Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
TR\Kazy.mekml.1 wieder

TR\Kazy.mekml.1 wieder


Plagegeister aller Art und deren Bekämpfung: TR\Kazy.mekml.1 wieder

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 18.04.2011, 23:51   #1
rindfleisch
 
TR\Kazy.mekml.1 wieder - Standard

TR\Kazy.mekml.1 wieder


nabnd die runde.

habe mich soeben hier registriert, da ich mir leider TR\Kazy.mekml.1 eingefangen habe. Hoffe somit, dass mir hier geholfen werden kann. wäre euch wirklich sehr verbunden.

symptome sind die üblichen: schwarzer Hintergrund, viele Dateien nich mehr vorhanden und Laptop langsamer geworden...

benutze übrigens windows-visa.

habe OTL heruntergeladen, installiert und zwei textdateien erhalten:

EXTRAS:
OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 19.04.2011 00:38:22 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Nabhani\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 59,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 102,88 Gb Total Space | 40,73 Gb Free Space | 39,59% Space Free | Partition Type: NTFS
Drive D: | 120,00 Gb Total Space | 88,50 Gb Free Space | 73,75% Space Free | Partition Type: NTFS
 
Computer Name: NABHANI-PC | User Name: Nabhani | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\T-Online\T-Online_Software_6\Browser\Browser.exe" "%1" (Deutsche Telekom AG, T-Com)
htmlfile [opennew] -- "C:\Program Files\T-Online\T-Online_Software_6\Browser\Browser.exe" "%1" (Deutsche Telekom AG, T-Com)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software)
https [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{182EE28E-61EF-4010-A66D-E0267ECE28E8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{CD73BF9E-60FF-46AE-8181-D108E35C7DCC}" = lport=2869 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00A6AD64-487B-4BE7-AA7E-6AD109864204}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe | 
"{0668C449-9CB3-4A03-B57B-235749987478}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe | 
"{07CA5331-C8CA-4E2E-9525-A8BE08C66DCC}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe | 
"{10541A0A-B3CE-4836-B03D-77AEEF80EBB6}" = protocol=6 | dir=in | app=c:\program files\gamespy arcade\aphex.exe | 
"{114B0C88-4CD9-489F-84B1-34E4EAA9494B}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe | 
"{137FBEC5-36CF-4BE9-893D-4AA5DA370796}" = protocol=17 | dir=in | app=c:\program files\raptr\raptr_im.exe | 
"{1CE38204-D16B-4ECE-82E3-D3A5EC22A999}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe | 
"{24E0EFD9-7242-4B4D-8778-FBB4EB1AD1D7}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe | 
"{363FD5FE-625A-48E2-9C24-9A2958B5E415}" = dir=in | app=c:\program files\cyberlink\powerdvd\powerdvd.exe | 
"{4E04A548-1453-4975-8361-6808FE2E32B7}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe | 
"{52AF1EFB-D699-4AC9-859F-71A5E85E9A17}" = protocol=17 | dir=in | app=c:\program files\raptr\raptr.exe | 
"{5317E870-45CE-4B4C-BE85-FD72952AD473}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe | 
"{59D1EEF3-5B79-4053-BE7E-05D60D0E5553}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | 
"{5DF4032B-EDF5-41F1-81C3-B3D0A2894C35}" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe | 
"{7F5FFCE5-2540-4259-A9FF-5F8A6F08852C}" = protocol=6 | dir=in | app=c:\program files\raptr\raptr.exe | 
"{9C606C48-D91A-469E-8BC9-64D51FC8A3DA}" = protocol=6 | dir=in | app=c:\program files\raptr\raptr_im.exe | 
"{9F9DCF56-5AB3-4A50-8F2A-87A588310CF9}" = protocol=17 | dir=in | app=c:\program files\gamespy arcade\aphex.exe | 
"{A314A43C-2607-4AC5-AF79-D2A6BCA28CC1}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe | 
"{B337D521-B51A-49EA-98C7-9858E577CB76}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | 
"{BF2A2B21-97B6-4580-9961-90374A82BC45}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{C72698AB-5314-4744-ADF0-8F3DCA6F25BB}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe | 
"{E2C3EC65-0BC7-4A2C-B0FE-3445DB4F611D}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe | 
"{E734D7CB-1E53-42F9-950E-A0AB3BFDFAAF}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe | 
"{E9FE4AF2-E3DA-45A0-A6F9-56022ACA49E6}" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe | 
"{F5B9CCAB-EAA1-468F-94A3-51B7E901E126}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe | 
"{F73EF69F-978F-4BB1-9C41-B449AB7EF792}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | 
"{F99C6B20-ADF6-44C9-9686-4C96D8E2F8C8}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe | 
"TCP Query User{16220A7E-BEA0-480E-BC75-B8067368F857}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{26186919-11B2-46A8-A85F-BE6063C40FCB}C:\users\nabhani\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=6 | dir=in | app=c:\users\nabhani\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe | 
"TCP Query User{304F2F86-3B7C-40FD-953B-0A57E7F23630}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"TCP Query User{527F6113-C6F0-4005-B5BF-B50CECB22BCE}C:\program files\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | 
"TCP Query User{9B99A96A-B840-4A8A-A947-1C504231B145}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe | 
"TCP Query User{A0B020E7-39E1-498B-9489-19E866ED83C6}C:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.icd" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.icd | 
"TCP Query User{B69F187E-AA94-48E6-AB9F-3156AE1A2D78}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"TCP Query User{B84DB42F-2E16-45E5-8062-3DDC6815D2DB}C:\program files\d-link\ap manager for dwl-2100ap\apmgr7xxx.exe" = protocol=6 | dir=in | app=c:\program files\d-link\ap manager for dwl-2100ap\apmgr7xxx.exe | 
"TCP Query User{D5CB2775-1B4C-4CDF-8602-FDEA8CDF091A}C:\program files\zattoo\zattood.exe" = protocol=6 | dir=in | app=c:\program files\zattoo\zattood.exe | 
"TCP Query User{F52253E5-0765-4586-89B0-521B74CB3211}C:\program files\zattoo\zattoo.exe" = protocol=6 | dir=in | app=c:\program files\zattoo\zattoo.exe | 
"UDP Query User{0AD4DE33-189B-498E-B91F-6A1BB7998037}C:\program files\zattoo\zattoo.exe" = protocol=17 | dir=in | app=c:\program files\zattoo\zattoo.exe | 
"UDP Query User{0D99213D-7615-4C92-ACB8-6C1E12EACADF}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{11F8C5F9-2791-4BFB-A378-12D88B4218AF}C:\program files\zattoo\zattood.exe" = protocol=17 | dir=in | app=c:\program files\zattoo\zattood.exe | 
"UDP Query User{346ABFAB-C58D-422F-988F-9BCC63AEE2B9}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe | 
"UDP Query User{504D8F88-DDB2-4FE1-A13F-F4B6E8EF3EC7}C:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.icd" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.icd | 
"UDP Query User{60D28243-5121-43B5-89CC-3DC960DA2394}C:\users\nabhani\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=17 | dir=in | app=c:\users\nabhani\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe | 
"UDP Query User{6EDA1AE5-11EB-469F-92B6-09E8CC4AA3EC}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"UDP Query User{8AE96C01-8BD8-469B-879A-B52CFA16D646}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"UDP Query User{9FC00CD0-B55B-408B-973D-F5F923C1799E}C:\program files\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | 
"UDP Query User{F0A94C58-DFD7-4E71-8E21-ABCE865301CF}C:\program files\d-link\ap manager for dwl-2100ap\apmgr7xxx.exe" = protocol=17 | dir=in | app=c:\program files\d-link\ap manager for dwl-2100ap\apmgr7xxx.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{36C95AD3-D330-4BAA-884A-9F3EFD15A5EA}" = Corel Home Office 5.0.36
"_{54DB13F1-0CE0-4BAB-BD5F-7DE150C043C8}" = WordPerfect Office X3
"{00010407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Professional
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00AF10C1-44BD-4862-9D7F-24E6BA3E87FD}" = imagine digital freedom - Samsung
"{018FE763-ECD9-577B-05D5-3A67364FBAAA}" = Catalyst Control Center Localization Hungarian
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.5000
"{04983D37-2202-4295-94A2-8B547C66133F}" = Atheros WLAN Client
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0749E1E5-BD6B-474C-BD21-48891526113E}" = MAGIX Music Maker 17 Download-Version
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{080FE95E-5A89-4A54-BAAA-D769971B7C2D}" = Corel Home Office 5.0.36
"{1252B4EB-51F1-F349-6D79-954D877FB865}" = Catalyst Control Center Localization Swedish
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution II
"{14F91018-2A76-725D-056C-ECFF03F40F54}" = CCC Help Swedish
"{15AC0C5D-A6FB-4CE2-8CD0-28179EEB5625}" = Nokia Connectivity Cable Driver
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{1A655D51-1423-48A3-B748-8F5A0BE294C8}" = Microsoft Visual J# .NET Redistributable Package 1.1
"{1F7A2A3A-B874-1E81-D291-A5ACB452F23F}" = CCC Help Italian
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2433BAD7-453F-473D-BE81-455E68940DEB}" = Catalyst Control Center - Branding
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{28A78C92-AC8C-DA80-6100-99A3AC4C3911}" = CCC Help Turkish
"{295C31E5-3F91-498E-9623-DA24D2FA2B6A}" = T-Online WLAN-Access Finder
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{300DFCBA-348B-4FD6-AE50-1D3CDFEE6314}" = MAGIX Speed burnR (MSI)
"{303A3978-8F11-DAAB-6F72-3D399477CC31}" = Catalyst Control Center Localization Chinese Standard
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}" = Samsung Magic Doctor
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{36BEAD11-8577-49AD-9250-E06A50AE87B0}" = Microsoft SOAP Toolkit 2.0 SP2
"{36C95AD3-D330-4BAA-884A-9F3EFD15A5EA}" = Corel Home Office
"{38B10B3D-CDBE-4560-BA5A-A6C33D1B6802}" = Sequencher 4.10.1 Demo
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 5.0
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{4890127D-D62F-C496-9EFF-89FC910ABFE5}" = Catalyst Control Center Localization Polish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C82121C-EB17-CEB0-996B-4D73FA0FAB47}" = Catalyst Control Center Graphics Light
"{4cb9f93c-9edc-4be9-ae61-af128ddbecfa}" = Business Contact Manager für Outlook 2007 SP2
"{4EA8EA5D-8E46-4698-9BF7-2F2AD8E1C185}" = Easy Network Manager 3.0
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{51FB15F4-AD27-43BC-AD4B-DD0354FB6BBD}" = Cisco Systems VPN Client 5.0.04.0300
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5466620C-3B00-0BEE-D626-1FBE29A16AC4}" = Catalyst Control Center Localization Russian
"{54DB13F1-0CE0-4BAB-BD5F-7DE150C043C8}" = WordPerfect Office X3
"{5508C9EB-5336-87F4-C2DB-53F2B3A482E7}" = Catalyst Control Center Graphics Previews Vista
"{5611C71F-AFC6-EBA3-E3E1-9FCCEC9647EE}" = ccc-core-static
"{58FB2F9A-5F2D-40E8-82DF-4987E60AD8BD}" = Nokia PC Suite
"{5D7D1784-84A9-0EDB-62A6-D479F7F75DF6}" = CCC Help Chinese Traditional
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{62172AFD-E7F0-CAC1-1334-CB0159566F6C}" = Catalyst Control Center Localization Greek
"{65A0F799-1E9A-093B-BB8B-986203DAD390}" = Catalyst Control Center Core Implementation
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{67B41BEF-F407-D81D-762F-CC44CC6FEB7A}" = Catalyst Control Center Localization Italian
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{685707A4-911C-468D-BFC4-64A50E5E3A0C}" = Samsung Update Plus
"{6DFBD0A2-C692-44F5-1C96-773ED9B16002}" = Catalyst Control Center Graphics Full Existing
"{6F730513-8688-4C3C-90A3-6B9792CE2EF3}" = Easy Battery Manager
"{71A51B09-E7D3-11DB-A386-005056C00008}" = Vimicro UVC Camera
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{768361B2-F78F-FFAA-5B1F-EFDB41C70D95}" = CCC Help French
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A98B8DF-687E-8F7F-9A4A-ED1D9B306EAF}" = CCC Help Russian
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7B63B2922B174135AFC0E1377DD81EC2}" = 
"{804F1285-8CBF-408D-8CDC-D4D40003B2E4}" = PlayCamera
"{818F922E-DE7A-6FC1-D85C-C44495070174}" = Catalyst Control Center Localization Dutch
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{87CC8013-56D1-43E1-A0A5-AD406B4EBA95}" = Opera 10.63
"{8DB12734-9543-FBB3-E94D-3BE397ED8078}" = Catalyst Control Center Localization Japanese
"{9001B8A7-B591-7559-2264-B4A0F480D1A8}" = CCC Help Polish
"{905DF41F-D74C-6DF4-9453-D29CDE46A4A4}" = CCC Help Finnish
"{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{92041735-0623-CD56-9BCB-6CD4385232B0}" = CCC Help Thai
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{955597D8-E5E1-474D-B647-60AC44566D24}" = Play AVStation
"{96A1E845-A730-4488-99A2-054C5BFAB9D1}" = CCC Help Greek
"{97EE277B-C0D9-6394-9A01-7681086EED5C}" = Catalyst Control Center Localization Portuguese
"{99E862CC-6F69-4D39-99AA-DBF71BF3B585}" = OpenOffice.org 3.1
"{99F9ACB2-BCD2-B5A7-7738-24FB0B7B7763}" = ccc-utility
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9DCC214C-CD1A-1115-6775-A9056185FE4E}" = ATI Catalyst Install Manager
"{9F06F30E-5138-2315-EC57-D4A23D572649}" = CCC Help Portuguese
"{A3D22413-28D3-636E-1CE9-BC55C46364C3}" = Catalyst Control Center Graphics Full New
"{A53EA764-AB97-445E-002B-A32165BB0B3B}" = CCC Help Dutch
"{A586A89F-2BC4-CEB3-3C52-D1F4B57F572F}" = Catalyst Control Center Localization Turkish
"{A5EF9152-55CC-DF0E-AEDA-98D20EC3293E}" = CCC Help Japanese
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{A952B4E1-913A-1492-A551-43EAE1D44E1D}" = Catalyst Control Center Localization Chinese Traditional
"{AC76BA86-7AD7-1031-7B44-A82000000003}" = Adobe Reader 8.2.5 - Deutsch
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B0524CD7-2B3F-50C1-B3AD-87457B7FF852}" = Catalyst Control Center Localization Spanish
"{B1275E23-717A-4D52-997A-1AD1E24BC7F3}" = T-Online 6.0
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B395BC1D-CC06-425E-9049-4CD985EFF004}" = LightScribe  1.8.15.1
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{C359699C-2D0A-5F08-9C44-4C1A508C4990}" = CCC Help Hungarian
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint 2.0
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDA83283-8D9F-321F-5C76-AF68D3039B87}" = Catalyst Control Center Localization Czech
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1C099EA-C28C-6593-8CE1-38F63EBD22F4}" = CCC Help Korean
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D848D140-41C3-4A53-86D8-E866A100B4CD}" = PC Connectivity Solution
"{D885CD8B-343B-271D-85EB-DFE5BE962C0D}" = Catalyst Control Center Localization Norwegian
"{DDDA0B2B-674E-A49F-6E31-184F00BDDC85}" = CCC Help Czech
"{DEDB47A3-C988-4A43-A645-E2CEA571E680}" = Epson Easy Photo Print 2
"{E04D1AC1-B3AF-4C1A-B7E0-B37A058271CE}" = MAGIX Screenshare
"{E2430405-1983-852E-B297-4FF9207E6C16}" = CCC Help German
"{E596EC1C-4C61-2457-21B3-EDDA326E8157}" = CCC Help English
"{E64D1146-55AE-61E3-7C43-0DA16C0E4416}" = CCC Help Spanish
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{ED924786-EFE7-392D-F37C-64F4B6E19C2F}" = CCC Help Danish
"{EE174D9D-EF64-9FC7-C900-57C64F02E80D}" = Catalyst Control Center Localization Danish
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{EFF43C31-5F5A-574E-563C-68190FA13F0C}" = CCC Help Chinese Standard
"{F023B88F-DD32-8C85-F372-5319180597A5}" = Catalyst Control Center Localization Thai
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2912763-486E-B5D1-D0C6-BD1AE24D0C20}" = Catalyst Control Center Localization Korean
"{F2D65205-A1D0-5B53-4399-8AA39F738D9D}" = CCC Help Norwegian
"{F46E21DF-5BE1-48E2-8390-5EEA8B25E36A}" = Microsoft SQL Server Native Client
"{F4ECB8B5-737F-6910-C26F-7DA94A2C0710}" = Catalyst Control Center Localization Finnish
"{F59778FB-4F31-0ADE-84C3-D7D77676A1A5}" = Catalyst Control Center Localization French
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FAAE0782-8073-112D-BC19-12C64A2D90D9}" = Skins
"{FAC15A44-64C7-1908-CC36-83BC9A308EA9}" = Catalyst Control Center Localization German
"{FD53302C-8E7B-4730-8AD8-86A889BDBFAB}" = AVStation Now
"{FDE96E86-7780-431C-92F7-679C6A7CEC51}" = Microsoft SQL Server VSS Writer
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"5986551A16FD8E9B1B4C89E7AAD17C1BB3196D28" = Windows-Treiberpaket - Nokia Modem  (10/27/2008 7.01.0.1)
"6D296974BAB6CA8429D5E687B292A6DA3E9FBD4A" = Windows-Treiberpaket - Nokia Modem  (10/27/2008 3.9)
"7-Zip" = 7-Zip 4.65
"AC3Filter" = AC3Filter (remove only)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"AmazingMIDI" = AmazingMIDI
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.12 (Unicode)
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BitTorrent" = BitTorrent
"BittorrentBar_DE Toolbar" = BittorrentBar_DE Toolbar
"Business Contact Manager" = Business Contact Manager für Outlook 2007 SP2
"CANONIJINBOXADDON100" = Canon Inkjet Printer Driver Add-On Module
"CCleaner" = CCleaner
"conduitEngine" = Conduit Engine
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"EPSON Scanner" = EPSON Scan
"EPSON Stylus SX100_TX100 Benutzerhandbuch" = EPSON Stylus SX100_TX100 Handbuch
"EPSON SX100 Series" = Druckerdeinstallation für EPSON SX100 Series
"FLV Desktop Player" = FLV Desktop Player
"foldit" = foldit
"FormatFactory" = FormatFactory 2.30
"Google Chrome" = Google Chrome
"Guitar Pro 5_is1" = Guitar Pro 5.2
"Handbook of Stem Cells" = Handbook of Stem Cells
"ICQToolbar" = ICQ Toolbar
"InstallShield_{4EA8EA5D-8E46-4698-9BF7-2F2AD8E1C185}" = Easy Network Manager 3.0
"InstallShield_{685707A4-911C-468D-BFC4-64A50E5E3A0C}" = Samsung Update Plus
"InstallShield_{955597D8-E5E1-474D-B647-60AC44566D24}" = Play AVStation
"InstallShield_{FD53302C-8E7B-4730-8AD8-86A889BDBFAB}" = AVStation Now
"IrfanView" = IrfanView (remove only)
"MAGIX_MSI_mm17" = MAGIX Music Maker 17 Download-Version
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mobile Media Converter_is1" = MIKSOFT Mobile Media Converter
"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)
"Nokia PC Suite" = Nokia PC Suite
"pSluK1RaeX" = Primawega Contextual Ad Plugin
"R for Windows 2.8.1_is1" = R for Windows 2.8.1
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TuxGuitar_0" = TuxGuitar 1.2
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Zattoo" = Zattoo 3.3.4 Beta
"Zattoo4" = Zattoo4 4.0.5
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Octoshape Streaming Services" = Octoshape Streaming Services
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 02.07.2010 04:15:33 | Computer Name = Nabhani-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 02.07.2010 04:15:33 | Computer Name = Nabhani-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 02.07.2010 04:15:34 | Computer Name = Nabhani-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 02.07.2010 04:15:34 | Computer Name = Nabhani-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 02.07.2010 04:15:37 | Computer Name = Nabhani-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 02.07.2010 04:15:37 | Computer Name = Nabhani-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 02.07.2010 04:15:37 | Computer Name = Nabhani-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 02.07.2010 04:15:37 | Computer Name = Nabhani-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 02.07.2010 04:15:38 | Computer Name = Nabhani-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 02.07.2010 04:15:38 | Computer Name = Nabhani-PC | Source = Windows Search Service | ID = 3013
Description = 
 
[ System Events ]
Error - 14.11.2009 04:21:29 | Computer Name = Nabhani-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = 
 
Error - 14.11.2009 09:10:46 | Computer Name = Nabhani-PC | Source = HTTP | ID = 15016
Description = 
 
Error - 14.11.2009 09:12:13 | Computer Name = Nabhani-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 14.11.2009 09:12:24 | Computer Name = Nabhani-PC | Source = Dhcp | ID = 1001
Description = Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server
 für die Netzwerkkarte mit der Netzwerkadresse 001B9EE4BB3F zugeteilt werden. Der
 folgende Fehler ist aufgetreten:   %%121. Es wird weiterhin im Hintergrund versucht,
 eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
 
Error - 14.11.2009 16:36:05 | Computer Name = Nabhani-PC | Source = HTTP | ID = 15016
Description = 
 
Error - 14.11.2009 16:37:38 | Computer Name = Nabhani-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 14.11.2009 20:29:40 | Computer Name = Nabhani-PC | Source = HTTP | ID = 15016
Description = 
 
Error - 14.11.2009 20:31:16 | Computer Name = Nabhani-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 14.11.2009 22:01:56 | Computer Name = Nabhani-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = 
 
Error - 15.11.2009 06:23:01 | Computer Name = Nabhani-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 15.11.2009 um 03:58:43 unerwartet heruntergefahren.
 
 
< End of report >
--- --- ---


OTL:
OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 19.04.2011 00:38:22 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\**\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 59,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 102,88 Gb Total Space | 40,73 Gb Free Space | 39,59% Space Free | Partition Type: NTFS
Drive D: | 120,00 Gb Total Space | 88,50 Gb Free Space | 73,75% Space Free | Partition Type: NTFS
 
Computer Name: ** | User Name: ** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\**\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\ProgramData\42983176.exe ()
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
PRC - C:\Programme\Adobe\Reader 8.0\Reader\AcroRd32.exe (Adobe Systems Incorporated)
PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
PRC - C:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe ()
PRC - C:\Programme\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
PRC - C:\Programme\PC Connectivity Solution\Transports\NclRSSrv.exe ()
PRC - C:\Programme\T-Online\WLAN-Access Finder\ToWLaAcF.exe (Deutsche Telekom AG, Marmiko IT-Solutions GmbH)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
PRC - C:\Programme\Samsung\EBM\EasyBatteryMgr3.exe (SAMSUNG Electronics co., LTD.)
PRC - C:\Programme\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Programme\Common Files\Marmiko Shared\MWLaMaS.exe (Deutsche Telekom AG, Marmiko IT-Solutions GmbH)
PRC - C:\Programme\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\Samsung\Easy Display Manager\dmhkcore.exe (SAMSUNG Electronics)
PRC - C:\Windows\System32\PSIService.exe ()
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\**\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (Fabs) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (CVPND) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (BcmSqlStartupSvc) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
SRV - (Samsung Update Plus) -- C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe ()
SRV - (ProtexisLicensing) -- C:\Windows\System32\PSIService.exe ()
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (CVPNDRVA) -- C:\Windows\System32\drivers\CVPNDRVA.sys (Cisco Systems, Inc.)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (KMDFMEMIO) -- C:\Windows\System32\drivers\KMDFMEMIO.sys (SAMSUNG ELECTRONICS CO., LTD.)
DRV - (DNE) -- C:\Windows\System32\drivers\dne2000.sys (Deterministic Networks, Inc.)
DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (VMC302) -- C:\Windows\System32\drivers\vmc302.sys (Vimicro Corporation)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (sscdmdm) -- C:\Windows\System32\drivers\sscdmdm.sys (MCCI Corporation)
DRV - (sscdmdfl) -- C:\Windows\System32\drivers\sscdmdfl.sys (MCCI Corporation)
DRV - (sscdbus) SAMSUNG USB Composite Device driver (WDM) -- C:\Windows\System32\drivers\sscdbus.sys (MCCI Corporation)
DRV - (AtiPcie) ATI PCI Express (3GIO) -- C:\Windows\system32\DRIVERS\AtiPcie.sys (ATI Technologies Inc.)
DRV - (CVirtA) -- C:\Windows\System32\drivers\CVirtA.sys (Cisco Systems, Inc.)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (NETw2v32) Intel(R) -- C:\Windows\System32\drivers\NETw2v32.sys (Intel® Corporation)
DRV - (RTL8023xp) -- C:\Windows\System32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation                           )
DRV - (MTOnlPktAlyX) -- C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\MTOnlPktAlyx.sys (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
DRV - (k750bus) Sony Ericsson 750 driver (WDM) -- C:\Windows\System32\drivers\k750bus.sys (MCCI)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
IE - HKLM\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - C:\Programme\BittorrentBar_DE\tbBitt.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - C:\Programme\BittorrentBar_DE\tbBitt.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://start.icq.com/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q="
FF - prefs.js..network.proxy.backup.ftp: "hxxp://www.uni-duesseldorf.de/WWW/Proxy/"
FF - prefs.js..network.proxy.backup.ftp_port: 8080
FF - prefs.js..network.proxy.backup.gopher: "hxxp://www.uni-duesseldorf.de/WWW/Proxy/"
FF - prefs.js..network.proxy.backup.gopher_port: 8080
FF - prefs.js..network.proxy.backup.socks: "hxxp://www.uni-duesseldorf.de/WWW/Proxy/"
FF - prefs.js..network.proxy.backup.socks_port: 8080
FF - prefs.js..network.proxy.backup.ssl: "hxxp://www.uni-duesseldorf.de/WWW/Proxy/"
FF - prefs.js..network.proxy.backup.ssl_port: 8080
FF - prefs.js..network.proxy.ftp: "hxxp://www.uni-duesseldorf.de/WWW/Proxy/"
FF - prefs.js..network.proxy.ftp_port: 8080
FF - prefs.js..network.proxy.gopher: "hxxp://www.uni-duesseldorf.de/WWW/Proxy/"
FF - prefs.js..network.proxy.gopher_port: 8080
FF - prefs.js..network.proxy.http: "hxxp://www.uni-duesseldorf.de/WWW/Proxy/"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.no_proxies_on: "hxxp://www.uni-duesseldorf.de/"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "hxxp://www.uni-duesseldorf.de/WWW/Proxy/"
FF - prefs.js..network.proxy.socks_port: 8080
FF - prefs.js..network.proxy.ssl: "hxxp://www.uni-duesseldorf.de/WWW/Proxy/"
FF - prefs.js..network.proxy.ssl_port: 8080
 
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009.05.10 16:36:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.26 17:18:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.26 17:18:31 | 000,000,000 | ---D | M]
 
[2010.05.03 18:37:37 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\**\AppData\Roaming\mozilla\Extensions
[2009.08.19 10:35:30 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\**\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2011.04.18 20:47:40 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\**\AppData\Roaming\mozilla\Firefox\Profiles\jgx7h8l1.default\extensions
[2010.10.29 22:24:30 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Nabhani\AppData\Roaming\mozilla\Firefox\Profiles\jgx7h8l1.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.04.05 20:06:40 | 000,000,000 | -H-D | M] ("ICQ Toolbar") -- C:\Users\**\AppData\Roaming\mozilla\Firefox\Profiles\jgx7h8l1.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.04.13 18:48:24 | 000,001,056 | -H-- | M] () -- C:\Users\**\AppData\Roaming\Mozilla\Firefox\Profiles\jgx7h8l1.default\searchplugins\icqplugin.xml
[2011.04.05 20:06:53 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.05.09 11:11:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.08 13:09:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.10.15 20:40:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010.05.09 11:11:06 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.08 13:09:44 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.10.15 20:40:30 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010.08.08 13:08:59 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.04.01 18:54:38 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.04.01 18:54:38 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.04.01 18:54:38 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.04.01 18:54:38 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.04.01 18:54:38 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (BittorrentBar_DE Toolbar) - {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - C:\Programme\BittorrentBar_DE\tbBitt.dll (Conduit Ltd.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} -  File not found
O3 - HKLM\..\Toolbar: (BittorrentBar_DE Toolbar) - {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - C:\Programme\BittorrentBar_DE\tbBitt.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (BittorrentBar_DE Toolbar) - {64EAD72B-FFD4-4E01-AA3A-4C71665D73E4} - C:\Programme\BittorrentBar_DE\tbBitt.dll (Conduit Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [NPSStartup]  File not found
O4 - HKLM..\Run: [QuickFinder Scheduler] C:\Program Files\WordPerfect Office X3\Programs\QFSCHD130.EXE (Corel Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [EPSON SX100 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIEDE.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [Iqogejabiveb] C:\Users\**\AppData\Local\sDazc9.dll (Acronis)
O4 - HKCU..\Run: [Octoshape Streaming Services] C:\Users\Nabhani\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (Octoshape ApS)
O4 - HKCU..\Run: [Oxujixezibecer] C:\Users\Nabhani\AppData\Local\igetehobekey.dll (Adaptec, Inc.)
O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKCU..\Run: [PFmPbJoHGuT] C:\ProgramData\PFmPbJoHGuT.exe (BitSprx)
O4 - HKCU..\Run: [T-Online_Software_6\WLAN-Access Finder] C:\Program Files\T-Online\WLAN-Access Finder\ToWLaAcF.exe (Deutsche Telekom AG, Marmiko IT-Solutions GmbH)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoHotStart = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O8 - Extra context menu item: Öffnen mit WordPerfect - C:\Programme\WordPerfect Office X3\Programs\WPLauncher.hta ()
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Programme\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Programme\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{7220d335-5b35-11df-aa4d-a9ad95032af5}\Shell - "" = AutoRun
O33 - MountPoints2\{7220d335-5b35-11df-aa4d-a9ad95032af5}\Shell\AutoRun\command - "" = F:\NPSAI.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.04.19 00:37:14 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Nabhani\Desktop\OTL.exe
[2011.04.18 23:49:58 | 000,000,000 | -H-D | C] -- C:\Users\**\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Recovery
[2011.04.18 23:45:57 | 000,000,000 | -H-D | C] -- C:\Users\**\AppData\Local\{14306FDD-1997-4894-956D-D62B0A7F0B46}
[2011.04.18 23:44:13 | 000,569,344 | -H-- | C] (BitSprx) -- C:\ProgramData\PFmPbJoHGuT.exe
[2011.04.17 16:37:56 | 000,000,000 | -H-D | C] -- C:\Users\**\Desktop\niggy2
[2011.04.17 16:13:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MIKSOFT
[2011.04.17 16:13:08 | 000,000,000 | ---D | C] -- C:\Programme\MIKSOFT
[2011.04.17 14:36:09 | 000,000,000 | -H-D | C] -- C:\Users\**\Desktop\niggy
[2011.04.14 00:26:00 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011.04.14 00:26:00 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011.04.14 00:25:52 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011.04.14 00:25:52 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011.04.14 00:25:52 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.04.14 00:25:52 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.04.14 00:25:52 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.04.14 00:25:52 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.04.14 00:25:52 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.04.14 00:25:52 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011.04.14 00:25:52 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011.04.14 00:25:51 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.04.14 00:25:51 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011.04.14 00:25:51 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011.04.14 00:25:51 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011.04.14 00:25:51 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011.04.14 00:25:51 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011.04.14 00:25:51 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.04.14 00:25:51 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011.04.14 00:25:45 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011.04.14 00:25:44 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011.04.14 00:25:39 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011.04.14 00:25:36 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011.04.14 00:25:30 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011.04.14 00:25:29 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011.04.11 22:28:15 | 000,000,000 | -H-D | C] -- C:\Users\**\Desktop\ggbgg
[2011.04.11 22:15:21 | 000,000,000 | -H-D | C] -- C:\Users\**\Desktop\Neuer Ordner
[2011.04.05 20:07:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.4
[2011.04.05 20:05:39 | 000,000,000 | -H-D | C] -- C:\Programme\ICQ7.4
[2008.12.25 14:23:25 | 000,282,624 | -H-- | C] (Adaptec, Inc.) -- C:\Users\Nabhani\AppData\Local\igetehobekey.dll
[2008.12.25 14:23:25 | 000,093,184 | -H-- | C] (Acronis) -- C:\Users\Nabhani\AppData\Local\sDazc9.dll
[2006.11.24 07:14:44 | 000,139,264 | ---- | C] ( ) -- C:\Windows\System32\MACSSDK_wiz.dll
[2006.11.24 07:14:44 | 000,126,976 | ---- | C] ( ) -- C:\Windows\System32\MACSSDK.dll
[33 C:\Users\Nabhani\Desktop\*.tmp files -> C:\Users\Nabhani\Desktop\*.tmp -> ]
[1 C:\Users\Nabhani\*.tmp files -> C:\Users\Nabhani\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.04.19 00:40:40 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{B4016E64-E903-4B4E-9F7D-47B4F6A0A743}.job
[2011.04.19 00:37:15 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\**\Desktop\OTL.exe
[2011.04.19 00:19:04 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.04.19 00:13:25 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.04.19 00:13:25 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.04.19 00:13:07 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.04.19 00:12:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.04.19 00:12:46 | 3219,308,544 | -HS- | M] () -- C:\hiberfil.sys
[2011.04.19 00:09:44 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.04.19 00:07:57 | 000,487,424 | ---- | M] () -- C:\ProgramData\42983176.exe
[2011.04.19 00:01:08 | 000,000,000 | -H-- | M] () -- C:\Users\**\AppData\Local\Bqopetiyogovit.bin
[2011.04.18 23:52:42 | 000,000,392 | -H-- | M] () -- C:\ProgramData\42983176
[2011.04.18 23:50:23 | 000,000,583 | -H-- | M] () -- C:\Users\**\Desktop\Windows Recovery.lnk
[2011.04.18 23:50:03 | 000,000,184 | -H-- | M] () -- C:\ProgramData\~42983176
[2011.04.18 23:50:00 | 000,000,152 | -H-- | M] () -- C:\ProgramData\~42983176r
[2011.04.18 23:45:59 | 000,000,120 | -H-- | M] () -- C:\Users\Nabhani\AppData\Local\Hyipog.dat
[2011.04.18 23:44:13 | 000,569,344 | -H-- | M] (BitSprx) -- C:\ProgramData\PFmPbJoHGuT.exe
[2011.04.17 17:35:16 | 029,458,476 | -H-- | M] () -- C:\Users\**\Desktop\ygg3.wav
[2011.04.17 16:39:54 | 007,645,227 | -H-- | M] () -- C:\Users\**\Desktop\niggy.zip
[2011.04.17 16:13:06 | 000,651,940 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.04.17 16:13:05 | 000,696,626 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.04.17 16:13:05 | 000,155,102 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.04.17 16:13:05 | 000,126,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.04.17 14:30:54 | 000,000,900 | -HS- | M] () -- C:\Windows\System32\KGyGaAvL.sys
[2011.04.17 01:25:35 | 000,012,800 | -H-- | M] () -- C:\Users\Nabhani\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.04.15 23:23:59 | 237,000,886 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.04.15 19:42:51 | 052,494,380 | -H-- | M] () -- C:\Users\**\Desktop\takeitall9 ygg2.wav
[2011.04.15 16:58:31 | 000,483,304 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.04.11 22:19:20 | 000,115,677 | -H-- | M] () -- C:\Users\**\Desktop\DSCF0166.JPG
[2011.04.08 22:46:22 | 000,125,713 | -H-- | M] () -- C:\Users\**\Desktop\asasas.jpg
[2011.04.08 22:44:52 | 004,977,430 | -H-- | M] () -- C:\Users\**\Desktop\DSCF0197.JPG
[2011.04.06 19:46:15 | 000,000,567 | -H-- | M] () -- C:\Users\**\Desktop\Trainingsplan.lnk
[2011.04.03 23:09:49 | 000,110,865 | -H-- | M] () -- C:\Users\**\Desktop\goldring.jpg
[2011.04.03 11:22:17 | 000,015,044 | -H-- | M] () -- C:\Users\**\Desktop\flaw.mid
[2011.04.03 11:20:46 | 000,004,589 | -H-- | M] () -- C:\Users\**\Desktop\flaw.tg
[2011.03.25 01:20:31 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[33 C:\Users\Nabhani\Desktop\*.tmp files -> C:\Users\Nabhani\Desktop\*.tmp -> ]
[1 C:\Users\Nabhani\*.tmp files -> C:\Users\Nabhani\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.04.19 00:07:56 | 000,487,424 | ---- | C] () -- C:\ProgramData\42983176.exe
[2011.04.18 23:50:23 | 000,000,583 | -H-- | C] () -- C:\Users\Nabhani\Desktop\Windows Recovery.lnk
[2011.04.18 23:50:00 | 000,000,184 | -H-- | C] () -- C:\ProgramData\~42983176
[2011.04.18 23:50:00 | 000,000,152 | -H-- | C] () -- C:\ProgramData\~42983176r
[2011.04.18 23:49:32 | 000,000,392 | -H-- | C] () -- C:\ProgramData\42983176
[2011.04.18 23:45:59 | 000,000,120 | -H-- | C] () -- C:\Users\**\AppData\Local\Hyipog.dat
[2011.04.18 23:45:59 | 000,000,000 | -H-- | C] () -- C:\Users\**\AppData\Local\Bqopetiyogovit.bin
[2011.04.17 17:35:10 | 029,458,476 | -H-- | C] () -- C:\Users\**\Desktop\ygg3.wav
[2011.04.17 16:39:51 | 007,645,227 | -H-- | C] () -- C:\Users\**\Desktop\niggy.zip
[2011.04.15 19:42:40 | 052,494,380 | -H-- | C] () -- C:\Users\**\Desktop\takeitall9 ygg2.wav
[2011.04.11 22:16:30 | 000,115,677 | -H-- | C] () -- C:\Users\**\Desktop\DSCF0166.JPG
[2011.04.11 22:16:24 | 005,026,355 | -H-- | C] () -- C:\Users\**\Desktop\DSCF0172.JPG
[2011.04.08 22:46:21 | 000,125,713 | -H-- | C] () -- C:\Users\**\Desktop\asasas.jpg
[2011.04.08 22:45:17 | 004,977,430 | -H-- | C] () -- C:\Users\**\Desktop\DSCF0197.JPG
[2011.04.08 22:45:17 | 004,861,271 | -H-- | C] () -- C:\Users\**\Desktop\DSCF0198.JPG
[2011.04.04 21:16:09 | 000,000,567 | -H-- | C] () -- C:\Users\**\Desktop\Trainingsplan.lnk
[2011.04.03 23:09:49 | 000,110,865 | -H-- | C] () -- C:\Users\**\Desktop\goldring.jpg
[2011.04.03 11:22:16 | 000,015,044 | -H-- | C] () -- C:\Users\**\Desktop\flaw.mid
[2011.04.03 11:20:45 | 000,004,589 | -H-- | C] () -- C:\Users\**\Desktop\flaw.tg
[2010.11.17 22:56:13 | 000,000,680 | -H-- | C] () -- C:\Users\**\AppData\Local\d3d9caps.dat
[2010.11.06 18:49:12 | 000,053,248 | ---- | C] () -- C:\Windows\System32\mgxasio2.dll
[2010.11.06 18:46:03 | 000,006,768 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2010.11.06 18:27:49 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2010.09.27 00:21:15 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010.06.18 12:40:40 | 000,017,408 | -H-- | C] () -- C:\Users\**\AppData\Local\WebpageIcons.db
[2009.09.29 22:42:52 | 000,116,918 | ---- | C] () -- C:\Windows\System32\pSluK1RaeX.exe
[2009.09.14 09:52:28 | 000,167,936 | ---- | C] () -- C:\Windows\A5.dll
[2009.09.14 09:52:28 | 000,045,056 | ---- | C] () -- C:\Windows\GetKey5.dll
[2009.05.10 21:08:59 | 000,000,020 | ---- | C] () -- C:\Windows\crackpdf.INI
[2009.05.10 13:30:38 | 000,000,095 | ---- | C] () -- C:\Windows\winDecrypt.INI
[2009.04.13 15:28:13 | 000,000,403 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.01.25 13:09:02 | 000,024,206 | -H-- | C] () -- C:\Users\Nabhani\AppData\Roaming\UserTile.png
[2009.01.24 13:27:03 | 000,003,191 | ---- | C] () -- C:\Windows\System32\dmlg.dat
[2009.01.16 17:24:13 | 000,012,800 | -H-- | C] () -- C:\Users\**\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.01.02 04:01:31 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.01.02 04:01:31 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.12.23 19:56:40 | 000,000,900 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2008.12.23 15:59:27 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2008.12.23 15:59:27 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2008.12.23 15:59:27 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2008.12.23 15:59:27 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2008.12.23 15:59:27 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2008.12.23 15:59:27 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2008.12.23 15:59:27 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2008.12.23 15:59:27 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2008.12.23 15:59:27 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2008.12.23 15:59:27 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2008.12.23 15:59:27 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2008.12.23 15:59:27 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2008.12.23 15:59:27 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2008.12.23 15:59:27 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2008.12.23 15:59:27 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2008.12.23 15:59:27 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2008.12.23 15:59:27 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2008.12.23 15:59:27 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2008.12.23 15:59:27 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2008.12.23 15:54:40 | 000,000,025 | ---- | C] () -- C:\Windows\CDESX100DEFGIPS.ini
[2008.12.22 23:06:24 | 000,000,095 | -H-- | C] () -- C:\Users\**\AppData\Local\fusioncache.dat
[2008.08.29 13:58:26 | 000,197,408 | ---- | C] () -- C:\Windows\System32\vpnapi.dll
[2008.04.16 03:27:20 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2008.04.16 03:14:56 | 000,221,184 | ---- | C] () -- C:\Windows\SetDisplayResolution.exe
[2008.04.16 01:44:48 | 000,004,512 | ---- | C] () -- C:\Windows\HotFixList.ini
[2008.04.16 01:37:29 | 000,000,135 | R--- | C] () -- C:\Windows\System32\lngEng.ini
[2008.04.16 01:37:29 | 000,000,117 | ---- | C] () -- C:\Windows\System32\lngKor.ini
[2008.04.16 01:11:51 | 000,040,960 | ---- | C] () -- C:\Windows\System32\IhDEV.exe
[2008.04.16 01:11:51 | 000,024,576 | ---- | C] () -- C:\Windows\System32\IhINF.exe
[2008.04.16 01:00:14 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008.04.15 07:48:13 | 000,696,626 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.04.15 07:48:13 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.04.15 07:48:13 | 000,155,102 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.04.15 07:48:13 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008.04.15 07:40:46 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008.04.15 07:40:40 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2008.04.15 07:40:40 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008.04.15 07:40:39 | 000,168,883 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2008.04.15 07:40:39 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2007.10.25 17:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2007.04.24 11:32:56 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2007.03.29 22:00:40 | 000,203,264 | ---- | C] () -- C:\Windows\System32\CddbCdda.dll
[2007.02.26 09:49:12 | 006,139,774 | ---- | C] () -- C:\Windows\System32\imagine digital freedom.dat
[2007.02.15 09:51:02 | 000,274,432 | ---- | C] () -- C:\Windows\System32\NDADLL.dll
[2006.11.29 10:00:30 | 000,045,056 | ---- | C] () -- C:\Windows\System32\MAWebControl.exe
[2006.11.29 10:00:28 | 000,307,200 | ---- | C] () -- C:\Windows\System32\LDBGenWizView.dll
[2006.11.02 21:40:12 | 000,174,656 | ---- | C] () -- C:\Windows\System32\PSIService.exe
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,483,304 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,651,940 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,126,190 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.10.09 03:01:28 | 000,061,440 | ---- | C] () -- C:\Windows\System32\AVSAudioWideStereoDMO.dll
[2001.11.14 06:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
[1999.01.22 20:46:58 | 000,065,536 | ---- | C] () -- C:\Windows\System32\MSRTEDIT.DLL
[1997.06.14 10:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 64 bytes -> C:\Users\Nabhani\Documents\ film2_02.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Nabhani\Documents\bestdivx-vcb.avi:TOC.WMV

< End of report >
--- --- ---
Geändert von Larusso (23.04.2011 um 23:44 Uhr)

 

Themen zu TR\Kazy.mekml.1 wieder
0x00000001, 7-zip, alternate, audacity, avgntflt.sys, avira, bho, browser, browser.exe, error, fehler, flash player, format, google, google chrome, google earth, home, iexplore.exe, install.exe, kazy.mekml.1, limewire, location, logfile, microsoft office 2003, mozilla, office 2007, oldtimer, otl.exe, plug-in, realtek, registry, rundll, saver, scan, sched.exe, schwarzer hintergrund, searchplugins, security, security scan, server, shell32.dll, software, start menu, studio, svchost.exe, tcp, torrent.exe, udp, vista, wlan


« Kazy.mekml.1 - im abgesicherter Modus Blue Screen - | Der Kazy.mekml.1 Trojaner »


Ähnliche Themen: TR\Kazy.mekml.1 wieder


  1. Nach Befall von TR/Kazy.mekml.1 alles wieder sauber?
    Log-Analyse und Auswertung - 27.05.2011 (59)
  2. tr/kazy.mekml.1
    Plagegeister aller Art und deren Bekämpfung - 17.05.2011 (5)
  3. TR/Kazy.mekml.1 ; 'TR/FakeSysdef.A.621 ; 'TR/Kazy.22847'..
    Log-Analyse und Auswertung - 15.05.2011 (33)
  4. TR/Kazy.mekml.1
    Log-Analyse und Auswertung - 10.05.2011 (17)
  5. TR/Kazy.mekml.1 --> ist wirklich alles wieder in ordnung?
    Log-Analyse und Auswertung - 05.05.2011 (16)
  6. TR/Kazy.mekml.1
    Log-Analyse und Auswertung - 04.05.2011 (1)
  7. TR/Kazy.mekml.1
    Plagegeister aller Art und deren Bekämpfung - 01.05.2011 (10)
  8. Kazy/mekml.1
    Log-Analyse und Auswertung - 30.04.2011 (44)
  9. TR/Kazy.mekml.1_windowsXP_wie krieg ich den PC wieder i.O.?
    Log-Analyse und Auswertung - 30.04.2011 (3)
  10. TR/Kazy.mekml.1 wieder einmal
    Plagegeister aller Art und deren Bekämpfung - 28.04.2011 (4)
  11. TR/Kazy.mekml.1
    Log-Analyse und Auswertung - 26.04.2011 (3)
  12. Wieder TR/Kazy.mekml.1
    Log-Analyse und Auswertung - 25.04.2011 (5)
  13. Wie krieg ich den Trojaner "kazy.mekml.1" wieder weg???
    Plagegeister aller Art und deren Bekämpfung - 25.04.2011 (1)
  14. Osterei: TR/Kazy.mekml.1 und TR/Kazy.20364
    Log-Analyse und Auswertung - 25.04.2011 (1)
  15. tr kazy.mekml.1 - dateien wieder sichtbar machen
    Plagegeister aller Art und deren Bekämpfung - 23.04.2011 (9)
  16. TR/Kazy.mekml.1
    Plagegeister aller Art und deren Bekämpfung - 19.04.2011 (28)
  17. TR/Kazy.mekml.1
    Log-Analyse und Auswertung - 18.04.2011 (26)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema TR\Kazy.mekml.1 wieder - nabnd die runde. habe mich soeben hier registriert, da ich mir leider TR\Kazy.mekml.1 eingefangen habe. Hoffe somit, dass mir hier geholfen werden kann. wäre euch wirklich sehr verbunden. symptome sind - TR\Kazy.mekml.1 wieder...

Alle Zeitangaben in WEZ +1. Es ist jetzt 13:37 Uhr.

Kontakt - Trojaner-Board - Archiv - Datenschutzerklärung - Nach oben

Copyright ©2000-2025, Trojaner-Board
Archiv
Du betrachtest: TR\Kazy.mekml.1 wieder auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55