CCleaner-Log und Gmer-Log Teil 1 Installierte Programme (CCleaner): Code:
7-Zip 4.57
AC3Filter (remove only)
ACDSee 4.0
ACDSee 4.0 Service Release 1
Acronis True Image Home
Adobe Acrobat 7.0 Professional
Adobe Download Manager
Adobe Flash Player 10 Plugin
Adobe Photoshop Elements 6.0
Adobe SVG Viewer 3.0
Advanced MP3 Catalog Pro 3.03
AGFEO TK-Suite Basic 3
AnyDVD
ATI - Dienstprogramm zur Deinstallation der Software
ATI AVIVO Codecs
ATI Catalyst Control Center
ATI Display Driver
Autostart ok-s 2.0
Avira AntiVir Personal - Free Antivirus
AviSynth 2.5
AVRStudio4
Beck @CHIPTOOL V5.10.0.1
Beck Postmake 2 (Version 2.3.0.1)
Biet-O-Matic v2.6.2
BitTorrent
BJ Network Tool
Bluesoleil2.7.0.13 VoIP Release 071227
Borland Delphi 7
BT747 Desktop
CamStudio
Canon PIXMA iP4000R
Canon Utilities Easy-PhotoPrint
Canon Utilities EOS Utility
Catalyst Control Center - Branding
CCleaner (remove only)
CoDeSys for Automation Alliance
DataLogV2.5
DATAstreet Hessen 2000
Destinator Console
DivX Codec
DivX Converter
DivX Player
DivX Plus DirectShow Filters
DivX Web Player
DNA
Dr. Hardware 2009 9.9.0d
DVBViewer Pro
DVBViewer Recording Service
DVBViewer TE
eDrawings 2008
EventGhost 0.3.7.r1194
EveryWAN Remote Support Personal Edition
Exact Audio Copy 0.99pb4
FileZilla Server (remove only)
FreeOTFE
FreePDF XP (Remove only)
Freez Screen Video Capture v1.2
Garmin City Navigator Europe NT v9
Garmin Communicator Plugin
Garmin MapSource
Garmin WebUpdater
Generic color icon driver
GnuWin32: Wget-1.11.4-1
Google Earth
Google Earth Plug-in
Google Updater
GPL Ghostscript 8.62
GPL Ghostscript Fonts
GPS-Track-Analyse.NET
GX::Transcoder v5.0
Hama USB Mass Storage Device
Hex Wizard 1.22
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
HP Imaging Device Functions 9.0
HP Photosmart Essential 2.01
HP Photosmart Kameras 9.0
HP Scanjet 3800 series 7.0
HP Solution Center 9.0
HP Update
HP USB Disk Storage Format Tool
Indeo® Software
Java(TM) 6 Update 11
JMB36X Raid Configurer
Logitech iTouch Software
Logitech QuickCam-Software
Logitech® Camera-Treiber
LogMeIn
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 German Language Pack
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 SP1
Microsoft ActiveSync
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office 2000 SR-1 Premium
Microsoft SQL Server Desktop Engine (PINNACLESYS)
Microsoft User-Mode Driver Framework Feature Pack 1.5
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Mozilla Firefox (3.5.3)
Mozilla Sunbird (0.9)
Mozilla Thunderbird (2.0.0.23)
MP3-Tag-Editor
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 6.0 Parser
Nero 8
nLite 1.4.9.1
Nokia Connectivity Cable Driver
Nokia PC Suite
Nokia Software Updater
O&O Defrag Professional Edition
OCR Software by I.R.I.S 7.0
ODBC
OSMtracker 0.6.1
Paint Shop Pro 7
Paradigm C++ Beck IPC Edition
PC Connectivity Solution
Pinnacle Hollywood FX for Studio
Pinnacle MediaServer
Pinnacle ShowCenter
PowerDVD Ultra
Process Tamer 2.11.01
RAIDar 4.1.4
Realtek High Definition Audio Driver
RedMon - Redirection Port Monitor
RMVB Converter 1.8
Security Update for Windows Search 4 - KB963093
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal)
Slotman
Sonic CinePlayer DVD Pack
Spb Backup
Spb Backup 2.0
Studio 9
Sun xVM VirtualBox
SUPER © Version 2008.bld.32 (July 8, 2008)
Target 3001! V14 discover
TechniSat DVB-PC TV Star
Tera Term Pro
TightVNC 1.3.9
Top50 Viewer
Total Commander (Remove or Repair)
Tux Paint 0.9.19
Tweak UI
Unlocker 1.8.7
VAD Laplace Webcam
VirtualCloneDrive
VLC media player 1.0.0
VMware Workstation
Winamp
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows Search 4.0
Windows XP Service Pack 3
Windows-Treiberpaket - Nokia Modem (05/22/2008 3.8)
Windows-Treiberpaket - Nokia Modem (05/22/2008 7.00.0.1)
Windows-Treiberpaket - Nokia Modem (10/27/2008 3.9)
Windows-Treiberpaket - Nokia Modem (10/27/2008 7.01.0.1)
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
WinPcap 4.0.2
WinRAR
WinZip
Wireshark 1.0.0
WsWin V2.93.13 - 2007-04-22
X10 Hardware(TM)
XNavigator
ZOC Terminal 5.1 Gmer - Teil 1: Code:
GMER 1.0.15.15125 - http://www.gmer.net
Rootkit scan 2009-10-07 16:13:15
Windows 5.1.2600 Service Pack 3
Running: tq197v08.exe; Driver: C:\DOKUME~1\detlef\LOKALE~1\Temp\fxtdapow.sys
---- System - GMER 1.0.15 ----
SSDT F7A63CC6
ZwCreateKey
SSDT F7A63CBC
ZwCreateThread
SSDT F7A63CCB
ZwDeleteKey
SSDT F7A63CD5
ZwDeleteValueKey
SSDT F7A63CDA
ZwLoadKey
SSDT F7A63CA8
ZwOpenProcess
SSDT F7A63CAD
ZwOpenThread
SSDT F7A63CE4
ZwReplaceKey
SSDT F7A63CDF
ZwRestoreKey
SSDT F7A63CD0
ZwSetValueKey
SSDT F7A63CB7
ZwTerminateProcess
INT 0x01 \SystemRoot\system32\DRIVERS\ati2mtag.sys (ATI Radeon WindowsNT Miniport Driver/ATI Technologies Inc.)
B962D59A
INT 0x03 \SystemRoot\system32\DRIVERS\ati2mtag.sys (ATI Radeon WindowsNT Miniport Driver/ATI Technologies Inc.)
B962D655
INT 0x06 \??\C:\WINDOWS\system32\drivers\Haspnt.sys (HASP Kernel Device Driver for Windows NT/Aladdin Knowledge Systems)
A9E1616D
INT 0x0E \??\C:\WINDOWS\system32\drivers\Haspnt.sys (HASP Kernel Device Driver for Windows NT/Aladdin Knowledge Systems)
A9E15FC2
---- User code sections - GMER 1.0.15 ----
.text C:\WINDOWS\Explorer.EXE[2696] WININET.dll!InternetReadFile
408C654B 5 Bytes JMP 13159E5C
.text C:\WINDOWS\Explorer.EXE[2696] WININET.dll!InternetCloseHandle
408C9088 5 Bytes JMP 1315A05C
.text C:\WINDOWS\Explorer.EXE[2696] WININET.dll!InternetQueryDataAvailable
408CBF83 5 Bytes JMP 13159C7C
.text C:\WINDOWS\Explorer.EXE[2696] WININET.dll!HttpOpenRequestA
408CD508 5 Bytes JMP 13158964
.text C:\WINDOWS\Explorer.EXE[2696] WININET.dll!InternetConnectA
408CDEAE 5 Bytes JMP 1315880C
.text C:\WINDOWS\Explorer.EXE[2696] WININET.dll!HttpSendRequestW
408CFABE 5 Bytes JMP 13159688
.text C:\WINDOWS\Explorer.EXE[2696] WININET.dll!InternetOpenA
408DD688 5 Bytes JMP 131587C0
.text C:\WINDOWS\Explorer.EXE[2696] WININET.dll!HttpSendRequestA
408DEE81 5 Bytes JMP 13159288
.text C:\WINDOWS\Explorer.EXE[2696] WININET.dll!InternetReadFileExW
408E3341 5 Bytes JMP 1315A00C
.text C:\WINDOWS\Explorer.EXE[2696] WININET.dll!InternetReadFileExA
408E3379 5 Bytes JMP 13159FBC
.text C:\WINDOWS\system32\SearchIndexer.exe[3556] kernel32.dll!WriteFile
7C810E27 7 Bytes JMP 00585C0C C:\WINDOWS\system32\MSSRCH.DLL (mssrch.dll/Microsoft Corporation)
.text C:\Programme\Mozilla Firefox\firefox.exe[3964] wininet.dll!InternetReadFile
408C654B 5 Bytes JMP 13159E5C
.text C:\Programme\Mozilla Firefox\firefox.exe[3964] wininet.dll!InternetCloseHandle
408C9088 5 Bytes JMP 1315A05C
.text C:\Programme\Mozilla Firefox\firefox.exe[3964] wininet.dll!InternetQueryDataAvailable
408CBF83 5 Bytes JMP 13159C7C
.text C:\Programme\Mozilla Firefox\firefox.exe[3964] wininet.dll!HttpOpenRequestA
408CD508 5 Bytes JMP 13158964
.text C:\Programme\Mozilla Firefox\firefox.exe[3964] wininet.dll!InternetConnectA
408CDEAE 5 Bytes JMP 1315880C
.text C:\Programme\Mozilla Firefox\firefox.exe[3964] wininet.dll!HttpSendRequestW
408CFABE 5 Bytes JMP 13159688
.text C:\Programme\Mozilla Firefox\firefox.exe[3964] wininet.dll!InternetOpenA
408DD688 5 Bytes JMP 131587C0
.text C:\Programme\Mozilla Firefox\firefox.exe[3964] wininet.dll!HttpSendRequestA
408DEE81 5 Bytes JMP 13159288
.text C:\Programme\Mozilla Firefox\firefox.exe[3964] wininet.dll!InternetReadFileExW
408E3341 5 Bytes JMP 1315A00C
.text C:\Programme\Mozilla Firefox\firefox.exe[3964] wininet.dll!InternetReadFileExA
408E3379 5 Bytes JMP 13159FBC
.text C:\Programme\VirtualDub\VirtualDub.exe[4676] kernel32.dll!SetUnhandledExceptionFilter
7C84495D 5 Bytes [33, C0, C2, 04, 00] {XOR EAX, EAX; RET 0x4}
.text c:\programme\virtualdub\VirtualDub.exe[5920] kernel32.dll!SetUnhandledExceptionFilter
7C84495D 5 Bytes [33, C0, C2, 04, 00] {XOR EAX, EAX; RET 0x4}
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\Programme\Mozilla Thunderbird\thunderbird.exe[5060] @ C:\WINDOWS\system32\ADVAPI32.dll
[KERNEL32.dll!SetUnhandledExceptionFilter] [019E73CC] C:\Programme\Mozilla
Thunderbird\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT C:\Programme\Mozilla Thunderbird\thunderbird.exe[5060] @ C:\WINDOWS\system32\ADVAPI32.dll
[KERNEL32.dll!LoadLibraryA] [019E7376] C:\Programme\Mozilla
Thunderbird\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT C:\Programme\Mozilla Thunderbird\thunderbird.exe[5060] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA]
[019E7376] C:\Programme\Mozilla Thunderbird\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback
Library/Full Circle Software, Inc.)
IAT C:\Programme\Mozilla Thunderbird\thunderbird.exe[5060] @ C:\WINDOWS\system32\RPCRT4.dll
[KERNEL32.dll!SetUnhandledExceptionFilter] [019E73CC] C:\Programme\Mozilla
Thunderbird\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT C:\Programme\Mozilla Thunderbird\thunderbird.exe[5060] @ C:\WINDOWS\system32\Secur32.dll
[KERNEL32.dll!SetUnhandledExceptionFilter] [019E73CC] C:\Programme\Mozilla
Thunderbird\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT C:\Programme\Mozilla Thunderbird\thunderbird.exe[5060] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA]
[019E7376] C:\Programme\Mozilla Thunderbird\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback
Library/Full Circle Software, Inc.)
IAT C:\Programme\Mozilla Thunderbird\thunderbird.exe[5060] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA]
[019E7376] C:\Programme\Mozilla Thunderbird\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback
Library/Full Circle Software, Inc.)
IAT C:\Programme\Mozilla Thunderbird\thunderbird.exe[5060] @ C:\WINDOWS\system32\WS2_32.dll
[KERNEL32.dll!SetUnhandledExceptionFilter] [019E73CC] C:\Programme\Mozilla
Thunderbird\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT C:\Programme\Mozilla Thunderbird\thunderbird.exe[5060] @ C:\WINDOWS\system32\msvcrt.dll
[KERNEL32.dll!SetUnhandledExceptionFilter] [019E73CC] C:\Programme\Mozilla
Thunderbird\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT C:\Programme\Mozilla Thunderbird\thunderbird.exe[5060] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA]
[019E7376] C:\Programme\Mozilla Thunderbird\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback
Library/Full Circle Software, Inc.)
IAT C:\Programme\Mozilla Thunderbird\thunderbird.exe[5060] @ C:\WINDOWS\system32\WS2HELP.dll
[KERNEL32.dll!SetUnhandledExceptionFilter] [019E73CC] C:\Programme\Mozilla
Thunderbird\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT C:\Programme\Mozilla Thunderbird\thunderbird.exe[5060] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA]
[019E7376] C:\Programme\Mozilla Thunderbird\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback
Library/Full Circle Software, Inc.)
IAT C:\Programme\Mozilla Thunderbird\thunderbird.exe[5060] @ C:\WINDOWS\system32\GDI32.dll
[KERNEL32.dll!SetUnhandledExceptionFilter] [019E73CC] C:\Programme\Mozilla
Thunderbird\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT C:\Programme\Mozilla Thunderbird\thunderbird.exe[5060] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA]
[019E7376] C:\Programme\Mozilla Thunderbird\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback
Library/Full Circle Software, Inc.)
IAT C:\Programme\Mozilla Thunderbird\thunderbird.exe[5060] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA]
[019E7376] C:\Programme\Mozilla Thunderbird\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback
Library/Full Circle Software, Inc.)
IAT C:\Programme\Mozilla Thunderbird\thunderbird.exe[5060] @ C:\WINDOWS\system32\USER32.dll
[KERNEL32.dll!SetUnhandledExceptionFilter] [019E73CC] C:\Programme\Mozilla
Thunderbird\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT C:\Programme\Mozilla Thunderbird\thunderbird.exe[5060] @ C:\WINDOWS\system32\SHELL32.dll
[KERNEL32.dll!SetUnhandledExceptionFilter] [019E73CC] C:\Programme\Mozilla
Thunderbird\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT C:\Programme\Mozilla Thunderbird\thunderbird.exe[5060] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA]
[019E7376] C:\Programme\Mozilla Thunderbird\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback
Library/Full Circle Software, Inc.)
IAT C:\Programme\Mozilla Thunderbird\thunderbird.exe[5060] @ C:\WINDOWS\system32\SHLWAPI.dll
[KERNEL32.dll!SetUnhandledExceptionFilter] [019E73CC] C:\Programme\Mozilla
Thunderbird\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT C:\Programme\Mozilla Thunderbird\thunderbird.exe[5060] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA]
[019E7376] C:\Programme\Mozilla Thunderbird\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback
Library/Full Circle Software, Inc.)
IAT C:\Programme\Mozilla Thunderbird\thunderbird.exe[5060] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA]
[019E7376] C:\Programme\Mozilla Thunderbird\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback
Library/Full Circle Software, Inc.)
IAT C:\Programme\Mozilla Thunderbird\thunderbird.exe[5060] @ C:\WINDOWS\system32\ole32.dll
[KERNEL32.dll!SetUnhandledExceptionFilter] [019E73CC] C:\Programme\Mozilla
Thunderbird\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT C:\Programme\Mozilla Thunderbird\thunderbird.exe[5060] @ C:\WINDOWS\system32\iphlpapi.dll
[KERNEL32.dll!SetUnhandledExceptionFilter] [019E73CC] C:\Programme\Mozilla
Thunderbird\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT C:\Programme\Mozilla Thunderbird\thunderbird.exe[5060] @ C:\WINDOWS\system32\iphlpapi.dll
[KERNEL32.dll!LoadLibraryA] [019E7376] C:\Programme\Mozilla
Thunderbird\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT C:\Programme\Mozilla Thunderbird\thunderbird.exe[5060] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA]
[019E7376] C:\Programme\Mozilla Thunderbird\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback
Library/Full Circle Software, Inc.)
IAT C:\Programme\Mozilla Thunderbird\thunderbird.exe[5060] @ C:\WINDOWS\system32\USERENV.dll
[KERNEL32.dll!SetUnhandledExceptionFilter] [019E73CC] C:\Programme\Mozilla
Thunderbird\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT C:\Programme\Mozilla Thunderbird\thunderbird.exe[5060] @ C:\WINDOWS\system32\NETAPI32.dll
[KERNEL32.dll!SetUnhandledExceptionFilter] [019E73CC] C:\Programme\Mozilla
Thunderbird\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT C:\Programme\Mozilla Thunderbird\thunderbird.exe[5060] @ C:\WINDOWS\system32\NETAPI32.dll
[KERNEL32.dll!LoadLibraryA] [019E7376] C:\Programme\Mozilla
Thunderbird\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT C:\Programme\Mozilla Thunderbird\thunderbird.exe[5060] @ C:\WINDOWS\System32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA]
[019E7376] C:\Programme\Mozilla Thunderbird\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback
Library/Full Circle Software, Inc.)
IAT C:\Programme\Mozilla Thunderbird\thunderbird.exe[5060] @ C:\WINDOWS\System32\CRYPT32.dll
[KERNEL32.dll!SetUnhandledExceptionFilter] [019E73CC] C:\Programme\Mozilla
Thunderbird\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT C:\Programme\Mozilla Thunderbird\thunderbird.exe[5060] @ C:\WINDOWS\system32\WININET.dll
[KERNEL32.dll!SetUnhandledExceptionFilter] [019E73CC] C:\Programme\Mozilla
Thunderbird\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback Library/Full Circle Software, Inc.)
IAT C:\Programme\Mozilla Thunderbird\thunderbird.exe[5060] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA]
[019E7376] C:\Programme\Mozilla Thunderbird\extensions\talkback@mozilla.org\components\FULLSOFT.DLL (Talkback
Library/Full Circle Software, Inc.) Das war's.
Detlef |