Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Großes Problem (https://www.trojaner-board.de/49765-grosses-problem.html)

dor Schuppen 22.02.2008 17:48
Großes Problem
 
Also,
Wir haben folgendes Problem mit Windows XP:
Es fing an mit Norton Antivirus, welches ich plötzlich nicht mehr öffnen konnte ("... ist keine gültige win32 Anwendung"). Also habe ich alle möglichen Antivirusprogramme (Antivir, Spybot,...) versucht runterzuladen, doch auch bei denen kam nur die gleiche Fehlermeldung...Jetzt hab ich mir gedacht, dass ich mal ne Logfile poste, aber auch Hijackthis funktioniert nicht mehr ( gleiche Meldung)!
Alle Programme liefen vorher einwandfrei, könnt ihr mir helfen, denn meine Daten kann ich im Fall einer Formatierung auch nicht retten, da mein Mp3Player auch nicht mehr angenommen wird. D.h. die externe Festplatte wird nicht mehr als Harddisk bezeichnet sondern als Laufwerk L: und wenn ich dies öffnen will, so möchte der PC es unbedingt formatieren.
Hoffentlich findet jemand eine Lösung.

KarlKarl 22.02.2008 17:54
Hi,

bestätigen wir erstmal den Verdacht ;)

Blacklight scannen lassen
  • Lade F-Secure Blacklight in einen neuen Ordner C:\programme\blacklight.
  • Starte in diesem Ordner fsbl.exe und schließe alle anderen Programme.
  • Klicke "I accept the agreement", "next", "Scan".
  • wenn der Scan zuende ist, wähle "Close".
  • Der Bericht ist fsbl-XXX.log im Blacklight Verzeichnis, anstelle der XXX stehen Zahlen, die Datum und Uhrzeit enthalten. Den Inhalt dieser Datei bitte posten.

Gruß, Karl

dor Schuppen 22.02.2008 19:22
Hallo,
danke für die schnelle Antwort Karl, hier ist auch gleich die Datei:

02/22/08 19:09:35 [Info]: BlackLight Engine 1.0.67 initialized
02/22/08 19:09:35 [Info]: OS: 5.1 build 2600 (Service Pack 2)
02/22/08 19:09:35 [Note]: 7019 4
02/22/08 19:09:35 [Note]: 7005 0
02/22/08 19:09:45 [Note]: 7006 0
02/22/08 19:09:45 [Note]: 7011 616
02/22/08 19:09:51 [Note]: 7026 0
02/22/08 19:09:57 [Note]: 7026 0
02/22/08 19:09:57 [Note]: 7024 3
02/22/08 19:09:57 [Info]: Hidden process: C:\WINDOWS\system32\drivers\hldrrr.exe
02/22/08 19:09:57 [Note]: 7024 3
02/22/08 19:09:57 [Info]: Hidden process: C:\WINDOWS\system32\drivers\hldrrr.exe
02/22/08 19:10:05 [Note]: FSRAW library version 1.7.1024
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\WT9_1LDEN.dll
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\W9_1DE.HLP
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\W9_1EN.HLP
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\W9_1gede.cnt
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\W9_1GEDE.HLP
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\w9_1geuk.cnt
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\W9_1GEUK.HLP
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\w9_1geus.cnt
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\W9_1GEUS.HLP
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\wt9_1cbe.dll
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\Wt9_1cbede.cbt
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\Wt9_1cbeEN.CBD
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\Wt9_1cbekd.cbt
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\wt9_1ce.icr
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\wt9_1ce.sav
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\Wt9_1de.adv
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\Wt9_1de.hyd
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\Wt9_1de.icr
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\Wt9_1de.mor
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\Wt9_1de.rul
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\Wt9_1de.sav
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\Wt9_1de.ths
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\wt9_1en.hwl
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\wt9_1EN.mor
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\wt9_1kd.adv
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\Wt9_1kd.hyd
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\wt9_1kd.mor
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\wt9_1kd.rul
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\WT9_1LDDE.dll
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\WT9_1LDXX.dll
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\WT9_1LI.dll
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\wt9_1nd.mor
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\wt9_1nd.sav
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\wt9_1oz.icr
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\wt9_1oz.sav
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\wt9_1sptlDE.exe
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\wt9_1sptlEN.exe
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\WT9_1SPTLEN.HLP
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\WT9_1SPTP.dll
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\WT9_1SPWP.dll
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\wt9_1uiDE.dll
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\wt9_1uien.dll
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\wt9_1uk.adv
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\wt9_1uk.icr
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\wt9_1uk.rul
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\wt9_1uk.sav
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\Wt9_1uk.ths
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\wt9_1us.adv
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\wt9_1us.icr
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\wt9_1us.rul
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\wt9_1us.sav
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Info]: Hidden file: c:\Programme\Gemeinsame Dateien\Corel\Shared\Writing Tools\9.1\wt9_1us.ths
02/22/08 19:11:11 [Note]: 10002 3
02/22/08 19:11:11 [Note]: 10002 2
02/22/08 19:11:11 [Note]: 10002 2
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 3
02/22/08 19:11:14 [Note]: 10002 2
02/22/08 19:11:14 [Note]: 10002 2
02/22/08 19:13:54 [Info]: Hidden file: c:\Programme\Movie Maker\Shared\Empty.txt
02/22/08 19:13:54 [Note]: 10002 3
02/22/08 19:13:54 [Info]: Hidden file: c:\Programme\Movie Maker\Shared\Filters.xml
02/22/08 19:13:54 [Note]: 10002 3
02/22/08 19:13:54 [Info]: Hidden file: c:\Programme\Movie Maker\Shared\news.png
02/22/08 19:13:54 [Note]: 10002 3
02/22/08 19:13:54 [Info]: Hidden file: c:\Programme\Movie Maker\Shared\paint.png
02/22/08 19:13:54 [Note]: 10002 3
02/22/08 19:13:54 [Info]: Hidden file: c:\Programme\Movie Maker\Shared\Profiles\Blank.txt
02/22/08 19:13:54 [Note]: 10002 3
02/22/08 19:13:54 [Info]: Hidden file: c:\Programme\Movie Maker\Shared\Sample1.jpg
02/22/08 19:13:54 [Note]: 10002 3
02/22/08 19:13:54 [Info]: Hidden file: c:\Programme\Movie Maker\Shared\Sample2.jpg
02/22/08 19:13:54 [Note]: 10002 3
02/22/08 19:13:54 [Note]: 10002 2
02/22/08 19:13:54 [Note]: 10002 2
02/22/08 19:18:41 [Info]: Hidden file: c:\WINDOWS\ime\shared\imepaden.hlp
02/22/08 19:18:41 [Note]: 10002 3
02/22/08 19:18:41 [Info]: Hidden file: c:\WINDOWS\ime\shared\imepadsm.dll
02/22/08 19:18:41 [Note]: 10002 3
02/22/08 19:18:41 [Info]: Hidden file: c:\WINDOWS\ime\shared\imepadsv.exe
02/22/08 19:18:41 [Note]: 10002 3
02/22/08 19:18:41 [Info]: Hidden file: c:\WINDOWS\ime\shared\imlang.dll
02/22/08 19:18:41 [Note]: 10002 3
02/22/08 19:18:41 [Info]: Hidden file: c:\WINDOWS\ime\shared\res\PADRS404.DLL
02/22/08 19:18:41 [Note]: 10002 3
02/22/08 19:18:41 [Info]: Hidden file: c:\WINDOWS\ime\shared\res\padrs411.dll
02/22/08 19:18:41 [Note]: 10002 3
02/22/08 19:18:41 [Info]: Hidden file: c:\WINDOWS\ime\shared\res\padrs412.dll
02/22/08 19:18:41 [Note]: 10002 3
02/22/08 19:18:41 [Info]: Hidden file: c:\WINDOWS\ime\shared\res\padrs804.dll
02/22/08 19:18:41 [Note]: 10002 3
02/22/08 19:18:41 [Note]: 10002 2
02/22/08 19:18:41 [Note]: 10002 2
02/22/08 19:19:10 [Note]: 10002 2
02/22/08 19:19:10 [Note]: 10002 2
02/22/08 19:19:10 [Info]: Hidden file: C:\WINDOWS\system32\drivers\hldrrr.exe
02/22/08 19:19:10 [Note]: 10002 2
02/22/08 19:19:10 [Info]: Hidden file: c:\WINDOWS\system32\drivers\srosa.sys
02/22/08 19:19:10 [Note]: 10002 2
02/22/08 19:19:57 [Note]: 2000 1012
02/22/08 19:20:11 [Note]: 7007 0

cosinus 22.02.2008 19:33
02/22/08 19:19:10 [Info]: Hidden file: C:\WINDOWS\system32\drivers\hldrrr.exe
02/22/08 19:19:10 [Note]: 10002 2
02/22/08 19:19:10 [Info]: Hidden file: c:\WINDOWS\system32\drivers\srosa.sys

Jau, Du hast rootkits/backdoors im System. Du mußt es neu aufsetzen, da führt kein Weg dran vorbei wenn Du den Mist loswerden willst.

dor Schuppen 27.02.2008 11:38
So, alles neu aufgesetzt, scheint auch alles ganz gut zu laufen...
Vielen Dank


Alle Zeitangaben in WEZ +1. Es ist jetzt 18:49 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131