Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows blockiert, 50euro zahlen

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 10.01.2012, 01:15   #1
Lutec
 
Windows blockiert, 50euro zahlen - Standard

Windows blockiert, 50euro zahlen



OTL Extras logfile created on: 10.01.2012 01:03:17 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\user\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

4,00 Gb Total Physical Memory | 3,29 Gb Available Physical Memory | 82,24% Memory free
7,99 Gb Paging File | 7,35 Gb Available in Paging File | 91,91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 292,87 Gb Total Space | 248,91 Gb Free Space | 84,99% Space Free | Partition Type: NTFS
Drive D: | 638,54 Gb Total Space | 541,60 Gb Free Space | 84,82% Space Free | Partition Type: NTFS
Drive E: | 3,40 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 14,91 Gb Total Space | 13,81 Gb Free Space | 92,62% Space Free | Partition Type: FAT32
Drive G: | 3,73 Gb Total Space | 3,73 Gb Free Space | 99,99% Space Free | Partition Type: FAT32

Computer Name: USER-PC | User Name: user | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "D:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Programme\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "D:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Programme\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86416023FF}" = Java(TM) 6 Update 23 (64-bit)
"{38D1C189-B133-401C-A729-3C47ED984B31}" = AVG 2011
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{67048E0C-29A5-534C-FF67-83C4BF948D48}" = AMD Drag and Drop Transcoding
"{70DFF8B2-44A3-2C2C-FB21-783E8291265F}" = ATI Catalyst Install Manager
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers 1.10.01
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A0377472-ED83-4A66-8B2E-0ECAEF190E47}" = AVG 2011
"{D87047B9-BBC5-9941-00B4-719B9E56CACC}" = ATI AVIVO64 Codecs
"{D9B52C63-4209-7129-BF10-FA5DCD38579E}" = ccc-utility64
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"AVG" = AVG 2011
"EPSON SX125 Series" = Druckerdeinstallation für EPSON SX125 Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi
"{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}" = Epson Event Manager
"{06092909-8851-C581-F990-7195076FDAEF}" = CCC Help Czech
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CA04779-346C-30FD-EB9B-8EEA2CE094B3}" = CCC Help Thai
"{1B3B5C60-70B8-F022-5497-03FD2772586C}" = CCC Help Greek
"{1C160168-BF5B-72FE-BAFA-6DD5F737404C}" = CCC Help Chinese Standard
"{1D301950-EA2F-4882-9AA0-49467756842A}" = SweetIM for Messenger 3.3
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1ED3EBF6-A130-4B3B-B01A-C29B067798B3}" = CCC Help Finnish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{20071984-5EB1-4881-8EDB-082532ACEC6D}" = Heroes of Might and Magic V
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{24A500E4-0B12-4D62-9973-2C7E23CCA750}" = Nero Kwik Media
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 24
"{278AD90C-D27D-AA89-58DF-AD13852D51CA}" = CCC Help Spanish
"{2CDBFF1A-6433-E94D-CA25-831FDB9775E9}" = CCC Help Italian
"{310C1558-F6B5-4889-98B0-7471966BA7F2}" = Epson Easy Photo Print 2
"{31DED885-1124-0E58-97FB-73E4EF692E8D}" = CCC Help Hungarian
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33B670D7-8A06-DA5B-0341-5630D1E12007}" = ccc-core-static
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{38D65ABC-A00B-6E13-2EF3-826CFC8CFC14}" = CCC Help French
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = Gigabyte Raid Configurer
"{3B4325A0-43CD-10D1-64F6-BD2F90DCB756}" = Catalyst Control Center Graphics Previews Vista
"{3D8028AD-94AA-4E41-A2D0-653DBD47F24D}" = Sven XXX XXL
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B10.0427.1
"{3F8B39A4-B7CE-B036-941C-A8DB57676B04}" = CCC Help Norwegian
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{48118C84-264D-4D5F-BA66-A34920096995}" = Sven Kommt
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4ACF9BBA-E137-7309-7BF9-567ADAB6B4E6}" = CCC Help Turkish
"{51AD839D-CE11-B9E3-227D-03BC89F227C8}" = CCC Help Danish
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{55043DDE-D718-C7F7-9B4C-2B3D818D8A1F}" = Catalyst Control Center InstallProxy
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{5774B4C1-8579-D5D9-8D38-A0CE32B6736C}" = CCC Help German
"{5A212B2D-140D-46F4-B625-2D1CA5A00594}" = Nero 11 Kwik Themes Basic
"{5D19BB0D-9B04-5B85-9295-4E11BCB1C2C3}" = CCC Help Polish
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60341104-FC8E-EF26-12CB-93B17DF55976}" = CCC Help Japanese
"{62161867-51F1-9FB8-0E6E-FE49D89CBB71}" = CCC Help Dutch
"{65589581-920C-CAE1-58C2-2149D3AA3F39}" = HydraVision
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A7E9B60-4698-F505-CAD3-05F8AB22FB61}" = CCC Help Russian
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}" = HP Foto- und Bildbearbeitung 2.0 All-in-One Treiber
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{75794DD1-5D69-4E33-A141-C3D4B0724C71}" = Catalyst Control Center Graphics Previews Common
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{7CE47764-9A8F-380D-FB9E-FCFC37B9F727}" = CCC Help Korean
"{7E19B002-4CA3-4C9F-BA92-91D101B97219}" = James Cameron's AVATAR(tm): DAS SPIEL
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}" = Nero BurnLite 10
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8751236B-9BF4-4EA6-B599-6FB9F3A74927}" = Sven Bomwollen
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{9193490D-5229-4FC4-9BB9-A6D63C09574A}" = High-Definition Video Playback
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{9867A917-5D17-40DE-83BA-BEA5293194B1}" = HP Foto- und Bildbearbeitung 2.0 - All-in-One
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9ED77550-AF66-2B7E-97E1-34B3BFDEAC6D}" = CCC Help Swedish
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}" = Nero BurnLite 10
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Deutsch
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1" = v2011.build.46
"{B9B1BA7F-7E07-49DD-A713-5B397A5BB66B}" = Nero Kwik Media Help (CHM)
"{BE814218-3919-4EA3-868A-2F60BC135CB4}" = Nero Kwik Media
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11
"{BF67F764-95B6-4360-BB57-B2E5AA6C814B}" = SweetIM Toolbar for Internet Explorer 4.0
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"{DDA34038-89BD-4804-B0B8-DC48D5DFB463}" = Catalyst Control Center - Branding
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster
"{E8454B5F-4122-864C-002D-31F878D2CBF4}" = CCC Help English
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E6252F-8DC2-B508-D412-1C427CDB3448}" = CCC Help Portuguese
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F9000000-0018-0000-0000-074957833700}" = ABBYY FineReader 9.0 Sprint
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FCB6F9DC-A0FF-621E-DE53-877E63864DD1}" = CCC Help Chinese Traditional
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE4466A3-76B3-A9F4-9B22-150D6F8B4647}" = Catalyst Control Center Localization All
"{FE83F463-7E61-4B18-9FA0-B94B90A0B6B9}" = Nero Burning ROM 10
"ABBYY FineReader 9.0 Sprint" = ABBYY FineReader 9.0 Sprint
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Akamai" = Akamai NetSession Interface Service
"Audition Online1.2.6064" = Audition Online
"conduitEngine" = Conduit Engine
"Cooking Dash" = Cooking Dash 800209
"DivX Setup.divx.com" = DivX-Setup
"DSGPlayer" = DEUTSCHLAND SPIELT GAME CENTER
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"Empress of the Deep 2" = Empress of the Deep 2
"EPSON Scanner" = EPSON Scan
"EPSON SX125 Series Manual" = EPSON SX125 Series Handbuch
"Google Chrome" = Google Chrome
"InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"Mozilla Firefox (3.6.25)" = Mozilla Firefox (3.6.25)
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.1.7
"Winamp" = Winamp
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32-Bit)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Nero Toolbar Updater
"Akamai" = Akamai NetSession Interface
"Winamp Detect" = Winamp Erkennungs-Plug-in

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

Alt 10.01.2012, 12:45   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows blockiert, 50euro zahlen - Standard

Windows blockiert, 50euro zahlen



Zitat:
Boot Mode: SafeMode with Networking |
na wenn der Modus geht wirst du erstmal MBAM/ESET probieren können:

Bitte nun routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Außerdem müssen alle Funde entfernt werden.

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset





Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
         
__________________

__________________

Antwort

Themen zu Windows blockiert, 50euro zahlen
64-bit, adobe, akamai, avg, blockiert, browser, dll, error, euro, explorer, flash player, format, google, google chrome, home, install.exe, logfile, mozilla, opera, plug-in, realtek, registry, rundll, scan, security, server, software, studio, sweetim, usb, usb 3.0, visual studio, windows, yontoo




Ähnliche Themen: Windows blockiert, 50euro zahlen


  1. Windows blockiert - 50€ zahlen
    Log-Analyse und Auswertung - 03.04.2012 (16)
  2. System gesperrt soll 50Euro zahlen.
    Log-Analyse und Auswertung - 01.04.2012 (6)
  3. Windows 7 gesperrt, 50Euro zahlen, angeblich verseucht
    Plagegeister aller Art und deren Bekämpfung - 30.03.2012 (11)
  4. Windows blockiert, 50 € zahlen
    Log-Analyse und Auswertung - 28.02.2012 (1)
  5. Windows blockiert -->50€uro zahlen
    Log-Analyse und Auswertung - 23.02.2012 (48)
  6. Windows sperrt - 50Euro zahlen bzw updaten
    Log-Analyse und Auswertung - 10.02.2012 (2)
  7. Windows blockiert, 50euro zahlen
    Log-Analyse und Auswertung - 22.01.2012 (27)
  8. 100 EUR zahlen - Windows blockiert
    Plagegeister aller Art und deren Bekämpfung - 13.01.2012 (7)
  9. "Windows aus Sicherheitsgründen blockiert - Bezahlen und herunterladen" Der 50Euro Virus/Trojaner
    Plagegeister aller Art und deren Bekämpfung - 10.01.2012 (9)
  10. Windows blockiert - 50 € zahlen
    Plagegeister aller Art und deren Bekämpfung - 09.01.2012 (18)
  11. Selbes Problem, wie viele andere... windows blockiert und will 50euro (Windows 7)
    Plagegeister aller Art und deren Bekämpfung - 02.01.2012 (1)
  12. hallo ich habe auch das Problem das ich 50euro zahlen soll um mein windows wieder freizubekommen
    Log-Analyse und Auswertung - 20.12.2011 (13)
  13. Aus sicherheitsgründen wurde ihr windowssystem blockiert zahlen sie 50EURO
    Plagegeister aller Art und deren Bekämpfung - 17.12.2011 (5)
  14. 50Euro zahlen - Trojaner blockiert Windows
    Log-Analyse und Auswertung - 17.12.2011 (1)
  15. Windows blockiert 50 € zahlen
    Plagegeister aller Art und deren Bekämpfung - 16.12.2011 (3)
  16. Windows blockiert 50 € zahlen...
    Alles rund um Windows - 16.12.2011 (1)
  17. windows blockiert und will 50euro
    Plagegeister aller Art und deren Bekämpfung - 22.11.2011 (6)

Zum Thema Windows blockiert, 50euro zahlen - OTL Extras logfile created on: 10.01.2012 01:03:17 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\user\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation - Windows blockiert, 50euro zahlen...
Archiv
Du betrachtest: Windows blockiert, 50euro zahlen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.