Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
AntiVir meldet BOO/Sinowal.D - Fehlalarm?

AntiVir meldet BOO/Sinowal.D - Fehlalarm?


Plagegeister aller Art und deren Bekämpfung: AntiVir meldet BOO/Sinowal.D - Fehlalarm?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 11.06.2009, 03:39   #1
Andrea85
 
AntiVir meldet BOO/Sinowal.D - Fehlalarm? - Standard

AntiVir meldet BOO/Sinowal.D - Fehlalarm?


Hallo allerseits,
AntiVir meldete dass diese Malware sich in 2 Bootsektoren befindet. Alternativ habe ich mal bitdefender installiert, welches nun nichts findet. Kann es sein, dass es sich hier um einen Fehlalarm handelt?

Mein GMER log sieht so aus ( für C

---- System - GMER 1.0.15 ----

SSDT \??\C:\Programme\BitDefender\BitDefender 2009\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender S.R.L.) ZwOpenProcess [0x9E3CFC90]
SSDT \??\C:\Programme\BitDefender\BitDefender 2009\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender S.R.L.) ZwOpenThread [0x9E3CFD7E]
SSDT \??\C:\Programme\BitDefender\BitDefender 2009\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender S.R.L.) ZwTerminateProcess [0x9E3CFBF4]
SSDT \??\C:\Programme\BitDefender\BitDefender 2009\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender S.R.L.) ZwTerminateThread [0x9E3CFEC4]

---- User code sections - GMER 1.0.15 ----

.text C:\WINDOWS\system32\wdfmgr.exe[248] ADVAPI32.dll!CryptDestroyKey 77DBA544 7 Bytes JMP 00882DFD
.text C:\WINDOWS\system32\wdfmgr.exe[248] ADVAPI32.dll!CryptDecrypt 77DBA7B1 7 Bytes JMP 00882DBA
.text C:\WINDOWS\system32\wdfmgr.exe[248] ADVAPI32.dll!CryptEncrypt 77DC1558 7 Bytes JMP 00882D7E
.text C:\WINDOWS\system32\wdfmgr.exe[248] WS2_32.dll!send 71A1428A 5 Bytes JMP 00882BEF
.text C:\WINDOWS\system32\wdfmgr.exe[248] WS2_32.dll!WSARecv 71A14318 5 Bytes JMP 00882CE1
.text C:\WINDOWS\system32\wdfmgr.exe[248] WS2_32.dll!recv 71A1615A 5 Bytes JMP 00882C27
.text C:\WINDOWS\system32\wdfmgr.exe[248] WS2_32.dll!WSASend 71A16233 5 Bytes JMP 00882C5F
.text C:\WINDOWS\system32\wdfmgr.exe[248] WS2_32.dll!closesocket 71A19639 5 Bytes JMP 00882D63
.text C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe[796] ADVAPI32.dll!CryptDestroyKey 77DBA544 7 Bytes JMP 008B2DFD
.text C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe[796] ADVAPI32.dll!CryptDecrypt 77DBA7B1 7 Bytes JMP 008B2DBA
.text C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe[796] ADVAPI32.dll!CryptEncrypt 77DC1558 7 Bytes JMP 008B2D7E
.text C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe[796] WS2_32.dll!send 71A1428A 5 Bytes JMP 008B2BEF
.text C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe[796] WS2_32.dll!WSARecv 71A14318 5 Bytes JMP 008B2CE1
.text C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe[796] WS2_32.dll!recv 71A1615A 5 Bytes JMP 008B2C27
.text C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe[796] WS2_32.dll!WSASend 71A16233 5 Bytes JMP 008B2C5F
.text C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe[796] WS2_32.dll!closesocket 71A19639 5 Bytes JMP 008B2D63
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe[1120] ADVAPI32.dll!CryptDestroyKey 77DBA544 7 Bytes JMP 00CF2DFD
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe[1120] ADVAPI32.dll!CryptDecrypt 77DBA7B1 7 Bytes JMP 00CF2DBA
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe[1120] ADVAPI32.dll!CryptEncrypt 77DC1558 7 Bytes JMP 00CF2D7E
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe[1120] WS2_32.dll!send 71A1428A 5 Bytes JMP 00CF2BEF
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe[1120] WS2_32.dll!WSARecv 71A14318 5 Bytes JMP 00CF2CE1
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe[1120] WS2_32.dll!recv 71A1615A 5 Bytes JMP 00CF2C27
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe[1120] WS2_32.dll!WSASend 71A16233 5 Bytes JMP 00CF2C5F
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe[1120] WS2_32.dll!closesocket 71A19639 5 Bytes JMP 00CF2D63
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[1192] ADVAPI32.dll!CryptDestroyKey 77DBA544 7 Bytes JMP 5CD12DFD
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[1192] ADVAPI32.dll!CryptDecrypt 77DBA7B1 7 Bytes JMP 5CD12DBA
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[1192] ADVAPI32.dll!CryptEncrypt 77DC1558 7 Bytes JMP 5CD12D7E
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[1192] WS2_32.dll!send 71A1428A 5 Bytes JMP 5CD12BEF
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[1192] WS2_32.dll!WSARecv 71A14318 5 Bytes JMP 5CD12CE1
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[1192] WS2_32.dll!recv 71A1615A 5 Bytes JMP 5CD12C27
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[1192] WS2_32.dll!WSASend 71A16233 5 Bytes JMP 5CD12C5F
.text C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe[1192] WS2_32.dll!closesocket 71A19639 5 Bytes JMP 5CD12D63
.text C:\Programme\Gemeinsame Dateien\BitDefender\BitDefender Update Service\livesrv.exe[1592] ADVAPI32.dll!CryptDestroyKey 77DBA544 7 Bytes JMP 018E2DFD
.text C:\Programme\Gemeinsame Dateien\BitDefender\BitDefender Update Service\livesrv.exe[1592] ADVAPI32.dll!CryptDecrypt 77DBA7B1 7 Bytes JMP 018E2DBA
.text C:\Programme\Gemeinsame Dateien\BitDefender\BitDefender Update Service\livesrv.exe[1592] ADVAPI32.dll!CryptEncrypt 77DC1558 7 Bytes JMP 018E2D7E
.text C:\Programme\Gemeinsame Dateien\BitDefender\BitDefender Update Service\livesrv.exe[1592] WS2_32.dll!send 71A1428A 5 Bytes JMP 018E2BEF
.text C:\Programme\Gemeinsame Dateien\BitDefender\BitDefender Update Service\livesrv.exe[1592] WS2_32.dll!WSARecv 71A14318 5 Bytes JMP 018E2CE1
.text C:\Programme\Gemeinsame Dateien\BitDefender\BitDefender Update Service\livesrv.exe[1592] WS2_32.dll!recv 71A1615A 5 Bytes JMP 018E2C27
.text C:\Programme\Gemeinsame Dateien\BitDefender\BitDefender Update Service\livesrv.exe[1592] WS2_32.dll!WSASend 71A16233 5 Bytes JMP 018E2C5F
.text C:\Programme\Gemeinsame Dateien\BitDefender\BitDefender Update Service\livesrv.exe[1592] WS2_32.dll!closesocket 71A19639 5 Bytes JMP 018E2D63
.text C:\Programme\BitDefender\BitDefender 2009\vsserv.exe[1612] ADVAPI32.dll!CryptDestroyKey 77DBA544 7 Bytes JMP 0F3B2DFD
.text C:\Programme\BitDefender\BitDefender 2009\vsserv.exe[1612] ADVAPI32.dll!CryptDecrypt 77DBA7B1 7 Bytes JMP 0F3B2DBA
.text C:\Programme\BitDefender\BitDefender 2009\vsserv.exe[1612] ADVAPI32.dll!CryptEncrypt 77DC1558 7 Bytes JMP 0F3B2D7E
.text C:\Programme\BitDefender\BitDefender 2009\vsserv.exe[1612] WS2_32.dll!send 71A1428A 5 Bytes JMP 0F3B2BEF
.text C:\Programme\BitDefender\BitDefender 2009\vsserv.exe[1612] WS2_32.dll!WSARecv 71A14318 5 Bytes JMP 0F3B2CE1
.text C:\Programme\BitDefender\BitDefender 2009\vsserv.exe[1612] WS2_32.dll!recv 71A1615A 5 Bytes JMP 0F3B2C27
.text C:\Programme\BitDefender\BitDefender 2009\vsserv.exe[1612] WS2_32.dll!WSASend 71A16233 5 Bytes JMP 0F3B2C5F
.text C:\Programme\BitDefender\BitDefender 2009\vsserv.exe[1612] WS2_32.dll!closesocket 71A19639 5 Bytes JMP 0F3B2D63
.text C:\Programme\Canon\CAL\CALMAIN.exe[1816] ADVAPI32.dll!CryptDestroyKey 77DBA544 7 Bytes JMP 00972DFD
.text C:\Programme\Canon\CAL\CALMAIN.exe[1816] ADVAPI32.dll!CryptDecrypt 77DBA7B1 7 Bytes JMP 00972DBA
.text C:\Programme\Canon\CAL\CALMAIN.exe[1816] ADVAPI32.dll!CryptEncrypt 77DC1558 7 Bytes JMP 00972D7E
.text C:\Programme\Canon\CAL\CALMAIN.exe[1816] WS2_32.dll!send 71A1428A 5 Bytes JMP 00972BEF
.text C:\Programme\Canon\CAL\CALMAIN.exe[1816] WS2_32.dll!WSARecv 71A14318 5 Bytes JMP 00972CE1
.text C:\Programme\Canon\CAL\CALMAIN.exe[1816] WS2_32.dll!recv 71A1615A 5 Bytes JMP 00972C27
.text C:\Programme\Canon\CAL\CALMAIN.exe[1816] WS2_32.dll!WSASend 71A16233 5 Bytes JMP 00972C5F
.text C:\Programme\Canon\CAL\CALMAIN.exe[1816] WS2_32.dll!closesocket 71A19639 5 Bytes JMP 00972D63
.text C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[1908] ADVAPI32.dll!CryptDestroyKey 77DBA544 7 Bytes JMP 00B92DFD
.text C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[1908] ADVAPI32.dll!CryptDecrypt 77DBA7B1 7 Bytes JMP 00B92DBA
.text C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[1908] ADVAPI32.dll!CryptEncrypt 77DC1558 7 Bytes JMP 00B92D7E
.text C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[1908] WS2_32.dll!send 71A1428A 5 Bytes JMP 00B92BEF
.text C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[1908] WS2_32.dll!WSARecv 71A14318 5 Bytes JMP 00B92CE1
.text C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[1908] WS2_32.dll!recv 71A1615A 5 Bytes JMP 00B92C27
.text C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[1908] WS2_32.dll!WSASend 71A16233 5 Bytes JMP 00B92C5F
.text C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[1908] WS2_32.dll!closesocket 71A19639 5 Bytes JMP 00B92D63
.text C:\WINDOWS\System32\alg.exe[2216] ADVAPI32.dll!CryptDestroyKey 77DBA544 7 Bytes JMP 00802DFD
.text C:\WINDOWS\System32\alg.exe[2216] ADVAPI32.dll!CryptDecrypt 77DBA7B1 7 Bytes JMP 00802DBA
.text C:\WINDOWS\System32\alg.exe[2216] ADVAPI32.dll!CryptEncrypt 77DC1558 7 Bytes JMP 00802D7E
.text C:\WINDOWS\System32\alg.exe[2216] WS2_32.dll!send 71A1428A 5 Bytes JMP 00802BEF
.text C:\WINDOWS\System32\alg.exe[2216] WS2_32.dll!WSARecv 71A14318 5 Bytes JMP 00802CE1
.text C:\WINDOWS\System32\alg.exe[2216] WS2_32.dll!recv 71A1615A 5 Bytes JMP 00802C27
.text C:\WINDOWS\System32\alg.exe[2216] WS2_32.dll!WSASend 71A16233 5 Bytes JMP 00802C5F
.text C:\WINDOWS\System32\alg.exe[2216] WS2_32.dll!closesocket 71A19639 5 Bytes JMP 00802D63
.text C:\Programme\BitDefender\BitDefender 2009\seccenter.exe[2788] ADVAPI32.dll!CryptDestroyKey 77DBA544 7 Bytes JMP 02FA2DFD
.text C:\Programme\BitDefender\BitDefender 2009\seccenter.exe[2788] ADVAPI32.dll!CryptDecrypt 77DBA7B1 7 Bytes JMP 02FA2DBA
.text C:\Programme\BitDefender\BitDefender 2009\seccenter.exe[2788] ADVAPI32.dll!CryptEncrypt 77DC1558 7 Bytes JMP 02FA2D7E
.text C:\Programme\BitDefender\BitDefender 2009\seccenter.exe[2788] WS2_32.dll!send 71A1428A 5 Bytes JMP 02FA2BEF
.text C:\Programme\BitDefender\BitDefender 2009\seccenter.exe[2788] WS2_32.dll!WSARecv 71A14318 5 Bytes JMP 02FA2CE1
.text C:\Programme\BitDefender\BitDefender 2009\seccenter.exe[2788] WS2_32.dll!recv 71A1615A 5 Bytes JMP 02FA2C27
.text C:\Programme\BitDefender\BitDefender 2009\seccenter.exe[2788] WS2_32.dll!WSASend 71A16233 5 Bytes JMP 02FA2C5F
.text C:\Programme\BitDefender\BitDefender 2009\seccenter.exe[2788] WS2_32.dll!closesocket 71A19639 5 Bytes JMP 02FA2D63
.text C:\WINDOWS\Explorer.EXE[3676] ADVAPI32.dll!CryptDestroyKey 77DBA544 7 Bytes JMP 01382DFD
.text C:\WINDOWS\Explorer.EXE[3676] ADVAPI32.dll!CryptDecrypt 77DBA7B1 7 Bytes JMP 01382DBA
.text C:\WINDOWS\Explorer.EXE[3676] ADVAPI32.dll!CryptEncrypt 77DC1558 7 Bytes JMP 01382D7E
.text C:\WINDOWS\Explorer.EXE[3676] WS2_32.dll!send 71A1428A 5 Bytes JMP 01382BEF
.text C:\WINDOWS\Explorer.EXE[3676] WS2_32.dll!WSARecv 71A14318 5 Bytes JMP 01382CE1
.text C:\WINDOWS\Explorer.EXE[3676] WS2_32.dll!recv 71A1615A 5 Bytes JMP 01382C27
.text C:\WINDOWS\Explorer.EXE[3676] WS2_32.dll!WSASend 71A16233 5 Bytes JMP 01382C5F
.text C:\WINDOWS\Explorer.EXE[3676] WS2_32.dll!closesocket 71A19639 5 Bytes JMP 01382D63
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3824] ntdll.dll!RtlNumberOfSetBits + 4B 7C96E6BB 1 Byte [9B]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3824] ADVAPI32.dll!CryptDestroyKey 77DBA544 7 Bytes JMP 00B72DFD
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3824] ADVAPI32.dll!CryptDecrypt 77DBA7B1 7 Bytes JMP 00B72DBA
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3824] ADVAPI32.dll!CryptEncrypt 77DC1558 7 Bytes JMP 00B72D7E
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3824] WS2_32.dll!send 71A1428A 5 Bytes JMP 00B72BEF
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3824] WS2_32.dll!WSARecv 71A14318 5 Bytes JMP 00B72CE1
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3824] WS2_32.dll!recv 71A1615A 5 Bytes JMP 00B72C27
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3824] WS2_32.dll!WSASend 71A16233 5 Bytes JMP 00B72C5F
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[3824] WS2_32.dll!closesocket 71A19639 5 Bytes JMP 00B72D63

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe[312] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [003C2F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe[312] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [003C2CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe[312] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [003C2D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe[312] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [003C2CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Creative\ShareDLL\MediaDet.Exe[1540] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00D22F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Creative\ShareDLL\MediaDet.Exe[1540] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00D22CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Creative\ShareDLL\MediaDet.Exe[1540] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00D22D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Creative\ShareDLL\MediaDet.Exe[1540] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00D22CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe[1668] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [009D2F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe[1668] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [009D2CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe[1668] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [009D2D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe[1668] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [009D2CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Spybot - Search & Destroy\TeaTimer.exe[1852] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [003B2F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Spybot - Search & Destroy\TeaTimer.exe[1852] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [003B2CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)

Alt 11.06.2009, 03:40   #2
Andrea85
 
AntiVir meldet BOO/Sinowal.D - Fehlalarm? - Standard

AntiVir meldet BOO/Sinowal.D - Fehlalarm?


2.Teil:
IAT C:\Programme\Spybot - Search & Destroy\TeaTimer.exe[1852] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [003B2D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Spybot - Search & Destroy\TeaTimer.exe[1852] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [003B2CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\ctfmon.exe[2388] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [009C2F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\ctfmon.exe[2388] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [009C2CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\ctfmon.exe[2388] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [009C2D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\ctfmon.exe[2388] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [009C2CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\Logishrd\LQCVFX\COCIManager.exe[2608] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [01122F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\Logishrd\LQCVFX\COCIManager.exe[2608] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [01122CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\Logishrd\LQCVFX\COCIManager.exe[2608] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [01122D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\Logishrd\LQCVFX\COCIManager.exe[2608] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [01122CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT D:\***\Installationsdateien\1c81vpso.exe[3040] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00802F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT D:\***\Installationsdateien\1c81vpso.exe[3040] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00802CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT D:\***\Installationsdateien\1c81vpso.exe[3040] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00802D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT D:\***\Installationsdateien\1c81vpso.exe[3040] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00802CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00892F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00892CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00892D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00892CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [63602B3E] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [63602A5B] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [63602441] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [63602AA2] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [63602B3E] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [63602A5B] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [63602441] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [63602AA2] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [63602A5B] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [63602AA2] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [63602441] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [63602B3E] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [63602AE9] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!AnimateWindow] [63601740] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenuEx] [636015EF] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcA] [6360208F] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetSysColor] [63601FC4] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcW] [63602065] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenu] [636015C8] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [63602AE9] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [63602B3E] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [63602AA2] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [63602A5B] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [63602441] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcA] [6360208F] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcW] [63602065] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!GetSysColor] [63601FC4] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenu] [636015C8] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[3220] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenuEx] [636015EF] C:\Programme\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\WINDOWS\system32\Ati2evxx.exe[3556] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [009D2F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\Ati2evxx.exe[3556] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [009D2CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\Ati2evxx.exe[3556] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [009D2D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\Ati2evxx.exe[3556] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [009D2CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Explorer.EXE[3676] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00AD2F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Explorer.EXE[3676] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00AD2CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Explorer.EXE[3676] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00AD2D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Explorer.EXE[3676] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00AD2CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\SOINTGR.EXE[3912] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00982F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\SOINTGR.EXE[3912] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00982CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\SOINTGR.EXE[3912] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00982D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\SOINTGR.EXE[3912] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00982CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\LVCOMSX.EXE[3924] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00A42F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\LVCOMSX.EXE[3924] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00A42CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\LVCOMSX.EXE[3924] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00A42D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\LVCOMSX.EXE[3924] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00A42CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Creative\ShareDLL\CtNotify.exe[3948] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00DD2F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Creative\ShareDLL\CtNotify.exe[3948] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00DD2CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Creative\ShareDLL\CtNotify.exe[3948] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00DD2D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Creative\ShareDLL\CtNotify.exe[3948] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00DD2CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe[4008] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00AC2F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe[4008] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00AC2CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe[4008] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00AC2D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe[4008] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00AC2CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\QuickTime\qttask.exe[4020] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [009B2F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\QuickTime\qttask.exe[4020] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [009B2CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\QuickTime\qttask.exe[4020] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [009B2D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\QuickTime\qttask.exe[4020] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [009B2CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Logitech\QuickCam\Quickcam.exe[4052] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00F42F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Logitech\QuickCam\Quickcam.exe[4052] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00F42CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Logitech\QuickCam\Quickcam.exe[4052] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00F42D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Logitech\QuickCam\Quickcam.exe[4052] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00F42CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\LogiShrd\LComMgr\Communications_Helper.exe[4072] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00B02F30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\LogiShrd\LComMgr\Communications_Helper.exe[4072] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00B02CA0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\LogiShrd\LComMgr\Communications_Helper.exe[4072] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00B02D00] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\Gemeinsame Dateien\LogiShrd\LComMgr\Communications_Helper.exe[4072] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00B02CD0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
__________________
Alt 11.06.2009, 03:41   #3
Andrea85
 
AntiVir meldet BOO/Sinowal.D - Fehlalarm? - Standard

AntiVir meldet BOO/Sinowal.D - Fehlalarm?


3.Teil
---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Ip bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender LLC)
AttachedDevice \Driver\Tcpip \Device\Tcp bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender LLC)
AttachedDevice \Driver\Tcpip \Device\Udp bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender LLC)
AttachedDevice \Driver\Tcpip \Device\RawIp bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender LLC)

---- Threads - GMER 1.0.15 ----

Thread System [4:1200] 896462D0
Thread System [4:1204] 896329C6
Thread System [4:1208] 89664357
Thread System [4:1212] 89635941
Thread System [4:3392] 896462D0
Thread System [4:3396] 896329C6
Thread System [4:3400] 89664357
Thread System [4:3404] 89635941
Thread System [4:3260] 896462D0
Thread System [4:3096] 896329C6
Thread System [4:3252] 89664357
Thread System [4:3268] 89635941

---- Files - GMER 1.0.15 ----

File C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Crash Reports\pending\f0562edc-b944-4243-84a4-6813ac1cc465.dmp 0 bytes
File C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Crash Reports\pending\f0562edc-b944-4243-84a4-6813ac1cc465.extra 0 bytes
File C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\8cg84vop.default\places.sqlite-journal 111320 bytes

---- EOF - GMER 1.0.15 ----



Das mbr.log sieht so aus:

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.6 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK


Freue mich über Eure Hilfe!
__________________
Antwort

Themen zu AntiVir meldet BOO/Sinowal.D - Fehlalarm?
.dll, adobe, antivir, antivir meldet, bitdefender, boo/sinowal.d, bytes, c:\windows, canon, code, dateien, defender, encrypt, explorer.exe, fehlalarm, gmer, handel, helper, log, malware, microsoft, ntdll.dll, programme, seaport.exe, server, service, spybot, system, system32, update, windows


« PC geht plötzlich aus! | Viele Viren und Trojaner entfernt, ist Sicherheit wieder hergestellt? »


Ähnliche Themen: AntiVir meldet BOO/Sinowal.D - Fehlalarm?


  1. Avira meldet 'TR/Crypt.ZPACK.Gen [trojan]' - Fehlalarm oder echt?
    Plagegeister aller Art und deren Bekämpfung - 23.08.2015 (5)
  2. Virenscanner meldet db22.exe und cyycfhtzro64.exe Malware oder Fehlalarm?
    Plagegeister aller Art und deren Bekämpfung - 17.01.2015 (11)
  3. detect meldet njrat. fehlalarm?
    Log-Analyse und Auswertung - 16.01.2015 (13)
  4. AVG Meldet Trojaner BackDoor Generic_c. Fehlalarm oder nicht?
    Plagegeister aller Art und deren Bekämpfung - 05.01.2015 (3)
  5. GData meldet Gen:Variant.Graftor.Elzob.1354 (Fehlalarm ?)
    Antiviren-, Firewall- und andere Schutzprogramme - 12.05.2012 (2)
  6. Sinowal oder so.. G-Data meldet Virus beim öffnen von IE9
    Plagegeister aller Art und deren Bekämpfung - 16.04.2012 (13)
  7. TR/PSW.Sinowal.Y.580 - Antivir
    Log-Analyse und Auswertung - 12.08.2011 (30)
  8. Avast meldet Sinowal-IM in c:\Windows\SysWOW64\prodorom_0.dll
    Log-Analyse und Auswertung - 04.08.2011 (7)
  9. Fehlalarm: Kaspersky-Engine meldet Virus auf heise.de
    Nachrichten - 07.12.2010 (0)
  10. Fehlalarm: Kasperky-Engine meldet Virus auf heise.de
    Nachrichten - 07.12.2010 (0)
  11. Avira AntiVir Personal - Free Antivirus meldet TR/Crypt.ULPM.Gen, möglicherweise Fehlalarm
    Plagegeister aller Art und deren Bekämpfung - 02.09.2010 (5)
  12. Antivir meldet Trojaner TR/PSW.LdPi.anqk.75 - Fehlalarm?
    Log-Analyse und Auswertung - 12.07.2010 (4)
  13. Fehlalarm von Antivir???
    Plagegeister aller Art und deren Bekämpfung - 18.07.2009 (1)
  14. Fehlalarm durch Antivir?
    Log-Analyse und Auswertung - 24.06.2009 (0)
  15. Kaspersky meldet Hoax.Win32.Renos.esa (Fehlalarm?)
    Mülltonne - 11.11.2008 (0)
  16. Fehlalarm AntiVir?
    Antiviren-, Firewall- und andere Schutzprogramme - 10.10.2008 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema AntiVir meldet BOO/Sinowal.D - Fehlalarm? - Hallo allerseits, AntiVir meldete dass diese Malware sich in 2 Bootsektoren befindet. Alternativ habe ich mal bitdefender installiert, welches nun nichts findet. Kann es sein, dass es sich hier um - AntiVir meldet BOO/Sinowal.D - Fehlalarm?...
Archiv
Du betrachtest: AntiVir meldet BOO/Sinowal.D - Fehlalarm? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55