| |
| |||||||
Log-Analyse und Auswertung: Achtung! Aus Sicherheitsgründen wurde ihr Windowssystem blockiertWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
06.02.2012, 23:28
| #1 |
 |  Achtung! Aus Sicherheitsgründen wurde ihr Windowssystem blockiert Hallo ihr lieben, ich habe folgendes Problem: Als ich vorhin im Internet war öffnete sich auf einmal die oben besagte Fehlermeldung samt der Aufforderung 50 € zu zahlen. Das Bild nahm den ganzen Bildschirm ein und der Laptop hat auf nichts mehr reagiert (nicht auf Mausklicke,nicht auf escape, der Taskmanager lies sich nicht mehr öffnen) Ich habe den Laptop dann über langes "Aus-Knopf-drücken" runtergefahren. Vor ein Paar Monaten hatte ich schon einmal ein ähnliches Problem. Damals hat mir Google (Vom PC meiner Mitbewohnerin) ganz gut geholfen, weil ich eine Anleitung gefunden habe, wie ich im abgesicherten Modus nach dem Problem suche und das dann lösche. Dann lief alles wieder. Diesmal bin ich aus Google aber leider nicht schlau geworden... Ich habe dann meinen Laptop noch mal hochgefahren, dabei meinen "Internet-schalter" an der Seite des Laptops auf "off" gelegt, und habe Avira einmal scannen lassen. Avira hat auch was gefunden: EXP/CVE-2011-3544 das habe ich dann gelöscht. Da mir das aber überhauptnihcts sagt, und ich keine Ahnung habe, ob das jetzt damit behoben ist oder nicht traue ich mich noch nicht so richtig das Internet wieder an zu machen und den Laptop richtig zu benutzen. Deshalb habe ich mir (wieder vom Laptop meiner Mitbewohnerin) eure ganzen tollen Programme runtergeladen, sie mit meinem Stick auf meinen Laptop gepackt, und habe sie da mal laufen lassen. Folgendes hat er dann ausgespuckt: . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.19170 BrowserJavaVersion: 1.6.0_17 Run by Mira at 22:09:13 on 2012-02-06 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.2046.1139 [GMT 1:00] . AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\Ati2evxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\Ati2evxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\svchost.exe -k hpdevmgmt C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe C:\Windows\system32\lxbkcoms.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe C:\Program Files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe C:\Program Files\Sony\VAIO Event Service\VESMgr.exe C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\Explorer.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\DRIVERS\xaudio.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\taskeng.exe C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe C:\Program Files\Sony\VAIO Power Management\SPMgr.exe C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Users\Mira\AppData\Local\Mozilla\Firefox\firefox.exe C:\Program Files\ImagonShared\DierckeBrowserInterface.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\conime.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe \\?\C:\Windows\system32\wbem\WMIADAP.EXE C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uSearch Page = hxxp://www.google.com uSearch Bar = hxxp://www.google.com/ie mDefault_Page_URL = hxxp://www.club-vaio.com uInternet Settings,ProxyOverride = *.local BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll BHO: Adobe PDF Reader: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7227.1100\swg.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\progra~1\google~1\BAE.dll BHO: MSN Toolbar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\4.0.0357.1\npwinext.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll TB: MSN Toolbar: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\4.0.0357.1\npwinext.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe uRun: [Firefox helper] c:\users\mira\appdata\local\mozilla\firefox\firefox.exe mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup mRun: [StartCCC] c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe mRun: [<NO NAME>] mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe" mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" StartupFolder: c:\users\mira\appdata\roaming\micros~1\windows\startm~1\programs\startup\ccc.lnk - c:\program files\ati technologies\ati.ace\core-static\CCC.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\dgo-in~1.lnk - c:\program files\imagonshared\DierckeBrowserInterface.exe mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: An OneNote s&enden - c:\progra~1\micros~2\office14\ONBttnIE.dll/105 IE: Bild an &Bluetooth-Gerät senden... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html IE: Nach Microsoft &Excel exportieren - c:\progra~1\micros~2\office11\EXCEL.EXE/3000 IE: Nach Microsoft E&xcel exportieren - c:\progra~1\micros~2\office14\EXCEL.EXE/3000 IE: Nach Microsoft E&xel exportieren - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: Seite an &Bluetooth-Gerät senden... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab TCP: Interfaces\{1DA162A9-CE9B-4C64-94AB-2A788B2C4B85} : DhcpNameServer = 192.168.0.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll Notify: VESWinlogon - VESWinlogon.dll AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL . ================= FIREFOX =================== . FF - ProfilePath - c:\users\mira\appdata\roaming\mozilla\firefox\profiles\8g1enzv1.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/ FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=IEFM1&q= FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll FF - plugin: c:\program files\msn toolbar\platform\4.0.0357.1\npwinext.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - plugin: c:\users\mira\appdata\local\facebook\video\skype\npFacebookVideoCalling.dll . ---- FIREFOX POLICIES ---- FF - user.js: yahoo.homepage.dontask - true ============= SERVICES / DRIVERS =============== . R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2011-10-20 36000] R2 AntiVirSchedulerService;Avira Planer;c:\program files\avira\antivir desktop\sched.exe [2011-10-20 86224] R2 AntiVirService;Avira Echtzeit Scanner;c:\program files\avira\antivir desktop\avguard.exe [2011-10-20 110032] R2 Automatisches LiveUpdate - Scheduler;Automatisches LiveUpdate - Scheduler;c:\program files\symantec\liveupdate\AluSchedulerSvc.exe [2008-1-2 554352] R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-10-20 74640] R2 FontCache;Windows-Dienst für Schriftartencache;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-8-24 21504] R2 lxbk_device;lxbk_device;c:\windows\system32\lxbkcoms.exe -service --> c:\windows\system32\lxbkcoms.exe -service [?] R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-17 11032] R2 TeamViewer5;TeamViewer 5;c:\program files\teamviewer\version5\TeamViewer_Service.exe [2010-11-1 2011944] R2 uCamMonitor;CamMonitor;c:\program files\arcsoft\magic-i visual effects\uCamMonitor.exe [2008-1-2 125440] R2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\sony\vcm intelligent analyzing manager\VcmIAlzMgr.exe [2008-1-2 292128] R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\drivers\ArcSoftKsUFilter.sys [2008-1-2 17920] R3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\system32\drivers\R5U870FLx86.sys [2007-11-27 73472] R3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\system32\drivers\R5U870FUx86.sys [2007-11-27 43904] R3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2007-11-27 9344] R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-11-27 818688] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-4-30 135664] S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2007-11-26 28464] S3 DTV_Capture_2X0;Digital TV Receiver;c:\windows\system32\drivers\DTV_Capture_2X0.sys [2011-10-2 18432] S3 DTV_Loader_2X1;Digital TV Loader;c:\windows\system32\drivers\DTV_Loader_2X1.sys [2011-10-2 19328] S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2007-11-27 30192] S3 gupdatem;Google Update-Dienst (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-4-30 135664] S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000] S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:\program files\sony\vaio media integrated server\UCLS.exe [2008-1-2 745472] S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);c:\program files\sony\vaio media integrated server\platform\SV_Httpd.exe [2008-1-2 397312] S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:\program files\sony\vaio media integrated server\platform\UPnPFramework.exe [2008-1-2 1089536] S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\common files\sony shared\vcmxml\VcmXmlIfHelper.exe [2008-1-2 79136] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] S3 WSDPrintDevice;WSD-Druckunterstützung durch UMB;c:\windows\system32\drivers\WSDPrint.sys [2008-8-24 16896] . =============== Created Last 30 ================ . 2012-02-06 12:50:01 6557240 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{6210ee99-0851-4b54-8119-b28ebc47769c}\mpengine.dll 2012-02-02 21:57:36 -------- d-----w- c:\program files\iPod 2012-02-02 21:57:35 -------- d-----w- c:\program files\iTunes 2012-01-17 22:22:22 440192 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-01-17 22:22:22 278528 ----a-w- c:\windows\system32\schannel.dll 2012-01-17 22:22:21 377344 ----a-w- c:\windows\system32\winhttp.dll 2012-01-17 22:22:21 1259008 ----a-w- c:\windows\system32\lsasrv.dll 2012-01-17 22:22:20 9728 ----a-w- c:\windows\system32\lsass.exe 2012-01-17 22:22:20 72704 ----a-w- c:\windows\system32\secur32.dll 2012-01-11 19:54:34 23552 ----a-w- c:\windows\system32\mciseq.dll 2012-01-11 19:54:34 189952 ----a-w- c:\windows\system32\winmm.dll 2012-01-11 19:54:33 1205064 ----a-w- c:\windows\system32\ntdll.dll 2012-01-11 19:54:32 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat 2012-01-11 19:54:31 376320 ----a-w- c:\windows\system32\winsrv.dll 2012-01-11 19:54:30 66560 ----a-w- c:\windows\system32\packager.dll 2012-01-11 19:54:28 497152 ----a-w- c:\windows\system32\qdvd.dll 2012-01-11 19:54:28 1314816 ----a-w- c:\windows\system32\quartz.dll 2012-01-11 19:39:30 479232 ----a-w- c:\program files\mozilla firefox\msvcm80.dll 2012-01-11 19:39:30 45016 ----a-w- c:\program files\mozilla firefox\mozutils.dll 2012-01-11 19:39:29 626688 ----a-w- c:\program files\mozilla firefox\msvcr80.dll 2012-01-11 19:39:29 548864 ----a-w- c:\program files\mozilla firefox\msvcp80.dll . ==================== Find3M ==================== . 2012-01-26 23:21:24 237072 ------w- c:\windows\system32\MpSigStub.exe 2011-11-25 12:45:26 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-11-23 13:37:27 2043904 ----a-w- c:\windows\system32\win32k.sys 2011-11-15 19:03:47 136 ----a-w- c:\users\mira\appdata\roaming\srvblck2.tmp 2008-12-27 22:54:46 6320872 ----a-w- c:\program files\npsibelius.dll . ============= FINISH: 22:11:20,34 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft® Windows Vista™ Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 28.06.2008 20:06:02 System Uptime: 06.02.2012 18:02:41 (4 hours ago) . Motherboard: Sony Corporation | | VAIO Processor: Intel(R) Core(TM)2 Duo CPU T8100 @ 2.10GHz | N/A | 2101/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 140 GiB total, 21,379 GiB free. D: is Removable E: is Removable F: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . . ==== Installed Programs ====================== . . 32 Bit HP CIO Components Installer Abenteuer auf dem Reiterhof Adobe AIR Adobe Flash Player 11 Plugin Adobe Flash Player ActiveX Adobe Photoshop Elements 6.0 Adobe Reader 8.1.4 - Deutsch Adobe Shockwave Player Advent 1.6.0.2 Apple Application Support Apple Mobile Device Support Apple Software Update ArcSoft Magic-i Visual Effects ATI Catalyst Install Manager Atlantis - Sky Patrol (remove only) Audacity 1.2.6 Audacity 1.3.13 (Unicode) Auslogics Disk Defrag AutoUpdate Avira Free Antivirus B010 Benutzerdefinierte Voreinstellungen für SonicStage Mastering Studio Audio Filter Big Fish Games Center Big Fish Games Sudoku (remove only) Bonjour Branding Browser Address Error Redirector BufferChm CANON iMAGE GATEWAY Task for ZoomBrowser EX Canon Internet Library for ZoomBrowser EX Canon RAW Image Task for ZoomBrowser EX Canon Utilities CameraWindow Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX Canon Utilities Digital Photo Professional 3.4 Canon Utilities EOS Utility Canon Utilities MyCamera Canon Utilities Original Data Security Tools Canon Utilities PhotoStitch Canon Utilities Picture Style Editor Canon Utilities RemoteCapture Task for ZoomBrowser EX Canon Utilities WFT-E1/E2/E3 Utility Canon Utilities ZoomBrowser EX Canon ZoomBrowser EX Memory Card Utility Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Graphics Previews Common Catalyst Control Center Graphics Previews Vista Catalyst Control Center Localization Chinese Standard Catalyst Control Center Localization Chinese Traditional Catalyst Control Center Localization Czech Catalyst Control Center Localization Danish Catalyst Control Center Localization Dutch Catalyst Control Center Localization Finnish Catalyst Control Center Localization French Catalyst Control Center Localization German Catalyst Control Center Localization Greek Catalyst Control Center Localization Hungarian Catalyst Control Center Localization Italian Catalyst Control Center Localization Japanese Catalyst Control Center Localization Korean Catalyst Control Center Localization Norwegian Catalyst Control Center Localization Polish Catalyst Control Center Localization Portuguese Catalyst Control Center Localization Russian Catalyst Control Center Localization Spanish Catalyst Control Center Localization Swedish Catalyst Control Center Localization Thai Catalyst Control Center Localization Turkish ccc-core-static ccc-utility CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Click to Disc Click to Disc Editor D3DX10 Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition Destinations DeviceDiscovery Die Sims 2 Diercke Globus Online DivX Codec DivX Converter DivX Player DivX Web Player Dropbox DVB-T USB 2.0 EOS USB WIA Driver Facebook Video Calling 1.1.1.1 GearDrvs GlasgowComaScale Trainer - Version 1.1 Google Desktop Google Earth Google Talk (remove only) Google Toolbar for Internet Explorer Google Update Helper GPBaseService2 HDAUDIO SoftV92 Data Fax Modem with SmartCP HijackThis 2.0.2 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) HP Imaging Device Functions 14.0 HP Photosmart B010 All-In-One Driver Software 14.0 Rel. 7 HP Smart Web Printing 4.60 HP Solution Center 14.0 HP Update HPPhotoGadget HPProductAssistant HPSSupply Instant Mode iTunes iTunes Lyrics Importer Java(TM) 6 Update 17 Java(TM) 6 Update 2 Junk Mail filter update LAME v3.98.3 for Audacity Lexmark X1100 Series LiveUpdate 3.2 (Symantec Corporation) LiveUpdate Notice (Symantec Corporation) Mahjong Towers Eternity EU (remove only) Messenger Plus! Live Microsoft .NET Framework 3.5 Language Pack SP1 - DEU Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Application Error Reporting Microsoft Default Manager Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (German) 2010 Microsoft Office Excel MUI (German) 2010 Microsoft Office Home and Student 2010 Microsoft Office OneNote MUI (German) 2010 Microsoft Office Outlook MUI (German) 2010 Microsoft Office PowerPoint MUI (German) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proof (Italian) 2010 Microsoft Office Proofing (German) 2010 Microsoft Office Publisher MUI (German) 2010 Microsoft Office Shared MUI (German) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (German) 2010 Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Works Moorhuhn Kart 3 Mozilla Firefox 10.0 (x86 de) MSN Toolbar MSN Toolbar Platform MSVCRT MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB941833) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) My Club VAIO Mystery Case Files - Prime Suspects (remove only) MyTube Recorder Norton 360 Norton Security Scan Norton Security Scan (Symantec Corporation) OpenMG Limited Patch 4.7-07-15-19-01 OpenMG Secure Module 4.7.00 PaperPort Image Printer Picasa 2 PS_AIO_07_B010_SW_Min QuickTime Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista Realtek High Definition Audio Driver Roxio Activation Module Roxio Easy Media Creator Home Safari Scan ScanSoft PaperPort 11 Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2518870) Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553353) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition Segoe UI Setting Utility Series Shop for HP Supplies Sibelius Scorch Plugin Skins Skype™ 4.0 SmartWebPrinting SolutionCenter SonicStage Mastering Studio SonicStage Mastering Studio Audio Filter SonicStage Mastering Studio Plugins Sony Video Shared Library Spelling Dictionaries Support For Adobe Reader 8 Status Synaptics Pointing Device Driver Systemsteuerung "MobileMe" TeamViewer 5 Toolbox TrayApp TweetDeck Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition Update for Microsoft Office 2010 (KB2553455) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition Update for Microsoft Outlook Social Connector (KB2583935) VAIO Camera Capture Utility VAIO Content Folder Setting VAIO Content Metadata Intelligent Analyzing Manager VAIO Content Metadata Manager Setting VAIO Content Metadata XML Interface Library VAIO Control Center VAIO Data Restore Tool VAIO DVD Menu Data Basic VAIO Entertainment Platform VAIO Event Service VAIO Launcher Vaio Marketing Tools VAIO Media VAIO Media 6.0 VAIO Media AC3 Decoder 1.0 VAIO Media Content Collection 6.0 VAIO Media Integrated Server 6.1 VAIO Media Redistribution 6.0 VAIO Media Registration Tool VAIO Media Registration Tool 6.0 VAIO Movie Story VAIO Movie Story Template Data VAIO MusicBox VAIO MusicBox Sample Music VAIO Original Function Setting VAIO Power Management VAIO Update 3 VAIO Wallpaper Contents Virtual Villagers (remove only) VLC media player 0.9.8a WebReg WIDCOMM Bluetooth Software 6.1.0.2200 Windows Live Communications Platform Windows Live Essentials Windows Live Fotogalerie Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live OneCare safety scanner Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinDVD for VAIO Wireless Switch Setting Utility XMedia Recode 3.0.4.9 . ==== End Of File =========================== GMER 1.0.15.15641 - hxxp://www.gmer.net Rootkit scan 2012-02-06 22:56:07 Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 TOSHIBA_MK1637GSX rev.DL030G Running: rn7wzg67.exe; Driver: C:\Users\Mira\AppData\Local\Temp\kxldypow.sys ---- System - GMER 1.0.15 ---- SSDT 88EF29EE ZwCreateSection SSDT 88EF29F8 ZwRequestWaitReplyPort SSDT 88EF29F3 ZwSetContextThread SSDT 88EF29FD ZwSetSecurityObject SSDT 88EF2A02 ZwSystemDebugControl SSDT 88EF298F ZwTerminateProcess ---- Kernel code sections - GMER 1.0.15 ---- .text ntkrnlpa.exe!KeSetEvent + 215 820BD998 4 Bytes [EE, 29, EF, 88] .text ntkrnlpa.exe!KeSetEvent + 539 820BDCBC 4 Bytes [F8, 29, EF, 88] .text ntkrnlpa.exe!KeSetEvent + 56D 820BDCF0 4 Bytes [F3, 29, EF, 88] .text ntkrnlpa.exe!KeSetEvent + 5D1 820BDD54 4 Bytes [FD, 29, EF, 88] .text ntkrnlpa.exe!KeSetEvent + 619 820BDD9C 4 Bytes [02, 2A, EF, 88] .text ... ? C:\Users\Mira\AppData\Local\Temp\mbr.sys Das System kann die angegebene Datei nicht finden. ! ---- Devices - GMER 1.0.15 ---- AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation) AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation) AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation) ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001bfb57dbfa Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001e3da0a054 Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001e3da0a054@001e4557b8ec 0xA9 0x5D 0x83 0x5F ... Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001bfb57dbfa (not active ControlSet) Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001e3da0a054 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001e3da0a054@001e4557b8ec 0xA9 0x5D 0x83 0x5F ... Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex@LogName C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy83.gthr ---- EOF - GMER 1.0.15 ---- Mir sagt das alles jetzt garnichts... und das wäre total lieb, wenn ihr da mal drüber schauen könntet, ob das jetzt wohl in Ordnung ist, oder nicht. Solange ich nicht mit dem Internet verbunden bin läuft soweit alles, ich traue mich halt nur nicht die Verbindung wieder einzuschalten, weil ich Angst habe, dass vll. irgentwelche Daten verloren gehen oder so. Also, schon einmal Danke im Vorraus für eure Zeit Mira |
| Themen zu Achtung! Aus Sicherheitsgründen wurde ihr Windowssystem blockiert |
| achtung!, antivir, avira, bildschirm, blockiert, bonjour, desktop, document, error, excel, exp/cve-2011-3544, firefox, flash player, fontcache, google, home, mozilla, nicht mehr öffnen, outlook 2010, plug-in, problem, registry, scan, secur, security, software, studio, svchost.exe, symantec, system, taskmanager, updates, usb 2.0, windows, wurde ihr |
Baum-Darstellung