BKA Trojaner
 

Wie schon in vielen Beiträgen hier ,
habe ich auch das Problem das mein Pc durch Windows gesperrt wurde.
Habe den olt scann gemacht und bitte um Hilfe.


OTL Extras logfile created on: 22.01.2012 15:19:30 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\***\Downloads
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

1,75 Gb Total Physical Memory | 1,15 Gb Available Physical Memory | 66,06% Memory free
3,71 Gb Paging File | 3,29 Gb Available in Paging File | 88,62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 50,79 Gb Total Space | 19,59 Gb Free Space | 38,58% Space Free | Partition Type: NTFS
Drive D: | 51,00 Gb Total Space | 37,41 Gb Free Space | 73,36% Space Free | Partition Type: NTFS

Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1"
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Program Files\ParetoLogic\PCHA\noapp.exe %1 (ParetoLogic)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AntiVirusDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{626F262A-7621-43E4-8060-4B9BF71FD271}" = dir=in | app=c:\program files\cyberlink\powerdvd\powerdvd.exe |
"{D529F2B2-7DC5-4513-A36C-C496993F3A5B}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"TCP Query User{2C3D6934-14A9-4B24-8791-970730EC6908}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"TCP Query User{35BFBFA6-E910-41BE-8472-0526C04DF22B}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{13E94608-B009-4565-BA78-BB4C46A4B73C}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{E7087853-3A1B-42BC-B70E-DA304B8B2B3F}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00AF10C1-44BD-4862-9D7F-24E6BA3E87FD}" = imagine digital freedom - Samsung
"{04983D37-2202-4295-94A2-8B547C66133F}" = Atheros WLAN Client
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{082DF5B7-6572-6B88-F9F3-E1A41707F4A7}" = CCC Help Czech
"{0EE315C8-0081-8B6B-12AF-D26BBF275A82}" = CCC Help Korean
"{10F29C04-6DFA-65AD-B5AA-744255B4D7C8}" = CCC Help Polish
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution II
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{1AD8819A-70E8-4380-92DA-F5B2421DAE35}" = G Data AntiVirus 2012
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 23
"{287A32EF-A420-6596-ADDA-A9DE9A897796}" = CCC Help Portuguese
"{2AE84E70-5E53-C8B0-F423-C6494B4FEBED}" = CCC Help German
"{2EB709B5-0355-B855-8CC0-00821C49DA8B}" = Catalyst Control Center Localization Dutch
"{2F00CF0D-C670-9BD6-51FD-8DD1A0A42E37}" = Catalyst Control Center Localization Czech
"{2F2BB2EC-8494-3C43-6ABF-FEF5C05F3DA6}" = Catalyst Control Center Localization Polish
"{313EAEC4-F4E1-31B9-4F38-107FF621B31F}" = CCC Help Turkish
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}" = Samsung Magic Doctor
"{32E64DF2-8426-C9E0-2829-5485AB959225}" = Catalyst Control Center Core Implementation
"{3345B08C-5CAF-AF8C-301C-1B159BB51556}" = Catalyst Control Center Localization Japanese
"{36BEAD11-8577-49AD-9250-E06A50AE87B0}" = Microsoft SOAP Toolkit 2.0 SP2
"{3C25440D-FBA4-A668-D088-26842B689ADB}" = CCC Help French
"{3CBF3EBB-235D-4c29-A68B-2BB1F428586E}" = ParetoLogic PC Health Advisor
"{3DFAF6BC-4FE2-5B0D-1C9B-F2055968277B}" = Catalyst Control Center Localization German
"{3FFE6A7B-13B9-494C-29D7-EB46E9E6646C}" = Catalyst Control Center Localization Russian
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 5.0
"{436B50D2-4CA3-A53D-00CF-482A886A1524}" = CCC Help Finnish
"{45E2C43E-C111-4E4D-9C3C-65EE5D3C8A17}" = OpenOffice.org 3.3
"{46623DE3-FDA8-2141-C951-1A2DFA420D03}" = Skins
"{480F7F23-279B-96A4-FAD2-7014D36B79C4}" = Catalyst Control Center Localization Turkish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EA8EA5D-8E46-4698-9BF7-2F2AD8E1C185}" = Easy Network Manager 3.0
"{55D39D7E-0475-450B-A7A9-919EBCBC9F53}" = Camera RAW Plug-In for EPSON Creativity Suite
"{56682EAB-48F1-7187-4F48-1FF9645A1D07}" = Catalyst Control Center Localization Finnish
"{5E031BFC-0827-26D4-FDD3-B8D68472DAE1}" = Catalyst Control Center Localization Portuguese
"{5F29B192-AE83-2636-747D-C5D83E79E8FE}" = Catalyst Control Center Localization Chinese Traditional
"{5FE21275-8D6C-CD0F-5B36-394636C0D264}" = CCC Help Thai
"{6001A55E-2A00-C407-67DB-DCFB3E0CD6F2}" = Catalyst Control Center Graphics Previews Vista
"{6290211A-CB26-FD7E-F214-21B15A5F7C87}" = Catalyst Control Center Localization Korean
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{681C334E-6E93-84BF-E371-26109B7BF8B8}" = Catalyst Control Center Localization Italian
"{685707A4-911C-468D-BFC4-64A50E5E3A0C}" = Samsung Update Plus
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B898739-AE0B-574E-9E7F-DCC7907372A0}" = CCC Help English
"{6B991234-EB5B-4FB3-5873-3946854F0850}" = Catalyst Control Center Localization Hungarian
"{6F730513-8688-4C3C-90A3-6B9792CE2EF3}" = Easy Battery Manager
"{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1" = Auslogics BoostSpeed
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79538CDE-83AC-0264-3125-145F33D63B88}" = Catalyst Control Center Graphics Light
"{7A00BF8A-A7E5-D3E0-B17F-06BC5AEC48F6}" = CCC Help Japanese
"{7D97029D-B047-F3A1-D6C0-BFF3647AC943}" = Catalyst Control Center Localization French
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{87009005-9492-1307-F01A-25C1554F4F32}" = ccc-core-static
"{87824C5E-2830-63FC-177E-05E16F55F596}" = CCC Help Swedish
"{8E8FFB67-9316-F95E-969F-402722568272}" = CCC Help Italian
"{955597D8-E5E1-474D-B647-60AC44566D24}" = Play AVStation
"{961DC9E8-DDAF-6271-AD0A-689909295476}" = CCC Help Chinese Standard
"{A413023B-583C-4BDD-A639-346B1579DC01}" = Catalyst Control Center Localization Thai
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A54A1F3D-E2E0-C9F9-8112-8F0C5A6B06E0}" = Catalyst Control Center Localization Swedish
"{A5C67209-3FC7-A6FF-F7FB-079586F223CC}" = Catalyst Control Center Localization Danish
"{A7A27439-E5CD-AF54-FD49-8A08354D5122}" = Catalyst Control Center Localization Chinese Standard
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.0 - Deutsch
"{AD92E291-E249-4AAD-C8FF-BAF0FC7AFE9C}" = CCC Help Greek
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B15C935A-8944-937D-6FA4-D69BEFFEA643}" = CCC Help Spanish
"{B7263C56-AED3-3D55-918C-E0BAFCCBF0C7}" = CCC Help Russian
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{BB219FC1-008E-7D0D-91A0-CAE6D03DAC8C}" = Catalyst Control Center Localization Norwegian
"{C550F812-14C4-23F5-F369-6761A9C0E864}" = CCC Help Dutch
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint 2.0
"{CAED2BFB-E4D5-D367-7179-D09E73C85938}" = Catalyst Control Center Localization Greek
"{CAF81DB8-F5DC-DF09-18A6-DD61635305E8}" = CCC Help Chinese Traditional
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! 1.0
"{D4186013-EE74-7570-17D3-38BC3632D51A}" = CCC Help Norwegian
"{D5A9B7C0-8751-11D8-9D75-000129760D75}" = MediaShow
"{D9CE4019-982E-BF95-18CE-5EBB5D75D939}" = Catalyst Control Center Graphics Full New
"{DDD45306-E4F0-D309-447F-7B1A0F6F9CAB}" = Catalyst Control Center Localization Spanish
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe 1.4.124.1
"{E28201F3-2C09-FCD1-6934-84A3A9E4F0BF}" = CCC Help Danish
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4A7EE8F-94F0-374C-E4F2-B7CDDE56ECA8}" = Catalyst Control Center Graphics Full Existing
"{F790AD19-127F-9BD7-2655-13E3DA0D7BC2}" = ccc-utility
"{FC20E3FB-60DB-8CFB-4649-CB2F2092F6B2}" = CCC Help Hungarian
"{FD53302C-8E7B-4730-8AD8-86A889BDBFAB}" = AVStation Now
"{FEB2D0CA-9912-4AA1-8FBE-CFD852F9F1FC}" = Panda Cloud Antivirus
"30d1f9df6e6bc9f26b2b50f5c59a2dfb" = Dreamland Extended Edition
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"AVG Secure Search" = AVG Security Toolbar
"BFGC" = Big Fish Games: Game Manager
"BFG-Empress of the Deep 2 - Der Gesang des Blauwals Sammleredition" = Empress of the Deep 2: Der Gesang des Blauwals Sammleredition
"conduitEngine" = Conduit Engine
"DSGPlayer" = RTL GAME CENTER
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"EPSON Scanner" = EPSON Scan
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Glary Utilities_is1" = Glary Utilities 2.38.0.1288
"InstallShield_{4EA8EA5D-8E46-4698-9BF7-2F2AD8E1C185}" = Easy Network Manager 3.0
"InstallShield_{685707A4-911C-468D-BFC4-64A50E5E3A0C}" = Samsung Update Plus
"InstallShield_{955597D8-E5E1-474D-B647-60AC44566D24}" = Play AVStation
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"InstallShield_{FD53302C-8E7B-4730-8AD8-86A889BDBFAB}" = AVStation Now
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 9.0.1 (x86 de)" = Mozilla Firefox 9.0.1 (x86 de)
"Panda Cloud Antivirus" = Panda Cloud Antivirus
"RegClean Pro_is1" = RegClean Pro
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"VLC media player" = VLC media player 1.1.11
"Zylom Games Player Plugin" = Zylom Games Player Plugin

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 22.01.2012 02:42:52 | Computer Name = *** | Source = EventSystem | ID = 4609
Description =

Error - 22.01.2012 03:04:50 | Computer Name = *** | Source = System Restore | ID = 8193
Description =

Error - 22.01.2012 03:41:50 | Computer Name = *** | Source = EventSystem | ID = 4609
Description =

Error - 22.01.2012 03:44:19 | Computer Name = *** | Source = WerSvc | ID = 5007
Description =

Error - 22.01.2012 04:00:26 | Computer Name = *** | Source = EventSystem | ID = 4621
Description =

Error - 22.01.2012 06:54:49 | Computer Name = *** | Source = EventSystem | ID = 4621
Description =

Error - 22.01.2012 07:47:00 | Computer Name = *** | Source = WerSvc | ID = 5007
Description =

Error - 22.01.2012 07:55:04 | Computer Name = *** | Source = EventSystem | ID = 4609
Description =

Error - 22.01.2012 08:57:08 | Computer Name = *** | Source = EventSystem | ID = 4609
Description =

Error - 22.01.2012 09:15:20 | Computer Name = *** | Source = Microsoft-Windows-CAPI2 | ID = 131584
Description =

[ System Events ]
Error - 22.01.2012 09:17:49 | Computer Name = *** | Source = Service Control Manager | ID = 7001
Description =

Error - 22.01.2012 09:17:49 | Computer Name = *** | Source = Service Control Manager | ID = 7001
Description =

Error - 22.01.2012 09:17:49 | Computer Name = *** | Source = Service Control Manager | ID = 7001
Description =

Error - 22.01.2012 09:17:49 | Computer Name = *** | Source = Service Control Manager | ID = 7026
Description =

Error - 22.01.2012 09:36:29 | Computer Name = *** | Source = DCOM | ID = 10005
Description =

Error - 22.01.2012 09:51:43 | Computer Name = *** | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 22.01.2012 um 14:43:32 unerwartet heruntergefahren.

Error - 22.01.2012 09:52:08 | Computer Name = *** | Source = DCOM | ID = 10005
Description =

Error - 22.01.2012 09:52:16 | Computer Name = *** | Source = DCOM | ID = 10005
Description =

Error - 22.01.2012 09:52:19 | Computer Name = *** | Source = DCOM | ID = 10005
Description =

Error - 22.01.2012 09:52:19 | Computer Name = *** | Source = DCOM | ID = 10005
Description =


< End of report >

hi,
1. warum hat dein windows noch niemals updates gesehen?
2. otl.txt fehlt, bitte noch posten :-)