Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Rootkit gefunden. Was tun?

Rootkit gefunden. Was tun?


Plagegeister aller Art und deren Bekämpfung: Rootkit gefunden. Was tun?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 28.12.2009, 10:53   #1
lennox1982
 
Rootkit gefunden. Was tun? - Standard

Rootkit gefunden. Was tun?


Hallo,

ich habe gerade schon einen PC in Arbeit, da hier ein Trojaner aufgetaucht ist. Habe deshalb mit diesem PC das Internet gar nicht mehr benutzt und mit einem anderen alles hier gelesen. Habe dann auch hier die Programme mitlaufen lassen und dann zeigt es mir an, dass ich einen Rootkit hätte. Ich habe das gmer-Programm drüberlaufen lassen und dann kam folgendes bei raus:

Code:
ATTFilter
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2009-12-27 18:23:37
Windows 6.0.6001 Service Pack 1
Running: ilfmjif8.exe; Driver: C:\Users\Tobias\AppData\Local\Temp\fxldipod.sys


---- System - GMER 1.0.15 ----

SSDT            9BB1B8F4                                                                                                                                             ZwCreateThread
SSDT            9BB1B8E0                                                                                                                                             ZwOpenProcess
SSDT            9BB1B8E5                                                                                                                                             ZwOpenThread
SSDT            9BB1B8EF                                                                                                                                             ZwTerminateProcess
SSDT            9BB1B8EA                                                                                                                                             ZwWriteVirtualMemory

---- Kernel code sections - GMER 1.0.15 ----

.text           ntkrnlpa.exe!KeSetTimerEx + 454                                                                                                                      822C3A18 4 Bytes  [F4, B8, B1, 9B]
.text           ntkrnlpa.exe!KeSetTimerEx + 624                                                                                                                      822C3BE8 4 Bytes  [E0, B8, B1, 9B] {LOOPNZ 0xffffffffffffffba; MOV CL, 0x9b}
.text           ntkrnlpa.exe!KeSetTimerEx + 640                                                                                                                      822C3C04 4 Bytes  [E5, B8, B1, 9B] {IN EAX, 0xb8; MOV CL, 0x9b}
.text           ntkrnlpa.exe!KeSetTimerEx + 854                                                                                                                      822C3E18 4 Bytes  [EF, B8, B1, 9B]
.text           ntkrnlpa.exe!KeSetTimerEx + 8B4                                                                                                                      822C3E78 4 Bytes  JMP 909BB1B8 
.text           C:\Windows\system32\DRIVERS\nvlddmkm.sys                                                                                                             section is writeable [0x8E40B340, 0x3E9407, 0xE8000020]

---- User IAT/EAT - GMER 1.0.15 ----

IAT             C:\Program Files\Java\jre6\bin\jusched.exe[1308] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                         [003C2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Java\jre6\bin\jusched.exe[1308] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                              [003C2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Java\jre6\bin\jusched.exe[1308] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                [003C2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Java\jre6\bin\jusched.exe[1308] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                    [003C2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[1444] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                   [00342F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[1444] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                        [00342D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[1444] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                          [00342CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[1444] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                              [00342CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Skype\Phone\Skype.exe[1688] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                             [003E2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Skype\Phone\Skype.exe[1688] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                  [003E2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Skype\Phone\Skype.exe[1688] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                    [003E2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Skype\Phone\Skype.exe[1688] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                        [003E2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe[1724] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]               [009A2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe[1724] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                    [009A2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe[1724] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]      [009A2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe[1724] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]          [009A2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Users\Tobias\Desktop\ilfmjif8.exe[1884] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                               [00172F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Users\Tobias\Desktop\ilfmjif8.exe[1884] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                    [00172D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Users\Tobias\Desktop\ilfmjif8.exe[1884] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                      [00172CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Users\Tobias\Desktop\ilfmjif8.exe[1884] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                          [00172CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\iTunes\iTunesHelper.exe[2128] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                           [00CD2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\iTunes\iTunesHelper.exe[2128] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                [00CD2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\iTunes\iTunesHelper.exe[2128] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                  [00CD2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\iTunes\iTunesHelper.exe[2128] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                      [00CD2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Windows\RtHDVCpl.exe[2276] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                                            [003E2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Windows\RtHDVCpl.exe[2276] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                                 [003E2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Windows\RtHDVCpl.exe[2276] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                                   [003E2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Windows\RtHDVCpl.exe[2276] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                                       [003E2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe[2504] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                   [00602F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe[2504] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                        [00602D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe[2504] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]          [00602CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe[2504] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]              [00602CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Windows\System32\WLTRAY.EXE[2540] @ C:\Windows\system32\KERNEL32.dll [ntdll.dll!NtCreateFile]                                                     [00222F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Windows\System32\WLTRAY.EXE[2540] @ C:\Windows\system32\KERNEL32.dll [ntdll.dll!NtClose]                                                          [00222D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Windows\System32\WLTRAY.EXE[2540] @ C:\Windows\system32\KERNEL32.dll [ntdll.dll!NtDeviceIoControlFile]                                            [00222CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Windows\System32\WLTRAY.EXE[2540] @ C:\Windows\system32\KERNEL32.dll [ntdll.dll!NtDuplicateObject]                                                [00222CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Windows\ehome\ehtray.exe[2580] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                                        [00202F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Windows\ehome\ehtray.exe[2580] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                             [00202D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Windows\ehome\ehtray.exe[2580] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                               [00202CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Windows\ehome\ehtray.exe[2580] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                                   [00202CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2772] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                      [00292F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2772] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                           [00292D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2772] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                             [00292CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2772] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                 [00292CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Google\Google Talk\googletalk.exe[2884] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                 [01F52F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Google\Google Talk\googletalk.exe[2884] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                      [01F52D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Google\Google Talk\googletalk.exe[2884] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                        [01F52CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Google\Google Talk\googletalk.exe[2884] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                            [01F52CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe[3328] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]           [003A2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe[3328] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                [003A2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe[3328] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]  [003A2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe[3328] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]      [003A2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Dell\QuickSet\quickset.exe[3340] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                        [01722F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Dell\QuickSet\quickset.exe[3340] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                             [01722D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Dell\QuickSet\quickset.exe[3340] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                               [01722CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Dell\QuickSet\quickset.exe[3340] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                   [01722CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe[3380] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                       [003D2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe[3380] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                            [003D2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe[3380] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]              [003D2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe[3380] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                  [003D2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe[3392] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                        [003C2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe[3392] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                             [003C2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe[3392] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]               [003C2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe[3392] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                   [003C2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Logitech\QuickCam10\QuickCam10.exe[3452] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                [003E2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Logitech\QuickCam10\QuickCam10.exe[3452] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                     [003E2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Logitech\QuickCam10\QuickCam10.exe[3452] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                       [003E2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Logitech\QuickCam10\QuickCam10.exe[3452] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                           [003E2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Windows\system32\taskeng.exe[3468] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                                    [00352F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Windows\system32\taskeng.exe[3468] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                         [00352D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Windows\system32\taskeng.exe[3468] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                           [00352CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Windows\system32\taskeng.exe[3468] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                               [00352CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Napster\napster.exe[3488] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                               [001B2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Napster\napster.exe[3488] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                    [001B2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Napster\napster.exe[3488] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                      [001B2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Napster\napster.exe[3488] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                          [001B2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Windows\system32\Dwm.exe[3512] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                                        [000B2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Windows\system32\Dwm.exe[3512] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                             [000B2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Windows\system32\Dwm.exe[3512] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                               [000B2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Windows\system32\Dwm.exe[3512] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                                   [000B2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Windows\System32\rundll32.exe[3596] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                                   [001E2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Windows\System32\rundll32.exe[3596] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                        [001E2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Windows\System32\rundll32.exe[3596] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                          [001E2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Windows\System32\rundll32.exe[3596] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                              [001E2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Windows\Explorer.EXE[3684] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown]                                                                [740488B4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[3684] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage]                                                                 [740898A5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[3684] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI]                                                             [7404B9D4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[3684] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode]                                                       [7403FB47] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[3684] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup]                                                                 [74047A79] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[3684] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC]                                                              [7403EA65] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[3684] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM]                                                  [7407B17D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[3684] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream]                                                     [7404BC9A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[3684] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight]                                                             [7404074E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[3684] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth]                                                              [740406B5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[3684] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage]                                                               [740371B3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[3684] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM]                                                       [740CD848] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[3684] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile]                                                          [74067379] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[3684] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics]                                                             [7403E109] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[3684] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree]                                                                       [7403697E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[3684] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc]                                                                      [740369A9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[3684] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode]                                                         [74042465] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[3684] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                                            [005B2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Windows\Explorer.EXE[3684] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                                 [005B2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Windows\Explorer.EXE[3684] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                                   [005B2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Windows\Explorer.EXE[3684] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                                       [005B2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Synaptics\SynTP\SynToshiba.exe[3876] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                    [003D2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Synaptics\SynTP\SynToshiba.exe[3876] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                         [003D2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Synaptics\SynTP\SynToshiba.exe[3876] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                           [003D2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Synaptics\SynTP\SynToshiba.exe[3876] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                               [003D2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Windows\System32\rundll32.exe[3928] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                                   [000B2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Windows\System32\rundll32.exe[3928] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                        [000B2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Windows\System32\rundll32.exe[3928] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                          [000B2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Windows\System32\rundll32.exe[3928] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                              [000B2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Windows\ehome\ehmsas.exe[4216] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                                        [00182F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Windows\ehome\ehmsas.exe[4216] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                             [00182D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Windows\ehome\ehmsas.exe[4216] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                               [00182CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Windows\ehome\ehmsas.exe[4216] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                                   [00182CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Windows\system32\wuauclt.exe[4244] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                                    [00802F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Windows\system32\wuauclt.exe[4244] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                         [00802D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Windows\system32\wuauclt.exe[4244] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                           [00802CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Windows\system32\wuauclt.exe[4244] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                               [00802CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Java\jre6\bin\jucheck.exe[4304] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                         [00462F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Java\jre6\bin\jucheck.exe[4304] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                              [00462D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Java\jre6\bin\jucheck.exe[4304] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                [00462CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Program Files\Java\jre6\bin\jucheck.exe[4304] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]

 

Themen zu Rootkit gefunden. Was tun?
.dll, antivir, appdata, avg, avgnt.exe, avira, c:\windows\system32\rundll32.exe, desktop, down, dwm.exe, explorer.exe, folge, google, helper, ics, internet, java, jucheck.exe, jusched.exe, local\temp, ntdll.dll, nvlddmkm.sys, programme, rootkit, rundll, rundll32.exe, scan, skype.exe, studio, system, system32, temp, trojaner, was tun, was tun?, wuauclt.exe


« Virus,Trojaner oder ähnliches im MSN | trojan in Content.IE5 ? »


Ähnliche Themen: Rootkit gefunden. Was tun?


  1. avast hat Rootkit gefunden
    Log-Analyse und Auswertung - 21.11.2013 (34)
  2. Rootkit gefunden.
    Log-Analyse und Auswertung - 21.05.2013 (11)
  3. Rootkit.gen gefunden/Rootkit-Befall - Bin ich im dran? Brauche dringend Beratung !!!
    Plagegeister aller Art und deren Bekämpfung - 25.05.2012 (3)
  4. TR/Rootkit.Gen gefunden
    Plagegeister aller Art und deren Bekämpfung - 28.05.2011 (13)
  5. GMER hat Rootkit gefunden!
    Plagegeister aller Art und deren Bekämpfung - 08.03.2010 (1)
  6. Rootkit mit Gmer gefunden
    Plagegeister aller Art und deren Bekämpfung - 03.03.2010 (5)
  7. TR/ Rootkit.L gefunden
    Log-Analyse und Auswertung - 04.02.2010 (1)
  8. Rootkit gefunden!
    Plagegeister aller Art und deren Bekämpfung - 19.01.2010 (15)
  9. Rootkit gefunden
    Mülltonne - 21.08.2009 (2)
  10. Rootkit Agent ODG gefunden
    Plagegeister aller Art und deren Bekämpfung - 05.08.2009 (24)
  11. 'TR/Rootkit.Gen' [trojan] gefunden - HJT- Log
    Log-Analyse und Auswertung - 13.08.2008 (2)
  12. win32:Rootkit-gen [Rtk] gefunden
    Log-Analyse und Auswertung - 11.06.2008 (6)
  13. Rootkit gefunden - wie entfernen?
    Plagegeister aller Art und deren Bekämpfung - 21.04.2008 (5)
  14. Rootkit gefunden.
    Plagegeister aller Art und deren Bekämpfung - 31.12.2007 (0)
  15. Rootkit gefunden.
    Mülltonne - 31.12.2007 (0)
  16. Rootkit gefunden ?
    Plagegeister aller Art und deren Bekämpfung - 04.09.2007 (2)
  17. NAV hat ein Rootkit --> 33gt.0xe gefunden...
    Plagegeister aller Art und deren Bekämpfung - 18.03.2005 (10)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Rootkit gefunden. Was tun? - Hallo, ich habe gerade schon einen PC in Arbeit, da hier ein Trojaner aufgetaucht ist. Habe deshalb mit diesem PC das Internet gar nicht mehr benutzt und mit einem anderen - Rootkit gefunden. Was tun?...
Archiv
Du betrachtest: Rootkit gefunden. Was tun? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19