Documents and Settings\Vartotojas\Desktop\o4p98rcw.exe[716] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose]                                      [00802C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Documents and Settings\Vartotojas\Desktop\o4p98rcw.exe[716] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                            [00802C40] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\WINDOWS\Explorer.EXE[1916] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                                                  [01A72E70] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\WINDOWS\Explorer.EXE[1916] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                                         [01A72C30] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\WINDOWS\Explorer.EXE[1916] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose]                                                                       [01A72C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\WINDOWS\Explorer.EXE[1916] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                                             [01A72C40] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[2088] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile]                             [00C52E70] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[2088] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                    [00C52C30] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[2088] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose]                                  [00C52C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[2088] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                        [00C52C40] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\WINDOWS\system32\RunDLL32.exe[2172] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                                         [00B12E70] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\WINDOWS\system32\RunDLL32.exe[2172] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                                [00B12C30] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\WINDOWS\system32\RunDLL32.exe[2172] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose]                                                              [00B12C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\WINDOWS\system32\RunDLL32.exe[2172] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                                    [00B12C40] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\WINDOWS\RTHDCPL.EXE[2204] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                                                   [01AE2E70] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\WINDOWS\RTHDCPL.EXE[2204] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                                          [01AE2C30] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\WINDOWS\RTHDCPL.EXE[2204] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose]                                                                        [01AE2C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\WINDOWS\RTHDCPL.EXE[2204] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                                              [01AE2C40] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe[2248] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile]                         [00A02E70] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe[2248] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                [00A02C30] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe[2248] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose]                              [00A02C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe[2248] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                    [00A02C40] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe[2432] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile]                 [00B22E70] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe[2432] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]        [00B22C30] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe[2432] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose]                      [00B22C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe[2432] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]            [00B22C40] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\Logitech\QuickCam10\QuickCam10.exe[2448] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                      [00B22E70] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\Logitech\QuickCam10\QuickCam10.exe[2448] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                             [00B22C30] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\Logitech\QuickCam10\QuickCam10.exe[2448] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose]                                           [00B22C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\Logitech\QuickCam10\QuickCam10.exe[2448] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                 [00B22C40] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe[2480] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile]                               [00A92E70] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe[2480] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                      [00A92C30] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe[2480] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose]                                    [00A92C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe[2480] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                          [00A92C40] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[2512] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                    [009C2E70] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[2512] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                           [009C2C30] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[2512] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose]                                         [009C2C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe[2512] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                               [009C2C40] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\ABBYY FineReader 7.0 Professional Edition\AbbyyNewsReader.exe[2528] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile]           [00A32E70] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\ABBYY FineReader 7.0 Professional Edition\AbbyyNewsReader.exe[2528] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]  [00A32C30] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\ABBYY FineReader 7.0 Professional Edition\AbbyyNewsReader.exe[2528] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose]                [00A32C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\ABBYY FineReader 7.0 Professional Edition\AbbyyNewsReader.exe[2528] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]      [00A32C40] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2544] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                         [00AC2E70] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2544] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                [00AC2C30] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2544] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose]                                              [00AC2C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\Avira\AntiVir Desktop\avgnt.exe[2544] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                    [00AC2C40] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe[2560] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                   [00A12E70] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe[2560] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                          [00A12C30] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe[2560] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose]                                        [00A12C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe[2560] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                              [00A12C40] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\Common Files\Java\Java Update\jusched.exe[2580] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile]                               [00C62E70] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\Common Files\Java\Java Update\jusched.exe[2580] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                      [00C62C30] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\Common Files\Java\Java Update\jusched.exe[2580] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose]                                    [00C62C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\Common Files\Java\Java Update\jusched.exe[2580] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                          [00C62C40] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\iTunes\iTunesHelper.exe[2624] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                                 [010C2E70] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\iTunes\iTunesHelper.exe[2624] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                        [010C2C30] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\iTunes\iTunesHelper.exe[2624] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose]                                                      [010C2C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\iTunes\iTunesHelper.exe[2624] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                            [010C2C40] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\WINDOWS\system32\ctfmon.exe[2644] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                                           [00A52E70] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\WINDOWS\system32\ctfmon.exe[2644] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                                  [00A52C30] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\WINDOWS\system32\ctfmon.exe[2644] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose]                                                                [00A52C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\WINDOWS\system32\ctfmon.exe[2644] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                                      [00A52C40] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE[2696] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                  [009D2E70] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE[2696] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                         [009D2C30] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE[2696] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose]                                       [009D2C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE[2696] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                             [009D2C40] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\OpenOffice.org 3\program\soffice.exe[2732] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                    [01022E70] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\OpenOffice.org 3\program\soffice.exe[2732] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                           [01022C30] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\OpenOffice.org 3\program\soffice.exe[2732] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose]                                         [01022C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\OpenOffice.org 3\program\soffice.exe[2732] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                               [01022C40] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\OpenOffice.org 3\program\soffice.bin[2796] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                    [023C2E70] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\OpenOffice.org 3\program\soffice.bin[2796] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                           [023C2C30] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\OpenOffice.org 3\program\soffice.bin[2796] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose]                                         [023C2C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\OpenOffice.org 3\program\soffice.bin[2796] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                               [023C2C40] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\WINDOWS\system32\wscntfy.exe[3036] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                                          [00932E70] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\WINDOWS\system32\wscntfy.exe[3036] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                                 [00932C30] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\WINDOWS\system32\wscntfy.exe[3036] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose]                                                               [00932C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\WINDOWS\system32\wscntfy.exe[3036] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                                     [00932C40] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\Logitech\QuickCam10\COCIManager.exe[3692] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                     [00AC2E70] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\Logitech\QuickCam10\COCIManager.exe[3692] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                            [00AC2C30] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\Logitech\QuickCam10\COCIManager.exe[3692] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose]                                          [00AC2C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT     C:\Program Files\Logitech\QuickCam10\COCIManager.exe[3692] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                [00AC2C40] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)

---- Devices - GMER 1.0.15 ----

Device  \FileSystem\Ntfs \Ntfs                                                                                                                                     8715F1D8
Device  \Driver\usbuhci \Device\USBPDO-0                                                                                                                           86F967C0
Device  \Driver\dmio \Device\DmControl\DmIoDaemon                                                                                                                  871D41D8
Device  \Driver\dmio \Device\DmControl\DmConfig                                                                                                                    871D41D8
Device  \Driver\dmio \Device\DmControl\DmPnP                                                                                                                       871D41D8
Device  \Driver\dmio \Device\DmControl\DmInfo                                                                                                                      871D41D8
Device  \Driver\usbuhci \Device\USBPDO-1                                                                                                                           86F967C0
Device  \Driver\usbuhci \Device\USBPDO-2                                                                                                                           86F967C0
Device  \Driver\00000050 \Device\00000046                                                                                                                          sptd.sys
Device  \Driver\usbuhci \Device\USBPDO-3                                                                                                                           86F967C0
Device  \Driver\usbehci \Device\USBPDO-4                                                                                                                           86FC2980
Device  \Driver\Ftdisk \Device\HarddiskVolume1                                                                                                                     871611D8
Device  \Driver\Cdrom \Device\CdRom0                                                                                                                               86FA21D8
Device  \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3                                                                                                                [F7318B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device  \Driver\atapi \Device\Ide\IdePort0                                                                                                                         [F7318B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device  \Driver\atapi \Device\Ide\IdePort1                                                                                                                         [F7318B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device  \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e                                                                                                                [F7318B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device  \Driver\NetBT \Device\NetBt_Wins_Export                                                                                                                    86BE1980
Device  \Driver\NetBT \Device\NetbiosSmb                                                                                                                           86BE1980
Device  \Driver\usbuhci \Device\USBFDO-0                                                                                                                           86F967C0
Device  \Driver\usbuhci \Device\USBFDO-1                                                                                                                           86F967C0
Device  \FileSystem\MRxSmb \Device\LanmanDatagramReceiver                                                                                                          86BC8980
Device  \Driver\usbuhci \Device\USBFDO-2                                                                                                                           86F967C0
Device  \FileSystem\MRxSmb \Device\LanmanRedirector                                                                                                                86BC8980
Device  \Driver\usbuhci \Device\USBFDO-3                                                                                                                           86F967C0
Device  \Driver\usbehci \Device\USBFDO-4                                                                                                                           86FC2980
Device  \Driver\Ftdisk \Device\FtControl                                                                                                                           871611D8
Device  \Driver\a15it5j0 \Device\Scsi\a15it5j01                                                                                                                    86FA1980
Device  \FileSystem\Cdfs \Cdfs                                                                                                                                     86CBF980

---- Registry - GMER 1.0.15 ----

Reg     HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1                                                                                                         528608841
Reg     HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2                                                                                                         -846570619
Reg     HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0                                                                                                         1
Reg     HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04                                                                           
Reg     HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0                                                                        C:\Program Files\Alcohol Soft\Alcohol 120\
Reg     HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0                                                                        0
Reg     HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew                                                                     0x68 0xB4 0x82 0x04 ...
Reg     HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001                                                                  
Reg     HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0                                                               0x20 0x01 0x00 0x00 ...
Reg     HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew                                                            0x16 0x97 0xBA 0xA1 ...
Reg     HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40                                                           
Reg     HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew                                                     0xBE 0x1C 0x0C 0xAE ...
Reg     HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)                                                       
Reg     HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0                                                                            C:\Program Files\Alcohol Soft\Alcohol 120\
Reg     HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0                                                                            0
Reg     HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew                                                                         0x68 0xB4 0x82 0x04 ...
Reg     HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)                                              
Reg     HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0                                                                   0x20 0x01 0x00 0x00 ...
Reg     HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew                                                                0x16 0x97 0xBA 0xA1 ...
Reg     HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)                                       
Reg     HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew                                                         0xBE 0x1C 0x0C 0xAE ...
Reg     HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)                                                       
Reg     HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0                                                                            C:\Program Files\Alcohol Soft\Alcohol 120\
Reg     HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0                                                                            0
Reg     HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew                                                                         0x68 0xB4 0x82 0x04 ...
Reg     HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)                                              
Reg     HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0                                                                   0x20 0x01 0x00 0x00 ...
Reg     HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew                                                                0x16 0x97 0xBA 0xA1 ...
Reg     HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)                                       
Reg     HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew                                                         0xBE 0x1C 0x0C 0xAE ...
Reg     HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@DeviceNotSelectedTimeout                                                                         15
Reg     HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@GDIProcessHandleQuota                                                                            10000
Reg     HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@Spooler                                                                                          yes
Reg     HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@swapdisk                                                                                         
Reg     HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@TransmissionRetryTimeout                                                                         90
Reg     HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@USERProcessHandleQuota                                                                           10000
Reg     HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@LoadAppInit_DLLs                                                                                 1
Reg     HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D8C3B442-5163-94E5-6429-17EE1399D930}                                            
Reg     HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D8C3B442-5163-94E5-6429-17EE1399D930}@oacbgpghfakgjoddmmaialfpnomfcg             0x61 0x69 0x61 0x63 ...
Reg     HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D8C3B442-5163-94E5-6429-17EE1399D930}@iabbmnbfkndaphbhec                         0x6A 0x61 0x6E 0x62 ...
Reg     HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D8C3B442-5163-94E5-6429-17EE1399D930}@hahbcpghgknidilf                           0x6A 0x61 0x6B 0x62 ...

---- EOF - GMER 1.0.15 ----

25.02.2011, 11:46

virenfinder

Member

Beiträge: 3716

#34 wie läuft das system?

27.02.2011, 17:59

vienisa

Member

Themenstarter

Beiträge: 22

#35 spüre keine Beeinträchtigungen, wie auch bisher. War jetzt das WE nicht zu Hause, mal sehen, ob Avira sich wieder meldet

27.02.2011, 18:16

virenfinder

Member

Beiträge: 3716

#36 avira
http://www.paules-pc-forum.de/forum/4-pc-sicherheit/132338-avira-10-free-einrichtung.html#post808038
avira 10 so instalieren bzw. dann konfigurieren. wenn du die konfiguration übernommen hast, update das programm.
bitte auch unter verwaltung, planer, scan auftrag, darauf achten, das dieser über lokale laufwerke läuft! sonst werden die einstellungen nicht gültig.
den update auftrag auf 1x pro tag einstellen.
und "nachhohlen falls zeit überschritten" auswählen
klicke dann auf "lokaler schutz" "lokale laufwerke" eventuelle funde in quarantäne, log posten.

28.02.2011, 00:50

vienisa

Member

Themenstarter

Beiträge: 22

#37 Avira 10 log:

Code

Avira AntiVir Personal
Erstellungsdatum der Reportdatei: 2011 m. vasario 28 d.  00:43

Es wird nach 2437956 Virenstämmen gesucht.

Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer   : Avira AntiVir Personal - FREE Antivirus
Seriennummer   : 0000149996-ADJIE-0000001
Plattform      : Windows XP
Windowsversion : (Service Pack 3)  [5.1.2600]
Boot Modus     : Normal gebootet
Benutzername   : Vartotojas
Computername   : PC1

Versionsinformationen:
BUILD.DAT      : 10.0.0.611     31824 Bytes  2011.01.14 13:28:00
AVSCAN.EXE     : 10.0.3.5      435368 Bytes  2011.01.10 12:22:56
AVSCAN.DLL     : 10.0.3.0       56168 Bytes  2011.01.10 12:23:14
LUKE.DLL       : 10.0.3.2      104296 Bytes  2011.01.10 12:23:03
LUKERES.DLL    : 10.0.0.0       13672 Bytes  2010.01.14 09:59:47
VBASE000.VDF   : 7.10.0.0    19875328 Bytes  2009.11.06 07:05:36
VBASE001.VDF   : 7.11.0.0    13342208 Bytes  2010.12.14 12:23:11
VBASE002.VDF   : 7.11.3.0     1950720 Bytes  2011.02.09 22:28:19
VBASE003.VDF   : 7.11.3.1        2048 Bytes  2011.02.09 22:28:19
VBASE004.VDF   : 7.11.3.2        2048 Bytes  2011.02.09 22:28:19
VBASE005.VDF   : 7.11.3.3        2048 Bytes  2011.02.09 22:28:19
VBASE006.VDF   : 7.11.3.4        2048 Bytes  2011.02.09 22:28:19
VBASE007.VDF   : 7.11.3.5        2048 Bytes  2011.02.09 22:28:19
VBASE008.VDF   : 7.11.3.6        2048 Bytes  2011.02.09 22:28:19
VBASE009.VDF   : 7.11.3.7        2048 Bytes  2011.02.09 22:28:19
VBASE010.VDF   : 7.11.3.8        2048 Bytes  2011.02.09 22:28:19
VBASE011.VDF   : 7.11.3.9        2048 Bytes  2011.02.09 22:28:19
VBASE012.VDF   : 7.11.3.10       2048 Bytes  2011.02.09 22:28:19
VBASE013.VDF   : 7.11.3.59     157184 Bytes  2011.02.14 22:28:19
VBASE014.VDF   : 7.11.3.97     120320 Bytes  2011.02.16 22:28:19
VBASE015.VDF   : 7.11.3.148    128000 Bytes  2011.02.19 22:28:20
VBASE016.VDF   : 7.11.3.183    140288 Bytes  2011.02.22 22:28:20
VBASE017.VDF   : 7.11.3.216    124416 Bytes  2011.02.24 22:28:20
VBASE018.VDF   : 7.11.3.217      2048 Bytes  2011.02.24 22:28:20
VBASE019.VDF   : 7.11.3.218      2048 Bytes  2011.02.24 22:28:20
VBASE020.VDF   : 7.11.3.219      2048 Bytes  2011.02.24 22:28:20
VBASE021.VDF   : 7.11.3.220      2048 Bytes  2011.02.24 22:28:20
VBASE022.VDF   : 7.11.3.221      2048 Bytes  2011.02.24 22:28:20
VBASE023.VDF   : 7.11.3.222      2048 Bytes  2011.02.24 22:28:20
VBASE024.VDF   : 7.11.3.223      2048 Bytes  2011.02.24 22:28:20
VBASE025.VDF   : 7.11.3.224      2048 Bytes  2011.02.24 22:28:20
VBASE026.VDF   : 7.11.3.225      2048 Bytes  2011.02.24 22:28:20
VBASE027.VDF   : 7.11.3.226      2048 Bytes  2011.02.24 22:28:20
VBASE028.VDF   : 7.11.3.227      2048 Bytes  2011.02.24 22:28:20
VBASE029.VDF   : 7.11.3.228      2048 Bytes  2011.02.24 22:28:20
VBASE030.VDF   : 7.11.3.229      2048 Bytes  2011.02.24 22:28:20
VBASE031.VDF   : 7.11.3.241     70656 Bytes  2011.02.27 22:28:20
Engineversion  : 8.2.4.176 
AEVDF.DLL      : 8.1.2.1       106868 Bytes  2011.01.10 12:22:51
AESCRIPT.DLL   : 8.1.3.55     1282426 Bytes  2011.02.27 22:28:24
AESCN.DLL      : 8.1.7.2       127349 Bytes  2011.01.10 12:22:49
AESBX.DLL      : 8.1.3.2       254324 Bytes  2011.01.10 12:22:49
AERDL.DLL      : 8.1.9.2       635252 Bytes  2011.01.10 12:22:49
AEPACK.DLL     : 8.2.4.10      520567 Bytes  2011.02.27 22:28:24
AEOFFICE.DLL   : 8.1.1.16      205179 Bytes  2011.02.27 22:28:23
AEHEUR.DLL     : 8.1.2.81     3314038 Bytes  2011.02.27 22:28:23
AEHELP.DLL     : 8.1.16.1      246134 Bytes  2011.02.27 22:28:21
AEGEN.DLL      : 8.1.5.2       397683 Bytes  2011.02.27 22:28:21
AEEMU.DLL      : 8.1.3.0       393589 Bytes  2011.01.10 12:22:42
AECORE.DLL     : 8.1.19.2      196983 Bytes  2011.02.27 22:28:21
AEBB.DLL       : 8.1.1.0        53618 Bytes  2011.01.10 12:22:41
AVWINLL.DLL    : 10.0.0.0       19304 Bytes  2011.01.10 12:22:56
AVPREF.DLL     : 10.0.0.0       44904 Bytes  2011.01.10 12:22:55
AVREP.DLL      : 10.0.0.8       62209 Bytes  2010.06.17 12:26:53
AVREG.DLL      : 10.0.3.2       53096 Bytes  2011.01.10 12:22:55
AVSCPLR.DLL    : 10.0.3.2       84328 Bytes  2011.01.10 12:22:56
AVARKT.DLL     : 10.0.22.6     231784 Bytes  2011.01.10 12:22:51
AVEVTLOG.DLL   : 10.0.0.8      203112 Bytes  2011.01.10 12:22:54
SQLITE3.DLL    : 3.6.19.0      355688 Bytes  2010.06.17 12:27:02
AVSMTP.DLL     : 10.0.0.17      63848 Bytes  2011.01.10 12:22:56
NETNT.DLL      : 10.0.0.0       11624 Bytes  2010.06.17 12:27:01
RCIMAGE.DLL    : 10.0.0.26    2550120 Bytes  2010.01.28 11:10:08
RCTEXT.DLL     : 10.0.58.0      98152 Bytes  2011.01.10 12:23:15

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Lokale Laufwerke
Konfigurationsdatei...................: C:\Program Files\Avira\AntiVir Desktop\alldrives.avp
Protokollierung.......................: niedrig
Primäre Aktion........................: interaktiv
Sekundäre Aktion......................: ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, A:, D:, 
Durchsuche aktive Programme...........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Optimierter Suchlauf..................: ein
Datei Suchmodus.......................: Intelligente Dateiauswahl
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 10
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: hoch
Abweichende Gefahrenkategorien........: +PCK,+PFS,+SPR,

Beginn des Suchlaufs: 2011 m. vasario 28 d.  00:43

Der Suchlauf nach versteckten Objekten wird begonnen.

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'rsmsink.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'skypePM.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'Skype.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'msdtc.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'dllhost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'dllhost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'plugin-container.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'firefox.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'iPodService.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'COCIManager.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'soffice.bin' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'soffice.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'ONENOTEM.EXE' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'ctfmon.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'iTunesHelper.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'jusched.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'AbbyyNewsReader.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'OpwareSE4.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'LVComSX.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'QuickCam10.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'Communications_Helper.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'OrderReminder.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'alg.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'RUNDLL32.EXE' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'RTHDCPL.EXE' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'GrooveMonitor.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'StarWindService.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'PnkBstrA.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvsvc32.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'jqs.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'mDNSResponder.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'AppleMobileDeviceService.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'LVPrcSrv.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '1' Modul(e) wurden durchsucht

Der Suchlauf über die Masterbootsektoren wird begonnen:
Masterbootsektor HD0
    [INFO]      Es wurde kein Virus gefunden!

Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'C:\'
    [INFO]      Es wurde kein Virus gefunden!
Bootsektor 'A:\'
    [INFO]      Im  Laufwerk 'A:\' ist kein Datenträger eingelegt!

Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '1713' Dateien ).


Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\'
Beginne mit der Suche in 'A:\'
Der zu durchsuchende Pfad A:\ konnte nicht geöffnet werden!
Systemfehler [21]: The device is not ready.
Beginne mit der Suche in 'D:\'
Der zu durchsuchende Pfad D:\ konnte nicht geöffnet werden!
Systemfehler [21]: The device is not ready.


Ende des Suchlaufs: 2011 m. vasario 28 d.  01:47
Benötigte Zeit:  1:03:27 Stunde(n)

Der Suchlauf wurde vollständig durchgeführt.

  12604 Verzeichnisse wurden überprüft
 484347 Dateien wurden geprüft
      0 Viren bzw. unerwünschte Programme wurden gefunden
      0 Dateien wurden als verdächtig eingestuft
      0 Dateien wurden gelöscht
      0 Viren bzw. unerwünschte Programme wurden repariert
      0 Dateien wurden in die Quarantäne verschoben
      0 Dateien wurden umbenannt
      0 Dateien konnten nicht durchsucht werden
 484347 Dateien ohne Befall
   6309 Archive wurden durchsucht
      0 Warnungen
      0 Hinweise
  72335 Objekte wurden beim Rootkitscan durchsucht
      0 Versteckte Objekte wurden gefunden

28.02.2011, 12:14

virenfinder

Member

Beiträge: 3716

#38 http://www.eset.com/online-scanner
nutze den eset online scan log posten

28.02.2011, 14:01

vienisa

Member

Themenstarter

Beiträge: 22

#39 eset log:

Code

C:\Documents and Settings\Vartotojas\Application Data\Sun\Java\Deployment\cache\6.0\12\47b69f8c-3b4fdec3    multiple threats    deleted - quarantined
C:\Documents and Settings\Vartotojas\Application Data\Sun\Java\Deployment\cache\6.0\49\56286871-32d79e92    Java/TrojanDownloader.OpenStream.AF trojan    deleted - quarantined
C:\Documents and Settings\Vartotojas\My Documents\Ievos\zaidimas\gns-gfkm.iso    probably a variant of Win32/Agent.FYLIJUH trojan    deleted - quarantined
C:\Documents and Settings\Vartotojas\My Documents\Ievos\zaidimas\Alcohol.120.v1.9.6.4719.Retail.Multilangages.Incl-Crack\Crack\keymaker.exe    probably a variant of Win32/Agent.CWORLZS trojan    cleaned by deleting - quarantined
C:\Program Files\eMule\Incoming\tegu buna\Clone DVD2 + Any DVD+ crack+serial.zip    probably a variant of Win32/Adware.Agent.EQTHDWD application    deleted - quarantined
C:\WINDOWS\system32\drivers\etc\hosts    Win32/Qhost trojan    cleaned by deleting - quarantined

28.02.2011, 17:57

virenfinder

Member

Beiträge: 3716

#40 C:\Documents and Settings\Vartotojas\My Documents\Ievos\zaidimas\Alcohol.120.v1.9.6.4719.Retail.Multilangages.Incl-Crack\Crack\keymaker.exeprobably
wer so was nutzt muss sich nicht wundern.
cracks keygens etc unterstützen wir nicht da gibts nur hilfe beim neu aufsetzen

28.02.2011, 18:46

vienisa

Member

Themenstarter

Beiträge: 22

#41 ok. bin zwar der Meinung, dass ich für die Menschen und die ganzen Jahre, die der PC bis jetzt benutzt wurde, nicht verantworten kann, aber werde jetzt nicht anfangen mich zu rechtfertigen. jedenfalls danke für deinen Geduld und Zeit.

Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren:

Seite(n): 1 2 3