| |
| |||||||
Log-Analyse und Auswertung: Probleme bei Logfile AnalyseWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
13.08.2008, 23:07
| #7 |
| |  Probleme bei Logfile Analyse Hier habe ich jetzt die Ergebnisse der 3 Programme: Backlight: 08/13/08 23:38:42 [Info]: BlackLight Engine 1.0.70 initialized 08/13/08 23:38:42 [Info]: OS: 5.1 build 2600 (Service Pack 2) 08/13/08 23:38:42 [Note]: 7019 4 08/13/08 23:38:42 [Note]: 7005 0 08/13/08 23:39:09 [Note]: 7006 0 08/13/08 23:39:09 [Note]: 7011 204 08/13/08 23:39:09 [Note]: 7035 0 08/13/08 23:39:09 [Note]: 7026 0 08/13/08 23:39:09 [Note]: 7026 0 08/13/08 23:39:17 [Note]: FSRAW library version 1.7.1024 08/13/08 23:43:01 [Note]: 2000 1012 08/13/08 23:47:02 [Note]: 7007 0 Navilog: Search Navipromo version 3.6.3 began on 13.08.2008 at 23:52:14,79 !!! Warning, this report may include legitimate files/programs !!! !!! Post this report on the forum you are being helped !!! !!! Don't continue with removal unless instructed by an authorized helper !!! Fix running from C:\Programme\navilog1 Actual User Account : "Andreas" Updated on 09.08.2008 at 18h00 by IL-MAFIOSO Microsoft Windows XP [Version 5.1.2600] Version Internet Explorer : 6.0.2900.2180 Filesystem type : NTFS Search done in normal mode *** Searching for installed Software *** *** Search folders in "C:\WINDOWS" *** *** Search folders in "C:\Programme" *** *** Search folders in "C:\Dokumente und Einstellungen\All Users.WINDOWS\startm~1\progra~1" *** *** Search folders in "C:\Dokumente und Einstellungen\All Users.WINDOWS\startm~1" *** *** Search folders in "c:\dokume~1\alluse~1.win\anwend~1" *** *** Search folders in "C:\Dokumente und Einstellungen\Andreas.D**N-78E44FB848\anwend~1" *** *** Search folders in "C:\DOKUME~1\ADMINI~1.DEN\anwend~1" *** *** Search folders in "C:\DOKUME~1\FAMILI~1.DEN\anwend~1" *** *** Search folders in "C:\DOKUME~1\freenet\anwend~1" *** *** Search folders in "C:\DOKUME~1\GAST~1.DEN\anwend~1" *** *** Search folders in "C:\DOKUME~1\TEMP\anwend~1" *** *** Search folders in "C:\Dokumente und Einstellungen\Andreas.D**N-78E44FB848\lokale~1\anwend~1" *** *** Search folders in "C:\DOKUME~1\ADMINI~1.DEN\lokale~1\anwend~1" *** *** Search folders in "C:\DOKUME~1\FAMILI~1.DEN\lokale~1\anwend~1" *** *** Search folders in "C:\DOKUME~1\freenet\lokale~1\anwend~1" *** *** Search folders in "C:\DOKUME~1\GAST~1.DEN\lokale~1\anwend~1" *** *** Search folders in "C:\DOKUME~1\TEMP\lokale~1\anwend~1" *** *** Search folders in "C:\Dokumente und Einstellungen\Andreas.D**N-78E44FB848\startm~1\progra~1" *** *** Search folders in "C:\DOKUME~1\ADMINI~1.DEN\startm~1\progra~1" *** *** Search folders in "C:\DOKUME~1\FAMILI~1.DEN\startm~1\progra~1" *** *** Search folders in "C:\DOKUME~1\freenet\startm~1\progra~1" *** *** Search folders in "C:\DOKUME~1\GAST~1.DEN\startm~1\progra~1" *** *** Search with Catchme-rootkit/stealth malware detector by gmer *** for more info : http://www.gmer.net *** Search with GenericNaviSearch *** !!! Possibility of legitimate files in the result !!! !!! Must always be checked before manually deleting !!! * Scan in "C:\WINDOWS\system32" * Suspicious Files : lkcitdl.exe found ! lkcitdl.exe found ! * Scan in "C:\Dokumente und Einstellungen\Andreas.D**N-78E44FB848\lokale~1\anwend~1" * * Scan in "C:\DOKUME~1\ADMINI~1.DEN\lokale~1\anwend~1" * * Scan in "C:\DOKUME~1\FAMILI~1.DEN\lokale~1\anwend~1" * * Scan in "C:\DOKUME~1\freenet\lokale~1\anwend~1" * * Scan in "C:\DOKUME~1\GAST~1.DEN\lokale~1\anwend~1" * * Scan in "C:\DOKUME~1\TEMP\lokale~1\anwend~1" * *** Search files *** *** Search specific Registry keys *** *** Complementary Search *** (Search specific files) 1)Search new Instant Access files : 2)Heuristic Search : * In "C:\WINDOWS\system32" : * In "C:\Dokumente und Einstellungen\Andreas.D**N-78E44FB848\lokale~1\anwend~1" : * In "C:\DOKUME~1\ADMINI~1.DEN\lokale~1\anwend~1" : * In "C:\DOKUME~1\FAMILI~1.DEN\lokale~1\anwend~1" : * In "C:\DOKUME~1\freenet\lokale~1\anwend~1" : * In "C:\DOKUME~1\GAST~1.DEN\lokale~1\anwend~1" : * In "C:\DOKUME~1\TEMP\lokale~1\anwend~1" : 3)Certificates Search : Egroup certificate not found ! Electronic-Group certificate not found ! Montorgueil certificate not found ! OOO-Favorit certificate not found ! Sunny-Day-Design-Ltd certificate not found ! 4)Search known files : *** Search completed on 14.08.2008 at 0:00:18,67 *** Stealth MBR rootkit detector 0.2.4 by Gmer, http://www.gmer.net device: opened successfully user: MBR read successfully kernel: MBR read successfully MBR rootkit code detected ! malicious code @ sector 0xac153e0 size 0x1a8 ! copy of MBR has been found in sector 62 ! MBR rootkit infection detected ! Use: "mbr.exe -f" to fix. |
| Themen zu Probleme bei Logfile Analyse |
| adobe, antivir, avira, bho, browser, citadel, dateien, desktop, einstellungen, explorer, helfen, hijack, hijackthis, hkus\s-1-5-18, ics, internet, internet explorer, konica minolta, logfile, messenger, micro, microsoft, national, office 2007, pagepro, senden, software, trojaner, trojaner board, windows, windows media player, windows xp |
Baum-Darstellung