Microsoft Security fordert 100 Euro - kein zugriff mehr auf Destkop

irecordz · 05.02.2012, 19:03

OTL Extras logfile created on: 05.02.2012 18:31:11 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Dokumente und Einstellungen\Administrator\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

895,30 Mb Total Physical Memory | 717,44 Mb Available Physical Memory | 80,13% Memory free
2,12 Gb Paging File | 2,05 Gb Available in Paging File | 96,69% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 134,39 Gb Total Space | 115,54 Gb Free Space | 85,97% Space Free | Partition Type: NTFS
Drive D: | 14,64 Gb Total Space | 7,79 Gb Free Space | 53,24% Space Free | Partition Type: FAT32

Computer Name: NIEMAND | User Name: Administrator | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hposfx08.exe" = C:\Programme\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hposid01.exe" = C:\Programme\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Programme\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Programme\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Programme\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- (Hewlett-Packard)
"C:\Programme\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Programme\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
"C:\Programme\HP\Digital Imaging\bin\hpoews01.exe" = C:\Programme\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Development Company, L.P.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{ADDBE07D-95B8-4789-9C76-187FFF9624B4}" = CorelDRAW Essential Edition 3
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{048FC675-D00F-A0B0-C111-AE39F4B8CC9E}" = CCC Help Italian
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{0D80391C-0A72-43BB-9BC2-143F63CC111D}" = Nokia PC Connectivity Solution
"{0E94871C-623C-464F-A117-B8474BFF84E1}" = Nokia MTP driver
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2600_series" = Canon iP2600 series
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1AC247CD-DC48-0DF7-0570-8B07885FF018}" = Catalyst Control Center Graphics Previews Common
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20800BCE-5629-3F94-9F9A-4B7A2C17324F}" = CCC Help German
"{209775F0-6B14-5E9A-87E4-0C78A79C78FE}" = CCC Help Norwegian
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{242F05A2-B450-5235-6C95-656FE1C422CB}" = Catalyst Control Center Core Implementation
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 13
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"{341B8C78-57D3-EAA3-9661-D74304C3EE17}" = CCC Help French
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{363790D2-DA98-41DD-9C9F-69FA36B169DE}" = PanoStandAlone
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3B8028BA-35C7-6032-B889-30B3B37B41C0}" = Catalyst Control Center Localization All
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{48ADC36F-75AA-6EF5-0733-D9F8CDE8D0D2}" = CCC Help Greek
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant
"{50C78D0B-B45E-638F-D120-0721D86B253A}" = CCC Help Korean
"{51A24711-A461-1CD8-6AA1-DF37F3E02C77}" = CCC Help Dutch
"{531317A5-586A-4E36-87C1-CA823447B375}" = Nokia PC Suite
"{535C6037-F272-71F4-FE26-E1B2868DE2F7}" = ccc-core-static
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{5CCABD37-479D-4304-B1A5-67952C25F8F2}" = Nokia Software Launcher
"{5D91D393-1523-5293-176D-9E2204BB5829}" = CCC Help Turkish
"{61B1A9C8-B2AD-4F54-B916-388FFD07BDE7}" = 4300
"{61C3E1B4-2F5C-8961-1439-CA5D44F49CFC}" = CCC Help Chinese Standard
"{6222657E-1118-DFFC-2683-FAA9BA68FE10}" = CCC Help Spanish
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6857B928-CD51-E5EC-7120-0D1E5E631350}" = CCC Help Finnish
"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
"{6882DD11-33B8-4DEA-8305-7E765BF74BD3}" = Nokia Connectivity Cable Driver
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{6994491D-D491-48F1-AE1F-E179C1FFFC2F}" = HP Photosmart Essential
"{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7121BAE0-8959-6930-441C-409455A2391F}" = CCC Help English
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
"{76EFFC7C-17A6-479D-9E47-8E658C1695AE}" = Windows-Sicherungsprogramm
"{7932FC5E-CCD0-916C-9B56-0C2F5B786843}" = CCC Help Portuguese
"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update
"{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = WIDCOMM Bluetooth Software
"{855425BB-0BB6-E908-2781-134FD8BDE9C0}" = ccc-utility
"{86FFE51F-6DC8-6D5D-7571-E6837DAC7F26}" = CCC Help Czech
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{88223E9F-D792-77A6-D1C0-500610042740}" = Catalyst Control Center Graphics Full New
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A4CE7FD-9657-4B06-9943-E1819F3D5D67}" = DocProc
"{8B80D71B-5AA2-E36D-BE9D-70A2FBBB9C85}" = CCC Help Japanese
"{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{945DAF9A-2BE1-DEDE-3B16-81757CA2BEAD}" = CCC Help Swedish
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95FD3168-58AF-8C6B-1B33-9B196E992425}" = CCC Help Chinese Traditional
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = USB2.0 Card Reader Software
"{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy
"{9D3D8C60-A55F-4fed-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver
"{A062A15F-9CAC-4B88-98DF-87628A0BD721}" = Corel MediaOne
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A334F1BA-0A1D-4ED6-B4F9-4066157CA15D}" = DE
"{A744C7C3-76F5-42F5-9E15-497A3DFBC709}" = 4300Trb
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.0 - Deutsch
"{ADDBE07D-95B8-4789-9C76-187FFF9624B4}" = CorelDRAW Essential Edition 3
"{B80F72C0-C511-C947-3F2E-83AFC506517B}" = CCC Help Polish
"{B8754879-727E-A8CF-2210-A345CD1CF9ED}" = ccc-core-preinstall
"{BBA51523-A256-825E-C5C2-8F4FC1D787ED}" = Catalyst Control Center Graphics Light
"{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A
"{C040AA8E-11D2-9648-9F9C-985A91A4727A}" = CCC Help Thai
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D32B19EA-BFAD-442D-A0C3-FAA8A93DEFCA}" = CCC Help Danish
"{D55D77A5-BBE2-1A5F-CD1E-E7AB6DEACB60}" = CCC Help Russian
"{D6510194-C41F-CE9C-F726-8543F4414EE9}" = CCC Help Hungarian
"{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch
"{E769999E-D0D9-4D51-AEFE-1BD44289E550}" = 4300_Help
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}" = System Control Manager
"{EE565795-2776-415A-B31C-EB3A8D7C6FA4}" = Nokia Lifeblog 2.1
"{F067F869-D300-FF34-F1D5-13474E1BB948}" = Catalyst Control Center Graphics Full Existing
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
"{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
"3271E907F27C989F2C244ACB3D32020E3DD3CA6F" = Windows Driver Package - Nokia Modem (06/12/2006 6.81.0.21)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Angebote ALDI SÜD" = Angebote ALDI SÜD Bildschirmschoner
"ATI Display Driver" = ATI Display Driver
"Canon iP2600 series Benutzerregistrierung" = Canon iP2600 series Benutzerregistrierung
"CANONIJPLM100" = PIXMA Extended Survey Program
"Google Updater" = Google Updater
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0
"HPExtendedCapabilities" = HP Customer Participation Program 7.0
"HPOCR" = OCR Software by I.R.I.S 7.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Picasa2" = Picasa 2
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"XSManager" = XSManager

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 20.12.2011 03:04:53 | Computer Name = NIEMAND | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error - 20.12.2011 03:05:01 | Computer Name = NIEMAND | Source = Application Hang | ID = 1001
Description = Fehlerhafter Speicherbereich 1180947459.

Error - 05.02.2012 10:31:20 | Computer Name = NIEMAND | Source = VSSetup | ID = 5000
Description = EventType vssetup, P1 microsoft visual c++ 2010 x86 redistributable
setup, P2 10.0.40219, P3 10.0.40219.1, P4 1, P5 vc_red.msi, P6 install_i_silent_error,
P7 1601, P8 0, P9 , P10 NIL.

Error - 05.02.2012 10:31:20 | Computer Name = NIEMAND | Source = EventSystem | ID = 4609
Description = Das COM+-Ereignissystem hat einen ungültigen Rückgabecode während
der internen Verarbeitung erkannt. HRESULT war 8007043C von Zeile 44 von d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.
Wenden Sie sich an den Microsoft-Produktsuppor

Error - 05.02.2012 10:32:47 | Computer Name = NIEMAND | Source = VSSetup | ID = 5000
Description = EventType vssetup, P1 microsoft visual c++ 2010 x86 redistributable
setup, P2 10.0.40219, P3 10.0.40219.1, P4 1, P5 vc_red.msi, P6 install_i_silent_error,
P7 1601, P8 0, P9 , P10 NIL.

Error - 05.02.2012 10:32:47 | Computer Name = NIEMAND | Source = EventSystem | ID = 4609
Description = Das COM+-Ereignissystem hat einen ungültigen Rückgabecode während
der internen Verarbeitung erkannt. HRESULT war 8007043C von Zeile 44 von d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.
Wenden Sie sich an den Microsoft-Produktsuppor

Error - 05.02.2012 11:36:50 | Computer Name = NIEMAND | Source = VSSetup | ID = 5000
Description = EventType vssetup, P1 microsoft visual c++ 2010 x86 redistributable
setup, P2 10.0.40219, P3 10.0.40219.1, P4 1, P5 vc_red.msi, P6 install_i_silent_error,
P7 1601, P8 0, P9 , P10 NIL.

Error - 05.02.2012 11:36:51 | Computer Name = NIEMAND | Source = EventSystem | ID = 4609
Description = Das COM+-Ereignissystem hat einen ungültigen Rückgabecode während
der internen Verarbeitung erkannt. HRESULT war 8007043C von Zeile 44 von d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.
Wenden Sie sich an den Microsoft-Produktsuppor

Error - 05.02.2012 13:08:00 | Computer Name = NIEMAND | Source = VSSetup | ID = 5000
Description = EventType vssetup, P1 microsoft visual c++ 2010 x86 redistributable
setup, P2 10.0.40219, P3 10.0.40219.1, P4 1, P5 vc_red.msi, P6 install_i_silent_error,
P7 1601, P8 0, P9 , P10 NIL.

Error - 05.02.2012 13:08:00 | Computer Name = NIEMAND | Source = EventSystem | ID = 4609
Description = Das COM+-Ereignissystem hat einen ungültigen Rückgabecode während
der internen Verarbeitung erkannt. HRESULT war 8007043C von Zeile 44 von d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.
Wenden Sie sich an den Microsoft-Produktsuppor

[ System Events ]
Error - 05.02.2012 13:23:19 | Computer Name = NIEMAND | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "netman"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

Error - 05.02.2012 13:23:27 | Computer Name = NIEMAND | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "netman"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

Error - 05.02.2012 13:23:41 | Computer Name = NIEMAND | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "netman"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

Error - 05.02.2012 13:25:39 | Computer Name = NIEMAND | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "netman"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

Error - 05.02.2012 13:25:42 | Computer Name = NIEMAND | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "netman"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

Error - 05.02.2012 13:25:55 | Computer Name = NIEMAND | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 05.02.2012 13:27:18 | Computer Name = NIEMAND | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 05.02.2012 13:28:24 | Computer Name = NIEMAND | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
Fips Processor

Error - 05.02.2012 13:29:30 | Computer Name = NIEMAND | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "StiSvc"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 05.02.2012 13:29:49 | Computer Name = NIEMAND | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\D gefunden.

< End of report >

Dass habe ich jetzt auf meinem Report kopiert, ich habe meinen Laptop im abgesicherten Modus hochgefahren und OTL geladen und benutzt das kam raus, wie soll es jetzt weiter gehen ?
BITTE UM SCHNELLE HILFE !!!!!!!!

markusg · 05.02.2012, 19:32

hi
das sind nicht alle logs, otl.txt fehlt.

05.02.2012, 19:32	#2
markusg /// Malware-holic	Microsoft Security fordert 100 Euro - kein zugriff mehr auf Destkop hi das sind nicht alle logs, otl.txt fehlt. __________________ __________________

Microsoft Security fordert 100 Euro - kein zugriff mehr auf Destkop

Log-Analyse und Auswertung: Microsoft Security fordert 100 Euro - kein zugriff mehr auf Destkop

Microsoft Security fordert 100 Euro - kein zugriff mehr auf Destkop

Microsoft Security fordert 100 Euro - kein zugriff mehr auf Destkop

Ähnliche Themen: Microsoft Security fordert 100 Euro - kein zugriff mehr auf Destkop