| |
| |||||||
Log-Analyse und Auswertung: Windows Security Alert Trojaner~Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
11.11.2008, 21:31
| #10 |
| |  Windows Security Alert Trojaner~ GMER Log Teil 2: ---- User IAT/EAT - GMER 1.0.14 ---- IAT C:\Program Files\Mozilla Firefox\firefox.exe[1232] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [011F7376] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[1232] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [011F73CC] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[1232] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [011F73CC] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[1232] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [011F7376] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[1232] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [011F73CC] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[1232] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [011F7376] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[1232] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [011F7376] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[1232] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [011F73CC] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[1232] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [011F73CC] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[1232] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [011F7376] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[1232] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [011F73CC] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[1232] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [011F7376] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[1232] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [011F73CC] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[1232] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [011F7376] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[1232] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [011F73CC] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[1232] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [011F7376] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[1232] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [011F7376] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[1232] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [011F73CC] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[1232] @ C:\Windows\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] [011F73CC] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[1232] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [011F7376] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[1232] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [011F73CC] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[1232] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [011F73CC] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[1232] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [011F7376] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[1232] @ C:\Windows\system32\iphlpapi.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [011F73CC] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[1232] @ C:\Windows\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [011F7376] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[1232] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [011F73CC] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[1232] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [011F7376] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[1232] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [011F73CC] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[1232] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [011F7376] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[1232] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!LoadLibraryA] [011F7376] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) IAT C:\Program Files\Mozilla Firefox\firefox.exe[1232] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [011F73CC] C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.) ---- Devices - GMER 1.0.14 ---- Device \FileSystem\Ntfs \Ntfs 83B3E1E8 Device \FileSystem\fastfat \FatCdrom 8C665790 AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation) Device \Driver\volmgr \Device\VolMgrControl 844642E8 Device \Driver\usbuhci \Device\USBPDO-0 851C81E8 Device \Driver\usbuhci \Device\USBPDO-1 851C81E8 Device \Driver\usbuhci \Device\USBPDO-2 851C81E8 Device \Driver\usbuhci \Device\USBPDO-3 851C81E8 Device \Driver\usbehci \Device\USBPDO-4 851F6790 AttachedDevice \Driver\tdx \Device\Tcp SYMTDI.SYS Device \Driver\volmgr \Device\HarddiskVolume1 844642E8 Device \Driver\volmgr \Device\HarddiskVolume2 844642E8 Device \Driver\cdrom \Device\CdRom0 851C51E8 Device \Driver\volmgr \Device\HarddiskVolume3 844642E8 Device \Driver\cdrom \Device\CdRom1 851C51E8 Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-0 83B3D1E8 Device \Driver\atapi \Device\Ide\IdePort0 83B3D1E8 Device \Driver\atapi \Device\Ide\IdePort1 83B3D1E8 Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-2 83B3D1E8 Device \Driver\volmgr \Device\HarddiskVolume4 844642E8 Device \Driver\cdrom \Device\CdRom2 851C51E8 Device \Driver\netbt \Device\NetBt_Wins_Export 857B61E8 Device \Driver\netbt \Device\NetBT_Tcpip_{8DBE13DD-FD2D-4453-BDAC-94DE0402212D} 857B61E8 Device \Driver\netbt \Device\NetBT_Tcpip_{4F17471A-50E1-4168-B269-7E7B5B92FE98} 857B61E8 Device \Driver\USBSTOR \Device\00000079 85AE5790 Device \Driver\iScsiPrt \Device\RaidPort0 8520D1E8 AttachedDevice \Driver\tdx \Device\Udp SYMTDI.SYS Device \Driver\PCI_NTPNP0902 \Device\0000005d sptd.sys AttachedDevice \Driver\tdx \Device\RawIp SYMTDI.SYS Device \Driver\usbuhci \Device\USBFDO-0 851C81E8 Device \Driver\USBSTOR \Device\0000007a 85AE5790 Device \Driver\usbuhci \Device\USBFDO-1 851C81E8 Device \Driver\usbuhci \Device\USBFDO-2 851C81E8 Device \Driver\usbuhci \Device\USBFDO-3 851C81E8 Device \Driver\usbehci \Device\USBFDO-4 851F6790 Device \Driver\agdowhru \Device\Scsi\agdowhru1 851F7790 Device \Driver\agdowhru \Device\Scsi\agdowhru1Port3Path0Target0Lun0 851F7790 Device \Driver\agdowhru \Device\Scsi\agdowhru1Port3Path0Target1Lun0 851F7790 Device \FileSystem\fastfat \Fat 8C665790 AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation) ---- Registry - GMER 1.0.14 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\ Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x55 0xC5 0xD3 0xAF ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xFA 0xCC 0x93 0x62 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x79 0x15 0x99 0x09 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41@khjeh 0xB0 0xC7 0x89 0x71 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\ Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x55 0xC5 0xD3 0xAF ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xFA 0xCC 0x93 0x62 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x9C 0x42 0x9B 0xCF ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41 Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41@khjeh 0x81 0x58 0x78 0xD5 ... ---- EOF - GMER 1.0.14 ---- |
| Themen zu Windows Security Alert Trojaner~ |
| add-on, adobe, adware.bho, agere systems, alert, bho, browser, defender, desktop, ebay, explorer, firefox, ftp, google, gservice, helfen, hijackthis, internet, internet explorer, jusched.exe, magix, mozilla, plug-in, problem, registrierungsschlüssel, security, skype.exe, software, superantispyware, system, teamspeak, toolbars, trojaner, uleadburninghelper, vielen dank, vista, windows, windows defender, windows security, windows security alert |
Baum-Darstellung