Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: "Aus Sicherheitsgründen wurde Ihr Windows-System blockiert"

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 08.12.2011, 23:55   #1
pataki
 
"Aus Sicherheitsgründen wurde Ihr Windows-System blockiert" - Standard

"Aus Sicherheitsgründen wurde Ihr Windows-System blockiert"



Hey,
bekomme die gleiche Meldung wie einige andere hier von wegen mein System wurde wegen pornographischer Seiten blockiert und ich soll Geld bezahlen. Hab nun wie beschrieben OTL durchlaufen lassen und Folgendes an logfiles (?) herausbekommen:

OTL logfile created on: 08.12.2011 23:44:18 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = D:\
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2,96 Gb Total Physical Memory | 2,35 Gb Available Physical Memory | 79,46% Memory free
6,12 Gb Paging File | 5,67 Gb Available in Paging File | 92,53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 134,36 Gb Total Space | 29,61 Gb Free Space | 22,04% Space Free | Partition Type: NTFS
Drive D: | 1,88 Gb Total Space | 1,73 Gb Free Space | 91,71% Space Free | Partition Type: FAT
Drive E: | 14,65 Gb Total Space | 5,30 Gb Free Space | 36,16% Space Free | Partition Type: NTFS

Computer Name: COMPUTER | User Name: Winona | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - D:\OTL.exe (OldTimer Tools)


========== Modules (No Company Name) ==========


========== Win32 Services (SafeList) ==========

SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
SRV:64bit: - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV:64bit: - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe ()
SRV:64bit: - (McODS) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV:64bit: - (MSK80Service) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNASvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (mcmscsvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_15f4e438\STacSV64.exe ()
SRV:64bit: - (AESTFilters) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe ()
SRV:64bit: - (wltrysvc) -- C:\Windows\SysNative\WLTRYSVC.EXE ()
SRV:64bit: - (yksvc) -- C:\Windows\SysNative\rundll32.exe ()
SRV - (SftService) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks)
SRV - (DockLoginService) -- C:\Programme\Dell\DellDock\DockLogin.exe (Stardock Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (IAANTMON) Intel(R) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\Drivers\usbaapl64.sys ()
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys ()
DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys ()
DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys ()
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys ()
DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys ()
DRV:64bit: - (mferkdet) -- C:\Windows\SysNative\drivers\mferkdet.sys ()
DRV:64bit: - (mfenlfk) -- C:\Windows\SysNative\DRIVERS\mfenlfk.sys ()
DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys ()
DRV:64bit: - (sptd) -- C:\Windows\SysNative\Drivers\sptd.sys ()
DRV:64bit: - (ewusbnet) -- C:\Windows\SysNative\DRIVERS\ewusbnet.sys ()
DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\DRIVERS\ewusbmdm.sys ()
DRV:64bit: - (hwusbdev) -- C:\Windows\SysNative\DRIVERS\ewusbdev.sys ()
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys ()
DRV:64bit: - (RTSTOR) -- C:\Windows\SysNative\drivers\RTSTOR64.SYS ()
DRV:64bit: - (igfx) -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys ()
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\DRIVERS\stwrt64.sys ()
DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\DRIVERS\Apfiltr.sys ()
DRV:64bit: - (BCM42RLY) -- C:\Windows\SysNative\drivers\BCM42RLY.sys ()
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys ()
DRV:64bit: - (yukonx64) -- C:\Windows\SysNative\DRIVERS\yk60x64.sys ()
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iastor.sys ()
DRV:64bit: - (e1express) Intel(R) -- C:\Windows\SysNative\DRIVERS\e1e6032e.sys ()
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\Drivers\PxHlpa64.sys ()
DRV:64bit: - (R300) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys ()

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.tagesschau.de/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\2.0.31005.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.7.1: C:\Users\Winona\AppData\Local\Yahoo!\BrowserPlus\2.7.1\Plugins\npybrowserplus_2.7.1.dll (Yahoo! Inc.)



Hosts file not found
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\McAfee\MSK\mskapbho64.dll ()
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\McAfee\SystemCore\ScriptSn.20110113190639.dll (McAfee, Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7018.1622\swg64.dll (Google Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110113190639.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Windows\SysNative\WLTRAY.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe ()
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe ()
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe ()
O4:64bit: - HKLM..\Run: [QuickSet] C:\Programme\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter File not found
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKCU..\Run: [{D10FAEFA-A63C-11DE-B098-806E6F6E6963}] C:\Users\Winona\AppData\Roaming\Microsoft\svhcost.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun File not found
O4 - HKCU..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent File not found
O4 - Startup: C:\Users\Winona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
O4 - Startup: C:\Users\Winona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Winona\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Winona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Nikon Monitor.lnk = C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe (Nikon Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Winona\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll/cmsidewiki.html File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Winona\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab (GMNRev Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7E522F9E-6D69-4392-BD7C-B3AA8494080E}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A01B1734-56DB-4309-B354-B5479DAA1351}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F8C52D0C-C9FD-4DB5-8532-58F270898441}: DhcpNameServer = 193.189.244.225 193.189.244.206
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe ()
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll ()
O20 - Winlogon\Notify\fdewuqe: DllName - (C:\Windows\system32\config\systemprofile\AppData\Local\fdewuqe.dll) - C:\Windows\SysWOW64\config\systemprofile\AppData\Local\fdewuqe.dll ()
O20 - Winlogon\Notify\yimhsay: DllName - (C:\Windows\system32\config\systemprofile\AppData\Local\yimhsay.dll) - C:\Windows\SysWOW64\config\systemprofile\AppData\Local\yimhsay.dll ()
O24 - Desktop WallPaper: C:\Users\Winona\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Winona\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004.04.30 23:01:00 | 000,000,053 | -HS- | M] () - E:\AUTORUN.INF -- [ NTFS ]
O33 - MountPoints2\{53d75bee-f4d6-11e0-b4c4-0025645f69a3}\Shell - "" = AutoRun
O33 - MountPoints2\{53d75bee-f4d6-11e0-b4c4-0025645f69a3}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{53d75bfe-f4d6-11e0-b4c4-0025645f69a3}\Shell - "" = AutoRun
O33 - MountPoints2\{53d75bfe-f4d6-11e0-b4c4-0025645f69a3}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.12.08 23:43:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2011.11.26 23:26:46 | 000,000,000 | ---D | C] -- C:\Users\Winona\.tuxguitar-1.2
[2011.11.26 15:44:55 | 000,000,000 | ---D | C] -- C:\Windows\system64

========== Files - Modified Within 30 Days ==========

[2011.12.08 23:46:14 | 001,439,526 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.12.08 23:46:14 | 000,632,850 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.12.08 23:46:14 | 000,586,568 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.12.08 23:46:14 | 000,127,192 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.12.08 23:46:14 | 000,100,640 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.12.08 23:41:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.12.08 23:40:45 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.12.08 23:40:45 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.12.08 23:33:00 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\At48.job
[2011.12.08 23:33:00 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At47.job
[2011.12.08 23:29:07 | 000,000,433 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2011.12.08 23:28:51 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.12.08 23:12:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.12.08 22:33:00 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\At46.job
[2011.12.08 22:33:00 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At45.job
[2011.12.08 17:33:00 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At35.job
[2011.12.08 17:32:59 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\At36.job
[2011.12.08 01:33:00 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\At4.job
[2011.12.08 01:33:00 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At3.job
[2011.12.08 00:33:00 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\At2.job
[2011.12.08 00:33:00 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At1.job
[2011.12.07 21:56:57 | 004,992,940 | ---- | M] () -- C:\Users\Winona\catastrophe.MP3
[2011.12.07 21:33:00 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\At44.job
[2011.12.07 21:33:00 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At43.job
[2011.12.07 14:33:00 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\At30.job
[2011.12.07 14:33:00 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At29.job
[2011.12.06 20:33:00 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At41.job
[2011.12.06 20:32:59 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\At42.job
[2011.12.05 13:33:00 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\At28.job
[2011.12.05 13:33:00 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At27.job
[2011.12.05 02:33:00 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\At6.job
[2011.12.05 02:33:00 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At5.job
[2011.12.04 19:33:00 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\At40.job
[2011.12.04 19:33:00 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At39.job
[2011.12.04 18:33:00 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\At38.job
[2011.12.04 18:33:00 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At37.job
[2011.12.02 12:37:57 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\At8.job
[2011.12.02 12:37:57 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\At34.job
[2011.12.02 12:37:57 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\At32.job
[2011.12.02 12:37:57 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\At26.job
[2011.12.02 12:37:57 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\At24.job
[2011.12.02 12:37:57 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\At22.job
[2011.12.02 12:37:57 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\At20.job
[2011.12.02 12:37:57 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\At18.job
[2011.12.02 12:37:57 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\At16.job
[2011.12.02 12:37:57 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\At14.job
[2011.12.02 12:37:57 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At9.job
[2011.12.02 12:37:57 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At7.job
[2011.12.02 12:37:57 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At33.job
[2011.12.02 12:37:57 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At31.job
[2011.12.02 12:37:57 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At25.job
[2011.12.02 12:37:57 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At23.job
[2011.12.02 12:37:57 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At21.job
[2011.12.02 12:37:57 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At19.job
[2011.12.02 12:37:57 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At17.job
[2011.12.02 12:37:57 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At15.job
[2011.12.02 12:37:56 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\At12.job
[2011.12.02 12:37:56 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\At10.job
[2011.12.02 12:37:56 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At13.job
[2011.12.02 12:37:56 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At11.job
[2011.12.01 23:45:30 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\1lEU0iGc.com.b
[2011.12.01 23:44:44 | 000,116,224 | ---- | M] () -- C:\Windows\SysWow64\1lEU0iGc.com_
[2011.12.01 23:44:44 | 000,000,112 | ---- | M] () -- C:\ProgramData\744PE0G.dat
[2011.11.26 22:26:12 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.11.13 21:36:34 | 000,000,992 | ---- | M] () -- C:\Users\Public\Desktop\Paint.NET.lnk

========== Files Created - No Company Name ==========

[2011.12.07 21:56:51 | 004,992,940 | ---- | C] () -- C:\Users\Winona\catastrophe.MP3
[2011.12.01 23:45:30 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\1lEU0iGc.com.b
[2011.12.01 23:42:39 | 000,000,356 | ---- | C] () -- C:\Windows\tasks\At48.job
[2011.12.01 23:42:39 | 000,000,356 | ---- | C] () -- C:\Windows\tasks\At46.job
[2011.12.01 23:42:39 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At47.job
[2011.12.01 23:42:39 | 000,000,112 | ---- | C] () -- C:\ProgramData\744PE0G.dat
[2011.12.01 23:42:38 | 000,000,356 | ---- | C] () -- C:\Windows\tasks\At44.job
[2011.12.01 23:42:38 | 000,000,356 | ---- | C] () -- C:\Windows\tasks\At42.job
[2011.12.01 23:42:38 | 000,000,356 | ---- | C] () -- C:\Windows\tasks\At40.job
[2011.12.01 23:42:38 | 000,000,356 | ---- | C] () -- C:\Windows\tasks\At38.job
[2011.12.01 23:42:38 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At45.job
[2011.12.01 23:42:38 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At43.job
[2011.12.01 23:42:38 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At41.job
[2011.12.01 23:42:38 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At39.job
[2011.12.01 23:42:38 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At37.job
[2011.12.01 23:42:37 | 000,000,356 | ---- | C] () -- C:\Windows\tasks\At36.job
[2011.12.01 23:42:37 | 000,000,356 | ---- | C] () -- C:\Windows\tasks\At34.job
[2011.12.01 23:42:37 | 000,000,356 | ---- | C] () -- C:\Windows\tasks\At32.job
[2011.12.01 23:42:37 | 000,000,356 | ---- | C] () -- C:\Windows\tasks\At30.job
[2011.12.01 23:42:37 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At35.job
[2011.12.01 23:42:37 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At33.job
[2011.12.01 23:42:37 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At31.job
[2011.12.01 23:42:37 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At29.job
[2011.12.01 23:42:36 | 000,000,356 | ---- | C] () -- C:\Windows\tasks\At28.job
[2011.12.01 23:42:36 | 000,000,356 | ---- | C] () -- C:\Windows\tasks\At26.job
[2011.12.01 23:42:36 | 000,000,356 | ---- | C] () -- C:\Windows\tasks\At24.job
[2011.12.01 23:42:36 | 000,000,356 | ---- | C] () -- C:\Windows\tasks\At22.job
[2011.12.01 23:42:36 | 000,000,356 | ---- | C] () -- C:\Windows\tasks\At20.job
[2011.12.01 23:42:36 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At27.job
[2011.12.01 23:42:36 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At25.job
[2011.12.01 23:42:36 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At23.job
[2011.12.01 23:42:36 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At21.job
[2011.12.01 23:42:36 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At19.job
[2011.12.01 23:42:35 | 000,000,356 | ---- | C] () -- C:\Windows\tasks\At18.job
[2011.12.01 23:42:35 | 000,000,356 | ---- | C] () -- C:\Windows\tasks\At16.job
[2011.12.01 23:42:35 | 000,000,356 | ---- | C] () -- C:\Windows\tasks\At14.job
[2011.12.01 23:42:35 | 000,000,356 | ---- | C] () -- C:\Windows\tasks\At12.job
[2011.12.01 23:42:35 | 000,000,356 | ---- | C] () -- C:\Windows\tasks\At10.job
[2011.12.01 23:42:35 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At9.job
[2011.12.01 23:42:35 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At17.job
[2011.12.01 23:42:35 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At15.job
[2011.12.01 23:42:35 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At13.job
[2011.12.01 23:42:35 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At11.job
[2011.12.01 23:42:34 | 000,000,356 | ---- | C] () -- C:\Windows\tasks\At8.job
[2011.12.01 23:42:34 | 000,000,356 | ---- | C] () -- C:\Windows\tasks\At6.job
[2011.12.01 23:42:34 | 000,000,356 | ---- | C] () -- C:\Windows\tasks\At4.job
[2011.12.01 23:42:34 | 000,000,356 | ---- | C] () -- C:\Windows\tasks\At2.job
[2011.12.01 23:42:34 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At7.job
[2011.12.01 23:42:34 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At5.job
[2011.12.01 23:42:34 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At3.job
[2011.12.01 23:42:33 | 000,116,224 | ---- | C] () -- C:\Windows\SysWow64\1lEU0iGc.com_
[2011.12.01 23:42:33 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At1.job
[2011.11.13 21:36:34 | 000,000,992 | ---- | C] () -- C:\Users\Public\Desktop\Paint.NET.lnk
[2011.10.07 01:28:28 | 000,000,000 | ---- | C] () -- C:\Users\Winona\AppData\Roaming\TS3Patch.lck
[2011.01.19 11:33:52 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011.01.10 18:54:11 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.11.14 18:48:57 | 000,000,432 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010.11.14 18:48:57 | 000,000,034 | ---- | C] () -- C:\Windows\SysWow64\BD7030.DAT
[2010.11.14 18:42:49 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\BRLMW03A.INI
[2010.11.14 18:39:45 | 000,031,664 | ---- | C] () -- C:\Windows\maxlink.ini
[2010.08.07 13:26:40 | 000,001,050 | ---- | C] () -- C:\Windows\eReg.dat
[2010.04.18 16:09:08 | 000,000,680 | ---- | C] () -- C:\Users\Winona\AppData\Local\d3d9caps.dat
[2009.10.25 15:17:33 | 000,007,168 | ---- | C] () -- C:\Users\Winona\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.09.29 22:41:23 | 000,000,122 | ---- | C] () -- C:\Windows\ViewNX.INI
[2009.09.29 22:25:11 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Image Manipulation
[2009.09.29 22:25:11 | 000,000,268 | RH-- | C] () -- C:\Users\Winona\AppData\Roaming\Hybrid Morph
[2009.09.29 22:25:11 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdw.DAT
[2009.09.29 22:25:11 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Internet Services
[2009.09.29 22:19:47 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Icons
[2009.09.29 22:19:47 | 000,000,268 | RH-- | C] () -- C:\Users\Winona\AppData\Roaming\Hybrid Basic
[2009.09.29 22:19:47 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
[2009.09.29 22:19:47 | 000,000,012 | RH-- | C] () -- C:\ProgramData\InkjetPrinter
[2009.09.21 07:56:52 | 000,982,196 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2009.09.21 07:56:51 | 000,417,344 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2009.09.21 07:56:51 | 000,139,824 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009.09.21 07:56:51 | 000,097,448 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2009.04.30 11:52:55 | 000,106,605 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009.04.30 11:52:55 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2008.01.21 03:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008.01.21 03:49:49 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2006.11.02 16:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006.11.02 13:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006.11.02 13:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006.11.02 10:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

< End of report >

und:

OTL Extras logfile created on: 08.12.2011 23:44:18 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = D:\
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2,96 Gb Total Physical Memory | 2,35 Gb Available Physical Memory | 79,46% Memory free
6,12 Gb Paging File | 5,67 Gb Available in Paging File | 92,53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 134,36 Gb Total Space | 29,61 Gb Free Space | 22,04% Space Free | Partition Type: NTFS
Drive D: | 1,88 Gb Total Space | 1,73 Gb Free Space | 91,71% Space Free | Partition Type: FAT
Drive E: | 14,65 Gb Total Space | 5,30 Gb Free Space | 36,16% Space Free | Partition Type: NTFS

Computer Name: COMPUTER | User Name: Winona | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe ()

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" ()
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l ()
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" ()
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0DE6A74F-7BBE-4D57-88F5-64D38E523981}" = lport=2869 | protocol=6 | dir=in | app=system |
"{11C39C34-ADD6-4F6B-95A2-E4621530BCE5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{121908D2-1691-496D-948E-108DA4A41433}" = lport=2869 | protocol=6 | dir=in | app=system |
"{64A35FDE-E90D-4E89-81A2-D30F7CC461D5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{64B5AA1C-6FAA-4F65-95E7-C571A8AB259C}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{80621A4F-E90D-49C3-97E0-CC0E49AD9F03}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{A78A1A15-813F-4B03-A7FA-2644082B8FB0}" = rport=2869 | protocol=6 | dir=out | app=system |
"{AA847A43-572A-487C-8918-35D8F859BFAA}" = lport=80 | protocol=6 | dir=in | name=minecraft |
"{C2846B4C-90D4-4093-BE0A-F28CCA4D14B5}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{E1E09CE2-481F-4A80-B636-88E10113E692}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F83862E7-3C91-47E4-B8E5-B3B39419F304}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01C44EB8-B8CB-4545-A92F-5F0BECAC0F72}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\powerdvd.exe |
"{0739852D-4347-4AFA-BF6D-0C889AF29F80}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{33C8493A-50A6-4F74-92E8-17798EAE9961}" = dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{3A2A75ED-1FD0-41E0-845A-638FB3D07253}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{4A223A8A-FECA-4389-A157-0F85E429B315}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{607170A7-D9E3-4F85-984E-EA246CA08715}" = protocol=17 | dir=in | app=c:\users\winona\appdata\roaming\dropbox\bin\dropbox.exe |
"{65A185EA-9984-4739-BE76-1FA3387A5152}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{95D51404-B92C-4DCF-9654-BDE36AF53A00}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{A5F7DC96-E6E9-439C-9A49-9BCFA1D989EB}" = protocol=6 | dir=in | app=c:\program files (x86)\dell video chat\dellvideochat.exe |
"{A8677778-7117-4CB6-B551-087629EE825E}" = dir=in | app=c:\program files (x86)\common files\mcafee\mna\mcnasvc.exe |
"{BA95E8BA-A4FD-4529-A92B-82D07D7E90AB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C9D9996F-7B27-4F8F-A163-2F1B829123A0}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{D0C24BF4-6750-406F-9975-C63C604532A8}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{D1859B60-8A58-4D3B-8407-7AE0072A913D}" = protocol=6 | dir=in | app=c:\users\winona\appdata\roaming\dropbox\bin\dropbox.exe |
"{D5E73061-9247-45DE-A789-857F108ED346}" = protocol=17 | dir=in | app=c:\users\winona\desktop\minecraft-server\minecraft_server.exe |
"{D9CACEA4-5658-4B1F-86A9-213685A614ED}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{E43BDEE7-507B-4110-A91C-5CB1BB5BEBD1}" = protocol=6 | dir=in | app=c:\users\winona\desktop\minecraft-server\minecraft_server.exe |
"{E9CCD93A-D566-4BA4-8E4A-CE3241F81B0A}" = protocol=17 | dir=in | app=c:\program files (x86)\dell video chat\dellvideochat.exe |
"{FA5C6D79-3632-4D29-8F0D-003A2F8119C2}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{FADE5D7F-A9B4-4C42-8681-63DC715D17B6}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"TCP Query User{93231564-F971-4496-8366-DC9CA3DDA895}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{9CD0ED03-1553-4B49-A2EF-4F38E3BEA34B}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{500E4C97-A2B0-4BD4-A3DC-8FB1DDCCB324}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{FC49574C-DF6B-44E9-BCD5-3A55A7FB5ECB}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1545207E-C6F3-31D7-9918-BDBB65075FBF}" = Microsoft .NET Framework 3.5 Language Pack - deu
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86416013FF}" = Java(TM) 6 Update 13 (64-bit)
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9545E9DB-6F4C-4404-BF25-E221BE8B44C5}" = iTunes
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}" = PaperPort Image Printer 64-bit
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}" = Bonjour
"{E60B7350-EA5F-41E0-9D6F-E508781E36D2}" = Dell Dock
"Broadcom 802.11 Application" = Dell Wireless WLAN Card Utility
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Microsoft .NET Framework 3.5 Language Pack - deu" = Microsoft .NET Framework 3.5 Language Pack - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"WinRAR archiver" = WinRAR

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}" = Microsoft Visual C++ 2005 Redistributable
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{095B1DCF-5E8B-47EC-9B18-481918A731DB}" = Microsoft Default Manager
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}" = Dell DataSafe Online
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 24
"{299CF645-48C7-4FA1-8BCD-5CE200CF180D}" = Microsoft Search Enhancement Pack
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = Die Sims™ 3 Late Night
"{452473D3-1D26-4E61-8060-3B216620D60C}_is1" = Fahren Lernen Offline 1.2
"{46E1B1F2-A279-4356-9B17-029F9CC72EAE}" = Brother MFL-Pro Suite
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{566BAEC0-74CB-4ACC-9E18-8779AC974FB0}" = Windows Live Toolbar
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{7A8FF745-BBC5-482B-88E4-18D3178249A9}" = ScanSoft PaperPort 11
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{835686C5-8650-49EB-8CA0-4528B4035495}" = Windows Live Call
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = Die Sims™ 3 Traumkarrieren
"{91EE186F-D7A8-4B89-BF15-9C7427CAB47B}_is1" = Beamer Sound to Light 0.15 Alpha
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{99E862CC-6F69-4D39-99AA-DBF71BF3B585}" = OpenOffice.org 3.1
"{9A00D1BA-D03A-44E5-AF28-86A1F377DF61}" = Die Sims - Hokus Pokus
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1031-7B44-A90000000001}" = Adobe Reader 9 - Deutsch
"{B5BCBD49-202F-4238-8398-D83D423A48B4}" = Windows Live Anmelde-Assistent
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{F007CBCE-D714-4C0B-8CE9-9B0D78116468}" = ViewNX
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Chicken Invaders 2_is1" = Chicken Invaders 2 v2.40
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"LastFM_is1" = Last.fm 1.5.4.27091
"Mobile Partner" = Mobile Partner
"MSC" = McAfee SecurityCenter
"Origin" = Origin
"Uninstall_is1" = Uninstall 1.0.0.1
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Models of the Hydrogen Atom" = Models of the Hydrogen Atom
"TuxGuitar" = TuxGuitar
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.7.1

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 29.11.2011 15:29:00 | Computer Name = Computer | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 29.11.2011 15:30:24 | Computer Name = Computer | Source = WinMgmt | ID = 10
Description =

Error - 29.11.2011 15:42:47 | Computer Name = Computer | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 29.11.2011 16:22:37 | Computer Name = Computer | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 29.11.2011 19:41:57 | Computer Name = Computer | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 30.11.2011 07:39:36 | Computer Name = Computer | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 30.11.2011 07:40:13 | Computer Name = Computer | Source = WinMgmt | ID = 10
Description =

Error - 30.11.2011 07:50:37 | Computer Name = Computer | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 30.11.2011 08:01:07 | Computer Name = Computer | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 30.11.2011 08:28:14 | Computer Name = Computer | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

[ System Events ]
Error - 08.12.2011 18:43:23 | Computer Name = Computer | Source = Service Control Manager | ID = 7001
Description =

Error - 08.12.2011 18:43:23 | Computer Name = Computer | Source = Service Control Manager | ID = 7001
Description =

Error - 08.12.2011 18:43:23 | Computer Name = Computer | Source = Service Control Manager | ID = 7001
Description =

Error - 08.12.2011 18:43:23 | Computer Name = Computer | Source = Service Control Manager | ID = 7001
Description =

Error - 08.12.2011 18:43:23 | Computer Name = Computer | Source = Service Control Manager | ID = 7026
Description =

Error - 08.12.2011 18:43:23 | Computer Name = Computer | Source = Service Control Manager | ID = 7001
Description =

Error - 08.12.2011 18:43:23 | Computer Name = Computer | Source = Service Control Manager | ID = 7001
Description =

Error - 08.12.2011 18:43:23 | Computer Name = Computer | Source = Service Control Manager | ID = 7001
Description =

Error - 08.12.2011 18:43:23 | Computer Name = Computer | Source = Service Control Manager | ID = 7001
Description =

Error - 08.12.2011 18:46:02 | Computer Name = Computer | Source = DCOM | ID = 10005
Description =


< End of report >


Ich bin absoluter Laie, hab keine Ahnung, was das alles bedeutet, habe versucht, alles so zu machen wie in anderen Threads beschrieben und hoffe, dass mir jemand helfen kann!

Alt 09.12.2011, 12:32   #2
markusg
/// Malware-holic
 
"Aus Sicherheitsgründen wurde Ihr Windows-System blockiert" - Standard

"Aus Sicherheitsgründen wurde Ihr Windows-System blockiert"



combofix:
Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.

Bitte downloade dir Combofix.exe und speichere es unbedingt auf deinem Desktop.
  • Besuche folgende Seite für Downloadlinks und Anweisungen für dieses
    Tool

    Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Hinweis:
    Gehe sicher das all deine Anti Virus und Anti Malware Programme abgeschalten sind, damit diese Combofix nicht bei der Arbeit stören.
  • Poste bitte die C:\Combofix.txt in deiner nächsten Antwort.
__________________

__________________

Antwort

Themen zu "Aus Sicherheitsgründen wurde Ihr Windows-System blockiert"
64-bit, bho, blockiert, bonjour, browser, c:\windows\system32\rundll32.exe, converter, defender, error, flash player, format, geld, helper, home, install.exe, mp3, object, origin, phishing, plug-in, registry, rundll, scan, security, sicherheitsgründen wurde ihr windows-system blockiert, software, svchost.exe, system, udp, version=1.0, vista, windows-system blockiert, wlan, wurde ihr



Ähnliche Themen: "Aus Sicherheitsgründen wurde Ihr Windows-System blockiert"


  1. "Aus Sicherheitsgründen wurde ihr Windows System blockiert" - ?
    Log-Analyse und Auswertung - 24.02.2012 (1)
  2. "Achtung! Aus Sicherheitsgründen wurde Windows System blockiert"
    Plagegeister aller Art und deren Bekämpfung - 15.02.2012 (8)
  3. "Achtung! Aus Sicherheitsgründen wurde Windows System blockiert"
    Log-Analyse und Auswertung - 14.02.2012 (1)
  4. Problem bei der Meldung "Aus sicherheitsgründen wurde ihr windows system blockiert!"
    Log-Analyse und Auswertung - 14.02.2012 (17)
  5. "Ihr Windows-System wurde aus Sicherheitsgründen blockiert"-Trojaner
    Log-Analyse und Auswertung - 07.01.2012 (10)
  6. Trojaner Win7 "aus Sicherheitsgründen wurde Ihr System blockiert"
    Log-Analyse und Auswertung - 06.01.2012 (1)
  7. "Aus Sicherheitsgründen wurde ihr WIndows System blockiert"
    Plagegeister aller Art und deren Bekämpfung - 30.12.2011 (34)
  8. "Aus Sicherheitsgründen wurde ihr System blockiert... bezahlen und downloaden..."
    Log-Analyse und Auswertung - 21.12.2011 (3)
  9. Fehlermeldung "Aus Sicherheitsgründen wurde ihr Windows System blockiert" bei Windows 7
    Log-Analyse und Auswertung - 18.12.2011 (10)
  10. schwarzer bildschirm mid dem satz "aus sicherheitsgründen wurde ihr windows system blockiert"
    Plagegeister aller Art und deren Bekämpfung - 17.12.2011 (9)
  11. Schwarzer Bildschirm mit dem Satz "aus Sicherheitsgründen wurde ihr Windows system blockiert"
    Plagegeister aller Art und deren Bekämpfung - 14.12.2011 (2)
  12. Blockade durch "Achtung aus Sicherheitsgründen wurde ihr Windows System blockiert"
    Plagegeister aller Art und deren Bekämpfung - 10.12.2011 (1)
  13. "Achtung aus Sicherheitsgründen wurde ihr Windows System blockiert..."
    Plagegeister aller Art und deren Bekämpfung - 05.12.2011 (10)
  14. "Aus Sicherheitsgründen wurde ihr Windows System blockiert..." - HILFE
    Plagegeister aller Art und deren Bekämpfung - 04.12.2011 (1)
  15. "Ihr System wurde aus Sicherheitsgründen blockiert" + Coolsearch + Tastatur Lock
    Plagegeister aller Art und deren Bekämpfung - 19.10.2011 (7)
  16. habe auch "Roter Bildschirm: "Ihr System wurde aus Sicherheitsgründen blockiert" "
    Plagegeister aller Art und deren Bekämpfung - 26.08.2011 (3)
  17. Roter Bildschirm: "Ihr System wurde aus Sicherheitsgründen blockiert"
    Plagegeister aller Art und deren Bekämpfung - 21.08.2011 (7)

Zum Thema "Aus Sicherheitsgründen wurde Ihr Windows-System blockiert" - Hey, bekomme die gleiche Meldung wie einige andere hier von wegen mein System wurde wegen pornographischer Seiten blockiert und ich soll Geld bezahlen. Hab nun wie beschrieben OTL durchlaufen lassen - "Aus Sicherheitsgründen wurde Ihr Windows-System blockiert"...
Archiv
Du betrachtest: "Aus Sicherheitsgründen wurde Ihr Windows-System blockiert" auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.