Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: 50€-Virus: Betriebssystem blockiert

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 22.03.2012, 19:20   #1
schubi1973ja
 
50€-Virus: Betriebssystem blockiert - Standard

50€-Virus: Betriebssystem blockiert



OTL Extras logfile created on: 22.03.2012 20:07:41 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Schubi\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,87 Gb Total Physical Memory | 3,16 Gb Available Physical Memory | 81,74% Memory free
7,73 Gb Paging File | 7,05 Gb Available in Paging File | 91,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,79 Gb Total Space | 119,87 Gb Free Space | 51,49% Space Free | Partition Type: NTFS

Computer Name: SCHUBI-PC | User Name: Schubi | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\Program Files (x86)\Macromedia\Dreamweaver 4\Dreamweaver.exe (Macromedia, Inc.)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Program Files (x86)\Macromedia\Dreamweaver 4\Dreamweaver.exe (Macromedia, Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [open] -- "C:\Program Files (x86)\Macromedia\Dreamweaver 4\Dreamweaver.exe" "%1" (Macromedia, Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistApplianMP] -- "C:\Program Files (x86)\Applian Technologies\Applian FLV and Media Player\amp.exe" -I skins2 --started-from-file --playlist-enqueue "%1" ()
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithApplianMP] -- "C:\Program Files (x86)\Applian Technologies\Applian FLV and Media Player\amp.exe" -I skins2 --started-from-file --no-playlist-enqueue "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsfile [open] -- "C:\Program Files (x86)\Macromedia\Dreamweaver 4\Dreamweaver.exe" "%1" (Macromedia, Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistApplianMP] -- "C:\Program Files (x86)\Applian Technologies\Applian FLV and Media Player\amp.exe" -I skins2 --started-from-file --playlist-enqueue "%1" ()
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithApplianMP] -- "C:\Program Files (x86)\Applian Technologies\Applian FLV and Media Player\amp.exe" -I skins2 --started-from-file --no-playlist-enqueue "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{3D42871F-4A1E-82E5-9494-3012BA3084F2}" = AMD Catalyst Install Manager
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D149210-AC22-4B88-AC49-076F55300E49}" = Studio Manager 64bit
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6FCA487B-89F0-4378-E1BC-91B81BCD8C98}" = ccc-utility64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A84DB02B-9C2B-4272-9D2D-A80E00A56513}" = Broadcom Gigabit NetLink Controller
"{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}" = PaperPort Image Printer 64-bit
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{D050583D-5CEC-47B1-88AA-8B328CAA8621}" = AVG 2012
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E3EC7FC4-B4BF-4911-9A43-F7C753CE03F5}" = AVG 2012
"{ED96A4F2-C990-0C70-33FA-AE213E8697C0}" = AMD Media Foundation Decoders
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"AVG" = AVG 2012
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}" = ScanSoft PaperPort 11
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B247BF7-D393-1855-C8B3-66DED90DCCB6}" = Catalyst Control Center
"{0E33EC53-22CE-426C-A88B-2AAC231BAC85}" = Catalyst Control Center - Branding
"{15219EE8-4DCC-C6C5-CB04-351D4DD72ACF}" = Catalyst Control Center InstallProxy
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{215B1474-430F-4829-9209-17308E568364}_is1" = Virtual DJ 8.0 Evolution
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39286675-3166-9420-2336-779493021964}" = 18 WoS: Voll aufs Gas
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{442CB906-7844-E2F5-A2EB-90D44C0BF2DF}" = Catalyst Control Center Localization All
"{4781569D-5404-1F26-4B2B-6DF444441031}" = Nero 7 Premium
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D149210-AC22-4B88-AC49-076F55300E49}" = Studio Manager 64bit
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{624E54D0-E4F4-434F-9EF6-D4D066EE4348}" = Facebook Video Calling 1.1.1.1
"{67D30650-3501-66ED-265A-20870A20A689}" = CCC Help English
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}" = Brother MFL-Pro Suite DCP-195C
"{6D9021DC-CF1B-4148-8C80-6D8E8A8A33EB}" = Video Web Camera
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7FAEAEC0-9E27-492F-AFB9-9D905B2779BE}" = MAGIX Web Designer 6
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95FCC2AB-5D4C-4E6A-BB96-3A80F20D536A}" = Yamaha LS9 Editor
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9ED6CB60-E456-4C5F-8CB1-3ABDFEB4E1B3}" = MAGIX Website Maker 5
"{A5BA14E0-7384-11D4-BAE7-00409631A2C8}" = Macromedia Extension Manager
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78A5C61-2397-407E-A41F-0A0FFAD2572F}" = TubeBox!
"{A8833100-1481-11D4-9731-00C04F8EEB39}" = Macromedia Fireworks 4
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{ABDA9912-5D00-11D4-BAE7-9367CA097955}" = Macromedia Dreamweaver 4
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Deutsch
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BAC3B914-9A96-4097-A5C7-7BF0CAD679D3}" = TransportGigant
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{DEE88727-779B-47A9-ACEF-F87CA5F92A65}" = ScanSoft OmniPage SE 4
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F46C9803-46C6-4F41-93EF-679601402A40}" = Digidesign Command8
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FB8BEF4C-E2B8-725E-F84A-AF6D1E4C8960}" = Catalyst Control Center Graphics Previews Common
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"Any Video Converter_is1" = Any Video Converter 3.3.0
"Applian FLV and Media Player" = Applian FLV and Media Player 3.1.1.12
"EA Installer.-1797597899" = EA Installer
"FUSSBALL MANAGER 11" = FUSSBALL MANAGER 11
"grandMA3D_6_V2.4.1" = grandMA 3D 6 [2.4.1][6.6] v6.0.19.3976
"HandyBits EasyCrypto Deluxe" = HandyBits EasyCrypto Deluxe
"InstallShield_{4D149210-AC22-4B88-AC49-076F55300E49}" = Studio Manager 64bit
"InstallShield_{95FCC2AB-5D4C-4E6A-BB96-3A80F20D536A}" = Yamaha LS9 Editor
"MAGIX Digital Foto Maker 9 D" = MAGIX Digital Foto Maker 9
"MAGIX Online Druck Service D" = MAGIX Online Druck Service
"MAGIX Screenshare D" = MAGIX Screenshare
"MAGIX Xtreme Foto Designer 6 D" = MAGIX Xtreme Foto Designer 6
"MAGIX_MSI_Web_Designer_6" = MAGIX Web Designer 6
"MAGIX_MSI_Website_Maker_5" = MAGIX Website Maker 5
"MixPad" = MixPad Audiodatei-Mixer
"Mozilla Firefox 10.0.1 (x86 de)" = Mozilla Firefox 10.0.1 (x86 de)
"Mozilla Thunderbird (7.0.1)" = Mozilla Thunderbird (7.0.1)
"MP4 Player" = MP4 Player
"mufin player D" = mufin player
"PokerStars" = PokerStars
"TeamViewer 7" = TeamViewer 7
"VirtualDJ" = VirtualDJ
"VLC media player" = VLC media player 2.0.0
"WavePad" = WavePad Audiobearbeitungs-Software
"WinLiveSuite" = Windows Live Essentials

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 22.03.2012 13:03:06 | Computer Name = Schubi-PC | Source = MsiInstaller | ID = 1013
Description =

Error - 22.03.2012 14:52:29 | Computer Name = Schubi-PC | Source = Windows Search Service | ID = 9000
Description =

Error - 22.03.2012 14:52:32 | Computer Name = Schubi-PC | Source = Windows Search Service | ID = 7040
Description =

Error - 22.03.2012 14:52:32 | Computer Name = Schubi-PC | Source = Windows Search Service | ID = 9002
Description =

Error - 22.03.2012 14:52:32 | Computer Name = Schubi-PC | Source = Windows Search Service | ID = 3029
Description =

Error - 22.03.2012 14:52:46 | Computer Name = Schubi-PC | Source = Windows Search Service | ID = 3029
Description =

Error - 22.03.2012 14:52:46 | Computer Name = Schubi-PC | Source = Windows Search Service | ID = 3028
Description =

Error - 22.03.2012 14:52:46 | Computer Name = Schubi-PC | Source = Windows Search Service | ID = 3058
Description =

Error - 22.03.2012 14:52:46 | Computer Name = Schubi-PC | Source = Windows Search Service | ID = 7010
Description =

Error - 22.03.2012 14:52:46 | Computer Name = Schubi-PC | Source = Windows Search Service | ID = 7042
Description =

[ Media Center Events ]
Error - 16.03.2012 18:04:02 | Computer Name = Schubi-PC | Source = MCUpdate | ID = 0
Description = 23:04:02 - Fehler beim Herstellen der Internetverbindung. 23:04:02
- Serververbindung konnte nicht hergestellt werden..

Error - 16.03.2012 18:04:08 | Computer Name = Schubi-PC | Source = MCUpdate | ID = 0
Description = 23:04:07 - Fehler beim Herstellen der Internetverbindung. 23:04:07
- Serververbindung konnte nicht hergestellt werden..

Error - 18.03.2012 15:40:16 | Computer Name = Schubi-PC | Source = MCUpdate | ID = 0
Description = 20:40:16 - Fehler beim Herstellen der Internetverbindung. 20:40:16
- Serververbindung konnte nicht hergestellt werden..

Error - 18.03.2012 15:40:29 | Computer Name = Schubi-PC | Source = MCUpdate | ID = 0
Description = 20:40:21 - Fehler beim Herstellen der Internetverbindung. 20:40:22
- Serververbindung konnte nicht hergestellt werden..

Error - 18.03.2012 16:40:34 | Computer Name = Schubi-PC | Source = MCUpdate | ID = 0
Description = 21:40:34 - Fehler beim Herstellen der Internetverbindung. 21:40:34
- Serververbindung konnte nicht hergestellt werden..

Error - 18.03.2012 16:40:41 | Computer Name = Schubi-PC | Source = MCUpdate | ID = 0
Description = 21:40:39 - Fehler beim Herstellen der Internetverbindung. 21:40:39
- Serververbindung konnte nicht hergestellt werden..

Error - 18.03.2012 17:40:45 | Computer Name = Schubi-PC | Source = MCUpdate | ID = 0
Description = 22:40:45 - Fehler beim Herstellen der Internetverbindung. 22:40:45
- Serververbindung konnte nicht hergestellt werden..

Error - 18.03.2012 17:40:52 | Computer Name = Schubi-PC | Source = MCUpdate | ID = 0
Description = 22:40:50 - Fehler beim Herstellen der Internetverbindung. 22:40:50
- Serververbindung konnte nicht hergestellt werden..

Error - 18.03.2012 18:40:56 | Computer Name = Schubi-PC | Source = MCUpdate | ID = 0
Description = 23:40:56 - Fehler beim Herstellen der Internetverbindung. 23:40:56
- Serververbindung konnte nicht hergestellt werden..

Error - 18.03.2012 18:41:03 | Computer Name = Schubi-PC | Source = MCUpdate | ID = 0
Description = 23:41:01 - Fehler beim Herstellen der Internetverbindung. 23:41:01
- Serververbindung konnte nicht hergestellt werden..

[ System Events ]
Error - 22.03.2012 15:02:12 | Computer Name = Schubi-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068

Error - 22.03.2012 15:02:12 | Computer Name = Schubi-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068

Error - 22.03.2012 15:02:44 | Computer Name = Schubi-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068

Error - 22.03.2012 15:02:44 | Computer Name = Schubi-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068

Error - 22.03.2012 15:02:44 | Computer Name = Schubi-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068

Error - 22.03.2012 15:04:14 | Computer Name = Schubi-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068

Error - 22.03.2012 15:04:14 | Computer Name = Schubi-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068

Error - 22.03.2012 15:04:14 | Computer Name = Schubi-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068

Error - 22.03.2012 15:04:52 | Computer Name = Schubi-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068

Error - 22.03.2012 15:04:52 | Computer Name = Schubi-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068


< End of report >

OTL logfile created on: 22.03.2012 20:07:41 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Schubi\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,87 Gb Total Physical Memory | 3,16 Gb Available Physical Memory | 81,74% Memory free
7,73 Gb Paging File | 7,05 Gb Available in Paging File | 91,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,79 Gb Total Space | 119,87 Gb Free Space | 51,49% Space Free | Partition Type: NTFS

Computer Name: SCHUBI-PC | User Name: Schubi | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Schubi\Downloads\OTL.exe (OldTimer Tools)


========== Modules (No Company Name) ==========


========== Win32 Services (SafeList) ==========

SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV - (TeamViewer7) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (Fabs) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)


========== Driver Services (SafeList) ==========

DRV:64bit: - (teamviewervpn) -- C:\Windows\SysNative\drivers\teamviewervpn.sys (TeamViewer GmbH)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSFilter) -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (AVGIDSEH) -- C:\Windows\SysNative\drivers\AVGIDSEH.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (k57nd60a) Broadcom NetLink (TM) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E1 8A 40 57 A3 E1 CC 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultEngine: "Yahoo"
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p="
FF - prefs.js..browser.search.param.yahoo-fr: "moz2-ytff-"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-"
FF - prefs.js..browser.search.selectedEngine: "BingSearch"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.startfenster.com"
FF - prefs.js..keyword.URL: "hxxp://rs.mediapimp.com/s/?src=addrbar&browser=ff&category=web&partner_id=229&toolbar_id=3&toolbar_version=6.0&q="


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_0_1.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Schubi\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012.02.01 11:33:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.03.22 16:25:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.10.24 11:16:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\avgthb@avg.com: C:\Program Files (x86)\AVG\AVG2012\Thunderbird\ [2011.12.29 08:35:37 | 000,000,000 | ---D | M]

[2011.10.12 13:47:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Schubi\AppData\Roaming\mozilla\Extensions
[2012.03.22 16:32:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Schubi\AppData\Roaming\mozilla\Firefox\Profiles\czkftkbz.default\extensions
[2012.02.13 16:12:54 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Schubi\AppData\Roaming\mozilla\Firefox\Profiles\czkftkbz.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011.12.29 17:45:40 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Schubi\AppData\Roaming\mozilla\Firefox\Profiles\czkftkbz.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011.11.09 22:03:56 | 000,000,000 | ---D | M] (FoxLingo) -- C:\Users\Schubi\AppData\Roaming\mozilla\Firefox\Profiles\czkftkbz.default\extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
[2011.11.12 09:44:13 | 000,000,000 | ---D | M] (Default Manager) -- C:\Users\Schubi\AppData\Roaming\mozilla\Firefox\Profiles\czkftkbz.default\extensions\DefaultManager@Microsoft
[2011.12.24 23:57:24 | 000,000,000 | ---D | M] ("GreenWebPlayer") -- C:\Users\Schubi\AppData\Roaming\mozilla\Firefox\Profiles\czkftkbz.default\extensions\greenwebplayer@greentube.com
[2012.03.22 16:32:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Schubi\AppData\Roaming\mozilla\Firefox\Profiles\czkftkbz.default\extensions\staged
[2012.03.05 15:14:05 | 000,000,000 | ---D | M] (Download Youtube Videos +) -- C:\Users\Schubi\AppData\Roaming\mozilla\Firefox\Profiles\czkftkbz.default\extensions\video.downloader.plugin@ffpimp.com
[2011.11.09 21:48:21 | 000,000,917 | ---- | M] () -- C:\Users\Schubi\AppData\Roaming\Mozilla\Firefox\Profiles\czkftkbz.default\searchplugins\bingsearch.xml
[2012.02.15 18:03:18 | 000,002,422 | ---- | M] () -- C:\Users\Schubi\AppData\Roaming\Mozilla\Firefox\Profiles\czkftkbz.default\searchplugins\s-amazon-byskipity-de.xml
[2012.02.13 16:14:48 | 000,002,135 | ---- | M] () -- C:\Users\Schubi\AppData\Roaming\Mozilla\Firefox\Profiles\czkftkbz.default\searchplugins\s-amazon-de.xml
[2011.12.12 15:08:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.12.12 15:08:56 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
() (No name found) -- C:\USERS\SCHUBI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZKFTKBZ.DEFAULT\EXTENSIONS\{A7C6CF7F-112C-4500-A7EA-39801A327E5F}.XPI
() (No name found) -- C:\USERS\SCHUBI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZKFTKBZ.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI
() (No name found) -- C:\USERS\SCHUBI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZKFTKBZ.DEFAULT\EXTENSIONS\{DDC359D1-844A-42A7-9AA1-88A850A938A8}.XPI
[2012.03.22 16:25:36 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.03.22 16:25:33 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.03.22 16:25:33 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.03.22 16:25:33 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.03.22 16:25:33 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.03.22 16:25:33 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.03.22 16:25:33 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Windows\SysWOW64\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NWEReboot] File not found
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [VideoWebCamera] C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe (Suyin)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Schubi\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [MP4 Player] C:\Program Files (x86)\MP4 Player\mp4Player.exe ()
O4 - HKCU..\Run: [SkypePM] C:\Users\Schubi\AppData\Local\Skype\SkypePM.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Update Service] C:\PROGRA~2\COMMON~1\TEKNUM~1\update.exe /startup File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F8C6CCF1-C8A0-4D18-8192-A4246B506D5B}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{4bdee9f2-5036-11e1-8514-1c75081dd8d4}\Shell - "" = AutoRun
O33 - MountPoints2\{4bdee9f2-5036-11e1-8514-1c75081dd8d4}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012.03.18 18:29:57 | 000,000,000 | ---D | C] -- C:\Users\Schubi\Desktop\halm gaby
[2012.03.17 18:18:32 | 000,000,000 | ---D | C] -- C:\Users\Schubi\Desktop\Neuer Ordner (3)
[2012.03.17 18:08:18 | 005,559,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.03.17 18:08:17 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.03.17 18:08:16 | 003,913,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.03.16 10:07:09 | 001,544,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012.03.16 10:07:07 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012.03.16 10:07:07 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012.03.16 10:07:07 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012.03.16 10:06:32 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012.03.16 10:06:32 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012.03.16 09:57:34 | 000,000,000 | ---D | C] -- C:\Users\Schubi\Desktop\Soundcheck
[2012.03.08 18:53:19 | 000,000,000 | ---D | C] -- C:\Users\Schubi\AppData\Roaming\vlc
[2012.03.08 18:52:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012.03.08 18:52:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2012.03.08 18:51:32 | 000,000,000 | ---D | C] -- C:\Users\Schubi\Desktop\eraffeschubi
[2012.03.08 18:49:23 | 129,700,241 | ---- | C] (MA Lighting Technology GmbH) -- C:\Users\Schubi\Desktop\gMA3D_[2.0.0][6.6]_v6.0.16.1081.exe
[2012.03.05 19:29:48 | 000,000,000 | ---D | C] -- C:\Users\Schubi\Desktop\Neuer Ordner (2)
[2012.02.27 19:44:24 | 000,000,000 | ---D | C] -- C:\Users\Schubi\Documents\18 WoS Pedal to the Metal
[2012.02.27 19:35:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\18 WoS Voll aufs Gas
[2012.02.27 19:34:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\rondomedia
[2012.02.27 19:34:33 | 000,268,048 | ---- | C] (MetaCreations Corporation) -- C:\Windows\SysWow64\dxtmeta2.dll
[2012.02.26 21:19:59 | 000,000,000 | ---D | C] -- C:\Users\Schubi\Desktop\Dautenwinden
[2012.02.25 14:13:25 | 000,000,000 | ---D | C] -- C:\Users\Schubi\AppData\Local\MAGIX
[2012.02.24 15:03:08 | 000,000,000 | ---D | C] -- C:\Users\Schubi\Desktop\Programme
[2012.02.24 15:01:40 | 000,000,000 | ---D | C] -- C:\Users\Schubi\Desktop\Fotos & Videos & Audio
[2011.03.13 00:23:30 | 109,029,696 | ---- | C] (Atomix Productions ) -- C:\Users\Schubi\AppData\Roaming\Setup.exe

========== Files - Modified Within 30 Days ==========

[2012.03.22 19:59:44 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.03.22 19:59:44 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.03.22 19:59:44 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.03.22 19:59:44 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.03.22 19:59:44 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.03.22 19:55:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.03.22 19:55:06 | 3113,254,912 | -HS- | M] () -- C:\hiberfil.sys
[2012.03.22 17:31:59 | 000,015,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.03.22 17:31:59 | 000,015,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.03.22 16:26:40 | 092,425,518 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012.03.20 16:20:02 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3067068837-792067812-3482183406-1000UA.job
[2012.03.20 12:33:01 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3067068837-792067812-3482183406-1000Core.job
[2012.03.19 18:07:47 | 000,378,734 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2012.03.18 05:23:03 | 000,326,776 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.03.16 10:04:15 | 000,003,053 | ---- | M] () -- C:\Users\Schubi\Desktop\TubeBox! starten.lnk
[2012.03.08 18:52:49 | 000,001,066 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk

========== Files Created - No Company Name ==========

[2012.03.16 10:01:41 | 000,003,053 | ---- | C] () -- C:\Users\Schubi\Desktop\TubeBox! starten.lnk
[2012.03.08 18:52:49 | 000,001,066 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012.02.03 16:05:09 | 000,001,099 | ---- | C] () -- C:\Users\Schubi\AppData\Roaming\ShiftN.ini
[2012.01.30 16:31:19 | 000,000,036 | ---- | C] () -- C:\Windows\TSNPL.dat
[2012.01.30 16:31:18 | 000,001,636 | ---- | C] () -- C:\Windows\SysWow64\tsdigsgn.dat
[2012.01.15 18:52:38 | 000,000,036 | -H-- | C] () -- C:\Users\Schubi\AppData\Roaming\swk.ini
[2011.12.11 14:49:56 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011.12.11 14:44:39 | 000,032,257 | ---- | C] () -- C:\Windows\maxlink.ini
[2011.11.08 17:57:08 | 000,000,062 | ---- | C] () -- C:\Windows\wininit.ini
[2011.11.08 17:55:37 | 000,000,617 | ---- | C] () -- C:\Windows\eReg.dat
[2011.10.12 20:38:19 | 000,002,623 | ---- | C] () -- C:\Windows\Irremote.ini
[2011.10.12 20:35:08 | 000,373,248 | ---- | C] () -- C:\Windows\EyeCand3.INI
[2011.10.12 14:51:30 | 000,206,208 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2011.10.12 14:51:30 | 000,051,712 | ---- | C] ( ) -- C:\Windows\AutosetFrequency.exe
[2011.10.12 14:51:30 | 000,000,637 | ---- | C] () -- C:\Windows\AutoSetFrequency.ini
[2011.10.12 14:51:30 | 000,000,378 | ---- | C] () -- C:\Windows\PidList.ini
[2011.10.12 14:40:57 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.09.29 18:12:02 | 004,648,960 | ---- | C] () -- C:\Windows\SysWow64\ls9-qt-mt336.dll
[2011.09.14 10:47:40 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.03.17 18:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

========== LOP Check ==========

[2011.11.12 10:26:04 | 000,000,000 | ---D | M] -- C:\Users\Schubi\AppData\Roaming\AnvSoft
[2012.03.20 16:54:12 | 000,000,000 | ---D | M] -- C:\Users\Schubi\AppData\Roaming\Applian FLV and Media Player
[2011.10.12 15:07:13 | 000,000,000 | ---D | M] -- C:\Users\Schubi\AppData\Roaming\AVG2012
[2012.02.21 15:57:33 | 000,000,000 | ---D | M] -- C:\Users\Schubi\AppData\Roaming\Canneverbe Limited
[2012.01.04 19:58:58 | 000,000,000 | ---D | M] -- C:\Users\Schubi\AppData\Roaming\CARCAS~1
[2012.02.02 16:06:57 | 000,000,000 | ---D | M] -- C:\Users\Schubi\AppData\Roaming\Downloaded Installations
[2011.10.28 08:41:34 | 000,000,000 | ---D | M] -- C:\Users\Schubi\AppData\Roaming\Jens Lorek
[2012.01.04 19:58:58 | 000,000,000 | ---D | M] -- C:\Users\Schubi\AppData\Roaming\KochMedia
[2011.11.16 18:33:32 | 000,000,000 | ---D | M] -- C:\Users\Schubi\AppData\Roaming\MA Lighting Technologies
[2012.02.03 16:04:11 | 000,000,000 | ---D | M] -- C:\Users\Schubi\AppData\Roaming\MAGIX
[2012.02.21 15:57:22 | 000,000,000 | ---D | M] -- C:\Users\Schubi\AppData\Roaming\OpenCandy
[2011.10.25 18:10:30 | 000,000,000 | ---D | M] -- C:\Users\Schubi\AppData\Roaming\OpenOffice.org
[2012.01.21 18:09:31 | 000,000,000 | ---D | M] -- C:\Users\Schubi\AppData\Roaming\ScanSoft
[2011.10.24 11:16:55 | 000,000,000 | ---D | M] -- C:\Users\Schubi\AppData\Roaming\Thunderbird
[2011.10.20 20:08:01 | 000,000,000 | ---D | M] -- C:\Users\Schubi\AppData\Roaming\Windows Live Writer
[2012.03.20 12:33:01 | 000,000,910 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3067068837-792067812-3482183406-1000Core.job
[2012.03.20 16:20:02 | 000,000,932 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3067068837-792067812-3482183406-1000UA.job
[2009.07.14 06:08:49 | 000,008,190 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >

Alt 22.03.2012, 19:24   #2
markusg
/// Malware-holic
 
50€-Virus: Betriebssystem blockiert - Standard

50€-Virus: Betriebssystem blockiert



guten tag, so viel zeit muss schon sein...

dieses script sowie evtl. folgende scripts sind nur für den jeweiligen user.
wenn ihr probleme habt, eröffnet eigene topics und wartet auf, für euch angepasste scripts.


• Starte bitte die OTL.exe
• Kopiere nun das Folgende in die Textbox.



Code:
ATTFilter
:OTL
O4 - HKCU..\Run: [SkypePM] C:\Users\Schubi\AppData\Local\Skype\SkypePM.exe (Microsoft Corporation)

 :Files
C:\Users\Schubi\AppData\Local\Skype
:Commands
[purity]
[EMPTYFLASH] 
[emptytemp]
[Reboot]
         


• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Fix Button.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren.
starte in den normalen modus.

falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden

Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang
in den Thread posten!




Drücke bitte die + E Taste.
  • Öffne dein Systemlaufwerk ( meistens C: )
  • Suche nun
    folgenden Ordner: _OTL und öffne diesen.
  • Mache einen Rechtsklick auf den Ordner Movedfiles --> Senden an --> Zip-Komprimierter Ordner

  • Dies wird eine Movedfiles.zip Datei in _OTL erstellen
  • Lade diese bitte in unseren Uploadchannel
    hoch. ( Durchsuchen --> C:\_OTL\Movedfiles.zip )
Teile mir mit ob der Upload problemlos geklappt hat. Danke im voraus

danke für den upload.
weiter gehts:
Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.

Bitte downloade dir Combofix.exe und speichere es unbedingt auf deinem Desktop.
  • Besuche folgende Seite für Downloadlinks und Anweisungen für dieses
    Tool

    Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Hinweis:
    Gehe sicher das all deine Anti Virus und Anti Malware Programme abgeschalten sind, damit diese Combofix nicht bei der Arbeit stören.
  • Poste bitte die C:\Combofix.txt in deiner nächsten Antwort.
__________________

__________________

Antwort

Themen zu 50€-Virus: Betriebssystem blockiert
adobe, any video converter, autorun, avg, bho, blockiert, converter, error, explorer, fehler, flash player, format, helper, home, install.exe, langs, limited.com/facebook, logfile, mozilla, mozilla thunderbird, msiinstaller, msn deutschland, object, realtek, registry, rundll, scan, searchscopes, security, server, software, tubebox, usb, usb 2.0, visual studio, windows



Ähnliche Themen: 50€-Virus: Betriebssystem blockiert


  1. Kann ein Virus auf ein anderes Betriebssystem übergehen?
    Plagegeister aller Art und deren Bekämpfung - 22.03.2015 (9)
  2. 50 € Virus blockiert Betriebssystem
    Plagegeister aller Art und deren Bekämpfung - 21.04.2012 (10)
  3. virus- illegale wondowskopie- betriebssystem gesperrt
    Log-Analyse und Auswertung - 11.04.2012 (1)
  4. (2x) virus- betriebssystem gesperrt mit zahlungsaufforderung...
    Mülltonne - 11.04.2012 (1)
  5. 50€-Virus: Betriebssystem blockiert
    Plagegeister aller Art und deren Bekämpfung - 05.04.2012 (21)
  6. 50€ Virus- Betriebssystem geperrt
    Plagegeister aller Art und deren Bekämpfung - 15.03.2012 (11)
  7. 50€ AKM Virus - mit zweitem Betriebssystem entfernen?
    Plagegeister aller Art und deren Bekämpfung - 04.03.2012 (1)
  8. "Aus Sicherheitsgründen wird ihr Betriebssystem blockiert"
    Log-Analyse und Auswertung - 04.03.2012 (9)
  9. Betriebssystem blockiert...updates für 50euro downloaden
    Log-Analyse und Auswertung - 05.02.2012 (1)
  10. Windows Betriebssystem blockiert-50€ Strafe Kritische Grenze Bitte um eure Hilfe Danke :)
    Plagegeister aller Art und deren Bekämpfung - 22.01.2012 (1)
  11. Windows Betriebssystem blockiert-50€ Strafe
    Plagegeister aller Art und deren Bekämpfung - 19.01.2012 (32)
  12. 50 € für Update-Virus, der mein Betriebssystem blockiert
    Log-Analyse und Auswertung - 18.01.2012 (1)
  13. Trojaner:"Aus Sicherheitsgründen wurde ihr Betriebssystem blockiert...."
    Plagegeister aller Art und deren Bekämpfung - 18.01.2012 (28)
  14. #Betriebssystem blockiert,50€ zahlen zum runterladen!
    Plagegeister aller Art und deren Bekämpfung - 07.01.2012 (9)
  15. Aus sicherheitsgründen wurde ihr betriebssystem blockiert
    Log-Analyse und Auswertung - 05.01.2012 (18)
  16. Ebenfalls diesen Fehler ''Aus sicherheitsgründen wurde ihr betriebssystem blockiert''
    Log-Analyse und Auswertung - 03.01.2012 (21)
  17. Virus, Trojaner oder defektes Betriebssystem?
    Log-Analyse und Auswertung - 26.07.2005 (0)

Zum Thema 50€-Virus: Betriebssystem blockiert - OTL Extras logfile created on: 22.03.2012 20:07:41 - Run 1 OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Schubi\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - - 50€-Virus: Betriebssystem blockiert...
Archiv
Du betrachtest: 50€-Virus: Betriebssystem blockiert auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.