Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Trojaner TR/ATRAPS.GEN und TR/ATRAPS.GEN2 eingefangen

Trojaner TR/ATRAPS.GEN und TR/ATRAPS.GEN2 eingefangen


Plagegeister aller Art und deren Bekämpfung: Trojaner TR/ATRAPS.GEN und TR/ATRAPS.GEN2 eingefangen

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 2 von 2 1 2
Alt 03.09.2012, 15:41   #16
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojaner TR/ATRAPS.GEN und TR/ATRAPS.GEN2 eingefangen - Standard

Trojaner TR/ATRAPS.GEN und TR/ATRAPS.GEN2 eingefangen


Mach es nochmal im abgesicherten Modus mit Netzwerktreibern
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 05.09.2012, 11:42   #17
Beas
 
Trojaner TR/ATRAPS.GEN und TR/ATRAPS.GEN2 eingefangen - Standard

Trojaner TR/ATRAPS.GEN und TR/ATRAPS.GEN2 eingefangen


Auch im abgesicherten Modus mit Netzwerktreibern ändert sich nichts. Immer noch kommt die Fehlermeldung von OTL "Out of Memory".
__________________
Alt 05.09.2012, 15:01   #18
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojaner TR/ATRAPS.GEN und TR/ATRAPS.GEN2 eingefangen - Standard

Trojaner TR/ATRAPS.GEN und TR/ATRAPS.GEN2 eingefangen


Du hast OTL neu runtergeladen? Heute bzw. spät gestern abend ist wieder eine neue herausgekommen => Version 3.2.61.0
__________________
__________________
Alt 10.09.2012, 14:09   #19
Beas
 
Trojaner TR/ATRAPS.GEN und TR/ATRAPS.GEN2 eingefangen - Standard

Trojaner TR/ATRAPS.GEN und TR/ATRAPS.GEN2 eingefangen


hab OTL neu runtergeladen und es nochmals probiert. leider immer noch keine Veränderung. Nach einiger Zeit kommt die Meldung "Out of Memory"...

Alt 10.09.2012, 19:26   #20
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojaner TR/ATRAPS.GEN und TR/ATRAPS.GEN2 eingefangen - Standard

Trojaner TR/ATRAPS.GEN und TR/ATRAPS.GEN2 eingefangen


Dann mach ein normales Log

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 12.09.2012, 16:02   #21
Beas
 
Trojaner TR/ATRAPS.GEN und TR/ATRAPS.GEN2 eingefangen - Standard

Trojaner TR/ATRAPS.GEN und TR/ATRAPS.GEN2 eingefangen


hier das otl.log
Code:
ATTFilter
OTL logfile created on: 12.09.2012 16:47:02 - Run 2
OTL by OldTimer - Version 3.2.61.2     Folder = C:\Users\Beas\Desktop
 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,99 Gb Total Physical Memory | 2,16 Gb Available Physical Memory | 72,19% Memory free
5,98 Gb Paging File | 5,14 Gb Available in Paging File | 85,93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 278,56 Gb Total Space | 115,75 Gb Free Space | 41,55% Space Free | Partition Type: NTFS
Drive D: | 19,52 Gb Total Space | 7,78 Gb Free Space | 39,85% Space Free | Partition Type: FAT32
 
Computer Name: BEAS-PC | User Name: Beas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Beas\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (NBVol) -- C:\Windows\System32\drivers\NBVol.sys (Nero AG)
DRV - (NBVolUp) -- C:\Windows\System32\drivers\NBVolUp.sys (Nero AG)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (dmvsc) -- C:\Windows\System32\drivers\dmvsc.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (TsUsbGD) -- C:\Windows\System32\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (FsUsbExDisk) -- C:\Windows\System32\FsUsbExDisk.Sys ()
DRV - (RL_DJIF) -- C:\Windows\System32\drivers\rldjifu.sys (Ploytec GmbH)
DRV - (RL_DJIF_WDM) -- C:\Windows\System32\drivers\rldjifa.sys (Ploytec GmbH)
DRV - (RL_DJIFM) -- C:\Windows\System32\drivers\rldjifm.sys (Ploytec GmbH)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3415437496-1886942379-29569214-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3415437496-1886942379-29569214-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-3415437496-1886942379-29569214-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 85 51 B1 BE 0A F3 CC 01  [binary data]
IE - HKU\S-1-5-21-3415437496-1886942379-29569214-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3415437496-1886942379-29569214-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3415437496-1886942379-29569214-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3415437496-1886942379-29569214-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.borussia.de/de/startseite.html"
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.0: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.08.30 18:10:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.08.30 18:10:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2012.02.24 17:43:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Beas\AppData\Roaming\mozilla\Extensions
[2012.05.02 13:20:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Beas\AppData\Roaming\mozilla\Firefox\Profiles\mr1nb5sc.default\extensions
[2012.03.15 19:48:23 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Beas\AppData\Roaming\mozilla\Firefox\Profiles\mr1nb5sc.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.03.18 19:58:36 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.08.30 18:10:51 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.02.16 13:02:53 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.08.30 18:10:49 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.02.16 13:02:53 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.16 13:02:53 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.16 13:02:53 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.16 13:02:53 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" File not found
O4 - HKLM..\Run: [NPSStartup]  File not found
O4 - HKU\S-1-5-21-3415437496-1886942379-29569214-1000..\Run: [AutoStartNPSAgent] C:\Programme\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\S-1-5-21-3415437496-1886942379-29569214-1000..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 File not found
O4 - HKU\S-1-5-21-3415437496-1886942379-29569214-1000..\Run: [Izacafnuni] C:\Users\Beas\AppData\Roaming\Yvloos\huxa.exe File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Beas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Beas\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AFC8FAE2-EFF1-42F3-8A13-7E13BAC2A516}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - Unable to obtain root file information for disk D:\
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.09.08 12:55:13 | 000,599,552 | ---- | C] (OldTimer Tools) -- C:\Users\Beas\Desktop\OTL.exe
[2012.09.04 11:19:20 | 000,000,000 | ---D | C] -- C:\Users\Beas\AppData\Local\{368D5AFC-1E22-4CBC-AB1E-D4328DB8D47C}
[2012.09.03 22:56:51 | 000,000,000 | ---D | C] -- C:\Users\Beas\AppData\Local\{F1210EB4-F80A-4779-BA96-1A79A9FD4E22}
[2012.09.02 09:47:25 | 000,000,000 | ---D | C] -- C:\Users\Beas\AppData\Local\{9CCBD498-F7CB-4510-8BEC-9D43A7987378}
[2012.09.01 12:33:56 | 000,000,000 | ---D | C] -- C:\Users\Beas\AppData\Local\{38E92D46-C237-4BF1-B307-338D1AC9EDD3}
[2012.08.31 10:53:25 | 000,000,000 | ---D | C] -- C:\Users\Beas\AppData\Local\{692CFD48-F340-413B-AAC0-833E6F82B91D}
[2012.08.30 18:10:14 | 000,000,000 | ---D | C] -- C:\Users\Beas\AppData\Local\{130DDECF-7145-4A9A-9427-914FF7C1DDB3}
[2012.08.30 11:33:03 | 000,000,000 | ---D | C] -- C:\Users\Beas\AppData\Local\{BE49CA08-9664-4030-A329-4C21523E6F70}
[2012.08.29 12:58:42 | 000,000,000 | ---D | C] -- C:\Users\Beas\AppData\Local\{A810B5CD-1BF7-491F-A643-84046D3B2CE1}
[2012.08.28 12:38:58 | 000,000,000 | ---D | C] -- C:\Users\Beas\AppData\Local\{A0504CFA-D0BA-474F-96F6-C3C746D3878B}
[2012.08.27 10:04:40 | 000,000,000 | ---D | C] -- C:\Users\Beas\AppData\Local\{FB1164A5-0F03-48D8-AE73-212D361D68F9}
[2012.08.26 11:49:17 | 000,000,000 | ---D | C] -- C:\Users\Beas\AppData\Local\{7A275DB9-32DC-4F1E-8FAB-C96102AB371A}
[2012.08.25 16:26:34 | 000,000,000 | ---D | C] -- C:\Users\Beas\AppData\Local\Spotify
[2012.08.25 16:26:15 | 000,000,000 | ---D | C] -- C:\Users\Beas\AppData\Roaming\Spotify
[2012.08.25 16:21:06 | 000,000,000 | ---D | C] -- C:\Users\Beas\AppData\Local\{FBBB58C1-651A-4CA4-9660-BBB3C3779D6D}
[2012.08.24 09:38:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.08.24 09:38:02 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.08.24 09:38:01 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.08.24 09:36:03 | 000,000,000 | ---D | C] -- C:\Users\Beas\AppData\Local\{16CFEC68-3CFC-491C-94B0-25819FDAD51E}
[2012.08.23 13:14:33 | 000,000,000 | ---D | C] -- C:\Users\Beas\AppData\Local\{F0AC1F0A-4BD9-402B-AF84-DD47D8FC05FE}
[2012.08.22 11:45:53 | 000,000,000 | ---D | C] -- C:\Users\Beas\AppData\Local\{017C4403-2694-456A-B74F-5054E65F4D5C}
[2012.08.21 20:52:32 | 000,000,000 | ---D | C] -- C:\Users\Beas\AppData\Local\{51B4E138-94DB-4D43-9A65-F345DE97C8D6}
[2012.08.17 12:03:43 | 000,000,000 | ---D | C] -- C:\Users\Beas\AppData\Local\{75655971-BE49-400F-A0F1-6B714371A8A7}
[2012.08.17 12:03:20 | 000,000,000 | ---D | C] -- C:\Users\Beas\AppData\Local\{D5C938BD-8690-4A39-BC63-6E4C4348D776}
[2012.08.16 18:46:23 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.08.16 18:18:40 | 000,000,000 | ---D | C] -- C:\Users\Beas\AppData\Local\{500BCB5C-BDED-4E57-A456-E9EEBA975993}
[2012.08.16 18:18:17 | 000,000,000 | ---D | C] -- C:\Users\Beas\AppData\Local\{8F10D8DC-8EBA-4435-93EA-490CF0A9123B}
[2012.08.16 03:01:22 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.08.16 03:01:20 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.08.16 03:01:19 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.08.16 03:01:19 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.08.16 03:01:18 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.08.16 03:01:17 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.08.16 03:01:16 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.08.15 22:13:05 | 000,000,000 | ---D | C] -- C:\Users\Beas\AppData\Roaming\Malwarebytes
[2012.08.15 22:12:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.08.15 22:12:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.08.15 22:12:53 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.08.15 22:12:53 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.08.15 22:04:28 | 000,000,000 | ---D | C] -- C:\Users\Beas\AppData\Local\{709A772E-6E59-4623-A430-8BFAEBB73B1C}
[2012.08.15 22:04:02 | 000,000,000 | ---D | C] -- C:\Users\Beas\AppData\Local\{98C8B4EF-0061-4EA0-B890-3C134AED3B49}
[2012.08.15 16:27:14 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2012.08.15 16:27:13 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.08.15 16:27:07 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browcli.dll
[2012.08.15 16:22:39 | 000,000,000 | ---D | C] -- C:\Users\Beas\AppData\Local\{0AFB2FFB-CD7E-46D8-A4B5-709196297F3D}
[2012.08.15 16:22:14 | 000,000,000 | ---D | C] -- C:\Users\Beas\AppData\Local\{98104808-F930-475B-8724-8A24D80CF422}
[2012.08.15 16:21:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.08.14 11:23:56 | 000,000,000 | ---D | C] -- C:\Users\Beas\AppData\Local\{605E0F6D-1EB0-4F35-8F71-E94A80429591}
[2012.08.14 11:23:41 | 000,000,000 | ---D | C] -- C:\Users\Beas\AppData\Local\{1309A867-240B-4619-8FA1-1616E7EB6914}
 
========== Files - Modified Within 30 Days ==========
 
File not found -- C:\Windows\System32\
[2012.09.12 16:53:11 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.09.12 16:51:51 | 000,022,032 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.12 16:51:51 | 000,022,032 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.12 16:44:45 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.09.12 16:44:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.12 16:44:15 | 2408,390,656 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.08 13:42:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.09.08 12:55:14 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Users\Beas\Desktop\OTL.exe
[2012.08.25 16:26:33 | 000,001,803 | ---- | M] () -- C:\Users\Beas\Desktop\Spotify.lnk
[2012.08.23 16:54:30 | 000,654,166 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.08.23 16:54:30 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.08.23 16:54:30 | 000,130,006 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.08.23 16:54:30 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.08.23 16:48:56 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.08.23 16:48:56 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.08.23 16:07:22 | 000,596,307 | ---- | M] () -- C:\Users\Beas\Desktop\vz ew.pdf
[2012.08.23 16:06:56 | 000,745,423 | ---- | M] () -- C:\Users\Beas\Desktop\vz sport2.pdf
[2012.08.23 16:06:42 | 000,009,496 | ---- | M] () -- C:\Users\Beas\Desktop\vz sport.pdf
[2012.08.23 16:06:05 | 000,289,045 | ---- | M] () -- C:\Users\Beas\Desktop\vz sopäd.pdf
[2012.08.16 03:21:41 | 000,353,872 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.08.15 22:12:55 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
 
========== Files Created - No Company Name ==========
 
File not found -- C:\Windows\System32\
[2012.08.25 16:26:33 | 000,001,803 | ---- | C] () -- C:\Users\Beas\Desktop\Spotify.lnk
[2012.08.25 16:26:33 | 000,001,789 | ---- | C] () -- C:\Users\Beas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
[2012.08.23 16:07:22 | 000,596,307 | ---- | C] () -- C:\Users\Beas\Desktop\vz ew.pdf
[2012.08.23 16:06:56 | 000,745,423 | ---- | C] () -- C:\Users\Beas\Desktop\vz sport2.pdf
[2012.08.23 16:06:42 | 000,009,496 | ---- | C] () -- C:\Users\Beas\Desktop\vz sport.pdf
[2012.08.23 16:06:05 | 000,289,045 | ---- | C] () -- C:\Users\Beas\Desktop\vz sopäd.pdf
[2012.08.15 22:12:55 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.08.03 12:53:09 | 000,000,000 | ---- | C] () -- C:\Users\Beas\defogger_reenable
[2012.07.18 00:59:51 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2012.07.18 00:59:51 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2012.07.07 20:25:55 | 000,001,024 | ---- | C] () -- C:\Users\Beas\.rnd
[2012.04.21 12:43:47 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2012.04.21 12:43:47 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2012.03.19 13:55:21 | 000,013,931 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat
[2012.03.19 13:49:56 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2012.03.17 16:53:25 | 000,000,170 | ---- | C] () -- C:\Users\Beas\AppData\Roaming\wklnhst.dat
[2012.02.25 14:34:31 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{9dff51a6-50e4-4ae2-29ed-ca8dc94106a4}\@
[2012.02.25 14:34:31 | 000,002,048 | -HS- | C] () -- C:\Users\Beas\AppData\Local\{9dff51a6-50e4-4ae2-29ed-ca8dc94106a4}\@
[2012.02.24 17:40:30 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2011.04.12 03:30:05 | 000,654,166 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2011.04.12 03:30:05 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2011.04.12 03:30:05 | 000,130,006 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2011.04.12 03:30:05 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2010.11.20 23:29:26 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe

< End of report >
und extras.log
Code:
ATTFilter
OTL Extras logfile created on: 12.09.2012 16:47:02 - Run 2
OTL by OldTimer - Version 3.2.61.2     Folder = C:\Users\Beas\Desktop
 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,99 Gb Total Physical Memory | 2,16 Gb Available Physical Memory | 72,19% Memory free
5,98 Gb Paging File | 5,14 Gb Available in Paging File | 85,93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 278,56 Gb Total Space | 115,75 Gb Free Space | 41,55% Space Free | Partition Type: NTFS
Drive D: | 19,52 Gb Total Space | 7,78 Gb Free Space | 39,85% Space Free | Partition Type: FAT32
 
Computer Name: BEAS-PC | User Name: Beas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-3415437496-1886942379-29569214-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
========== Firewall Settings ==========
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}" = iTunes
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller  Driver
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}" = Apple Mobile Device Support
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}" = Ralink RT2860 Wireless LAN Card
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240CC}" = WinZip 16.0
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8EF9B71-53E7-41F5-8E54-47B4C979CB38}" = Nero Backup Drivers
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Avira AntiVir Desktop" = Avira Free Antivirus
"ESET Online Scanner" = ESET Online Scanner v3
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.17.221
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 15.0 (x86 de)" = Mozilla Firefox 15.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Picasa 3" = Picasa 3
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TVWiz" = Intel(R) TV Wizard
"USB_AUDIO_DEusb-audio.deRLDJIF" = Digital Jockey Interface Driver
"VLC media player" = VLC media player 2.0.0
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.11 (32-Bit)
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-3415437496-1886942379-29569214-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Spotify" = Spotify
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 04.09.2012 16:57:52 | Computer Name = Beas-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 04.09.2012 17:25:31 | Computer Name = Beas-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 05.09.2012 05:54:39 | Computer Name = Beas-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 06.09.2012 06:07:22 | Computer Name = Beas-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 06.09.2012 06:14:32 | Computer Name = Beas-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 06.09.2012 06:59:12 | Computer Name = Beas-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 08.09.2012 06:50:31 | Computer Name = Beas-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 08.09.2012 09:00:50 | Computer Name = Beas-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 08.09.2012 14:09:48 | Computer Name = Beas-PC | Source = Microsoft-Windows-CAPI2 | ID = 512
Description = Vom Kryptografiedienst konnte das VSS-Sicherungsobjekt "System Writer"
 nicht initialisiert werden.  Details: Could not query the status of the EventSystem
 service.  System Error: Der Computer wird heruntergefahren.  .
 
Error - 12.09.2012 10:46:04 | Computer Name = Beas-PC | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 02.05.2012 12:46:25 | Computer Name = Beas-PC | Source = DCOM | ID = 10000
Description = 
 
Error - 08.05.2012 11:09:42 | Computer Name = Beas-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?08.?05.?2012 um 16:12:02 unerwartet heruntergefahren.
 
Error - 08.05.2012 18:18:50 | Computer Name = Beas-PC | Source = DCOM | ID = 10000
Description = 
 
Error - 18.05.2012 07:46:13 | Computer Name = Beas-PC | Source = DCOM | ID = 10000
Description = 
 
Error - 30.05.2012 07:47:50 | Computer Name = Beas-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Windows Defender" wurde mit folgendem Fehler beendet: 
  %%-2147024882
 
Error - 30.05.2012 12:03:13 | Computer Name = Beas-PC | Source = DCOM | ID = 10000
Description = 
 
Error - 07.06.2012 04:57:35 | Computer Name = Beas-PC | Source = DCOM | ID = 10000
Description = 
 
Error - 07.06.2012 05:33:06 | Computer Name = Beas-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Apple Mobile Device" wurde unerwartet beendet. Dies ist
 bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden
 durchgeführt: Neustart des Diensts.
 
 
< End of report >

Alt 12.09.2012, 19:24   #22
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojaner TR/ATRAPS.GEN und TR/ATRAPS.GEN2 eingefangen - Standard

Trojaner TR/ATRAPS.GEN und TR/ATRAPS.GEN2 eingefangen


Das versteh ich jetzt schon wieder nicht!
Du hast OTL vor ein paar Tagen neu runtergeladen machst aber heute mit dieser jetzt wieder älteren Version das Log

Warum kann man nicht einfach wenn man soweiso das Log mit OTL machen will einfach OTL nochmal neu runterladen?
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort
Seite 2 von 2 1 2

Themen zu Trojaner TR/ATRAPS.GEN und TR/ATRAPS.GEN2 eingefangen
adobe, adobe flash player, adware, antivir, autorun, avg, avira, bho, bonjour, converter, explorer, firefox, flash player, format, google earth, helper, hängt, langs, mozilla, mp3, opera, plug-in, programme, registry, scan, software, tr/atraps.gen und tr/atraps.gen2, trojaner, trojaner tr/atraps.gen, windows


« TR Spy.Zbot.eshb.1 und EXP/ CVE 2012-0507 von Avira gefunden | live security platinum »


Ähnliche Themen: Trojaner TR/ATRAPS.GEN und TR/ATRAPS.GEN2 eingefangen


  1. Trojaner TR/ATRAPS.Gen2 eingefangen - Windows 7
    Plagegeister aller Art und deren Bekämpfung - 01.11.2013 (20)
  2. Habe mir einen Trojaner eingefangen (TR/ATRAPS.Gen2)
    Log-Analyse und Auswertung - 08.10.2013 (15)
  3. Trojaner: tr/atraps.gen2, tr/atraps.gen, tr/atraps.gen3, tr/atraps.gen4, tr/atraps.gen5, tr/atraps.gen7 und services.exe virus
    Plagegeister aller Art und deren Bekämpfung - 11.01.2013 (29)
  4. Trojaner TR/ATRAPS.Gen2 und weitere eingefangen
    Log-Analyse und Auswertung - 27.12.2012 (3)
  5. WIEDERKEHRENDE TROJANER NAMENS TR/Necurs.A.49; TR/ATRAPS.Gen; TR/ATRAPS.Gen2, TR/Rootkit.Gen; TR/Crypt.ZPACK.Gen.+ DANKE! +
    Log-Analyse und Auswertung - 02.12.2012 (49)
  6. Trojaner Befall TR/ATRAPS.GEN ,TR/ATRAPS.GEN2 , TR/Cutwail.jhg , TR/ZAccess.H , TR/Sirefef.A.37
    Plagegeister aller Art und deren Bekämpfung - 08.10.2012 (17)
  7. habe mir TR/ATRAPS.Gen und TR/ATRAPS.Gen2 eingefangen und Angst
    Log-Analyse und Auswertung - 16.09.2012 (3)
  8. Trojaner AT/ATRAPS.GEN2 eingefangen - BRAUCHE HILFE!
    Plagegeister aller Art und deren Bekämpfung - 30.08.2012 (38)
  9. TR/ATRAPS.GEN2; TR/ATRAPS.GEN und diverse andere Trojaner
    Plagegeister aller Art und deren Bekämpfung - 17.08.2012 (1)
  10. TR/ATRAPS.Gen und TR/ATRAPS.Gen2 auf dem PC eingefangen
    Plagegeister aller Art und deren Bekämpfung - 30.07.2012 (1)
  11. Von Avira gefundene Trojaner - TR/Crypt.ZPACK.Gen, TR/ATRAPS.Gen, TR/ATRAPS.Gen2 und BDS/ZAccess.T
    Log-Analyse und Auswertung - 27.07.2012 (25)
  12. Trojaner Meldung Von FreeAntiVir TR/ATraps/Gen2 / TR/ATraps/Gen
    Plagegeister aller Art und deren Bekämpfung - 15.07.2012 (3)
  13. Trojaner TR/ATRAPS.gen und TR/ATRAPS.Gen2 lässt sich nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 14.07.2012 (30)
  14. Trojaner Atraps.Gen, Atraps.Gen2 und Sirefef.AB.20 - gelöscht, aber auch sicher?
    Log-Analyse und Auswertung - 14.07.2012 (23)
  15. Antivir findet 4 Trojaner: TR/ATRAPS.Gen, TR/ATRAPS.Gen2, Sirefef.P.342, Dldr.Phdet.E.41
    Log-Analyse und Auswertung - 11.07.2012 (1)
  16. Trojaner tr/atraps.gen & tr atraps.gen2 von AntiVir gemeldet
    Plagegeister aller Art und deren Bekämpfung - 10.07.2012 (5)
  17. Und noch einer: Trojaner TR/ATRAPS.Gen2 und TR/ATRAPS.Gen und W32/Patched.UA HILFE!!!
    Log-Analyse und Auswertung - 28.06.2012 (7)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Trojaner TR/ATRAPS.GEN und TR/ATRAPS.GEN2 eingefangen - Mach es nochmal im abgesicherten Modus mit Netzwerktreibern - Trojaner TR/ATRAPS.GEN und TR/ATRAPS.GEN2 eingefangen...
Archiv
Du betrachtest: Trojaner TR/ATRAPS.GEN und TR/ATRAPS.GEN2 eingefangen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19