Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
ebenfalls: schwarzer Desktop, keine Dateien, Delayed Write Failed, Critical Error

ebenfalls: schwarzer Desktop, keine Dateien, Delayed Write Failed, Critical Error


Plagegeister aller Art und deren Bekämpfung: ebenfalls: schwarzer Desktop, keine Dateien, Delayed Write Failed, Critical Error

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 07.11.2011, 23:21   #1
rocky13
 
ebenfalls: schwarzer Desktop, keine Dateien, Delayed Write Failed, Critical Error - Standard

ebenfalls: schwarzer Desktop, keine Dateien, Delayed Write Failed, Critical Error


Hi!

Da jede Logfile individuell ist hier meine (über OTL):

OTL logfile created on: 07.11.2011 22:51:07 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\***\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

1,75 Gb Total Physical Memory | 0,85 Gb Available Physical Memory | 48,64% Memory free
3,50 Gb Paging File | 2,41 Gb Available in Paging File | 68,91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,79 Gb Total Space | 183,15 Gb Free Space | 78,68% Space Free | Partition Type: NTFS

Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\***\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Symantec\Symantec Endpoint Protection\Rtvscan.exe (Symantec Corporation)
PRC - C:\Programme\Symantec\Symantec Endpoint Protection\Smc.exe (Symantec Corporation)
PRC - C:\Programme\Symantec\Symantec Endpoint Protection\SmcGui.exe (Symantec Corporation)
PRC - C:\Programme\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
PRC - C:\Programme\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
PRC - C:\Programme\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
PRC - C:\Windows\System32\spool\drivers\w32x86\3\E_FATIFIE.EXE (SEIKO EPSON CORPORATION)
PRC - C:\Programme\Common Files\EPSON\EBAPI\eEBSvc.exe (SEIKO EPSON CORPORATION)


========== Modules (No Company Name) ==========

MOD - C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
MOD - C:\Programme\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll ()
MOD - C:\Programme\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll ()


========== Win32 Services (SafeList) ==========

SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (Symantec AntiVirus) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe (Symantec Corporation)
SRV - (SmcService) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe (Symantec Corporation)
SRV - (SNAC) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE (Symantec Corporation)
SRV - (ccSetMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (ccEvtMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (LiveUpdate) -- C:\Programme\Symantec\LiveUpdate\LuComServer_3_3.EXE (Symantec Corporation)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (EpsonBidirectionalService) -- C:\Programme\Common Files\EPSON\EBAPI\eEBSvc.exe (SEIKO EPSON CORPORATION)


========== Driver Services (SafeList) ==========

DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (NAVEX15) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20111107.003\NAVEX15.SYS (Symantec Corporation)
DRV - (eeCtrl) -- C:\Programme\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Programme\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20111107.003\NAVENG.SYS (Symantec Corporation)
DRV - (SysPlant) -- C:\Windows\SYSTEM32\Drivers\SysPlant.sys (Symantec Corporation)
DRV - (WPS) -- C:\Windows\System32\drivers\WPSDRVnt.sys (Symantec Corporation)
DRV - (Teefer3) -- C:\Windows\System32\drivers\Teefer3.sys (Symantec Corporation)
DRV - (SRTSPL) -- C:\Windows\System32\drivers\srtspl.sys (Symantec Corporation)
DRV - (SRTSP) -- C:\Windows\System32\drivers\srtsp.sys ()
DRV - (SRTSPX) -- C:\Windows\System32\drivers\srtspx.sys (Symantec Corporation)
DRV - (vmbus) -- C:\Windows\system32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\system32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\system32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\system32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\system32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (WpsHelper) -- C:\Windows\System32\drivers\wpshelper.sys (Symantec Corporation)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (SPBBCDrv) -- C:\Programme\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation)
DRV - (tap0901) -- C:\Windows\System32\drivers\tap0901.sys (The OpenVPN Project)
DRV - (k57nd60x) Broadcom NetLink (TM) -- C:\Windows\System32\drivers\k57nd60x.sys (Broadcom Corporation)
DRV - (SYMTDI) -- C:\Windows\System32\Drivers\SYMTDI.SYS (Symantec Corporation)
DRV - (SYMREDRV) -- C:\Windows\System32\Drivers\SYMREDRV.SYS (Symantec Corporation)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (mcdbus) -- C:\Windows\System32\drivers\mcdbus.sys (MagicISO, Inc.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 84 0E B4 59 4F 27 CC 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..network.proxy.type: 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\npPDFXCviewNPPlugin.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.06.21 17:56:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.10.19 10:45:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.09.16 01:35:23 | 000,000,000 | ---D | M]

[2011.06.10 10:20:07 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2011.06.29 22:41:20 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.06.24 18:43:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.06.26 13:59:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011.10.19 10:45:03 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.05.04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.10.19 10:45:00 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.10.19 10:45:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.10.19 10:45:00 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.10.19 10:45:00 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.10.19 10:45:00 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.10.19 10:45:00 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [EEventManager] C:\Programme\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [Epson Stylus SX510W(Netzwerk)] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [EPSON SX510W Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Programme\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenVPN GUI.lnk = C:\Windows\System32\schtasks.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{63257864-2AB1-49A0-8B7D-C24AA77C2701}: DhcpNameServer = 131.246.9.116 131.246.1.116
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AF836780-8ABD-4B25-A3FB-915EA8E63D89}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{ed9878ba-e5e9-11e0-8fe7-7af1a1f7899a}\Shell - "" = AutoRun
O33 - MountPoints2\{ed9878ba-e5e9-11e0-8fe7-7af1a1f7899a}\Shell\AutoRun\command - "" = F:\setup.exe -q
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.11.07 21:13:33 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\7-Zip
[2011.11.07 21:13:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2011.11.07 21:02:53 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2011.11.06 03:18:44 | 000,000,000 | -H-D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Restore
[2011.11.06 03:18:04 | 000,353,280 | -H-- | C] (Recover Inc) -- C:\ProgramData\6DSS92c31Apgjk.exe
[2011.10.31 10:14:58 | 001,076,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011.10.31 10:14:58 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2011.10.12 08:41:58 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2011.10.12 08:41:58 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2011.10.12 08:41:37 | 002,334,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011.10.12 08:40:56 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.10.12 08:40:56 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.10.12 08:40:55 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.10.12 08:40:55 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.10.12 08:40:55 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

========== Files - Modified Within 30 Days ==========

[2011.11.07 22:49:41 | 000,005,060 | ---- | M] () -- C:\Users\***\Desktop\GMER.exe
[2011.11.07 22:29:21 | 000,019,776 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.11.07 22:29:21 | 000,019,776 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.11.07 22:20:12 | 000,000,242 | ---- | M] () -- C:\Windows\tasks\Epson Printer Software Downloader.job
[2011.11.07 21:35:04 | 000,000,000 | ---- | M] () -- C:\Users\***\defogger_reenable
[2011.11.07 21:28:08 | 000,050,477 | ---- | M] () -- C:\Users\***\Desktop\Defogger.exe
[2011.11.07 21:15:59 | 000,302,592 | ---- | M] () -- C:\Users\***\Desktop\z02fypj9.exe
[2011.11.07 21:02:56 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2011.11.07 20:58:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.11.07 20:58:30 | 1407,848,448 | -HS- | M] () -- C:\hiberfil.sys
[2011.11.07 10:28:26 | 000,154,799 | ---- | M] () -- C:\Users\***\Desktop\4b.jpg
[2011.11.07 10:27:51 | 001,658,939 | ---- | M] () -- C:\Users\***\Desktop\Foto0250.jpg
[2011.11.07 10:27:34 | 001,632,317 | ---- | M] () -- C:\Users\***\Desktop\Foto0249.jpg
[2011.11.07 10:27:17 | 001,730,853 | ---- | M] () -- C:\Users\***\Desktop\Foto0248.jpg
[2011.11.07 10:17:19 | 001,773,400 | ---- | M] () -- C:\Users\***\Desktop\Foto0004.jpg
[2011.11.07 10:16:52 | 001,993,697 | ---- | M] () -- C:\Users\***\Desktop\Foto0003.jpg
[2011.11.07 10:16:31 | 001,897,596 | ---- | M] () -- C:\Users\***\Desktop\Foto0002.jpg
[2011.11.07 09:52:32 | 000,001,021 | ---- | M] () -- C:\Users\***\Desktop\Dropbox.lnk
[2011.11.07 09:52:32 | 000,001,001 | ---- | M] () -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2011.11.06 03:18:46 | 000,000,312 | -H-- | M] () -- C:\ProgramData\~6DSS92c31Apgjk
[2011.11.06 03:18:46 | 000,000,216 | -H-- | M] () -- C:\ProgramData\~6DSS92c31Apgjkr
[2011.11.06 03:18:44 | 000,000,657 | -H-- | M] () -- C:\Users\***\Desktop\System Restore.lnk
[2011.11.06 03:18:29 | 000,000,336 | -H-- | M] () -- C:\ProgramData\6DSS92c31Apgjk
[2011.11.06 03:18:04 | 000,353,280 | -H-- | M] (Recover Inc) -- C:\ProgramData\6DSS92c31Apgjk.exe
[2011.11.03 13:35:26 | 000,654,166 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.11.03 13:35:26 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.11.03 13:35:26 | 000,130,006 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.11.03 13:35:26 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.10.15 17:58:55 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011.10.15 01:51:38 | 000,294,136 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

========== Files Created - No Company Name ==========

[2011.11.07 22:49:41 | 000,005,060 | ---- | C] () -- C:\Users\***\Desktop\GMER.exe
[2011.11.07 21:35:04 | 000,000,000 | ---- | C] () -- C:\Users\***\defogger_reenable
[2011.11.07 21:28:07 | 000,050,477 | ---- | C] () -- C:\Users\***\Desktop\Defogger.exe
[2011.11.07 21:15:53 | 000,302,592 | ---- | C] () -- C:\Users\***\Desktop\z02fypj9.exe
[2011.11.07 10:28:25 | 000,154,799 | ---- | C] () -- C:\Users\***\Desktop\4b.jpg
[2011.11.07 10:27:50 | 001,658,939 | ---- | C] () -- C:\Users\***\Desktop\Foto0250.jpg
[2011.11.07 10:27:33 | 001,632,317 | ---- | C] () -- C:\Users\***\Desktop\Foto0249.jpg
[2011.11.07 10:27:15 | 001,730,853 | ---- | C] () -- C:\Users\***\Desktop\Foto0248.jpg
[2011.11.07 10:17:18 | 001,773,400 | ---- | C] () -- C:\Users\***\Desktop\Foto0004.jpg
[2011.11.07 10:16:50 | 001,993,697 | ---- | C] () -- C:\Users\***\Desktop\Foto0003.jpg
[2011.11.07 10:16:29 | 001,897,596 | ---- | C] () -- C:\Users\***\Desktop\Foto0002.jpg
[2011.11.06 03:18:46 | 000,000,312 | -H-- | C] () -- C:\ProgramData\~6DSS92c31Apgjk
[2011.11.06 03:18:46 | 000,000,216 | -H-- | C] () -- C:\ProgramData\~6DSS92c31Apgjkr
[2011.11.06 03:18:44 | 000,000,657 | -H-- | C] () -- C:\Users\***\Desktop\System Restore.lnk
[2011.11.06 03:18:29 | 000,000,336 | -H-- | C] () -- C:\ProgramData\6DSS92c31Apgjk
[2011.09.13 16:16:31 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf05a.dat
[2011.09.13 16:05:14 | 000,027,114 | ---- | C] () -- C:\Windows\maxlink.ini
[2011.06.23 17:31:56 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011.06.23 17:30:07 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011.06.21 21:13:24 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2011.06.21 21:13:24 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2011.06.21 21:13:24 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2011.06.21 21:13:24 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2011.06.21 21:13:24 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2011.06.21 21:13:24 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2011.06.21 21:13:24 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2011.06.21 21:13:24 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2011.06.21 21:13:23 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2011.06.21 21:13:23 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2011.06.21 21:13:23 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2011.06.21 21:13:23 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2011.06.21 21:13:23 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2011.06.21 21:13:23 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2011.06.21 21:13:23 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2011.06.21 21:13:23 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2011.06.21 21:13:23 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2011.06.21 21:13:23 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2011.06.21 21:13:23 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2011.06.12 02:16:56 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.03.08 16:44:32 | 000,287,352 | -H-- | C] () -- C:\Windows\System32\drivers\srtsp.sys
[2009.07.14 09:47:43 | 000,654,166 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2009.07.14 09:47:43 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2009.07.14 09:47:43 | 000,130,006 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2009.07.14 09:47:43 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2009.07.14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 05:33:53 | 000,294,136 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 03:05:48 | 000,616,008 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 03:05:48 | 000,106,388 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.18 18:29:04 | 000,197,654 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2002.03.04 09:16:34 | 000,110,592 | R--- | C] () -- C:\Windows\System32\Jpeg32.dll

< End of report >


und Extras:

OTL Extras logfile created on: 07.11.2011 22:51:07 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\***\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

1,75 Gb Total Physical Memory | 0,85 Gb Available Physical Memory | 48,64% Memory free
3,50 Gb Paging File | 2,41 Gb Available in Paging File | 68,91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,79 Gb Total Space | 183,15 Gb Free Space | 78,68% Space Free | Partition Type: NTFS

Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00F93853-D9D3-4795-A89E-84CCBA0205C9}" = Microsoft IntelliPoint 8.0
"{0D3CECCA-A589-ECCA-EC0B-2F98F2789F60}" = simfy
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 26
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{48F22622-1CC2-4A83-9C1E-644DD96F832D}" = Epson Event Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5E2E4797-502A-4FFD-81EC-F9BA8BF0C581}" = Symantec Endpoint Protection
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{87C2248A-C7DD-49ED-9BCD-B312A9D0819E}" = Epson Easy Photo Print 2
"{8D273DE5-ABFA-4BD0-A9D7-EE9C971438C4}_is1" = PDF-Viewer
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A17EABB6-D0C6-44E5-820C-72DC7F495064}" = PaperPort
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Deutsch
"{ACEB2BAF-96DF-48FD-ADD5-43842D4C443D}" = Adobe AIR
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF4434001}" = Epson Printer Software Downloader
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{D4CFC5F3-481C-40AA-9944-E7E4E732136C}" = Microsoft IntelliType Pro 8.0
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FFFAE01B-466F-4C07-9821-A94FD753BDDA}" = EpsonNet Setup
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"DivX Setup.divx.com" = DivX-Setup
"Epson Printer Software Downloader" = Epson Printer Software Downloader
"EPSON Scanner" = EPSON Scan
"Epson Stylus SX510W_TX550W Benutzerhandbuch" = Epson Stylus SX510W_TX550W Handbuch
"EPSON SX510W Series" = EPSON SX510W Series Printer Uninstall
"LiveUpdate" = LiveUpdate 3.3 (Symantec Corporation)
"Magic ISO Maker v5.5 (build 0281)" = Magic ISO Maker v5.5 (build 0281)
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 7.0.1 (x86 de)" = Mozilla Firefox 7.0.1 (x86 de)
"OpenVPN" = OpenVPN 2.1.1-gui-1.0.3
"Simfy" = simfy
"VLC media player" = VLC media player 1.1.10
"WinRAR archiver" = WinRAR

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 05.11.2011 22:14:02 | Computer Name = ***-PC | Source = Symantec AntiVirus | ID = 16711725
Description = Symantec Manipulationsschutz-Warnung Ziel: C:\Program Files\Symantec\Symantec
Endpoint Protection\SymCorpUI.exe Ereignisinfo: Beenden Vorgang Ausgeführte Aktion:
Protokolliert Ausführender-Prozess: C:\ProgramData\yHafnqNqpiqS.exe (PID 5312) Uhrzeit:
Sonntag, 6. November 2011 03:14:02

Error - 05.11.2011 22:14:02 | Computer Name = ***-PC | Source = Symantec AntiVirus | ID = 16711725
Description = Symantec Manipulationsschutz-Warnung Ziel: C:\Program Files\Symantec\Symantec
Endpoint Protection\SavUI.exe Ereignisinfo: Beenden Vorgang Ausgeführte Aktion:
Protokolliert Ausführender-Prozess: C:\ProgramData\yHafnqNqpiqS.exe (PID 5312) Uhrzeit:
Sonntag, 6. November 2011 03:14:02

Error - 05.11.2011 22:14:06 | Computer Name = ***-PC | Source = Symantec AntiVirus | ID = 16711731
Description = Sicherheitsrisiko gefunden!Trojan.Spyeye!conf in Datei: C:\Recycle.Bin\471CC19CBC70A4F
von: Auto-Protect-Scan. Aktion: Bereinigt durch Löschen. Beschreibung der Aktion:
Die Datei wurde erfolgreich gelöscht.

Error - 05.11.2011 22:14:57 | Computer Name = ***-PC | Source = Symantec AntiVirus | ID = 16711731
Description = Sicherheitsrisiko gefunden!Trojan.Spyeye!conf in Datei: C:\Recycle.Bin\471CC19CBC70A4F
von: Auto-Protect-Scan. Aktion: Bereinigt durch Löschen. Beschreibung der Aktion:
Die Datei wurde erfolgreich gelöscht.

Error - 05.11.2011 22:22:39 | Computer Name = ***-PC | Source = Symantec AntiVirus | ID = 16711731
Description = Sicherheitsrisiko gefunden!UltraDefraggerFraud in Datei: c:\programdata\yhafnqnqpiqs.exe
von: Manuelle-Scan. Aktion: Prozess oder Dienst muss angehalten werden. Beschreibung
der Aktion:

Error - 05.11.2011 22:23:58 | Computer Name = ***-PC | Source = Symantec AntiVirus | ID = 16711731
Description = Sicherheitsrisiko gefunden!UltraDefraggerFraud in Datei: c:\programdata\yhafnqnqpiqs.exe
von: Manuelle-Scan. Aktion: Isolieren erfolgreich. Beschreibung der Aktion: Die
Datei wurde erfolgreich isoliert.

Error - 05.11.2011 22:27:54 | Computer Name = ***-PC | Source = Symantec AntiVirus | ID = 16711731
Description = Sicherheitsrisiko gefunden!Tracking Cookies in Datei: Cookie:***@adfarm1.adition.com/
von: Manuelle-Scan. Aktion: Isolieren fehlgeschlagen : Nichts unternehmen fehlgeschlagen.
Beschreibung der Aktion: Die Datei wurde erfolgreich gelöscht.

Error - 05.11.2011 22:27:54 | Computer Name = ***-PC | Source = Symantec AntiVirus | ID = 16711731
Description = Sicherheitsrisiko gefunden!UltraDefraggerFraud in Datei: c:\programdata\yhafnqnqpiqs.exe
von: Manuelle-Scan. Aktion: Prozess oder Dienst muss angehalten werden. Beschreibung
der Aktion:

Error - 06.11.2011 03:03:49 | Computer Name = ***-PC | Source = Symantec AntiVirus | ID = 16711731
Description = Sicherheitsrisiko gefunden!UltraDefraggerFraud in Datei: c:\programdata\yhafnqnqpiqs.exe
von: Manuelle-Scan. Aktion: Isolieren fehlgeschlagen : Nichts unternehmen fehlgeschlagen.
Beschreibung der Aktion: Die Datei wurde erfolgreich gelöscht.

Error - 07.11.2011 04:08:20 | Computer Name = ***-PC | Source = Symantec AntiVirus | ID = 16711731
Description = Sicherheitsrisiko gefunden!Trojan.FakeAV!gen76 in Datei: c:\programdata\yhafnqnqpiqs.exe
von: Manuelle-Scan. Aktion: Bereinigt durch Löschen. Beschreibung der Aktion:
Die Datei wurde erfolgreich gelöscht.

[ System Events ]
Error - 06.11.2011 12:36:40 | Computer Name = ***-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter

Error - 06.11.2011 12:36:40 | Computer Name = ***-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 06.11.2011 12:36:56 | Computer Name = ***-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = Das WLAN-Erweiterungsmodul konnte nicht gestartet werden. Modulpfad:
C:\Windows\system32\athExt.dll Fehlercode: 126

Error - 06.11.2011 18:56:24 | Computer Name = ***-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 07.11.2011 03:58:30 | Computer Name = ***-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 07.11.2011 04:00:03 | Computer Name = ***-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 07.11.2011 04:37:24 | Computer Name = ***-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 07.11.2011 15:58:41 | Computer Name = ***-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter

Error - 07.11.2011 15:58:41 | Computer Name = ***-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 07.11.2011 15:58:57 | Computer Name = ***-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = Das WLAN-Erweiterungsmodul konnte nicht gestartet werden. Modulpfad:
C:\Windows\system32\athExt.dll Fehlercode: 126


< End of report >

falls benötigt könnte ich auch das GMER file mitschicken.

Danke schonmal im voraus.

 

Themen zu ebenfalls: schwarzer Desktop, keine Dateien, Delayed Write Failed, Critical Error
adfarm, adobe, adobe flash player, antivirus, application/pdf, application/pdf:, autorun, bho, browser, defender, desktop, error, explorer, failed, firefox, flash player, format, install.exe, installation, keine dateien, langs, logfile, netzwerk, plug-in, programme, recover, recycle.bin, registry, rundll, scan, security, shell32.dll, software, symantec, taskhost.exe, tracker, webcheck, windows


« Keine Internetverbindung mehr möglich nach löschen von Trojaner | Windows 7 läßt sich nicht mehr booten nach Programmabsturz »


Ähnliche Themen: ebenfalls: schwarzer Desktop, keine Dateien, Delayed Write Failed, Critical Error


  1. System Check - "Windows - Delayed Write Failed", schwarzer Bildschirm, Datenverlust?
    Log-Analyse und Auswertung - 26.03.2012 (12)
  2. schwarzer Desktop, fehlende Icons und Ordner, delayed writed failed
    Log-Analyse und Auswertung - 10.03.2012 (37)
  3. Windows Delayed Write Failed (Dateien weg, Bildschirm schwarz,kein Internet)
    Plagegeister aller Art und deren Bekämpfung - 01.03.2012 (1)
  4. Hard drive clusters are partly damaged / Windows - Delayed Write Failed / Critical Error und andere
    Plagegeister aller Art und deren Bekämpfung - 24.01.2012 (1)
  5. delayed write failed Virus schwarzer Bildschirm
    Plagegeister aller Art und deren Bekämpfung - 14.01.2012 (90)
  6. delayed-write-failed- schwarzer Bildschirm Bundespolizei
    Log-Analyse und Auswertung - 06.01.2012 (1)
  7. Delayed Write Failed (Alle Icons weg, Schwarzer Hintergrund...)
    Plagegeister aller Art und deren Bekämpfung - 04.01.2012 (21)
  8. schwarzer Desktop, keine Dateien, Delayed Write Failed, Critical Error
    Plagegeister aller Art und deren Bekämpfung - 12.12.2011 (30)
  9. WIN XP:Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\
    Log-Analyse und Auswertung - 25.11.2011 (7)
  10. "Windows - Delayed Write Failed" - Schwarzer Bildschirm, keine Icons
    Log-Analyse und Auswertung - 23.11.2011 (24)
  11. Schwarzer Desktop, Icons versteckt, "delayed write failed..."
    Plagegeister aller Art und deren Bekämpfung - 22.11.2011 (48)
  12. Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\
    Plagegeister aller Art und deren Bekämpfung - 13.11.2011 (101)
  13. Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\
    Log-Analyse und Auswertung - 09.11.2011 (25)
  14. schwarzer Desktop, keine Dateien, Delayed Write Failed, Critical Error
    Plagegeister aller Art und deren Bekämpfung - 07.11.2011 (43)
  15. [doppelt]schwarzer Desktop, keine Dateien, Delayed Write Failed, Critical Error
    Mülltonne - 02.11.2011 (3)
  16. schwarzer Bildschirm, windows delayed write failed
    Plagegeister aller Art und deren Bekämpfung - 19.10.2011 (16)
  17. schwarzer Bildschirm, windows delayed write failed
    Log-Analyse und Auswertung - 18.10.2011 (17)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema ebenfalls: schwarzer Desktop, keine Dateien, Delayed Write Failed, Critical Error - Hi! Da jede Logfile individuell ist hier meine (über OTL): OTL logfile created on: 07.11.2011 22:51:07 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\***\Desktop Ultimate Edition - ebenfalls: schwarzer Desktop, keine Dateien, Delayed Write Failed, Critical Error...
Archiv
Du betrachtest: ebenfalls: schwarzer Desktop, keine Dateien, Delayed Write Failed, Critical Error auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131