Auch bei mir: "Achtung. Aus Sicherheitsgründen wurde ihr Windowssystem blockiert."

xVraccas · 18.03.2012, 14:49

Dieses Forum scheint ja viel Erfahrung mit diesem Virus zu haben.
Ich hab hier auch gelesen, dass die Lösungen für bei jedem Fall unterschiedlich sein können und desshalb hab ich einen neuen Thread aufgemacht. Der Virus trat ca. vor einer viertel Stunde das erste mal beim Surfen auf.

Mein System wäre Windows 7 64-bit
Im Moment bin ich mit dem betroffenen Laptop mit dem abgesicherten Modus mit Netzwerktreibern online. Dieser Modus funktioniert einwandfrei.

Was ich schon versucht habe ist folgendes:
Beim Start von Windows kann man ja F8 drücken. Dabei hab ich die erste Option ausgewählt (ich glaube, die hieß "Reparieren" oder so). Und dort "System Wiederherstellen" und von dem letzten Wiederherstellungspunkt (ein wichtiges Windows-Update) die Systemwiederherstellung gestartet. Meine geringen Vorkenntnisse in Richtung Systempartition ließen mich glauben das würde helfen. Hat es aber nicht.

Das in diesem Forum oft erwähnte OTL habe ich noch gar nicht heruntergeladen.

Was soll ich jetzt tun?

Ich bedanke mich jetzt schon für jede Art von Hilfe.

Schöne Grüße

xVraccas · 18.03.2012, 15:52

Hier die beiden .txts von Defogger.exe

DDS.txt :

Code:

ATTFilter

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Professional 
Boot Device: \Device\HarddiskVolume1
Install Date: 14.09.2011 20:42:41
System Uptime: 18.03.2012 15:38:25 (0 hours ago)
.
Motherboard: SAMSUNG ELECTRONICS CO., LTD. |  | R710                       
Processor: Intel(R) Core(TM)2 Duo CPU     T6400  @ 2.00GHz | U2E1 | 1995/mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 68 GiB total, 36,622 GiB free.
D: is FIXED (NTFS) - 196 GiB total, 57,511 GiB free.
E: is FIXED (NTFS) - 201 GiB total, 128,508 GiB free.
F: is CDROM ()
G: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {36fc9e60-c465-11cf-8056-444553540000}
Description: Unknown Device
Device ID: USB\VID_0000&PID_0000\5&218DF6C0&0&1
Manufacturer: (Standard-USB-Hostcontroller)
Name: Unknown Device
PNP Device ID: USB\VID_0000&PID_0000\5&218DF6C0&0&1
Service: 
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft-Adapter für Miniports virtueller WiFis
Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&31B12072&0&01
Manufacturer: Microsoft
Name: Microsoft-Adapter für Miniports virtueller WiFis
PNP Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&31B12072&0&01
Service: vwifimp
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: TAP-Win32 Adapter V9 (Tunngle)
Device ID: ROOT\NET\0001
Manufacturer: TAP-Win32 Provider V9 (Tunngle)
Name: TAP-Win32 Adapter V9 (Tunngle)
PNP Device ID: ROOT\NET\0001
Service: tap0901t
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Security Processor Loader Driver
Device ID: ROOT\LEGACY_SPLDR\0000
Manufacturer: 
Name: Security Processor Loader Driver
PNP Device ID: ROOT\LEGACY_SPLDR\0000
Service: spldr
.
==== System Restore Points ===================
.
RP120: 06.03.2012 11:38:28 - Windows Update
RP121: 06.03.2012 23:39:49 - BlackBerry Device Manager wurde installiert.
RP122: 06.03.2012 23:51:53 - Installed BBSAK
RP123: 06.03.2012 23:56:30 - Installed BBSAK
RP124: 07.03.2012 21:20:07 - Installed BlackBerry Desktop Software.
RP125: 09.03.2012 16:08:56 - Windows Update
RP126: 13.03.2012 22:34:35 - Windows Update
RP127: 14.03.2012 13:19:58 - Windows Update
RP128: 16.03.2012 00:13:08 - Windows Update
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player ActiveX
Adobe Reader X (10.1.1) - Deutsch
AniFX 1.0
Apple Application Support
Apple Software Update
Assassin's Creed
Assassin's Creed Brotherhood
Assassin's Creed II
Assassin's Creed Revelations 1.02
Avira AntiVir Personal - Free Antivirus
Babylon toolbar on IE
BBSAK
BlackBerry Desktop Software 6.1
BlackBerry Device Manager 7.0
BlueJ
DAEMON Tools Toolbar
DealPly
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DivX-Setup
FIFA 11
Fifa 12 (c) Electronic Arts version 1
Flashtool
GIMP 2.6.7
Gordon's Gate Flash Driver 2.2.0.11
HTC BMP USB Driver
HTC Driver Installer
Iminent
IMinent Toolbar
iTag
Java Auto Updater
Java(TM) 6 Update 22
Java(TM) 6 Update 29
Java(TM) SE Development Kit 6 Update 20
LogMeIn Hamachi
Microsoft Games for Windows - LIVE Redistributable
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (German) 2010
Microsoft Office Excel MUI (German) 2010
Microsoft Office Home and Student 2010
Microsoft Office OneNote MUI (German) 2010
Microsoft Office Outlook MUI (German) 2010
Microsoft Office PowerPoint MUI (German) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (German) 2010
Microsoft Office Proof (Italian) 2010
Microsoft Office Proofing (German) 2010
Microsoft Office Publisher MUI (German) 2010
Microsoft Office Shared MUI (German) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (German) 2010
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Mozilla Firefox 10.0.2 (x86 de)
Mozilla Thunderbird 10.0 (x86 de)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB973685)
Need for Speed(TM) Hot Pursuit
NVIDIA PhysX
OpenOffice.org 3.3
QuickTime
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2518870)
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Visio Viewer 2010 (KB2597170) 32-Bit Edition
Skype™ 5.5
Sony Ericsson PC Companion 2.01.231
Sony Ericsson Update Engine
TeamViewer 6
Thrustmaster Force Feedback Driver
Tunngle beta
Ubisoft Game Launcher
Unreal Tournament 3 (LG)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition
Update for Microsoft Outlook Social Connector (KB2583935)
VC80CRTRedist - 8.0.50727.6195
VLC media player 1.1.11
Winamp
WinRAR
YouWave for Android
.
==== End Of File ===========================

und Attach.txt

Code:

ATTFilter

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Professional 
Boot Device: \Device\HarddiskVolume1
Install Date: 14.09.2011 20:42:41
System Uptime: 18.03.2012 15:38:25 (0 hours ago)
.
Motherboard: SAMSUNG ELECTRONICS CO., LTD. |  | R710                       
Processor: Intel(R) Core(TM)2 Duo CPU     T6400  @ 2.00GHz | U2E1 | 1995/mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 68 GiB total, 36,622 GiB free.
D: is FIXED (NTFS) - 196 GiB total, 57,511 GiB free.
E: is FIXED (NTFS) - 201 GiB total, 128,508 GiB free.
F: is CDROM ()
G: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {36fc9e60-c465-11cf-8056-444553540000}
Description: Unknown Device
Device ID: USB\VID_0000&PID_0000\5&218DF6C0&0&1
Manufacturer: (Standard-USB-Hostcontroller)
Name: Unknown Device
PNP Device ID: USB\VID_0000&PID_0000\5&218DF6C0&0&1
Service: 
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft-Adapter für Miniports virtueller WiFis
Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&31B12072&0&01
Manufacturer: Microsoft
Name: Microsoft-Adapter für Miniports virtueller WiFis
PNP Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&31B12072&0&01
Service: vwifimp
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: TAP-Win32 Adapter V9 (Tunngle)
Device ID: ROOT\NET\0001
Manufacturer: TAP-Win32 Provider V9 (Tunngle)
Name: TAP-Win32 Adapter V9 (Tunngle)
PNP Device ID: ROOT\NET\0001
Service: tap0901t
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Security Processor Loader Driver
Device ID: ROOT\LEGACY_SPLDR\0000
Manufacturer: 
Name: Security Processor Loader Driver
PNP Device ID: ROOT\LEGACY_SPLDR\0000
Service: spldr
.
==== System Restore Points ===================
.
RP120: 06.03.2012 11:38:28 - Windows Update
RP121: 06.03.2012 23:39:49 - BlackBerry Device Manager wurde installiert.
RP122: 06.03.2012 23:51:53 - Installed BBSAK
RP123: 06.03.2012 23:56:30 - Installed BBSAK
RP124: 07.03.2012 21:20:07 - Installed BlackBerry Desktop Software.
RP125: 09.03.2012 16:08:56 - Windows Update
RP126: 13.03.2012 22:34:35 - Windows Update
RP127: 14.03.2012 13:19:58 - Windows Update
RP128: 16.03.2012 00:13:08 - Windows Update
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player ActiveX
Adobe Reader X (10.1.1) - Deutsch
AniFX 1.0
Apple Application Support
Apple Software Update
Assassin's Creed
Assassin's Creed Brotherhood
Assassin's Creed II
Assassin's Creed Revelations 1.02
Avira AntiVir Personal - Free Antivirus
Babylon toolbar on IE
BBSAK
BlackBerry Desktop Software 6.1
BlackBerry Device Manager 7.0
BlueJ
DAEMON Tools Toolbar
DealPly
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DivX-Setup
FIFA 11
Fifa 12 (c) Electronic Arts version 1
Flashtool
GIMP 2.6.7
Gordon's Gate Flash Driver 2.2.0.11
HTC BMP USB Driver
HTC Driver Installer
Iminent
IMinent Toolbar
iTag
Java Auto Updater
Java(TM) 6 Update 22
Java(TM) 6 Update 29
Java(TM) SE Development Kit 6 Update 20
LogMeIn Hamachi
Microsoft Games for Windows - LIVE Redistributable
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (German) 2010
Microsoft Office Excel MUI (German) 2010
Microsoft Office Home and Student 2010
Microsoft Office OneNote MUI (German) 2010
Microsoft Office Outlook MUI (German) 2010
Microsoft Office PowerPoint MUI (German) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (German) 2010
Microsoft Office Proof (Italian) 2010
Microsoft Office Proofing (German) 2010
Microsoft Office Publisher MUI (German) 2010
Microsoft Office Shared MUI (German) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (German) 2010
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Mozilla Firefox 10.0.2 (x86 de)
Mozilla Thunderbird 10.0 (x86 de)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB973685)
Need for Speed(TM) Hot Pursuit
NVIDIA PhysX
OpenOffice.org 3.3
QuickTime
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2518870)
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Visio Viewer 2010 (KB2597170) 32-Bit Edition
Skype™ 5.5
Sony Ericsson PC Companion 2.01.231
Sony Ericsson Update Engine
TeamViewer 6
Thrustmaster Force Feedback Driver
Tunngle beta
Ubisoft Game Launcher
Unreal Tournament 3 (LG)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition
Update for Microsoft Outlook Social Connector (KB2583935)
VC80CRTRedist - 8.0.50727.6195
VLC media player 1.1.11
Winamp
WinRAR
YouWave for Android
.
==== End Of File ===========================

markusg · 18.03.2012, 20:02

im abgesicherten modus mit netzwerk unter dem betroffenen nutzer otl ausführen.
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Starte bitte die
OTL.exe
.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Kopiere nun den Inhalt in die
Textbox.

Code:

ATTFilter

activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Kopiere
nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread

Auch bei mir: "Achtung. Aus Sicherheitsgründen wurde ihr Windowssystem blockiert."

Plagegeister aller Art und deren Bekämpfung: Auch bei mir: "Achtung. Aus Sicherheitsgründen wurde ihr Windowssystem blockiert."