Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
PC gesperrt - Online Cyber Police

PC gesperrt - Online Cyber Police


Log-Analyse und Auswertung: PC gesperrt - Online Cyber Police

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 14.09.2012, 20:41   #9
stormyx
 
PC gesperrt - Online Cyber Police - Standard

PC gesperrt - Online Cyber Police


Ich habe es zwar umgesetzt, jedoch fand ich keine Lösung dazu, wie ich von Norton die Anti-Spyware Version ausschalten kann. Die Meldung es auszuschalten bekam ich zweimal und dann fing Combo Fix an zu laufen.

Ich habe es nun einfach laufen lassen und dabei ist folgende Log entstanden.
Combofix Logfile:
Code:
ATTFilter
ComboFix 12-09-14.03 - stormy 14.09.2012  21:30:40.1.6 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.8191.5247 [GMT 2:00]
ausgeführt von:: c:\users\stormy\Downloads\ComboFix.exe
AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\imoqwjgatndpebe
D:\install.exe
c:\windows\TEMP\logishrd\LVPrcInj01.dll . . . . Nicht in der Lage zu löschen
c:\windows\TEMP\logishrd\LVPrcInj02.dll . . . . Nicht in der Lage zu löschen
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-08-14 bis 2012-09-14  ))))))))))))))))))))))))))))))
.
.
2012-09-14 19:33 . 2012-09-14 19:33	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-09-14 00:44 . 2011-07-13 02:55	2237440	----a-r-	C:\OTLPE.exe
2012-09-14 00:44 . 2012-09-14 00:44	--------	d-----w-	C:\_OTL
2012-09-13 20:44 . 2012-08-22 18:12	950128	----a-w-	c:\windows\system32\drivers\ndis.sys
2012-09-13 20:44 . 2012-08-02 17:58	574464	----a-w-	c:\windows\system32\d3d10level9.dll
2012-09-13 20:44 . 2012-08-02 16:57	490496	----a-w-	c:\windows\SysWow64\d3d10level9.dll
2012-09-13 20:44 . 2012-07-04 20:26	41472	----a-w-	c:\windows\system32\drivers\RNDISMP.sys
2012-09-13 20:44 . 2012-08-22 18:12	1913200	----a-w-	c:\windows\system32\drivers\tcpip.sys
2012-09-13 20:44 . 2012-08-22 18:12	376688	----a-w-	c:\windows\system32\drivers\netio.sys
2012-09-13 20:44 . 2012-08-22 18:12	288624	----a-w-	c:\windows\system32\drivers\FWPKCLNT.SYS
2012-09-13 19:44 . 2012-05-04 11:00	366592	----a-w-	c:\windows\system32\qdvd.dll
2012-09-13 19:44 . 2012-05-04 09:59	514560	----a-w-	c:\windows\SysWow64\qdvd.dll
2012-09-02 02:01 . 2012-09-02 02:01	916456	----a-w-	c:\windows\system32\deployJava1.dll
2012-09-02 02:01 . 2012-09-02 02:01	289768	----a-w-	c:\windows\system32\javaws.exe
2012-09-02 02:01 . 2012-09-02 02:01	1034216	----a-w-	c:\windows\system32\npDeployJava1.dll
2012-09-02 02:01 . 2012-09-02 02:01	189416	----a-w-	c:\windows\system32\javaw.exe
2012-09-02 02:01 . 2012-09-02 02:01	188904	----a-w-	c:\windows\system32\java.exe
2012-09-02 02:01 . 2012-09-02 02:01	108008	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2012-09-02 02:01 . 2012-09-02 02:01	--------	d-----w-	c:\program files\Java
2012-08-26 08:20 . 2012-08-29 17:14	--------	d-----w-	c:\programdata\Sony Ericsson
2012-08-26 08:20 . 2012-08-29 17:14	--------	d-----w-	c:\program files (x86)\Sony Ericsson
2012-08-23 02:43 . 2012-08-23 02:43	--------	d-----w-	c:\windows\Sun
2012-08-23 02:42 . 2012-06-29 03:37	1472360	----a-w-	c:\windows\system32\nvdispgenco64.dll
2012-08-23 02:42 . 2012-05-21 13:10	31080	----a-w-	c:\windows\system32\nvhdap64.dll
2012-08-23 02:42 . 2012-05-21 13:10	188776	----a-w-	c:\windows\system32\drivers\nvhda64v.sys
2012-08-23 02:42 . 2012-05-21 07:34	1468264	----a-w-	c:\windows\system32\nvhdagenco6420103.dll
2012-08-22 07:39 . 2012-08-22 07:39	--------	d-----w-	c:\users\stormy\AppData\Local\fontconfig
2012-08-22 07:39 . 2012-08-22 07:39	--------	d-----w-	c:\users\stormy\AppData\Local\gegl-0.2
2012-08-22 07:38 . 2012-08-22 07:38	--------	d-----w-	c:\users\stormy\temp
2012-08-22 07:37 . 2012-08-22 09:23	--------	d-----w-	c:\users\stormy\.gimp-2.8
2012-08-22 07:36 . 2012-08-22 07:36	--------	d-----w-	c:\program files\GIMP 2
2012-08-22 07:35 . 2012-08-22 07:35	--------	d-----w-	c:\users\stormy\AppData\Local\Secunia PSI
2012-08-22 07:34 . 2012-08-22 07:34	--------	d-----w-	c:\program files (x86)\Secunia
2012-08-21 14:10 . 2012-08-21 19:13	--------	d-----w-	c:\windows\system32\drivers\N360x64\0603000.00E
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-14 18:30 . 2012-04-06 22:41	283304	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2012-09-14 18:30 . 2012-02-14 22:41	283304	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2012-09-14 17:56 . 2012-02-14 22:41	283304	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2012-09-13 19:45 . 2012-01-07 04:10	64462936	----a-w-	c:\windows\system32\MRT.exe
2012-08-22 14:01 . 2012-04-01 10:50	696520	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-22 14:01 . 2012-01-06 23:34	73416	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-09 20:49 . 2012-02-14 22:41	76888	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2012-07-03 14:41 . 2012-01-07 00:18	168864	----a-w-	c:\program files\Common Files\WireHelpSvc.exe
2012-07-03 14:41 . 2012-01-07 00:18	147472	----a-w-	c:\windows\system32\drivers\ESLWireACD.sys
2012-06-29 03:37 . 2012-05-05 20:35	969064	----a-w-	c:\windows\system32\nvumdshimx.dll
2012-06-29 03:37 . 2012-05-05 20:35	828264	----a-w-	c:\windows\SysWow64\nvumdshim.dll
2012-06-29 03:37 . 2012-05-05 20:35	247144	----a-w-	c:\windows\system32\nvinitx.dll
2012-06-29 03:37 . 2012-05-05 20:35	202600	----a-w-	c:\windows\SysWow64\nvinit.dll
2012-06-29 03:37 . 2012-01-06 23:38	9164648	----a-w-	c:\windows\system32\nvcuda.dll
2012-06-29 03:37 . 2012-01-06 23:38	7699304	----a-w-	c:\windows\SysWow64\nvcuda.dll
2012-06-29 03:37 . 2012-01-06 23:38	2744680	----a-w-	c:\windows\system32\nvcuvid.dll
2012-06-29 03:37 . 2012-01-06 23:38	2723688	----a-w-	c:\windows\system32\nvapi64.dll
2012-06-29 03:37 . 2012-01-06 23:38	26226536	----a-w-	c:\windows\system32\nvoglv64.dll
2012-06-29 03:37 . 2012-01-06 23:38	2573160	----a-w-	c:\windows\SysWow64\nvcuvid.dll
2012-06-29 03:37 . 2012-01-06 23:38	25256296	----a-w-	c:\windows\system32\nvcompiler.dll
2012-06-29 03:37 . 2012-01-06 23:38	2422120	----a-w-	c:\windows\SysWow64\nvapi.dll
2012-06-29 03:37 . 2012-01-06 23:38	2216296	----a-w-	c:\windows\system32\nvcuvenc.dll
2012-06-29 03:37 . 2012-01-06 23:38	19828072	----a-w-	c:\windows\SysWow64\nvoglv32.dll
2012-06-29 03:37 . 2012-01-06 23:38	1865064	----a-w-	c:\windows\SysWow64\nvcuvenc.dll
2012-06-29 03:37 . 2012-01-06 23:38	18228072	----a-w-	c:\windows\system32\nvd3dumx.dll
2012-06-29 03:37 . 2012-01-06 23:38	1758056	----a-w-	c:\windows\system32\nvdispco64.dll
2012-06-29 03:37 . 2012-01-06 23:38	17559912	----a-w-	c:\windows\SysWow64\nvcompiler.dll
2012-06-29 03:37 . 2012-01-06 23:38	15290216	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2012-06-29 03:37 . 2012-01-06 23:38	14806376	----a-w-	c:\windows\system32\nvwgf2umx.dll
2012-06-29 03:37 . 2012-01-06 23:38	13365608	----a-w-	c:\windows\system32\drivers\nvlddmkm.sys
2012-06-29 03:37 . 2012-01-06 23:38	12388712	----a-w-	c:\windows\SysWow64\nvwgf2um.dll
2012-06-28 15:44 . 2012-06-28 15:44	428904	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2012-06-25 18:56 . 2012-06-25 18:56	175736	----a-w-	c:\windows\system32\drivers\SYMEVENT64x86.SYS
2012-06-25 14:30 . 2012-06-25 14:30	1394248	----a-w-	c:\windows\SysWow64\msxml4.dll
2012-01-07 03:27 . 2012-01-07 03:27	13844000	----a-w-	c:\program files (x86)\Common Files\lpuninstall.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="d:\spiele\steam.exe" [2012-08-04 1353080]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2012-09-07 3341464]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Six Engine"="c:\program files (x86)\ASUS\EPU\EPU.exe" [2010-06-14 5309056]
"BCU"="c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" [2010-03-05 411864]
"QFan Help"="c:\program files\ASUS\Ai Suite\QFan4\FanHelp.exe" [2010-03-25 888960]
"VolPanel"="c:\program files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" [2009-07-07 241789]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-10 90112]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2012-7-25 572000]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update-Dienst (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-07 136176]
R2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-06-29 1258856]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-22 250568]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2012-05-17 79360]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-05-17 79360]
R3 Creative Media Toolbox 6 Licensing Service;Creative Media Toolbox 6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe [2012-05-17 79360]
R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS [2010-11-25 230488]
R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS [2010-11-25 1494104]
R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS [2010-11-25 95320]
R3 DRHARD;DRHARD;c:\windows\system32\DRIVERS\DRHARD.SYS [x]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-07-29 16776]
R3 ESLvnic1;ESLvnic Virtual Network 64 Bit;c:\windows\system32\DRIVERS\ESLvnic.sys [2011-11-28 25528]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-07-29 9096]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-07 136176]
R3 LADF_CaptureOnly;LADF Capture Filter Driver;c:\windows\system32\DRIVERS\ladfGSCamd64.sys [2011-04-11 410184]
R3 LADF_RenderOnly;LADF Render Filter Driver;c:\windows\system32\DRIVERS\ladfGSRamd64.sys [2011-04-11 341832]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2009-11-24 16008]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2009-07-16 327320]
R3 LVUVC64;Logitech Webcam Pro 9000(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2009-07-16 6379160]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-07 114144]
R3 PS3 Media Server;PS3 Media Server;c:\program files (x86)\PS3 Media Server\win32\service\wrapper.exe [2010-01-12 217088]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2011-09-02 19936]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2011-09-02 13280]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys [2010-01-14 48416]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan60.sys [2010-01-14 29472]
R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys [2010-01-14 48416]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 VLAN;Realtek Virtual Miniport Driver for VLAN (NDIS 6.2);c:\windows\system32\DRIVERS\RtVLAN60.sys [2010-01-14 29472]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\0603000.00E\SYMDS64.SYS [2011-08-15 451192]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\0603000.00E\SYMEFA64.SYS [2012-05-22 1129120]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20120905.001\BHDrvx64.sys [2012-08-31 1385120]
S1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360x64\0603000.00E\ccSetx64.sys [2012-06-07 167072]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20120913.001\IDSvia64.sys [2012-09-01 513184]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\0603000.00E\Ironx64.SYS [2011-11-16 190072]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\0603000.00E\SYMNETS.SYS [2011-11-16 405624]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 AMD_RAIDXpert;AMD RAIDXpert;c:\program files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [2009-12-15 122880]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe [2010-06-24 109056]
S2 BCUService;Browser Configuration Utility Service;c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2010-03-05 235752]
S2 DRHARD64;DRHARD64;c:\windows\system32\drivers\DRHARD64.sys [2011-11-03 21984]
S2 DRHMSR64;DRHMSR64;c:\windows\system32\drivers\DRHMSR64.sys [2011-12-06 14760]
S2 ESLWireAC;ESLWireAC;c:\windows\system32\drivers\ESLWireACD.sys [2012-07-03 147472]
S2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-09-15 191000]
S2 N360;Norton 360;c:\program files (x86)\Norton 360\Engine\6.3.0.14\ccSvcHst.exe [2012-06-16 138272]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys [2010-01-14 32544]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2012-07-25 1326176]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [2012-07-25 681056]
S2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-06-28 382312]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]
S2 WireHelpSvc;WireHelpSvc;c:\program files\Common Files\WireHelpSvc.exe [2012-07-03 168864]
S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS [2010-11-25 230488]
S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS [2010-11-25 1494104]
S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS [2010-11-25 95320]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-08-09 138912]
S3 ha20x22k;Creative 20X2 HAL Driver;c:\windows\system32\drivers\ha20x22k.sys [2010-11-25 1678936]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-11-24 22408]
S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [2009-09-15 30232]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-04-27 83080]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-04-27 184968]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-05-21 188776]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2010-09-01 17976]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 11:11	451872	----a-w-	c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Inhalt des "geplante Tasks" Ordners
.
2012-09-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 14:01]
.
2012-09-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-07 15:54]
.
2012-09-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-07 15:54]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2011-12-07 5889816]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files (x86)\ICQ7.7\ICQ.exe
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.178.1
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
FF - ProfilePath - c:\users\stormy\AppData\Roaming\Mozilla\Firefox\Profiles\ibb064jj.default\
FF - prefs.js: browser.search.selectedEngine - Amazon.de
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-aryvxrsdvjpryez - c:\programdata\aryvxrsd.exe
AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360]
"ImagePath"="\"c:\program files (x86)\Norton 360\Engine\6.3.0.14\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\6.3.0.14\diMaster.dll\" /prefetch:1"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-4160889848-1908168351-1434063621-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-4160889848-1908168351-1434063621-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe
c:\program files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files\ASUS\TurboV EVO\TurboVHELP.exe
c:\program files\ASUS\GPU Boost Driver\GpuBoostServer.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-09-14  21:36:13 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-09-14 19:36
.
Vor Suchlauf: 9 Verzeichnis(se), 19.046.244.352 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 18.861.506.560 Bytes frei
.
- - End Of File - - A21DCAB2BDB1B8945C8E438999A2BAAE
--- --- ---
 

Themen zu PC gesperrt - Online Cyber Police
arten, automatische, automatischen, automatischen informationskontrolle, bildschirm, computer, cyber, daten, direkt, erhalte, firefox, forum, funktionier, gesperrt, google, hochgefahren, meldung, online, plagegeister aller art und deren bekämpfung, police, rechner, schlau, sekunden, starte, starten, system, versucht


« Bot entdeckt | Google Redirect Virus »


Ähnliche Themen: PC gesperrt - Online Cyber Police


  1. Weitere Cyber-Angriffe auf Online-Auftritte belgischer Zeitungen
    Nachrichten - 14.04.2015 (0)
  2. Online Banking gesperrt - Schadsoftware
    Log-Analyse und Auswertung - 30.05.2013 (16)
  3. online-Police-trojaner
    Plagegeister aller Art und deren Bekämpfung - 30.11.2012 (5)
  4. Online cyber police trojaner!
    Log-Analyse und Auswertung - 21.11.2012 (4)
  5. Polizeitrojaner Deutschland entfernen (Cyber-police-online)
    Plagegeister aller Art und deren Bekämpfung - 24.10.2012 (1)
  6. Trojaner info@online-cyber-police.com
    Log-Analyse und Auswertung - 05.10.2012 (1)
  7. Computer von "info@online-cyber-polizei" gesperrt
    Plagegeister aller Art und deren Bekämpfung - 26.09.2012 (2)
  8. Online Cyber Police Trojaner Austria
    Log-Analyse und Auswertung - 19.09.2012 (1)
  9. Trojaner-Online Banking gesperrt
    Plagegeister aller Art und deren Bekämpfung - 04.09.2012 (1)
  10. Computer von "info@online-cyber-polizei" gesperrt
    Plagegeister aller Art und deren Bekämpfung - 28.08.2012 (15)
  11. police cyber crime investigation department
    Plagegeister aller Art und deren Bekämpfung - 26.08.2012 (13)
  12. online cyber police trojaner soweit entfernt.
    Log-Analyse und Auswertung - 19.08.2012 (14)
  13. Gozi online Banking gesperrt
    Plagegeister aller Art und deren Bekämpfung - 07.02.2011 (24)
  14. Online Banking gesperrt und Rechnerabsturz
    Log-Analyse und Auswertung - 15.11.2010 (3)
  15. Online-banking gesperrt
    Plagegeister aller Art und deren Bekämpfung - 20.07.2010 (1)
  16. Online Banking gesperrt...
    Log-Analyse und Auswertung - 07.07.2010 (1)
  17. online-banking gesperrt
    Plagegeister aller Art und deren Bekämpfung - 07.03.2010 (28)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema PC gesperrt - Online Cyber Police - Ich habe es zwar umgesetzt, jedoch fand ich keine Lösung dazu, wie ich von Norton die Anti-Spyware Version ausschalten kann. Die Meldung es auszuschalten bekam ich zweimal und dann fing - PC gesperrt - Online Cyber Police...
Archiv
Du betrachtest: PC gesperrt - Online Cyber Police auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132