Ich bräuchte schnell Hilfe bei der Auswertung dieses GMER Logfiles.
Ich hoffe mir kann jemand weiterhelfen. Vielen Dank schon im voraus!!!!

Zitat:

Zitat von Werft

GMER Rootkit Scan

Code: Alles auswählenAufklappen

ATTFilter

GMER 1.0.15.15281 - hxxp://www.gmer.net
Rootkit scan 2010-05-18 01:36:30
Windows 5.1.2600 Service Pack 3
Running: xuzoky63.exe; Driver: C:\DOKUME~1\CHRIST~1\LOKALE~1\Temp\kfayaaog.sys


---- System - GMER 1.0.15 ----

SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software)                         ZwClose [0xA9CA86B8]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software)                         ZwCreateKey [0xA9CA8574]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software)                         ZwDeleteValueKey [0xA9CA8A52]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software)                         ZwDuplicateObject [0xA9CA814C]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software)                         ZwOpenKey [0xA9CA864E]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software)                         ZwOpenProcess [0xA9CA808C]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software)                         ZwOpenThread [0xA9CA80F0]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software)                         ZwQueryValueKey [0xA9CA876E]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software)                         ZwRestoreKey [0xA9CA872E]
SSDT            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software)                         ZwSetValueKey [0xA9CA88AE]

---- Kernel code sections - GMER 1.0.15 ----

init            C:\WINDOWS\system32\drivers\o2mmb.sys                                                                         entry point in "init" section [0xF71B2320]
.text           C:\WINDOWS\system32\drivers\ACEDRV07.sys                                                                      section is writeable [0xA9B0F000, 0x328BA, 0xE8000020]
.pklstb         C:\WINDOWS\system32\drivers\ACEDRV07.sys                                                                      entry point in ".pklstb" section [0xA9B53000]
.relo2          C:\WINDOWS\system32\drivers\ACEDRV07.sys                                                                      unknown last section [0xA9B6F000, 0x8E, 0x42000040]
?               C:\DOKUME~1\CHRIST~1\LOKALE~1\Temp\kfayaaod.sys                                                               Das System kann die angegebene Datei nicht finden. !

---- User IAT/EAT - GMER 1.0.15 ----

IAT             C:\WINDOWS\Explorer.EXE[284] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile]                      [02452F20] C:\WINDOWS\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\WINDOWS\Explorer.EXE[284] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]             [02452C90] C:\WINDOWS\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\WINDOWS\Explorer.EXE[284] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose]                           [02452CF0] C:\WINDOWS\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\WINDOWS\Explorer.EXE[284] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                 [02452CC0] C:\WINDOWS\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\WINDOWS\system32\services.exe[912] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW]  00380002
IAT             C:\WINDOWS\system32\services.exe[912] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW]        00380000

---- Devices - GMER 1.0.15 ----

AttachedDevice  \FileSystem\Ntfs \Ntfs                                                                                        aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice  \Driver\Tcpip \Device\Ip                                                                                      aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice  \Driver\Kbdclass \Device\KeyboardClass0                                                                       SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice  \Driver\Kbdclass \Device\KeyboardClass1                                                                       SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice  \Driver\Tcpip \Device\Tcp                                                                                     aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice  \Driver\Tcpip \Device\Udp                                                                                     aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice  \Driver\Tcpip \Device\RawIp                                                                                   aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

---- Registry - GMER 1.0.15 ----

Reg             HKLM\SOFTWARE\Classes\CLSID\{1454a5b7-3445-436f-b097-67e478c49c4e}@Model                                      71
Reg             HKLM\SOFTWARE\Classes\CLSID\{1454a5b7-3445-436f-b097-67e478c49c4e}@Therad                                     32
Reg             HKLM\SOFTWARE\Classes\CLSID\{1454a5b7-3445-436f-b097-67e478c49c4e}@MData                                      0x2B 0x8F 0x78 0x29 ...
Reg             HKLM\SOFTWARE\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}@scansk                                     0xCF 0x3C 0x2E 0x37 ...

---- EOF - GMER 1.0.15 ----
         

http://www.trojaner-board.de/86164-sdra64-exe.html
Da gehts weiter....ein Beitrag pro Problem bitte.