Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
kein Internetzugang, vermutlich nach Befall von sirefef.? (=diverse Buchstaben)

kein Internetzugang, vermutlich nach Befall von sirefef.? (=diverse Buchstaben)


Plagegeister aller Art und deren Bekämpfung: kein Internetzugang, vermutlich nach Befall von sirefef.? (=diverse Buchstaben)

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 07.04.2012, 16:39   #16
blauer_alex
 
kein Internetzugang, vermutlich nach Befall von sirefef.? (=diverse Buchstaben) - Standard

kein Internetzugang, vermutlich nach Befall von sirefef.? (=diverse Buchstaben)


[CODE].DDS Logfile:
Code:
ATTFilter
DDS (Ver_2011-08-26.01) - NTFSx86 
Internet Explorer: 8.0.7601.17514  BrowserJavaVersion: 1.6.0_30
Run by *** at 17:33:54 on 2012-04-07
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3003.1837 [GMT 2:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Firewall *Enabled* {D17DF357-CFF5-F001-D1C1-FCD21DFE3D5E}
.
============== Running Processes ===============
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\Windows\system32\WUDFHost.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\ZoneLabs\vsmon.exe
C:\Program Files\Lenovo\LenovoSecuritySolution FP\upeksvr.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\WLANExt.exe
C:\windows\system32\conhost.exe
C:\Program Files\Lenovo\LenovoSecuritySolution FP\upeksrvc.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k WbioSvcGroup
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\windows\system32\FsUsbExService.Exe
C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\System32\IgrsSvcs.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Motorola\Bluetooth\obexsrv.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\Lenovo\Energy Management\utility.exe
C:\Program Files\Lenovo\Energy Management\Energy Management.exe
C:\Program Files\Lenovo\LenovoSecuritySolution FP\psqltray.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iSaver\iSaverCtrl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\servicing\TrustedInstaller.exe
C:\windows\system32\wbem\unsecapp.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Motorola\Bluetooth\audiosrv.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\sppsvc.exe
C:\windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\WUDFHost.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\DllHost.exe
C:\windows\system32\DllHost.exe
C:\windows\system32\conhost.exe
C:\windows\system32\DllHost.exe
\\?\C:\windows\system32\wbem\WMIADAP.EXE
C:\windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.de/
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
mURLSearchHooks: H - No File
mURLSearchHooks: H - No File
mURLSearchHooks: H - No File
mURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Canon Easy-WebPrint EX BHO: {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - c:\program files\canon\easy-webprint ex\ewpexbho.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Canon Easy-WebPrint EX: {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
EB: Canon Easy-WebPrint EX: {21347690-ec41-4f9a-8887-1f4aee672439} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [ccleaner] "c:\program files\ccleaner\CCleaner.exe" /AUTO
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [IndicatorListener] rundll32.exe "c:\program files\motorola\bluetooth\mkil.dll",StartNotification
mRun: [BTMTrayAgent] rundll32.exe "c:\program files\motorola\bluetooth\btmshell.dll",TrayApp
mRun: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
mRun: [PSQLLauncher] "c:\program files\lenovo\lenovosecuritysolution fp\launcher.exe" /startup
mRun: [UpdateP2GShortCut] "c:\program files\lenovo\power2go\muitransfer\muistartmenu.exe" "c:\program files\lenovo\power2go" updatewithcreateonce "software\cyberlink\power2go\5.0"
mRun: [EnergyUtility] c:\program files\lenovo\energy management\utility.exe
mRun: [Energy Management] c:\program files\lenovo\energy management\Energy Management.exe
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin
mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [iSaverCtrl] c:\program files\isaver\iSaverCtrl.exe --startup
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
dRunOnce: [WLStart] "c:\program files\windows live\installer\wlstart.exe" /nosearch /nohomepage
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Free YouTube to MP3 Converter - c:\users\***\appdata\roaming\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files\icq7.6\ICQ.exe
IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\users\***\desktop\PartyPoker.lnk
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{6BF9D236-A1D2-426D-9AB6-7E95DCBAC6B4} : NameServer = 193.189.244.225 193.189.244.206
TCP: Interfaces\{7010AAE3-7CBB-46A4-8500-130D143CA629} : NameServer = 193.189.244.225 193.189.244.206
TCP: Interfaces\{89FFD387-559B-46F8-BDE7-5656CFE00E67} : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{89FFD387-559B-46F8-BDE7-5656CFE00E67}\456FD6368656E6 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{89FFD387-559B-46F8-BDE7-5656CFE00E67}\64259445A51224F6870264F6E60275C414E40273131323 : DhcpNameServer = 192.168.178.1
TCP: Interfaces\{89FFD387-559B-46F8-BDE7-5656CFE00E67}\64259445A51224F6870275C414E40233133313 : DhcpNameServer = 192.168.178.1
TCP: Interfaces\{89FFD387-559B-46F8-BDE7-5656CFE00E67}\9445D434D26505E4 : DhcpNameServer = 129.217.129.42
TCP: Interfaces\{89FFD387-559B-46F8-BDE7-5656CFE00E67}\9445D434D274143545 : DhcpNameServer = 129.217.129.42
Notify: igfxcui - igfxdev.dll
Notify: psfus - c:\program files\lenovo\lenovosecuritysolution fp\psqlpwd.dll
LSA: Notification Packages = scecli c:\program files\lenovo\lenovosecuritysolution fp\psqlpwd.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\***\appdata\roaming\mozilla\firefox\profiles\ohh0ccb1.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.facebook.com/?ref=hp
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?sourceid=navclient&hl=de&q=
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\canon\easy-photoprint ex\NPEZFFPI.DLL
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npvsharetvplg.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\***\appdata\roaming\mozilla\firefox\profiles\ohh0ccb1.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_228.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
============= SERVICES / DRIVERS ===============
.
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [2009-2-3 63096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2011-6-20 218688]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-3-25 165648]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2011-7-19 116608]
R2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2010-2-24 185472]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files\motorola\bluetooth\obexsrv.exe [2010-6-29 474888]
R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-12-13 233472]
R2 IGRS;IGRS;c:\program files\lenovo\readycomm\common\IGRS.exe [2009-7-14 38152]
R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;c:\windows\system32\igrssvcs.exe -k igrssvcs --> c:\windows\system32\IgrsSvcs.exe -k IgrsSvcs [?]
R2 UpekSrvc;Upek Service;c:\program files\lenovo\lenovosecuritysolution fp\upeksrvc.exe [2009-9-11 44808]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\drivers\AcpiVpc.sys [2010-6-29 21520]
R3 Bluetooth Device Manager;Bluetooth Device Manager;c:\program files\motorola\bluetooth\devmgrsrv.exe [2010-6-29 3473672]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files\motorola\bluetooth\audiosrv.exe [2010-6-29 709384]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2010-12-13 36608]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-10-22 122368]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\drivers\L1C62x86.sys [2009-8-14 51712]
R3 wdmirror;wdmirror;c:\windows\system32\drivers\WDMirror.sys [2010-6-29 11792]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-11-22 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-2 253600]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 Bridge0;Bridge0;c:\windows\system32\drivers\wdbridge.sys [2010-6-29 63240]
S3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\drivers\btmcom.sys [2010-6-29 40448]
S3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\drivers\btmusb.sys [2010-6-29 516608]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [2010-10-18 201168]
S3 gupdatem;Google Update-Dienst (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-11-22 136176]
S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\drivers\ewusbdev.sys [2010-10-18 101120]
S3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\k57nd60x.sys [2009-7-14 229888]
S3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\lenovo\readycomm\AppSvc.exe [2010-6-29 414984]
S3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\lenovo\readycomm\ConnSvc.exe [2010-6-29 472328]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2010-3-25 43392]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 65024]
S3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]
S3 PS_MDP;ReadyComm Presentation Space Helper Service;c:\windows\system32\igrssvcs.exe -k igrssvcs --> c:\windows\system32\IgrsSvcs.exe -k IgrsSvcs [?]
S3 SwitchBoard;SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-6-23 52224]
S3 wsvd;wsvd;c:\windows\system32\drivers\wsvd.sys [2009-7-21 81704]
.
=============== Created Last 30 ================
.
2012-04-07 15:28:18	56200	----a-w-	c:\programdata\microsoft\microsoft antimalware\definition updates\{b229ec3b-ddc6-4b44-b489-2b67029c0cdf}\offreg.dll
2012-04-06 03:11:44	--------	d-----w-	c:\users\***\appdata\local\temp
2012-04-06 03:10:45	--------	d-sh--w-	C:\$RECYCLE.BIN
2012-04-06 00:12:16	--------	d-----w-	C:\ComboFix
2012-04-03 19:12:57	98816	----a-w-	c:\windows\sed.exe
2012-04-03 19:12:57	518144	----a-w-	c:\windows\SWREG.exe
2012-04-03 19:12:57	256000	----a-w-	c:\windows\PEV.exe
2012-04-03 19:12:57	208896	----a-w-	c:\windows\MBR.exe
2012-04-03 19:06:38	6582328	----a-w-	c:\programdata\microsoft\microsoft antimalware\definition updates\{b229ec3b-ddc6-4b44-b489-2b67029c0cdf}\mpengine.dll
2012-04-03 09:21:08	--------	d-----w-	C:\FRST
2012-04-02 16:43:28	--------	d-----w-	C:\TDSS
2012-04-02 15:48:57	--------	d-----w-	C:\TDSSKiller_Quarantine
2012-04-02 11:32:51	--------	d-sh--w-	c:\windows\system32\%APPDATA%
2012-04-02 00:54:06	418464	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-03-27 23:00:39	--------	d-----w-	c:\program files\iPod
2012-03-27 23:00:38	--------	d-----w-	c:\program files\iTunes
2012-03-27 22:57:01	--------	d-----w-	c:\program files\Bonjour
2012-03-26 01:20:10	--------	d-----w-	c:\program files\iSaver
2012-03-26 01:18:22	--------	d-----w-	c:\users\***\appdata\local\ScreeNet iSaver
2012-03-15 02:01:13	3968368	----a-w-	c:\windows\system32\ntkrnlpa.exe
2012-03-15 02:01:11	3913584	----a-w-	c:\windows\system32\ntoskrnl.exe
2012-03-14 14:31:26	592824	----a-w-	c:\program files\mozilla firefox\gkmedias.dll
2012-03-14 14:31:26	44472	----a-w-	c:\program files\mozilla firefox\mozglue.dll
2012-03-14 13:21:01	2343424	----a-w-	c:\windows\system32\win32k.sys
2012-03-14 13:20:59	1077248	----a-w-	c:\windows\system32\DWrite.dll
2012-03-14 13:20:07	8192	----a-w-	c:\windows\system32\rdrmemptylst.exe
2012-03-14 13:20:07	129536	----a-w-	c:\windows\system32\rdpcorekmts.dll
2012-03-14 13:20:06	58880	----a-w-	c:\windows\system32\rdpwsx.dll
2012-03-14 13:20:04	826880	----a-w-	c:\windows\system32\rdpcore.dll
2012-03-14 13:20:04	24576	----a-w-	c:\windows\system32\drivers\tdtcp.sys
2012-03-14 13:20:03	183808	----a-w-	c:\windows\system32\drivers\rdpwd.sys
.
==================== Find3M  ====================
.
2012-04-02 12:13:14	70304	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-01-31 12:44:05	237072	------w-	c:\windows\system32\MpSigStub.exe
.
============= FINISH: 17:35:01,39 ===============
--- --- ---



Code:
ATTFilter
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume1
Install Date: 26.09.2010 00:13:29
System Uptime: 07.04.2012 17:27:51 (0 hours ago)
.
Motherboard: LENOVO |  | Base Board Product Name
Processor: Genuine Intel(R) CPU           U4100  @ 1.30GHz | CPU | 1196/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 253 GiB total, 176,042 GiB free.
D: is FIXED (NTFS) - 30 GiB total, 26,292 GiB free.
E: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e965-e325-11ce-bfc1-08002be10318}
Description: CD-ROM-Laufwerk
Device ID: IDE\CDROMTSSTCORP_CDDVDW_TS-U633A________________LEW1____\5&1FE67507&0&1.0.0
Manufacturer: (Standard-CD-ROM-Laufwerke)
Name: TSSTcorp CDDVDW TS-U633A ATA Device
PNP Device ID: IDE\CDROMTSSTCORP_CDDVDW_TS-U633A________________LEW1____\5&1FE67507&0&1.0.0
Service: cdrom
.
Class GUID: {a173b237-6a34-4bb5-aa63-2561160fa200}
Description: CSR Bluetooth Device
Device ID: USB\VID_0A12&PID_0001\5&EB2F1B2&0&2
Manufacturer: Motorola, Inc.
Name: CSR Bluetooth Device
PNP Device ID: USB\VID_0A12&PID_0001\5&EB2F1B2&0&2
Service: BTMUSB
.
Class GUID: {4d36e965-e325-11ce-bfc1-08002be10318}
Description: CD-ROM-Laufwerk
Device ID: DTSOFTBUS&REV1\DTCDROM&REV1\1&79F5D87&0&00
Manufacturer: (Standard-CD-ROM-Laufwerke)
Name: DTSoftBusCd00
PNP Device ID: DTSOFTBUS&REV1\DTCDROM&REV1\1&79F5D87&0&00
Service: cdrom
.
==== System Restore Points ===================
.
RP466: 21.03.2012 01:37:36 - Windows Update
RP467: 25.03.2012 17:55:11 - Windows Update
RP468: 26.03.2012 03:12:17 - Installiert iSaver 
RP469: 26.03.2012 03:19:04 - Entfernt iSaver 
RP470: 26.03.2012 03:19:54 - Installiert iSaver 
RP472: 26.03.2012 16:44:04 - Microsoft Antimalware Checkpoint
RP473: 27.03.2012 03:32:00 - Removed simfy
RP474: 27.03.2012 03:33:31 - Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
RP475: 27.03.2012 03:34:06 - Microsoft Visual C++ 2005 Redistributable wird entfernt
RP476: 29.03.2012 13:28:00 - Windows Update
RP477: 01.04.2012 21:01:00 - Windows Update
RP479: 02.04.2012 02:57:04 - Microsoft Antimalware Checkpoint
RP480: 02.04.2012 17:20:11 - Wiederherstellungsvorgang
RP481: 04.04.2012 02:39:52 - ComboFix created restore point
.
==== Installed Programs ======================
.
.
 Update for Microsoft Office 2007 (KB2508958)
"Nero SoundTrax Help
2007 Microsoft Office system
Activation Assistant for the 2007 Microsoft Office suites
Adobe AIR
Adobe Community Help
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Media Player
Adobe Photoshop CS5
Adobe Reader 9.5.0 - Deutsch
Advertising Center
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
Audiosurf DE
Bonjour
Broadcom 802.11 Wireless Driver
Business Contact Manager für Outlook 2007 SP2
Canon Easy-WebPrint EX
Canon iP1600
Canon MP Navigator EX 3.0
Canon MP560 series Benutzerregistrierung
Canon MP560 series MP Drivers
Canon Utilities Easy-PhotoPrint EX
Canon Utilities My Printer
Canon Utilities Solution Menu
CCleaner
Clock Screen Saver
DAEMON Tools Lite
Das Fussball Studio 8.5.1
Die Kunst des Mordens – Der Marionettenspieler
DolbyFiles
Dr. Watson - Katakomben
EA Installer
Energy Management
ESET Online Scanner v3
Fahrenheit
FUSSBALL MANAGER 11
Google Chrome
Google Earth
Google Update Helper
ICQ7.6
ImagXpress
Intel(R) Graphics Media Accelerator Driver
iTunes
Java Auto Updater
Java(TM) 6 Update 30
JDownloader
Junk Mail filter update
Lenovo EasyCamera
Lenovo OneKey Recovery
Lenovo ReadyComm 5
Lenovo ReadyComm 5.0 Service
Lenovo Security Solution FP
Malwarebytes Anti-Malware Version 1.60.1.1000
Menu Templates - Starter Kit
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile DEU Language Pack
Microsoft Antimalware
Microsoft Antimalware Service DE-DE Language Pack
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office 2003 Web Components
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (German) 2007
Microsoft Office Excel MUI (German) 2007
Microsoft Office File Validation Add-In
Microsoft Office Outlook MUI (German) 2007
Microsoft Office PowerPoint MUI (German) 2007
Microsoft Office Professional Hybrid 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Italian) 2007
Microsoft Office Proofing (German) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (German) 2007
Microsoft Office Shared MUI (German) 2007
Microsoft Office Small Business Connectivity Components
Microsoft Office Word MUI (German) 2007
Microsoft Security Client
Microsoft Security Client DE-DE Language Pack
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
Microsoft SQL Server Compact 3.5 SP1 English
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Mobile Partner
Motorola Bluetooth
Movie Templates - Starter Kit
Mozilla Firefox 11.0 (x86 de)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser und SDK
Nero BurningROM
Nero BurnRights
Nero ControlCenter
Nero CoverDesigner
Nero CoverDesigner Help
Nero Disc Copy Gadget
Nero Disc Copy Gadget Help
Nero DiscSpeed
Nero DriveSpeed
Nero Express
Nero InfoTool
Nero Installer
Nero Live
Nero Live Help
Nero PhotoSnap
Nero PhotoSnap Help
Nero Recode
Nero Recode Help
Nero Rescue Agent
Nero RescueAgent Help
Nero ShowTime
Nero StartSmart
Nero StartSmart Help
Nero Vision
Nero WaveEditor
Nero WaveEditor Help
NeroBurningROM
NeroExpress
neroxml
NVIDIA PhysX
OpenAL
OpenOffice.org 3.2
PartyPoker
PC Connectivity Solution
PDF Settings CS5
PHOTOfunSTUDIO 5.0
Power2Go
ProtectDisc Driver, Version 11
QuickTime
Rapture3D 2.3.22 Game
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
Retail Virtual EVE
SAMSUNG Mobile Composite Device Software
Samsung Mobile Modem Device Software
SAMSUNG Mobile Modem Driver Set
SAMSUNG Mobile Modem V2 Software
Samsung Mobile phone USB driver Drive Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Samsung New PC Studio
Samsung New PC Studio USB Driver Installer
SAMSUNG USB Mobile Device Software
SamsungConnectivityCableDriver
Schlag den Raab
Schlag den Raab - Das 2. Spiel
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2518870)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Sony Picture Utility
Sony USB Driver
SopCast 3.3.2
SoundTrax
SUPERAntiSpyware
Sweet Home 3D version 3.3
Synaptics Pointing Device Driver
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Outlook 2007 Help (KB963677)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2597970) 32-Bit Edition
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
VC80CRTRedist - 8.0.50727.4053
Virtual DJ - Atomix Productions
VirtualDJ PRO Full
VLC media player 1.1.8
vShare.tv plugin 1.3
Winamp Erkennungs-Plug-in
Windows-Treiberpaket - MobileTop (sshpmdm) Modem  (01/26/2008 2.6.0.0)
Windows-Treiberpaket - Nokia pccsmcfd  (10/12/2007 6.85.4.0)
Windows Live-Uploadtool
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Fotogalerie
Windows Live ID Sign-in Assistant
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Sync
Windows Live Writer
Windows Media Player Firefox Plugin
WinRAR
ZoneAlarm
.
==== End Of File ===========================

 

Themen zu kein Internetzugang, vermutlich nach Befall von sirefef.? (=diverse Buchstaben)
anderen, anhang, aufgegeben, befall, diverse, entfernt, gelöst, internet, kabel, kein internet, kein internetzugang, komplett, laptop, logfile, logfiles, lösung, meldungen, nichts, problem, programme, router, schädlinge, seite, seiten, sirefef, tan, trojaner, verbindung, virus, wlan, wlan., zugang


« TR/Agent.1768617.1 in der Autorun.exe | SMART HDD - Entfernen - Wie gehts genau? »


Ähnliche Themen: kein Internetzugang, vermutlich nach Befall von sirefef.? (=diverse Buchstaben)


  1. kein Internetzugang mehr nach Virenscan
    Log-Analyse und Auswertung - 05.05.2015 (5)
  2. Kein Internetzugang
    Netzwerk und Hardware - 16.12.2014 (1)
  3. Provider sperrt Internetzugang nach Spamversand (Befall unter Win7 Home Prem x64?)
    Plagegeister aller Art und deren Bekämpfung - 04.07.2014 (15)
  4. Infizierter Rechner lässt nach Virenscan kein Internetzugang zu
    Plagegeister aller Art und deren Bekämpfung - 06.06.2014 (56)
  5. Nach Virenscan mit Malwarebytes kein Internetzugang möglich
    Alles rund um Windows - 04.04.2014 (5)
  6. Nach Deinstallation der Firewall kein Internetzugang mehr!
    Antiviren-, Firewall- und andere Schutzprogramme - 03.09.2013 (21)
  7. Win64/Sirefef.M eingefangen vermutlich System bereits befallen
    Log-Analyse und Auswertung - 04.09.2012 (3)
  8. GVU Trojaner Befall, Windows 7. Vermutlich nach Installation von infizierter Software
    Plagegeister aller Art und deren Bekämpfung - 22.08.2012 (23)
  9. System noch sicher nach Befall durch sirefef?
    Plagegeister aller Art und deren Bekämpfung - 16.08.2012 (2)
  10. Virus/Trojaner: Win64/sirefef.A ; Win64/sirefef.AB ; Win64/sirefef.W ; Auto-Neustart nach 1 Minute
    Plagegeister aller Art und deren Bekämpfung - 13.08.2012 (18)
  11. Virenfund Trojan.Generic.7552386 und Trojan.Sirefef.FY nach GVU-Befall
    Log-Analyse und Auswertung - 03.08.2012 (15)
  12. Kein Internetzugang nach runterladen von Avast
    Plagegeister aller Art und deren Bekämpfung - 11.10.2011 (7)
  13. Nach Windows Recovery Befall kein Zugriff mehr auf Dateisystem/Desktop
    Plagegeister aller Art und deren Bekämpfung - 12.04.2011 (29)
  14. Nach Installation von Avira Antivirus kein Internetzugang mehr !
    Plagegeister aller Art und deren Bekämpfung - 18.04.2009 (4)
  15. Nach Anti-Vir-Update kein Internetzugang mehr & Rechner fährt nicht runter
    Antiviren-, Firewall- und andere Schutzprogramme - 03.02.2006 (6)
  16. Kein Internetzugang mehr nach Entfernung von MSLAUGH - was nun ?
    Plagegeister aller Art und deren Bekämpfung - 24.03.2005 (1)
  17. Kein Internetzugang!!!
    Plagegeister aller Art und deren Bekämpfung - 09.02.2005 (10)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema kein Internetzugang, vermutlich nach Befall von sirefef.? (=diverse Buchstaben) - [CODE].DDS Logfile: Code: Alles auswählen Aufklappen ATTFilter DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_30 Run by *** at 17:33:54 on 2012-04-07 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3003.1837 [GMT - kein Internetzugang, vermutlich nach Befall von sirefef.? (=diverse Buchstaben)...
Archiv
Du betrachtest: kein Internetzugang, vermutlich nach Befall von sirefef.? (=diverse Buchstaben) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20