Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Windowssystem gesperrt - Virus

Windowssystem gesperrt - Virus


Log-Analyse und Auswertung: Windowssystem gesperrt - Virus

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 07.01.2012, 23:23   #8
puma165
 
Windowssystem gesperrt - Virus - Standard

Windowssystem gesperrt - Virus


Code:
ATTFilter
OTL Extras logfile created on: 07.01.2012 22:55:43 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Fabi\Desktop
Windows Vista Home Premium Edition  (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,87 Gb Total Physical Memory | 0,61 Gb Available Physical Memory | 32,66% Memory free
3,92 Gb Paging File | 2,09 Gb Available in Paging File | 53,23% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 129,47 Gb Total Space | 9,55 Gb Free Space | 7,38% Space Free | Partition Type: NTFS
Drive D: | 19,57 Gb Total Space | 14,28 Gb Free Space | 72,99% Space Free | Partition Type: FAT32
 
Computer Name: FABI-PC | User Name: Fabi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{103EA1D4-0ADC-4D6A-AE71-F780D24C8211}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{241EFEEF-2626-4DB4-BDD4-6C84E6245E43}" = rport=137 | protocol=17 | dir=out | app=system | 
"{2AD8E65E-9162-41F8-ACC7-85256DCF6FA5}" = rport=445 | protocol=6 | dir=out | app=system | 
"{41DCBC0B-FAB0-4D3F-9262-E25E42FF76B2}" = rport=139 | protocol=6 | dir=out | app=system | 
"{6D99D5CA-347A-46B2-B232-0DD32BAB9E46}" = lport=137 | protocol=17 | dir=in | app=system | 
"{720B02EA-7EA1-411E-8488-31F74685EBF6}" = rport=138 | protocol=17 | dir=out | app=system | 
"{96D87760-C082-47A2-9DEC-15FD8D3116E1}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{9C23306C-B58B-449C-8306-FDDF9787AC9F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{BD19027C-ED86-43B0-97FF-8BBFD96424FE}" = lport=138 | protocol=17 | dir=in | app=system | 
"{C5361ABF-E576-49B4-9FB4-DEC2F9F6E01D}" = lport=445 | protocol=6 | dir=in | app=system | 
"{C63B2376-F8C7-4576-BBD8-52194EF8F98A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{CC288217-C172-4B5B-858C-6F69A69CD314}" = lport=139 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02507FC3-EFA0-4F75-9837-7BAB45418993}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager 1.0\mediamanager.exe | 
"{0B8C9772-FA04-4342-B352-44D282AFA019}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{2EA40D41-60C9-48AD-B0AD-5051FD721890}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{2F8807CD-24F5-4961-ABC7-604C86D093A4}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"{3FF914E6-22C8-4EF2-93EF-944EF970E414}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{4A0DD295-7B7F-4D53-A00F-5999377A9FCC}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{5953A6A8-B3BB-4B03-B956-8701585F25B8}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{5E8BD244-ECA1-4A9B-AA31-2B6C76DB58A6}" = protocol=6 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleil.exe | 
"{79B78259-DDF0-4E58-962E-8E2458FF2AAB}" = protocol=17 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleil.exe | 
"{88A8B0A1-A5EA-4F31-8DFB-84CA88F02483}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{89130995-3636-4CFE-9DF4-0329DE3FD835}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | 
"{97F4653B-654F-4DA1-9960-DD6ADA8A92F7}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager 1.0\mediamanager.exe | 
"{99AF53E8-2BE6-45A5-BD09-1EF5436F83B6}" = protocol=6 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleil.exe | 
"{9A00A4CF-7BB9-44C0-A0EF-8526ED2790DC}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"{9EEB8D6F-E176-46D6-9D3D-6BEAFF23849B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{A12AF980-DD0A-4BCC-88F8-A5D465A9BBE4}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{A97FA3B3-AC7E-4F96-8DD4-589F5F9CE7FC}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe | 
"{C7EE2E93-549F-4AD6-989F-1F2620649066}" = protocol=17 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleil.exe | 
"{CD9BAC6D-C10B-4B08-A500-A4C7CC1B2E1B}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"{D2087E66-72FA-4CE0-8FEA-DE5804E1F8CF}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{DD182D98-B60A-48B2-83AE-2FA09616B324}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"{E3437246-A9DE-40DC-BE65-9269908F600F}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{EFA5DEAE-AA06-46CF-B626-D02C1BA66B1F}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{F3B83C52-211A-4B89-84AF-3C69D4DFD2C2}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | 
"{FBE49167-0DFC-43E3-897C-E6CA25805112}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"TCP Query User{0003795A-C850-462D-8A77-9639C9912AD8}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"TCP Query User{0F5DA350-6BA4-4B87-AB29-DC7802FDB098}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe | 
"TCP Query User{30318520-7D42-4370-AD0C-8F832769BB10}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"TCP Query User{5769D8A6-7375-426E-BEE9-27E23E2DD375}C:\games\game alarm\gamealarm.exe" = protocol=6 | dir=in | app=c:\games\game alarm\gamealarm.exe | 
"TCP Query User{734879EE-B333-4AB4-B6BD-0888DB54F424}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{912A8113-8FFE-49C1-AFDA-7F729B4B301C}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe | 
"TCP Query User{A0B0E0E5-04EC-44CD-A7C6-846D7810BB31}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe | 
"TCP Query User{AF3C0841-E160-442F-BB91-1487D0B69662}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"TCP Query User{B387C826-9648-4A8B-9846-AF37EAB66DE5}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"TCP Query User{C1C46589-BD0A-4EF0-A850-F8B15CF6FB17}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe | 
"TCP Query User{D561761C-F3D3-4E66-B924-EDA5A0FFE771}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe | 
"TCP Query User{DF02504F-039C-456A-84D9-60B6E88C0103}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{F2173BEE-09F3-4CEF-8672-373E8C76696B}C:\gamigo games\smash online\smashonline.exe" = protocol=6 | dir=in | app=c:\gamigo games\smash online\smashonline.exe | 
"UDP Query User{030FC4A3-031A-4401-BF65-79053A7788F5}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"UDP Query User{050722B0-DBC7-4C05-9960-A26F4B496AC6}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe | 
"UDP Query User{26CA0FF8-C0BF-453B-BFAA-EB247888BD1B}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{3383AA64-D440-4797-A777-94B16A64EFBE}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"UDP Query User{47F885C1-4E31-4F31-A247-4B4221F6EAA0}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe | 
"UDP Query User{783A0946-184F-4B91-A589-D483B3B7B8A1}C:\games\game alarm\gamealarm.exe" = protocol=17 | dir=in | app=c:\games\game alarm\gamealarm.exe | 
"UDP Query User{8E6D9E62-E1F7-4818-A8AA-44C0B2FD6BAF}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"UDP Query User{AC0ED212-C3CF-4A96-9402-1ED730BAF584}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe | 
"UDP Query User{DCC7D2ED-D2EB-4936-BE21-73980E5FBFE5}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{DDD34737-4DE1-410B-B40B-9BCEF2441460}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe | 
"UDP Query User{DF3C6E4E-F1FB-43B2-8996-BDFA5612E692}C:\gamigo games\smash online\smashonline.exe" = protocol=17 | dir=in | app=c:\gamigo games\smash online\smashonline.exe | 
"UDP Query User{F005A03D-5323-4803-A1EE-E72EE40C904E}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"UDP Query User{FE6EE0E9-D6C8-4AA6-9A17-1C52C54A7F9A}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00D0200F-3B4D-4A2F-869E-533ED835A943}" = Hervorhebe-Funktion (Windows Live Toolbar)
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{0AC49543-9CE2-4434-AD42-5AA6E2967FA5}" = Windows Live Toolbar
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series" = Canon MP280 series MP Drivers
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1EDFA38A-2FEB-4E62-82C9-DA415C0EEF33}" = IEEE 802.11g Wireless LAN driver
"{218761F6-CBF6-4973-B910-A33E6563A1EA}" = Windows Live Toolbar-Erweiterung (Windows Live Toolbar)
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24
"{2B091530-69AA-442E-AB09-39ED06B58220}" = Windows Live Messenger
"{2DD6C198-FA9A-40B4-8DE5-CE5206E3EB34}" = Smart Menus (Windows Live Toolbar)
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 3.010.00
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = Suyin Live Camera
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{45FCADDB-0B29-457E-83A1-D245C62A716C}" = OLYMPUS Master 2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client DE-DE Language Pack
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{54DB13F1-0CE0-4BAB-BD5F-7DE150C043C8}" = WordPerfect Office X3
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5C72622B-643D-4296-B57D-5D53D0C68509}" = Sony Ericsson Media Manager 1.0
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = Die Sims 2
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites für Windows Live Toolbar
"{7A7B0BF3-2F00-4F03-8A9B-6ABCC07B90C6}" = Windows Live installer
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}" = Granny In Paradise
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115320460}" = Turbo Fiesta
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115369807}" = Sunshine Acres
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11564540}" = Gourmania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11565287}" = Frogs In Love
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115655273}" = Daycare Nightmare Mini Monsters
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116433950}" = Jewelix
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116507277}" = Miracles
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116510433}" = Orchard
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116511547}" = TonkyPonky
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116514193}" = Fix-it-up Kate`s Adventure
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116554407}" = DQ Tycoon
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116558297}" = Jennys Fish Shop
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116563147}" = Cooking Academy 2 World Cuisine
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116648913}" = Costume Chaos
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116726920}" = Fab Fashion
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11684033}" = Success Story
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116921517}" = Plan it Green
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117044280}" = Mystic Emporium
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117156680}" = Sprill
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117213877}" = TikiBar
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117247390}" = Lovely Kitchen
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117379630}" = Youda Sushi Chef
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11738453}" = Burger Shop 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117388953}" = Hotel Mogul
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117576307}" = Mr Jones Graveyard Shift
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117601840}" = Farm Frenzy 3
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117604257}" = Joe’s Garden
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117701833}" = Cake Mania Main Street
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117762797}" = Kelly Green Garden Queen
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117795997}" = Kitchen Brigade
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-118074470}" = Built It - Miami Beach Resort
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-118266520}" = Fiona Finch And Finest Flowers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-118268417}" = Cake Shop 2
"{82F2B38B-1426-443D-874C-AC25675E7BEB}" = Windows Live Mail
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{87E01B1B-92A0-416F-9F8E-9BE921A05F9F}" = StarOffice 8
"{8F85CC2C-4B26-4CF6-B835-DC59BCEDD287}" = Bluesoleil2.7.0.13 VoIP Release 071227
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}" = iTunes
"{A1C659AF-C761-47A8-BAFD-5FD2BE1ED419}" = Wildlife Park 2
"{A1D08B90-AE1A-4885-AC29-731496FD397E}" = Windows Live Fotogalerie
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA047D7C-5E7C-4878-B75C-77589151B563}" = SUYIN webcam
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AF303019-87A0-426B-A16F-62690AFF7797}" = Schüler-CD Dorn Bader Physik SEK I
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B3282FB8-874B-4054-8356-9EB391A826F9}" = OLYMPUS muvee theaterPack
"{B398C579-6578-4A6A-AE55-310D7C1A80B6}" = phase6
"{B8D42C3A-3CFF-4A8A-A7DA-4F44474D12C5}" = Windows Live Writer
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0846526-66DD-4DC9-A02C-98F9A2806812}" = Launch Manager V1.4.0
"{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe  1.4.124.1
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 1.60.00
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"Canon MP280 series Benutzerregistrierung" = Canon MP280 series Benutzerregistrierung
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"cfvro" = Favorit
"Die Sims 2 (TM)" = Die Sims 2 (TM) Screen Saver
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"ICQToolbar" = ICQ Toolbar
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.0.1800
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"MTS2_ColourOptions_is1" = Colour Options 2.0 (beta) for The Sims 2 (and Sims 2 University
"NSS" = Norton Security Scan
"NVIDIA Drivers" = NVIDIA Drivers
"PhotoScape" = PhotoScape
"Picasa 3" = Picasa 3
"RealPlayer 6.0" = RealPlayer
"Sandlot Games Client Services 1.2.2_is1" = Sandlot Games Client Services 1.2.2
"Sandlot Games Client Services_is1" = Sandlot Games Client Services
"Ski Alpin 2006_0001" = Ski Alpin 2006
"Spyware Doctor" = Spyware Doctor 6.0
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Tierpension" = Meine Tierpension
"turnabout" = Turnabout IE Plugin
"Windows Live Toolbar" = Windows Live Toolbar
"YTdetect" = Yahoo! Detect
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"gamealarm-DEFAULT" = Game Alarm
"Move Media Player" = Move Media Player
"sc11-DE_SEVENONE_MAIN" = Big Pizza Ski Challenge 11
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 03.07.2010 15:41:50 | Computer Name = Fabi-PC | Source = WerSvc | ID = 5007
Description = 
 
Error - 03.07.2010 15:48:14 | Computer Name = Fabi-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung NMIndexStoreSvr.exe, Version 1.5.13.0, Zeitstempel
 0x458d61a6, fehlerhaftes Modul NMIndexStoreSvr.exe, Version 1.5.13.0, Zeitstempel
 0x458d61a6, Ausnahmecode 0xc0000005, Fehleroffset 0x0006991e,  Prozess-ID 0xd80, 
Anwendungsstartzeit 01cb1ae803ccb939.
 
Error - 04.07.2010 07:46:42 | Computer Name = Fabi-PC | Source = WerSvc | ID = 5007
Description = 
 
Error - 04.07.2010 07:52:49 | Computer Name = Fabi-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung NMIndexStoreSvr.exe, Version 1.5.13.0, Zeitstempel
 0x458d61a6, fehlerhaftes Modul NMIndexStoreSvr.exe, Version 1.5.13.0, Zeitstempel
 0x458d61a6, Ausnahmecode 0xc0000005, Fehleroffset 0x0006991e,  Prozess-ID 0x784, 
Anwendungsstartzeit 01cb1b6ecdc9026c.
 
Error - 05.07.2010 16:05:23 | Computer Name = Fabi-PC | Source = WerSvc | ID = 5007
Description = 
 
Error - 05.07.2010 16:05:55 | Computer Name = Fabi-PC | Source = Google Update | ID = 20
Description = 
 
Error - 05.07.2010 16:11:41 | Computer Name = Fabi-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung NMIndexStoreSvr.exe, Version 1.5.13.0, Zeitstempel
 0x458d61a6, fehlerhaftes Modul NMIndexStoreSvr.exe, Version 1.5.13.0, Zeitstempel
 0x458d61a6, Ausnahmecode 0xc0000005, Fehleroffset 0x0006991e,  Prozess-ID 0x1f8, 
Anwendungsstartzeit 01cb1c7d85c02209.
 
Error - 06.07.2010 13:09:35 | Computer Name = Fabi-PC | Source = WerSvc | ID = 5007
Description = 
 
Error - 06.07.2010 13:15:41 | Computer Name = Fabi-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung NMIndexStoreSvr.exe, Version 1.5.13.0, Zeitstempel
 0x458d61a6, fehlerhaftes Modul NMIndexStoreSvr.exe, Version 1.5.13.0, Zeitstempel
 0x458d61a6, Ausnahmecode 0xc0000005, Fehleroffset 0x0006991e,  Prozess-ID 0x384, 
Anwendungsstartzeit 01cb1d2e416de87a.
 
Error - 06.07.2010 13:31:24 | Computer Name = Fabi-PC | Source = WerSvc | ID = 5007
Description = 
 
[ System Events ]
Error - 07.01.2012 06:26:39 | Computer Name = Fabi-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 07.01.2012 06:26:39 | Computer Name = Fabi-PC | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 07.01.2012 06:26:39 | Computer Name = Fabi-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 07.01.2012 06:28:26 | Computer Name = Fabi-PC | Source = Service Control Manager | ID = 7022
Description = 
 
Error - 07.01.2012 06:30:56 | Computer Name = Fabi-PC | Source = Service Control Manager | ID = 7022
Description = 
 
Error - 07.01.2012 17:28:55 | Computer Name = Fabi-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz
 3, Funktion 0.   Wenden Sie sich an den Systemhersteller, um technische Unterstützung
 zu erhalten.
 
Error - 07.01.2012 17:28:55 | Computer Name = Fabi-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz
 2, Funktion 0.   Wenden Sie sich an den Systemhersteller, um technische Unterstützung
 zu erhalten.
 
Error - 07.01.2012 17:30:33 | Computer Name = Fabi-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 07.01.2012 17:30:33 | Computer Name = Fabi-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 07.01.2012 17:30:43 | Computer Name = Fabi-PC | Source = Microsoft Antimalware | ID = 3002
Description = Fehler in %%860-Echtzeitschutzfunktion.     Funktion: %%835     Fehlercode: 
0x80004005     Fehlerbeschreibung: Unbekannter Fehler      Ursache: %%842
 
 
< End of report >

 

Themen zu Windowssystem gesperrt - Virus
32bit, abend, abgesicherte, abgesicherten, abgesicherten modus, bezahlung, euro, freischalten, freue, gesperrt, gmer, konnte, könntet, laptop, loszuwerden, mehrfach, meldung, modus, neustart, nichts, scan, schonmal, sicherheitsgründen, virus, windowssystem gesperrt, windowssystem gesperrt virus bezahlen entfernen, würde


« Achtung! Aus sicherheitsgründen wurde ihr windowssystem blockiert... | Falschleitung auf Spamseiten von Suchmaschinen »


Ähnliche Themen: Windowssystem gesperrt - Virus


  1. Windowssystem gesperrt, Malwarebytes ausgeführt
    Log-Analyse und Auswertung - 25.03.2012 (28)
  2. Windowssystem gesperrt - Zahlungsaufforderung!
    Log-Analyse und Auswertung - 23.03.2012 (15)
  3. Windowssystem gesperrt 50 Euro Zahlung
    Log-Analyse und Auswertung - 23.03.2012 (17)
  4. Ihr Windowssystem wurde gesperrt
    Log-Analyse und Auswertung - 18.03.2012 (1)
  5. Windowssystem gesperrt! Aus Sicherheitsgründen ...
    Plagegeister aller Art und deren Bekämpfung - 17.03.2012 (11)
  6. Aus Sicherheitsgründen Windowssystem gesperrt
    Plagegeister aller Art und deren Bekämpfung - 14.02.2012 (1)
  7. Windowssystem zum Schutz gesperrt
    Plagegeister aller Art und deren Bekämpfung - 08.02.2012 (19)
  8. Aus Sicherheitsgründen wurde ihr Windowssystem gesperrt - 50 € Virus
    Log-Analyse und Auswertung - 11.01.2012 (9)
  9. Windowssystem gesperrt (wie bei And946)
    Log-Analyse und Auswertung - 11.01.2012 (16)
  10. Aus Sicherheitsgründen wurde ihr Windowssystem gesperrt und Zahlungsaufforderung
    Plagegeister aller Art und deren Bekämpfung - 06.01.2012 (7)
  11. Windowssystem gesperrt - 50 Euro zahlen
    Plagegeister aller Art und deren Bekämpfung - 05.01.2012 (23)
  12. Aus Sicherheitsgründen wurde ihr Windowssystem gesperrt
    Plagegeister aller Art und deren Bekämpfung - 30.12.2011 (21)
  13. Windowssystem wurde gesperrt!
    Log-Analyse und Auswertung - 30.12.2011 (32)
  14. Windowssystem gesperrt
    Log-Analyse und Auswertung - 29.12.2011 (9)
  15. Aus Sicherheitsgründen wird ihr Windowssystem gesperrt
    Log-Analyse und Auswertung - 19.12.2011 (1)
  16. windowssystem gesperrt
    Log-Analyse und Auswertung - 16.12.2011 (10)
  17. Windowssystem gesperrt 50euro gefordert
    Log-Analyse und Auswertung - 06.12.2011 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windowssystem gesperrt - Virus - Code: Alles auswählen Aufklappen ATTFilter OTL Extras logfile created on: 07.01.2012 22:55:43 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Fabi\Desktop Windows Vista Home Premium Edition (Version - Windowssystem gesperrt - Virus...
Archiv
Du betrachtest: Windowssystem gesperrt - Virus auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27