Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: WIN XP:Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 22.11.2011, 23:07   #1
glaser
 
WIN XP:Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\ - Standard

WIN XP:Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\



hallo zusammen,
ich habe etwa das gleiche problem wie in folgendem thread beschrieben:
http://www.trojaner-board.de/104868-...-system32.html
allerdings benutze ich win xp und nicht windows 7; und ich bin mir nicht sicher ob ich combifix.exe so verwenden kann wie in o.g. thread beschrieben (die warnung im forum schreckt schliesslich ab )
den virus hab ich mir übrigens auf der suche nach einem livestream für das heutige championsleague spiel eingefangen (danke ans Pay-TV an der stelle...)

ausserdem konnte ich zuerst den PC gar nicht mehr booten, da mein bootsystem stoppte und vor einem boot virus warnte und sagte ich soll "www.antivirus.org" besuchen - ist das auch bestandteil des viruses?
jedenfalls hab ich im bios menü das scannen nach bootviren deaktiviert und komme so zum glück wenigstens wieder in windows rein.
derzeit läuft win xp im abgesicherten modus und alle dateien waren verschwunden.
wie im anderen thread beschrieben habe ich unhide.exe verwendet und mitlerweile zeigt er soweit ich es beurteilen kann wieder alle ordnerinhalte an.
ich poste mal das OTL log und hoffe auf weitere hilfestellung.
vielen Dank

Alt 22.11.2011, 23:10   #2
glaser
 
WIN XP:Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\ - Standard

WIN XP:Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\



OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 22.11.2011 22:50:01 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Downloads
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1023,53 Mb Total Physical Memory | 613,45 Mb Available Physical Memory | 59,93% Memory free
2,41 Gb Paging File | 2,16 Gb Available in Paging File | 89,83% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 19,52 Gb Total Space | 2,09 Gb Free Space | 10,73% Space Free | Partition Type: FAT32
Drive G: | 73,23 Gb Total Space | 15,42 Gb Free Space | 21,06% Space Free | Partition Type: NTFS
Drive H: | 93,53 Gb Total Space | 7,12 Gb Free Space | 7,62% Space Free | Partition Type: NTFS
Drive X: | 232,88 Gb Total Space | 121,57 Gb Free Space | 52,20% Space Free | Partition Type: NTFS
 
Computer Name: MARC-BZZZZZ | User Name: Administrator | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = htmlfile] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Programme\Winamp5\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Programme\Winamp5\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Programme\Winamp5\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\Veetle\Player\VeetleNet.exe" = C:\Programme\Veetle\Player\VeetleNet.exe:*:Enabled:VeetleNet -- ()
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\Veetle\Player\VeetleNet.exe" = C:\Programme\Veetle\Player\VeetleNet.exe:*:Enabled:VeetleNet -- ()
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{04830D0F-F980-4EC0-89F1-594F2FD2A1B5}" = ElsterFormular 2008/2009
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{181AC4C7-B83C-4B5F-B566-E19BF2472429}" = HP Photosmart Premium C309g-m All-In-One Driver Software 13.0 Rel .6
"{1C27C64B-D5CF-4881-A310-0BD2A0D21927}" = ElsterFormular 2005/2006
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{21DBBDD6-93A5-4326-9A04-C9A5C9148502}" = Norton PartitionMagic
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{31C50740-FC5A-4C6C-B91B-E3B5DFADC824}" = Logitech QuickCam
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35725FBC-A136-4A46-9F29-091759D9BB93}" = MVision
"{3DD0716A-1F20-238B-FE6E-CDB53317961B}" = NEW_YEARS_DAE
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{4781569D-5404-1F26-4B2B-6DF444441031}" = Nero 7 Premium
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{5533F5C4-6825-42A8-8FBC-40E044DBD042}" = Game Scanner
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A905A05-964C-4F03-9A96-D34167807EC0}" = PS_AIO_06_C309g-m_SW_Min
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{75247E38-5C9B-45D6-ADF8-E11CB56B4990}" = Network
"{786C5747-1437-443D-B06E-79A00FE45110}" = Adobe Stock Photos 1.0
"{7A27AAF5-1FD6-48B4-95C4-7354A1C35455}" = C309g-m
"{7B63B2922B174135AFC0E1377DD81EC2}" = 
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer
"{8FFC924C-ED06-44CB-8867-3CA778ECE903}" = Adobe Help Center 2.0
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A67BB21E-D419-45BB-AB86-7D87D14BBCE2}" = Safari
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3
"{AE3D38A6-13B1-40B3-9423-D1FA9982FB6A}" = Adobe Bridge 1.0
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B42A6552-1A83-4D79-9137-AB0C9036249A}" = Quake Live Mozilla Plugin
"{B480BD2A-F1BA-4FE6-8C8E-34C6111B72C9}" = ElsterFormular 2007/2008
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B74D4E10-0000-0000-0000-EDED00000102}" = Adobe ExtendScript Toolkit 1.0
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BEF726DD-4037-4214-8C6A-E625C02D2870}" = Logitech Audio Echo Cancellation Component
"{C1939820-A945-11D4-86F6-0001031E5712}" = InterVideo WinDVD
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CBBCBE04-EA5E-4201-A924-E7ED3E8686AE}" = ElsterFormular 2006/2007
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DD362256-A7A2-4524-9457-213DDC2AFC2A}" = Adobe After Effects 7.0
"{EA516024-D84D-41F1-814F-83175A6188F2}" = Logitech Video Enumerator
"{F02CF4B0-05EC-4938-A8D2-F739AF3B4363}" = Microsoft IntelliType Pro 5.5
"{F59A9E08-A6A4-4ACF-91F2-D0344956C30B}" = iTunes
"{FA17A726-B229-4116-B793-A2AB1A4EAE2E}" = Adobe Premiere Pro 2.0
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Avance AC'97 Audio
"Adobe After Effects 7.0" = Adobe After Effects 7.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Premiere Pro 2.0" = Adobe Premiere Pro 2.0
"cdngo_is1" = CD'n'Go! Suite 2.00
"com.adobe.example.FileDownload-01.818C15B818A2CA70841A72A58590C09C55C569D2.1" = NEW_YEARS_DAE
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"ElsterFormular für Privatanwender 12.3.2.6814p" = ElsterFormular für Privatanwender
"eMule" = eMule
"Exact Audio Copy" = Exact Audio Copy 0.95b4
"FileZilla Client" = FileZilla Client 3.0.11
"GENEUIDE" = USB Storage Driver
"Google Updater" = Google Updater
"Grusskartendesigner für Microsoft Windows" = Grusskartendesigner für Microsoft Windows
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"hp psc 700 series 1151589619" = hp psc 700 series
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"InstallShield_{21DBBDD6-93A5-4326-9A04-C9A5C9148502}" = Norton PartitionMagic 8.0
"MFVirtualDrives_is1" = MFVirtualDrives 1.1.0
"mIRC" = mIRC
"Mozilla Firefox 8.0 (x86 en-US)" = Mozilla Firefox 8.0 (x86 en-US)
"Nero - Burning Rom" = Nero - Burning Rom
"NVIDIA Drivers" = NVIDIA Drivers
"PDF Combine_is1" = PDF Combine
"pdfFactory" = pdfFactory
"PunkBusterSvc" = PunkBuster Services
"QcDrv" = Logitech® Camera-Treiber
"Qtracker" = Qtracker
"RA3" = Rocket Arena 3 1.76 (remove only)
"Security Task Manager" = Security Task Manager 1.6f
"Shop for HP Supplies" = Shop for HP Supplies
"SopCast" = SopCast 3.2.8
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.5.2.20
"Still Life" = Still Life
"SUPER ©" = SUPER © Version 2008.bld.32 (July 8, 2008)
"Veetle TV" = Veetle TV
"VLC media player" = VideoLAN VLC media player 0.8.0
"vShare.tv plugin" = vShare.tv plugin 1.3
"Winamp" = Winamp (remove only)
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 2
"WinRAR archiver" = WinRAR Archivierer
"xp-AntiSpy" = xp-AntiSpy 3.96-1
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 10.10.2011 06:57:38 | Computer Name = MARC-BZZZZZ | Source = AVWUpSrv | ID = 0
Description = 
 
Error - 17.10.2011 12:55:58 | Computer Name = MARC-BZZZZZ | Source = AVWUpSrv | ID = 0
Description = 
 
Error - 24.10.2011 13:20:26 | Computer Name = MARC-BZZZZZ | Source = AVWUpSrv | ID = 0
Description = 
 
Error - 01.11.2011 11:02:08 | Computer Name = MARC-BZZZZZ | Source = AVWUpSrv | ID = 0
Description = 
 
Error - 03.11.2011 19:26:30 | Computer Name = MARC-BZZZZZ | Source = AVWUpSrv | ID = 0
Description = 
 
Error - 08.11.2011 14:40:33 | Computer Name = MARC-BZZZZZ | Source = AVWUpSrv | ID = 0
Description = 
 
Error - 15.11.2011 14:45:25 | Computer Name = MARC-BZZZZZ | Source = AVWUpSrv | ID = 0
Description = 
 
Error - 22.11.2011 15:21:38 | Computer Name = MARC-BZZZZZ | Source = AVWUpSrv | ID = 0
Description = 
 
Error - 22.11.2011 16:30:48 | Computer Name = MARC-BZZZZZ | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 6.0.2900.2180, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
[ System Events ]
Error - 22.11.2011 17:12:37 | Computer Name = MARC-BZZZZZ | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Systemwiederherstellungsdienst" wurde mit folgendem Fehler
 beendet:   %%5
 
Error - 22.11.2011 17:12:37 | Computer Name = MARC-BZZZZZ | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   Fips  intelppm
 
Error - 22.11.2011 17:12:37 | Computer Name = MARC-BZZZZZ | Source = Service Control Manager | ID = 7034
Description = Dienst "DNS-Client" wurde unerwartet beendet. Dies ist bereits 1 Mal
 passiert.
 
Error - 22.11.2011 17:14:45 | Computer Name = MARC-BZZZZZ | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "StiSvc"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
Error - 22.11.2011 17:14:45 | Computer Name = MARC-BZZZZZ | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "StiSvc"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
Error - 22.11.2011 17:16:16 | Computer Name = MARC-BZZZZZ | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet:   %%1460
 
Error - 22.11.2011 17:16:19 | Computer Name = MARC-BZZZZZ | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "ntmssvc"
 mit den Argumenten "-Service"  gestartet wurde, um den folgenden Server zu verwenden:
{D61A27C6-8F53-11D0-BFA0-00A024151983}
 
Error - 22.11.2011 17:27:56 | Computer Name = MARC-BZZZZZ | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "StiSvc"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
Error - 22.11.2011 17:35:49 | Computer Name = MARC-BZZZZZ | Source = DCOM | ID = 10010
Description = Der Server "{0002DF01-0000-0000-C000-000000000046}" konnte innerhalb
 des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
 
Error - 22.11.2011 17:46:56 | Computer Name = MARC-BZZZZZ | Source = DCOM | ID = 10010
Description = Der Server "{0002DF01-0000-0000-C000-000000000046}" konnte innerhalb
 des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
 
 
< End of report >
         
--- --- ---
__________________


Alt 22.11.2011, 23:11   #3
glaser
 
WIN XP:Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\ - Standard

WIN XP:Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\



OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 22.11.2011 22:50:01 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Downloads
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1023,53 Mb Total Physical Memory | 613,45 Mb Available Physical Memory | 59,93% Memory free
2,41 Gb Paging File | 2,16 Gb Available in Paging File | 89,83% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 19,52 Gb Total Space | 2,09 Gb Free Space | 10,73% Space Free | Partition Type: FAT32
Drive G: | 73,23 Gb Total Space | 15,42 Gb Free Space | 21,06% Space Free | Partition Type: NTFS
Drive H: | 93,53 Gb Total Space | 7,12 Gb Free Space | 7,62% Space Free | Partition Type: NTFS
Drive X: | 232,88 Gb Total Space | 121,57 Gb Free Space | 52,20% Space Free | Partition Type: NTFS
 
Computer Name: MARC-BZZZZZ | User Name: Administrator | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
MOD - C:\WINDOWS\system32\nvshell.dll ()
MOD - C:\Programme\WinRAR\rarext.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (btcfg64) btcfg64(btcfg64) --  File not found
SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (LVSrvLauncher) -- C:\Programme\Gemeinsame Dateien\LogiShrd\SrvLnch\SrvLnch.exe (Logitech Inc.)
SRV - (LVPrcSrv) -- c:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (Adobe LM Service) -- C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)
SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (AVWUpSrv) -- C:\Programme\AVPersonal\AVWUPSRV.EXE (H+BEDV Datentechnik GmbH, Germany)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (LVPr2Mon) -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys ()
DRV - (LVMVDrv) -- C:\WINDOWS\system32\drivers\LVMVdrv.sys (Logitech Inc.)
DRV - (LVcKap) -- C:\WINDOWS\system32\drivers\Lvckap.sys ()
DRV - (LVUSBSta) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (PID_PEPI) Logitech QuickCam IM(PID_PEPI) -- C:\WINDOWS\system32\drivers\LV302V32.SYS (Logitech Inc.)
DRV - (pepifilter) -- C:\WINDOWS\system32\drivers\lv302af.sys (Logitech Inc.)
DRV - (imagesrv) -- C:\WINDOWS\system32\DRIVERS\imagesrv.sys (Ahead Software AG)
DRV - (imagedrv) -- C:\WINDOWS\System32\Drivers\imagedrv.sys (Ahead Software AG)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (rtl8139) NT-Treiber für Realtek RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\rtl8139.sys (Realtek Semiconductor Corporation)
DRV - (PQNTDrv) -- C:\WINDOWS\System32\drivers\PQNTDRV.sys (PowerQuest Corporation)
DRV - (ALCXWDM) Service for Avance AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Avance Logic, Inc.)
DRV - (ms_mpu401) -- C:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Search
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Upgrade to Google Chrome
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
 
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: G:\Programme_2\itunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player:  File not found
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Programme\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Programme\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Programme\Veetle\Player\npvlc.dll (Veetle Inc)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Programme\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.04.01 00:22:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Programme\DivX\DivX Plus Web Player\firefox\html5video [2011.05.20 20:29:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Programme\DivX\DivX Plus Web Player\firefox\wpa [2011.05.20 20:29:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2006.06.27 14:15:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2006.06.27 14:15:30 | 000,000,000 | ---D | M]
 
[2011.11.22 22:11:52 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Extensions
[2008.01.20 22:51:06 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\r6npsmm4.default\extensions
[2006.06.27 14:15:30 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.08.21 21:44:32 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011.11.11 18:40:08 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2011.10.03 11:14:54 | 000,083,456 | ---- | M] (vShare.tv ) -- C:\Programme\mozilla firefox\plugins\npvsharetvplg.dll
[2011.05.10 00:33:28 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2011.11.11 18:40:08 | 000,002,040 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\twitter.xml
 
O1 HOSTS File: ([2008.02.21 21:38:32 | 000,226,721 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	Alma Public Directory
O1 - Hosts: 127.0.0.1	1001-search.info
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	100sexlinks.com - Informationen zum Thema Sex links. Diese Website steht zum Verkauf!
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	Index of /
O1 - Hosts: 127.0.0.1	123topsearch.com
O1 - Hosts: 127.0.0.1	132???
O1 - Hosts: 127.0.0.1	132.com
O1 - Hosts: 127.0.0.1	www.136136.net
O1 - Hosts: 127.0.0.1	136136.net
O1 - Hosts: 7952 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Programme\vShare.tv plugin\BarLcher.dll (VShare Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Programme\vShare.tv plugin\BarLcher.dll (VShare Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [CMHxHbrYhPJ.exe] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CMHxHbrYhPJ.exe ()
O4 - HKLM..\Run: [DivXUpdate] C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Programme\Gemeinsame Dateien\LogiShrd\LComMgr\Communications_Helper.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Programme\Logitech\QuickCam10\QuickCam10.exe ()
O4 - HKLM..\Run: [Microsoft web update] webmsn.exe File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NWEReboot]  File not found
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Avance Logic, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.6.0_05\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Programme\Winamp5\winampa.exe ()
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\FlashUtil11c_Plugin.exe (Adobe Systems, Inc.)
O4 - HKCU..\RunOnce: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -trayboot File not found
O4 - HKCU..\RunOnce: [NeroHomeFirstStart] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroScoutOptions.exe (Nero AG)
O4 - HKLM..\RunServices: [Microsoft web update] webmsn.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\npjpi160_05.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1AD54710-264C-4779-AF40-A9FD17C88DFD}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) -  File not found
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop BackupWallPaper: 
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.06.26 21:31:50 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.11.22 22:35:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Identities
[2011.11.22 22:35:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Identities
[2011.11.22 22:20:02 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien
[2011.11.22 22:20:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Downloads
[2011.11.22 22:11:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Adobe
[2011.11.16 22:25:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Qtracker
[2011.11.16 22:24:44 | 000,000,000 | ---D | C] -- C:\Programme\Qtracker
[2011.11.14 20:13:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\id Software
[2011.11.14 20:13:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\id Software
[2011.11.04 00:32:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\Hewlett-Packard
[2011.10.28 20:19:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Apple Computer
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.11.22 22:11:00 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.11.22 22:03:06 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.11.22 21:04:36 | 000,434,944 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CMHxHbrYhPJ.exe
[2011.11.22 21:00:02 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011.11.22 20:38:02 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.11.22 20:16:36 | 000,063,804 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011.11.22 20:16:30 | 000,002,262 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.11.15 23:21:24 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011.11.11 18:47:12 | 000,227,294 | ---- | M] () -- C:\WINDOWS\hpoins41.dat
[2011.10.31 15:20:44 | 000,114,968 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.11.22 21:07:35 | 000,434,944 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CMHxHbrYhPJ.exe
[2010.05.19 19:47:24 | 000,001,253 | ---- | C] () -- C:\WINDOWS\hpomdl41.dat.temp
[2010.04.01 00:14:56 | 000,227,294 | ---- | C] () -- C:\WINDOWS\hpoins41.dat
[2010.04.01 00:14:56 | 000,001,253 | ---- | C] () -- C:\WINDOWS\hpomdl41.dat
[2010.02.17 21:45:56 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009.05.05 21:44:26 | 002,373,712 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe
[2008.07.28 00:47:57 | 000,502,784 | ---- | C] () -- C:\WINDOWS\x2.64.exe
[2008.07.28 00:47:57 | 000,240,128 | ---- | C] () -- C:\WINDOWS\System32\x.264.exe
[2008.07.28 00:47:57 | 000,217,073 | ---- | C] () -- C:\WINDOWS\meta4.exe
[2008.07.28 00:47:57 | 000,066,560 | ---- | C] () -- C:\WINDOWS\MOTA113.exe
[2008.07.28 00:47:57 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2008.02.21 21:31:10 | 000,691,545 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2008.02.21 21:31:10 | 000,002,550 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2008.01.06 21:59:27 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\deluidrv.exe
[2008.01.06 21:59:27 | 000,032,768 | R--- | C] () -- C:\WINDOWS\System32\delentry.exe
[2008.01.06 21:59:27 | 000,000,445 | R--- | C] () -- C:\WINDOWS\System32\iconcfg.ini
[2007.10.22 22:09:25 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2007.10.22 20:37:53 | 000,048,205 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2007.07.09 22:15:06 | 000,139,336 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2007.07.09 22:14:59 | 000,214,720 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2007.07.09 22:14:34 | 000,075,064 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2006.12.22 12:32:48 | 000,025,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2006.12.22 12:30:42 | 001,683,232 | ---- | C] () -- C:\WINDOWS\System32\drivers\Lvckap.sys
[2006.12.10 23:41:51 | 000,308,224 | ---- | C] () -- C:\WINDOWS\System32\Lffpx7.dll
[2006.12.10 23:41:51 | 000,091,136 | ---- | C] () -- C:\WINDOWS\System32\Lfkodak.dll
[2006.10.04 09:04:26 | 000,003,208 | ---- | C] () -- C:\WINDOWS\tm.ini
[2006.09.15 14:03:40 | 000,001,362 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache
[2006.08.06 22:47:18 | 000,000,088 | ---- | C] () -- C:\WINDOWS\CDPlayer.INI
[2006.07.11 18:35:04 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2006.07.07 18:44:47 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2006.07.07 18:44:47 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
[2006.07.07 18:44:47 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
[2006.07.07 18:44:47 | 000,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2006.07.07 18:44:47 | 000,000,073 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll
[2006.06.30 02:02:51 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006.06.30 00:37:53 | 000,284,160 | ---- | C] () -- C:\WINDOWS\unin0407.exe
[2006.06.29 15:59:57 | 000,000,020 | ---- | C] () -- C:\WINDOWS\Hposcv07.INI
[2006.06.28 22:16:39 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2006.06.28 16:14:24 | 000,000,403 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006.06.28 11:41:55 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2006.06.27 15:34:47 | 000,004,212 | ---- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2006.06.27 15:24:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\sucker.exe
[2006.06.27 14:37:36 | 000,001,065 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2006.06.27 14:15:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006.06.27 14:15:34 | 000,107,132 | ---- | C] () -- C:\WINDOWS\UninstallFirefox.exe
[2006.06.27 14:15:29 | 000,003,134 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2006.06.27 14:14:43 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html
[2006.06.27 13:53:53 | 000,000,164 | R--- | C] () -- C:\WINDOWS\avrack.ini
[2006.06.27 13:53:41 | 000,003,798 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2006.06.27 13:53:40 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2006.06.26 21:34:08 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006.06.26 21:29:32 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006.06.26 21:26:11 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006.06.26 21:25:27 | 000,114,968 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006.06.01 17:22:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006.06.01 17:22:00 | 001,519,616 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2006.06.01 17:22:00 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006.06.01 17:22:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2006.06.01 17:22:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006.06.01 17:22:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006.06.01 17:22:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006.06.01 17:22:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2006.06.01 17:22:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2006.06.01 17:22:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006.06.01 17:22:00 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2004.08.02 14:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2002.08.29 01:54:14 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2001.08.31 22:15:44 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.08.31 22:15:44 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.08.18 19:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.08.18 19:00:00 | 000,316,594 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2001.08.18 19:00:00 | 000,311,604 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001.08.18 19:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.08.18 19:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2001.08.18 19:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.08.18 19:00:00 | 000,048,156 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2001.08.18 19:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.08.18 19:00:00 | 000,039,992 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001.08.18 19:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2001.08.18 19:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.08.18 19:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[1999.01.22 20:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

< End of report >
         
--- --- ---
__________________

Alt 23.11.2011, 19:04   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
WIN XP:Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\ - Standard

WIN XP:Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\



Bitte nun routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 24.11.2011, 20:19   #5
glaser
 
WIN XP:Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\ - Standard

WIN XP:Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\



Malwarebytes' Anti-Malware 1.51.2.1300
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: 8234

Windows 5.1.2600 Service Pack 2 (Safe Mode)
Internet Explorer 6.0.2900.2180

24.11.2011 20:16:29
mbam-log-2011-11-24 (20-16-29).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|G:\|H:\|X:\|)
Durchsuchte Objekte: 382323
Laufzeit: 29 Minute(n), 2 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 2
Infizierte Dateiobjekte der Registrierung: 2
Infizierte Verzeichnisse: 0
Infizierte Dateien: 25

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\CMHxHbrYhPJ.exe (Trojan.FakeAlert) -> Value: CMHxHbrYhPJ.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\Microsoft web update (Trojan.Agent.MSGen) -> Value: Microsoft web update -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page (Hijack.StartPage) -> Bad: (Search) Good: (Google) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\dokumente und einstellungen\all users\anwendungsdaten\cmhxhbryhpj.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\programme\mozilla firefox\removewga12.exe (PUP.RemoveWGA) -> Quarantined and deleted successfully.
h:\videoprogramme\sorenson squeeze compression suite 4.0.301.11\keygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
x:\programme\temp download\mirc612.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
x:\programme\temp download\tempdownload\setupclonecd.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.
x:\programme\temp download\tempdownload\XPKey.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
x:\programme\tools\brennprogramme\daemon tools\setupdtsb.exe (Adware.WhenU) -> Quarantined and deleted successfully.
x:\programme\tools\internet stuff\ICQ\lingoware\lingoware\Referals\ezula.exe (Adware.Ezula) -> Quarantined and deleted successfully.
x:\programme\tools\internet stuff\ICQ\lingoware\lingoware\Referals\Hotbar.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
x:\Spiele\backup von altem pc\alte c-disk\local disk (g)\program files\webhancer\Programs\REGWEBH.DLL (PUP.WebHancer) -> Quarantined and deleted successfully.
x:\Spiele\backup von altem pc\alte c-disk\local disk (g)\program files\webhancer\Programs\WBHSHARE.DLL (PUP.WebHancer) -> Quarantined and deleted successfully.
x:\Spiele\backup von altem pc\alte c-disk\local disk (g)\program files\webhancer\Programs\WHAGENT.EXE (PUP.WebHancer) -> Quarantined and deleted successfully.
x:\Spiele\backup von altem pc\alte c-disk\local disk (g)\program files\webhancer\Programs\whiedc.dll (PUP.WebHancer) -> Quarantined and deleted successfully.
x:\Spiele\backup von altem pc\alte c-disk\local disk (g)\program files\webhancer\Programs\WHIEHLPR.DLL (PUP.WebHancer) -> Quarantined and deleted successfully.
x:\Spiele\backup von altem pc\alte c-disk\local disk (g)\program files\webhancer\Programs\WHIESHM.DLL (PUP.WebHancer) -> Quarantined and deleted successfully.
x:\Spiele\backup von altem pc\alte c-disk\local disk (g)\unzipped\flashfxp 1.3.763\damn_flashfxp13770kmkr.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.
x:\Spiele\backup von altem pc\alte c-disk\local disk (g)\unzipped\flashfxp 1.3.763\damn_flashfxp13770ptch.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.
x:\Spiele\backup von altem pc\alte d-disk\ibmhd (h)\sicherung fuer formatierung\program files\webhancer\Programs\REGWEBH.DLL (PUP.WebHancer) -> Quarantined and deleted successfully.
x:\Spiele\backup von altem pc\alte d-disk\ibmhd (h)\sicherung fuer formatierung\program files\webhancer\Programs\WBHSHARE.DLL (PUP.WebHancer) -> Quarantined and deleted successfully.
x:\Spiele\backup von altem pc\alte d-disk\ibmhd (h)\sicherung fuer formatierung\program files\webhancer\Programs\WHAGENT.EXE (PUP.WebHancer) -> Quarantined and deleted successfully.
x:\Spiele\backup von altem pc\alte d-disk\ibmhd (h)\sicherung fuer formatierung\program files\webhancer\Programs\whiedc.dll (PUP.WebHancer) -> Quarantined and deleted successfully.
x:\Spiele\backup von altem pc\alte d-disk\ibmhd (h)\sicherung fuer formatierung\program files\webhancer\Programs\WHIEHLPR.DLL (PUP.WebHancer) -> Quarantined and deleted successfully.
x:\Spiele\backup von altem pc\alte d-disk\ibmhd (h)\sicherung fuer formatierung\program files\webhancer\Programs\WHIESHM.DLL (PUP.WebHancer) -> Quarantined and deleted successfully.
x:\Spiele\backup von altem pc\alte d-disk\ibmhd (h)\sicherung fuer formatierung\programme\Go!Zilla\advert.dll (Adware.Aureate) -> Quarantined and deleted successfully.
x:\Spiele\backup von altem pc\alte d-disk\ibmhd (h)\sicherung fuer formatierung\sicherung\Save\TMP\cdkeygen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.


Alt 24.11.2011, 20:21   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
WIN XP:Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\ - Standard

WIN XP:Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\



Zitat:
c:\programme\mozilla firefox\removewga12.exe (PUP.RemoveWGA) -> Quarantined and deleted successfully.
h:\videoprogramme\sorenson squeeze compression suite 4.0.301.11\keygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
x:\Spiele\backup von altem pc\alte d-disk\ibmhd (h)\sicherung fuer formatierung\sicherung\Save\TMP\cdkeygen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.


Cracks/Keygens sind zu 99,9% gefährliche Schädlinge, mit denen man nicht spaßen sollte. Ausserdem sind diese illegal und wir unterstützen die Verwendung von geklauter Software nicht. Somit beschränkt sich der Support auf Anleitung zur kompletten Neuinstallation!!

Dass illegale Cracks und Keygens im Wesentlichen dazu dienen, Malware zu verbreiten ist kein Geheimnis und muss jedem klar sein!
__________________
--> WIN XP:Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\

Alt 24.11.2011, 23:58   #7
glaser
 
WIN XP:Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\ - Standard

WIN XP:Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\



bitte meinen thread hier löschen. er hat so für niemanden mehr einen nutzen. (ich finde keinen "editieren" oder "löschen" button)

Alt 25.11.2011, 10:37   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
WIN XP:Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\ - Standard

WIN XP:Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\



Hier wird nichts gelöscht. Wenn werden nur persönliche Infos unkenntlich gemacht.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu WIN XP:Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\
abgesicherten, bios, bios menü, booten, dateien, deaktiviert, failed, failed to save all the components for the file \\system32, file, folge, forum, hallo zusammen, log, nicht mehr, nicht sicher, problem, scan, scannen, suche, system, system32, viren, virus, warnung, win, win xp, windows, windows - delayed write failed, windows 7, windows detected hard disk problem



Ähnliche Themen: WIN XP:Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\


  1. Failed to save all the components for the file \\System32\\
    Log-Analyse und Auswertung - 21.03.2012 (13)
  2. Windows 7 Failed to save all the components for the file \\System32\\0000xxxx
    Plagegeister aller Art und deren Bekämpfung - 18.03.2012 (3)
  3. Windows 7 Failed to save all the components for the file \\System32\\
    Plagegeister aller Art und deren Bekämpfung - 10.03.2012 (5)
  4. Failed to save all the components for the file \\System32 usw...
    Plagegeister aller Art und deren Bekämpfung - 15.02.2012 (15)
  5. Failed to save all the components for the file \\System32\\
    Log-Analyse und Auswertung - 12.02.2012 (1)
  6. Failed to save all the components for the file \\System32\\ [...]
    Log-Analyse und Auswertung - 01.02.2012 (6)
  7. windows 7 gecrasht - "Windows - Delayed Write Failed" "Failed to save all the components..."
    Plagegeister aller Art und deren Bekämpfung - 26.01.2012 (12)
  8. Failed to save all the components for the file \\System32\\
    Log-Analyse und Auswertung - 16.01.2012 (26)
  9. failed to save all the components for the file system32
    Plagegeister aller Art und deren Bekämpfung - 04.12.2011 (2)
  10. Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\0000428
    Log-Analyse und Auswertung - 15.11.2011 (35)
  11. Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\ - St
    Plagegeister aller Art und deren Bekämpfung - 13.11.2011 (16)
  12. Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\
    Plagegeister aller Art und deren Bekämpfung - 13.11.2011 (101)
  13. Windows 7 Failed to save all the components for the file System32\\00...
    Plagegeister aller Art und deren Bekämpfung - 13.11.2011 (3)
  14. Windows - Delayed Write Failed - Failed to save...
    Log-Analyse und Auswertung - 10.11.2011 (7)
  15. Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\
    Log-Analyse und Auswertung - 09.11.2011 (25)
  16. Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\
    Plagegeister aller Art und deren Bekämpfung - 07.11.2011 (10)
  17. Windows - Delayed Write Failed. Failed to save all the components for the file \\System32\\
    Log-Analyse und Auswertung - 07.11.2011 (12)

Zum Thema WIN XP:Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\ - hallo zusammen, ich habe etwa das gleiche problem wie in folgendem thread beschrieben: http://www.trojaner-board.de/104868-...-system32.html allerdings benutze ich win xp und nicht windows 7; und ich bin mir nicht sicher ob - WIN XP:Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\...
Archiv
Du betrachtest: WIN XP:Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\ auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.