Trojan:Win32/FakeSysdef - wie entferne ich ihn?

Pixelboy · 09.05.2011, 14:29

2. Systemscan mit OTL
1. Logfile

Code:

ATTFilter

OTL Extras logfile created on: 09.05.2011 15:18:07 - Run 2
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\xxx\Pictures\Desktop
Windows Vista Home Premium Edition  (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 33,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 62,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 83,85 Gb Total Space | 24,49 Gb Free Space | 29,21% Space Free | Partition Type: NTFS
 
Computer Name: xxxx | User Name: xxxxx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{17F65C06-1552-4FA5-9178-023E8B65A414}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{27792C71-D76E-4AF2-A628-A15D06953DDE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{54EF25DF-3568-48FC-BA3D-E782496EAC7F}" = lport=137 | protocol=17 | dir=in | app=system | 
"{61B5E588-B324-4FCE-96E1-C60DB30A4AB9}" = lport=445 | protocol=6 | dir=in | app=system | 
"{81C667DF-772E-44BE-B74D-2CF1B3DB136A}" = lport=138 | protocol=17 | dir=in | app=system | 
"{828CDA2C-C9A4-4C85-971F-F12A086C54F0}" = rport=138 | protocol=17 | dir=out | app=system | 
"{89B76941-B281-48DC-967D-534D37AE22D5}" = lport=139 | protocol=6 | dir=in | app=system | 
"{90C7C86B-83D9-4D7C-9C84-0C0D10ADD712}" = rport=137 | protocol=17 | dir=out | app=system | 
"{B1A168AE-BB7F-434E-9909-DA53594AA722}" = rport=139 | protocol=6 | dir=out | app=system | 
"{F5C808E3-F389-4736-AF77-4C072924D3B7}" = rport=445 | protocol=6 | dir=out | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C5F9899-C9FE-4B0A-AE05-8008059D7E99}" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe | 
"{156EDB3A-7098-4B9F-ACBA-99F028DA3F90}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{160C88EF-0A2B-4285-A6CF-6FF3023AAFAE}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | 
"{19BE2D54-D2BD-4598-B489-FE7A2EB2E362}" = protocol=6 | dir=in | app=c:\users\morena\appdata\roaming\dropbox\bin\dropbox.exe | 
"{224E12A1-E16A-4957-B162-5CFE0B605359}" = protocol=17 | dir=in | app=c:\users\morena\appdata\roaming\dropbox\bin\dropbox.exe | 
"{590B8539-FBE3-422E-875C-74F8F17697DA}" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe | 
"{A7A0FE13-7955-49F6-8DA7-E5E188C7011E}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | 
"{B81DDD11-3EC3-4C63-A58B-F3FEA5317E9E}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{CE566FE0-5DD5-4502-83B8-03B9EF7386E9}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{E6C1DEE0-5DD7-4FF7-9DE5-31320EF893DA}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"TCP Query User{115F0A07-C2E1-46E9-9B3D-B3ECC0AC7176}C:\users\morena\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\morena\appdata\roaming\dropbox\bin\dropbox.exe | 
"TCP Query User{93E883BE-A50F-4148-A119-395CA16871A1}C:\program files\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | 
"TCP Query User{D1E9D6B9-E72F-433C-91C0-A160F99FF58C}C:\program files\zattoo\zattood.exe" = protocol=6 | dir=in | app=c:\program files\zattoo\zattood.exe | 
"TCP Query User{FB32A0BA-A01E-4431-A643-CF1984FF2F5E}C:\program files\zattoo\zattoo.exe" = protocol=6 | dir=in | app=c:\program files\zattoo\zattoo.exe | 
"UDP Query User{65850458-F5C9-4D11-8941-140D3513A6D2}C:\program files\zattoo\zattood.exe" = protocol=17 | dir=in | app=c:\program files\zattoo\zattood.exe | 
"UDP Query User{7F5960DA-192F-4A50-B31B-D697C2DD9173}C:\program files\zattoo\zattoo.exe" = protocol=17 | dir=in | app=c:\program files\zattoo\zattoo.exe | 
"UDP Query User{BD6104E2-AD55-4D39-9FAE-B9716429390F}C:\usersxxxx\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\xxxxx\appdata\roaming\dropbox\bin\dropbox.exe | 
"UDP Query User{FACAE5D1-1D84-42F1-867D-10E2920E115D}C:\program files\itunes\itunes.exe" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (VAIO_VEDB)
"{04830D0F-F980-4EC0-89F1-594F2FD2A1B5}" = ElsterFormular 2008/2009
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}" = WD Diagnostics
"{0D25F7CC-B99C-44ee-9945-B14532B2BB7B}" = Canon MP830
"{17C7703E-0B2A-4593-9CB7-E2FE14B6F8EA}" = Sony Snymsico for Vista
"{1BCEA516-B4C5-4B2D-BFA0-AB7910BAD862}" = Adobe ExtendScript Toolkit 2
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"{2063C2E8-3812-4BBD-9998-6610F80C1DD4}" = VAIO Media AC3 Decoder 1.0
"{24960AC2-C413-4A86-B1C1-E4CCADCA44D3}" = VAIO Information FLOW
"{2A2FF7F5-6F0E-4A5D-A881-39365E718BD6}" = VAIO Cozy Orange Wallpaper
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{3D79DB6E-73DA-46C9-B8FA-DAE52108246F}" = OpenMG Secure Module 4.6.01
"{3EBD3749-304E-4A4C-9575-C00E5F015217}" = Apple Mobile Device Support
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{48820099-ED7D-424B-890C-9A82EF00656D}" = VAIO Update 3
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{500162A0-4DD5-460A-BAFD-895AAE48C532}" = VAIO Media Content Collection 6.0
"{500C3FDC-5E5F-485F-BDF5-2C445839CBE0}" = 
"{55B781F0-060E-11D4-99D7-00C04FCCB775}" = 
"{560F6B2E-F0DF-44E5-8190-A4A161F0E205}" = VAIO Media 6.0
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}" = VAIO Media Redistribution 6.0
"{59452470-A902-477F-9338-9B88101681BD}" = Setting Utility Series
"{5BBFB0E4-2250-49C3-A8A3-65BE2197D13B}" = MP3 Player Utilities 1.40
"{5E343EF6-D27C-4CFC-9FAE-9AAFB541BCEE}" = VAIO Photo 2007
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{685BCC47-B8EC-45EC-BBCE-77DF2451502C}" = DVgate Plus
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware
"{7782916E-3D46-4F1F-AC4B-3FB9D17049F4}" = Microsoft Antimalware Service DE-DE Language Pack
"{77A776C4-D10F-416D-88F0-53F2D9DCD9B3}" = Microsoft Security Client
"{785EB1D4-ECEC-4195-99B4-73C47E187721}" = VAIO Media Integrated Server 6.0
"{7FB12670-0F93-4E1E-B2F5-4F339199A03A}" = Microsoft SQL Server Native Client
"{849A32C3-E75A-4791-9B11-E568BA3525A4}" = Microsoft SQL Server VSS Writer
"{859B9BCA-5376-4566-9F88-C6C9DAA7A925}" = Microsoft Security Client DE-DE Language Pack
"{934A3213-1CB6-4264-84A2-EE080C017BCA}" = VAIO Tender Green Wallpaper
"{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}" = QuickTime
"{97260AE9-A1EE-492E-8DCC-FD0AFF785720}" = 
"{97BCD719-6ECB-458F-97D6-F38D2E07375E}" = VAIO Aqua Breeze Wallpaper
"{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 3.81
"{9E319E96-ED8E-4B01-9775-C521A1869A25}" = VAIO Power Management
"{9E407618-D9CD-4F39-9490-9ED45294073D}" = Click to DVD 2.0.05 Menu Data
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 4.2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A947C2B3-7445-42C4-9063-EE704CACCB22}" = VAIO Hardware Diagnostics
"{AC76BA86-7AD7-1031-7B44-A81000000003}" = Adobe Reader 8.1.0 - Deutsch
"{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}" = VAIO Media Registration Tool 6.0
"{B045B608-4A47-4C77-9EAD-06C394503306}" = iTunes
"{B480BD2A-F1BA-4FE6-8C8E-34C6111B72C9}" = ElsterFormular 2007/2008
"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update
"{C183A21C-395A-490F-99D4-CCAB35E32859}" = 
"{C1E693A4-B1D5-4DCD-B68D-2087835B7184}" = ScanSoft OmniPage SE 4.0
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}" = Presto! PageManager 7.15.14
"{D504303A-717D-414C-BA9F-FE01093E2EF8}" = Adobe Setup
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{E2B38044-AEF2-40AF-BDD8-FEDE799A8633}" = 
"{E4C7B3EF-B3DB-4BB6-A812-E8FAE47534D3}" = OpenOffice.org 2.2
"{E809063C-51A3-4269-8984-D1EB742F2151}" = Click to DVD 2.6.00
"{EF3D45BB-2260-4008-88EA-492E7744A9DF}" = Sony Utilities DLL
"{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}" = VAIO Event Service
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40C006E-7A31-45D8-A50B-683181F0DDC8}" = X-Stitch Studio
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" = 
"{FC37C108-821D-4EDE-8F40-D5B497586805}" = VAIO Control Center
"{FCCB0B43-7A6D-49A4-A5B3-B10F592F4EB6}" = LAN-Express AS IEEE 802.11 Wireless LAN
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe InDesign 2.0" = Adobe InDesign 2.0
"Adobe PageMaker 7.0" = Adobe PageMaker 7.0
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"Adobe_5bc0f8414ec36c555a3e7e5ec2e225e" = Adobe ExtendScript Toolkit 2
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"Browser Defender_is1" = Browser Defender 3.0
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"CutePDF Writer Installation" = CutePDF Writer 2.7
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Eazel-DE Toolbar" = Eazel-DE Toolbar
"ElsterFormular 11.4.1.4323" = ElsterFormular
"FeedReader_is1" = FeedReader
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"InstallShield_{3D79DB6E-73DA-46C9-B8FA-DAE52108246F}" = OpenMG Secure Module 4.6.01
"LastFM_is1" = Last.fm 1.5.1.30182
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox (3.0.19)" = Mozilla Firefox (3.0.19)
"Mozilla Thunderbird (2.0.0.6)" = Mozilla Thunderbird (2.0.0.6)
"MP Navigator 2.2" = Canon MP Navigator 2.2
"RegistryBooster 2_is1" = Uniblue RegistryBooster 2
"Revolver Office" = Revolver Office 6.6 r9 
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"Skype_is1" = Skype 2.5
"Spyware Doctor" = Spyware Doctor 8.0
"VB Runtime" = VB Runtime
"Win2PDF_is1" = Win2PDF 3.30
"Yahoo! Widget Engine" = Yahoo! Widgets
"YInstHelper" = Yahoo! Install Manager
"Zattoo" = Zattoo 3.3.4 Beta
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 03.05.2011 12:32:11 | Computer Name = xxxxx | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung firefox.exe, Version 1.9.0.3725, Zeitstempel
 0x4b9de18e, fehlerhaftes Modul ntdll.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9,
 Ausnahmecode 0xc0000005, Fehleroffset 0x00060e6b,  Prozess-ID 0x7d0, Anwendungsstartzeit
 01cc09afa6c78bfa.
 
Error - 03.05.2011 12:34:08 | Computer Name = xxxxx | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung firefox.exe, Version 1.9.0.3725, Zeitstempel
 0x4b9de18e, fehlerhaftes Modul ntdll.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9,
 Ausnahmecode 0xc0000005, Fehleroffset 0x00060e6b,  Prozess-ID 0x1744, Anwendungsstartzeit
 01cc09afecd88efa.
 
Error - 03.05.2011 12:34:25 | Computer Name = xxxxx | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 7.0.6000.17037, Zeitstempel
 0x4b9658a0, fehlerhaftes Modul ntdll.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9,
 Ausnahmecode 0xc0000005, Fehleroffset 0x00060e6b,  Prozess-ID 0x117c, Anwendungsstartzeit
 01cc09aff67cf90a.
 
Error - 03.05.2011 12:34:55 | Computer Name = xxxxx | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung firefox.exe, Version 1.9.0.3725, Zeitstempel
 0x4b9de18e, fehlerhaftes Modul ntdll.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9,
 Ausnahmecode 0xc0000005, Fehleroffset 0x00060e6b,  Prozess-ID 0x1334, Anwendungsstartzeit
 01cc09b0087690da.
 
Error - 03.05.2011 12:35:21 | Computer Name = xxxxx| Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Explorer.EXE, Version 6.0.6000.16771, Zeitstempel
 0x4907deda, fehlerhaftes Modul ntdll.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9,
 Ausnahmecode 0xc0000005, Fehleroffset 0x00060e6b,  Prozess-ID 0xb18, Anwendungsstartzeit
 01cc09b017b6adfa.
 
Error - 03.05.2011 12:37:32 | Computer Name = xxxxx | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Explorer.EXE, Version 6.0.6000.16771, Zeitstempel
 0x4907deda, fehlerhaftes Modul ntdll.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9,
 Ausnahmecode 0xc0000005, Fehleroffset 0x00060e6b,  Prozess-ID 0xc34, Anwendungsstartzeit
 01cc09b065d8349a.
 
Error - 09.05.2011 08:47:07 | Computer Name = xxxxx | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 7.0.6000.17037, Zeitstempel
 0x4b9658a0, fehlerhaftes Modul ntdll.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9,
 Ausnahmecode 0xc0000005, Fehleroffset 0x00060e6b,  Prozess-ID 0x16e8, Anwendungsstartzeit
 01cc0e472d7ac0a5.
 
Error - 09.05.2011 08:47:25 | Computer Name = xxxxx | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 7.0.6000.17037, Zeitstempel
 0x4b9658a0, fehlerhaftes Modul ntdll.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9,
 Ausnahmecode 0xc0000005, Fehleroffset 0x00060e6b,  Prozess-ID 0x16e8, Anwendungsstartzeit
 01cc0e472d7ac0a5.
 
Error - 09.05.2011 08:48:05 | Computer Name = xxxxx| Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung firefox.exe, Version 1.9.0.3725, Zeitstempel
 0x4b9de18e, fehlerhaftes Modul ntdll.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9,
 Ausnahmecode 0xc0000005, Fehleroffset 0x00060e6b,  Prozess-ID 0x1694, Anwendungsstartzeit
 01cc0e4741f229b5.
 
Error - 09.05.2011 08:49:22 | Computer Name = xxxxxx | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung chrome.exe, Version 0.0.0.0, Zeitstempel 0x4db90fe3,
 fehlerhaftes Modul ntdll.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9, Ausnahmecode
 0xc0000005, Fehleroffset 0x00060e6b,  Prozess-ID 0x9b4, Anwendungsstartzeit 01cc0e47838b6035.
 
[ System Events ]
Error - 03.05.2011 09:29:10 | Computer Name = xxxxx| Source = DCOM | ID = 10005
Description = 
 
Error - 03.05.2011 09:29:16 | Computer Name = xxxxx | Source = DCOM | ID = 10005
Description = 
 
Error - 03.05.2011 09:29:20 | Computer Name = xxxxxx | Source = DCOM | ID = 10005
Description = 
 
Error - 03.05.2011 09:30:00 | Computer Name = xxxxx | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 03.05.2011 09:30:00 | Computer Name = xxxxx | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 03.05.2011 09:30:00 | Computer Name = xxxxx | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 03.05.2011 09:31:00 | Computer Name = xxxxx | Source = DCOM | ID = 10005
Description = 
 
Error - 03.05.2011 09:33:01 | Computer Name = xxxxx | Source = DCOM | ID = 10005
Description = 
 
Error - 03.05.2011 09:46:06 | Computer Name = xxxxx | Source = DCOM | ID = 10005
Description = 
 
Error - 03.05.2011 09:52:36 | Computer Name = xxxxx | Source = Microsoft Antimalware | ID = 3002
Description = Fehler in %%860-Echtzeitschutzfunktion.     Funktion: %%835     Fehlercode: 
0x80004005     Fehlerbeschreibung: Unbekannter Fehler      Ursache: %%842
 
 
< End of report >

Trojan:Win32/FakeSysdef - wie entferne ich ihn?

Plagegeister aller Art und deren Bekämpfung: Trojan:Win32/FakeSysdef - wie entferne ich ihn?

Trojan:Win32/FakeSysdef - wie entferne ich ihn?

Ähnliche Themen: Trojan:Win32/FakeSysdef - wie entferne ich ihn?