| |
| |||||||
Log-Analyse und Auswertung: TR/Kazy.mekl.1 ebendfalls bei mir...Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
| |
27.04.2011, 15:43
| #1 |
| |  TR/Kazy.mekl.1 ebendfalls bei mir... Moin, habe ein Problem mit dem oben genannten "trojaner". habe bei lesen hier schon mal das anti malware programm runtergeladen und durch laufen lassen, hoffe ihr könnt mir weiterhelfen. meine daten sind alle scheinbar weg, und mein desktop ist schwarz die verknüpfungen sind aber noch da und sonst kann ich eigentlich auch alles benutzen.. denke ich, aber ich hab von sowas ehrlich gesagt kaum ahnung..^^ vielen dank im vorraus  mbam-log: Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Datenbank Version: 6456 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 27.04.2011 15:44:53 mbam-log-2011-04-27 (15-44-53).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|Q:\|) Durchsuchte Objekte: 205911 Laufzeit: 46 Minute(n), 39 Sekunde(n) Infizierte Speicherprozesse: 1 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 1 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 2 Infizierte Speicherprozesse: c:\programdata\vkecjcxhfiqs.exe (Trojan.FakeAlert) -> 2980 -> Unloaded process successfully. Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\vKECjCxHfiQS (Trojan.FakeAlert) -> Value: vKECjCxHfiQS -> Quarantined and deleted successfully. Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: c:\programdata\vkecjcxhfiqs.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. c:\Users\flo flo ramone\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\YPMHJV2R\contacts[1].exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. OTL:OTL Logfile: Code:
ATTFilter OTL logfile created on: 27.04.2011 16:47:47 - Run 2 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Flo Flo Ramone\Desktop Starter Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1.013,00 Mb Total Physical Memory | 272,00 Mb Available Physical Memory | 27,00% Memory free 2,00 Gb Paging File | 1,00 Gb Available in Paging File | 50,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 187,67 Gb Total Space | 153,62 Gb Free Space | 81,86% Space Free | Partition Type: NTFS Drive D: | 30,27 Gb Total Space | 29,32 Gb Free Space | 96,86% Space Free | Partition Type: NTFS Computer Name: FLO-FLO-NETBOOK | User Name: Flo Flo Ramone | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Flo Flo Ramone\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe () PRC - C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) PRC - C:\Programme\DivX\DivX Plus Web Player\DDMService.exe (DivX, LLC) PRC - C:\Programme\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Lenovo\VeriFace\PManage.exe (Lenovo) PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.) PRC - C:\Programme\Realtek\Audio\HDA\RtHDVBg.exe (Realtek Semiconductor) PRC - C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) PRC - C:\Programme\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) PRC - C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) PRC - C:\Programme\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\QSTART.SYS\config\DVMExportService.exe (DeviceVM, Inc.) PRC - C:\Programme\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited) PRC - C:\Programme\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited) PRC - C:\Programme\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.) PRC - C:\Programme\Lenovo\Bluetooth Software\btwdins.exe (Broadcom Corporation.) PRC - C:\Programme\Lenovo\ReadyComm\common\IGRS.exe (Lenovo Group Limited) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Windows\System32\IgrsSvcs.exe (Microsoft Corporation) PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation) PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation) PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.) ========== Modules (SafeList) ========== MOD - C:\Users\Flo Flo Ramone\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (mfefire) -- File not found SRV - (McProxy) -- File not found SRV - (McNaiAnn) -- File not found SRV - (McMPFSvc) -- File not found SRV - (gusvc) -- File not found SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (mfevtp) -- C:\Windows\System32\mfevtps.exe (McAfee, Inc.) SRV - (sftvsa) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) SRV - (sftlist) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (DvmMDES) -- C:\QSTART.SYS\config\DVMExportService.exe (DeviceVM, Inc.) SRV - (btwdins) -- C:\Programme\Lenovo\Bluetooth Software\btwdins.exe (Broadcom Corporation.) SRV - (Lenovo ReadyComm ConnSvc) -- C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe (Lenovo Group Limited) SRV - (Lenovo ReadyComm AppSvc) -- C:\Program Files\Lenovo\ReadyComm\AppSvc.exe (Lenovo Group Limited) SRV - (IGRS) -- C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe (Lenovo Group Limited) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (ReadyComm.DirectRouter) -- C:\windows\System32\IgrsSvcs.exe (Microsoft Corporation) SRV - (PS_MDP) -- C:\windows\System32\IgrsSvcs.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (mfefirek) -- C:\Windows\System32\drivers\mfefirek.sys (McAfee, Inc.) DRV - (mfewfpk) -- C:\Windows\System32\drivers\mfewfpk.sys (McAfee, Inc.) DRV - (mfeapfk) -- C:\Windows\System32\drivers\mfeapfk.sys (McAfee, Inc.) DRV - (mferkdet) -- C:\Windows\System32\drivers\mferkdet.sys (McAfee, Inc.) DRV - (mfenlfk) -- C:\Windows\System32\drivers\mfenlfk.sys (McAfee, Inc.) DRV - (cfwids) -- C:\Windows\System32\drivers\cfwids.sys (McAfee, Inc.) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (Sftvol) -- C:\Windows\System32\drivers\Sftvollh.sys (Microsoft Corporation) DRV - (Sftredir) -- C:\Windows\System32\drivers\Sftredirlh.sys (Microsoft Corporation) DRV - (Sftplay) -- C:\Windows\System32\drivers\Sftplaylh.sys (Microsoft Corporation) DRV - (Sftfs) -- C:\Windows\System32\drivers\Sftfslh.sys (Microsoft Corporation) DRV - (usbsmi) -- C:\Windows\System32\drivers\SMIksdrv.sys (SMI) DRV - (RSUSBSTOR) -- C:\Windows\System32\drivers\RtsUStor.sys (Realtek Semiconductor Corp.) DRV - (Bridge0) -- C:\Windows\System32\drivers\wdbridge.sys (Lenovo) DRV - (wsvd) -- C:\Windows\System32\drivers\wsvd.sys (CyberLink) DRV - (wdmirror) -- C:\Windows\System32\drivers\WDMirror.sys (Windows (R) Codename Longhorn DDK provider) DRV - (netw5v32) Intel(R) -- C:\Windows\System32\drivers\netw5v32.sys (Intel Corporation) DRV - (k57nd60x) Broadcom NetLink (TM) -- C:\Windows\System32\drivers\k57nd60x.sys (Broadcom Corporation) DRV - (btusbflt) -- C:\Windows\System32\drivers\btusbflt.sys (Broadcom Corporation.) DRV - (ACPIVPC) -- C:\Windows\System32\drivers\AcpiVpc.sys (Lenovo Corporation) DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ecosia.de/ IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "hxxp://www.ecosia.de/" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011.02.06 17:01:08 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011.02.06 17:01:10 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.22 18:05:54 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.22 18:05:15 | 000,000,000 | ---D | M] [2011.01.29 19:45:03 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Flo Flo Ramone\AppData\Roaming\mozilla\Extensions [2011.04.07 18:14:27 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Flo Flo Ramone\AppData\Roaming\mozilla\Firefox\Profiles\tktia2zf.default\extensions [2011.03.23 18:52:06 | 000,000,000 | -H-D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Flo Flo Ramone\AppData\Roaming\mozilla\Firefox\Profiles\tktia2zf.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2011.02.20 11:32:29 | 000,000,000 | -H-D | M] ("DVDVideoSoft Menu") -- C:\Users\Flo Flo Ramone\AppData\Roaming\mozilla\Firefox\Profiles\tktia2zf.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.04.02 07:09:39 | 000,000,000 | -H-D | M] (DownloadHelper) -- C:\Users\Flo Flo Ramone\AppData\Roaming\mozilla\Firefox\Profiles\tktia2zf.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2011.03.23 18:52:00 | 000,000,000 | -H-D | M] (Conduit Engine) -- C:\Users\Flo Flo Ramone\AppData\Roaming\mozilla\Firefox\Profiles\tktia2zf.default\extensions\engine@conduit.com [2011.03.22 18:24:05 | 000,000,000 | -H-D | M] (startup.service) -- C:\Users\Flo Flo Ramone\AppData\Roaming\mozilla\Firefox\Profiles\tktia2zf.default\extensions\startup.service@mozilla.com [2011.03.22 18:06:24 | 000,000,000 | -H-D | M] (GMX Toolbar) -- C:\Users\Flo Flo Ramone\AppData\Roaming\mozilla\Firefox\Profiles\tktia2zf.default\extensions\toolbar@gmx.net [2011.04.11 16:55:36 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2011.02.05 17:15:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011.02.11 15:34:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011.04.11 16:55:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011.03.22 18:05:25 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\distribution\extensions [2011.03.22 18:05:26 | 000,000,000 | ---D | M] (GMX Toolbar) -- C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net File not found (No name found) -- [2011.02.05 17:15:34 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011.02.11 15:34:01 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011.04.11 16:55:36 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} () (No name found) -- C:\USERS\FLO FLO RAMONE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TKTIA2ZF.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2011.03.18 19:56:37 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\browsercomps.dll [2010.10.13 23:28:54 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Programme\Mozilla Firefox\components\Scriptff.dll [2011.02.02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\bing.xml [2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation) O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - File not found O3 - HKLM\..\Toolbar: (@C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - File not found O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [Energy Management] C:\Programme\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited) O4 - HKLM..\Run: [EnergyUtility] C:\Programme\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited) O4 - HKLM..\Run: [IAStorIcon] C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [mcui_exe] File not found O4 - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (Realtek Semiconductor) O4 - HKLM..\Run: [VeriFaceManager] C:\Programme\Lenovo\VeriFace\PManage.exe (Lenovo) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Flo Flo Ramone\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation) O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm () O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites) O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites) O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.04.27 16:45:50 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Flo Flo Ramone\Desktop\OTL.exe [2011.04.27 14:55:13 | 000,000,000 | ---D | C] -- C:\Users\Flo Flo Ramone\AppData\Roaming\Malwarebytes [2011.04.27 14:55:05 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys [2011.04.27 14:55:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.04.27 14:54:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.04.27 14:54:55 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys [2011.04.27 14:54:55 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2011.04.27 14:53:59 | 007,734,208 | -H-- | C] (Malwarebytes Corporation ) -- C:\Users\Flo Flo Ramone\Desktop\mbam-setup.exe [2011.04.27 14:49:52 | 007,734,208 | -H-- | C] (Malwarebytes Corporation ) -- C:\Users\Flo Flo Ramone\Desktop\mbam-setup-1.50.1.1100.exe [2011.04.27 14:40:52 | 000,000,000 | -H-D | C] -- C:\Users\Flo Flo Ramone\AppData\Local\{71C2449E-9816-43F5-86BA-DBC52B3409A8} [2011.04.26 15:29:39 | 000,000,000 | -H-D | C] -- C:\Users\Flo Flo Ramone\AppData\Local\{2001464D-8DFB-49E4-B97D-4897F40A6EC7} [2011.04.25 14:39:29 | 000,000,000 | -H-D | C] -- C:\Users\Flo Flo Ramone\AppData\Local\{6A8A8F46-7BF3-42A8-ADF8-8C6E98E911C4} [2011.04.22 12:36:59 | 000,000,000 | -H-D | C] -- C:\Users\Flo Flo Ramone\AppData\Local\{3D625D83-CB72-446D-9A86-1BFA2E04520F} [2011.04.21 16:10:45 | 000,000,000 | -H-D | C] -- C:\Users\Flo Flo Ramone\AppData\Local\{F0C2340F-A1E8-4506-9D6E-598C3694D792} [2011.04.20 16:42:52 | 000,000,000 | -H-D | C] -- C:\Users\Flo Flo Ramone\AppData\Local\{2EB022ED-D4A7-4005-ACF5-16F37502B14C} [2011.04.19 17:32:58 | 000,000,000 | -H-D | C] -- C:\Users\Flo Flo Ramone\AppData\Local\{2331726E-14A5-4CA3-98DD-FAE8828CBD38} [2011.04.18 15:58:43 | 000,000,000 | -H-D | C] -- C:\Users\Flo Flo Ramone\AppData\Local\{97491A5C-711E-4049-9F05-6D7CEF2E3543} [2011.04.17 12:43:43 | 000,000,000 | -H-D | C] -- C:\Users\Flo Flo Ramone\AppData\Local\{941B621B-2CDC-44E0-AF40-801873907EDB} [2011.04.16 15:24:14 | 000,000,000 | -H-D | C] -- C:\Users\Flo Flo Ramone\AppData\Local\{8A100CB3-167F-4339-B302-F395407F7321} [2011.04.15 14:39:44 | 000,000,000 | -H-D | C] -- C:\Users\Flo Flo Ramone\AppData\Local\{54074EE4-2310-4931-A4F0-68B070372C7C} [2011.04.14 16:49:40 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript.dll [2011.04.14 16:49:39 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\vbscript.dll [2011.04.14 16:49:35 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dnscacheugc.exe [2011.04.14 16:49:32 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\atmfd.dll [2011.04.14 16:49:31 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\System32\atmlib.dll [2011.04.14 16:49:08 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll [2011.04.14 16:49:08 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iedkcs32.dll [2011.04.14 16:49:07 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mstime.dll [2011.04.14 16:49:07 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll [2011.04.14 16:49:06 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iepeers.dll [2011.04.14 16:49:06 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedsbs.dll [2011.04.14 16:49:06 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\licmgr10.dll [2011.04.14 16:49:05 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb [2011.04.14 16:49:05 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\html.iec [2011.04.14 16:49:05 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll [2011.04.14 16:49:05 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedssync.exe [2011.04.14 16:48:40 | 002,331,136 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys [2011.04.14 16:48:38 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\FXSCOVER.exe [2011.04.14 16:48:37 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XpsGdiConverter.dll [2011.04.14 16:48:33 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfc42.dll [2011.04.14 16:48:32 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfc42u.dll [2011.04.14 16:42:44 | 000,000,000 | -H-D | C] -- C:\Users\Flo Flo Ramone\AppData\Local\{BAD9EFBE-CEB5-4F8F-93B6-D409F1555122} [2011.04.14 16:34:02 | 000,000,000 | -H-D | C] -- C:\Users\Flo Flo Ramone\AppData\Local\{310C11CB-C956-4DC1-AECD-5DB1E1CE00AD} [2011.04.13 19:18:22 | 000,000,000 | -H-D | C] -- C:\Users\Flo Flo Ramone\AppData\Local\{A3F0C56E-E584-46DC-BDEC-A3D73A76F432} [2011.04.12 16:47:51 | 000,000,000 | -H-D | C] -- C:\Users\Flo Flo Ramone\AppData\Local\{8AA575C3-E49F-4C60-92D3-F18F5B3EA96F} [2011.04.11 16:55:50 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Java [2011.04.11 16:55:31 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\javaws.exe [2011.04.11 16:55:31 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\javaw.exe [2011.04.11 16:55:31 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\java.exe [2011.04.11 16:48:55 | 000,000,000 | -H-D | C] -- C:\Users\Flo Flo Ramone\AppData\Local\{27D76EBB-B3AE-4B87-B53D-C9A12A6F13B6} [2011.04.10 16:07:31 | 000,000,000 | -H-D | C] -- C:\Users\Flo Flo Ramone\AppData\Local\{C7D734BB-0299-4960-A4F7-D3F32C2326B5} [2011.04.09 09:34:39 | 000,000,000 | -H-D | C] -- C:\Users\Flo Flo Ramone\AppData\Local\{3D8715E9-B7CA-46E8-A573-F89A9876F849} [2011.04.08 13:49:56 | 000,000,000 | -H-D | C] -- C:\Users\Flo Flo Ramone\AppData\Local\{69B68B95-B42B-4266-AC0F-6A414C512B1D} [2011.04.07 17:21:40 | 000,000,000 | -H-D | C] -- C:\Users\Flo Flo Ramone\AppData\Local\{6904C9A0-3C9B-4744-A46A-B6891AAC3B55} [2011.04.06 17:32:42 | 000,000,000 | -H-D | C] -- C:\Users\Flo Flo Ramone\AppData\Local\{E11EE782-7502-4AC9-B018-909ED51CF14D} [2011.04.05 17:26:47 | 000,000,000 | -H-D | C] -- C:\Users\Flo Flo Ramone\AppData\Local\{18521FC1-2799-4653-B10B-6C36D1780023} [2011.04.04 20:29:20 | 000,000,000 | -H-D | C] -- C:\Users\Flo Flo Ramone\AppData\Local\{7D894C0C-8514-4D48-A6D9-C53FC5AF82ED} [2011.04.03 12:30:53 | 000,000,000 | -H-D | C] -- C:\Users\Flo Flo Ramone\AppData\Local\{07294B17-7FCA-4500-A1E8-1FFAFE318A09} [2011.04.02 07:09:05 | 000,000,000 | -H-D | C] -- C:\Users\Flo Flo Ramone\AppData\Local\{4E4C5F9E-D1CD-4D11-8271-9F673F0D1CD1} [2011.04.01 13:45:36 | 000,000,000 | -H-D | C] -- C:\Users\Flo Flo Ramone\AppData\Local\{3B140E22-4451-4825-A216-6E9556E36D17} [2011.03.31 16:07:52 | 000,000,000 | -H-D | C] -- C:\Users\Flo Flo Ramone\AppData\Local\{C0D44180-C6A7-4E4F-B01F-E864C81B2C07} [2011.03.30 17:09:58 | 000,000,000 | -H-D | C] -- C:\Users\Flo Flo Ramone\AppData\Local\{9BAC923E-27F0-4809-A0DD-C6D9B3F0E35A} [2011.03.29 16:58:27 | 000,000,000 | -H-D | C] -- C:\Users\Flo Flo Ramone\AppData\Local\{E09E516C-67B1-4B6F-9D5C-8934E4CCDE11} [2011.03.28 16:52:26 | 000,000,000 | -H-D | C] -- C:\Users\Flo Flo Ramone\AppData\Local\{561A23C6-3EAD-4A25-B281-2D34576BE90A} ========== Files - Modified Within 30 Days ========== [2011.04.27 16:45:52 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Flo Flo Ramone\Desktop\OTL.exe [2011.04.27 16:33:56 | 000,000,177 | -H-- | M] () -- C:\dvmexp.idx [2011.04.27 16:01:10 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.04.27 16:01:10 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.04.27 15:57:41 | 000,654,610 | ---- | M] () -- C:\windows\System32\perfh007.dat [2011.04.27 15:57:41 | 000,616,452 | ---- | M] () -- C:\windows\System32\perfh009.dat [2011.04.27 15:57:41 | 000,130,192 | ---- | M] () -- C:\windows\System32\perfc007.dat [2011.04.27 15:57:41 | 000,106,574 | ---- | M] () -- C:\windows\System32\perfc009.dat [2011.04.27 15:53:13 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2011.04.27 15:53:00 | 796,987,392 | -HS- | M] () -- C:\hiberfil.sys [2011.04.27 15:23:53 | 000,504,657 | ---- | M] () -- C:\Users\Flo Flo Ramone\Desktop\unhide.exe [2011.04.27 14:55:05 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.04.27 14:54:02 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Flo Flo Ramone\Desktop\mbam-setup.exe [2011.04.27 14:49:53 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Flo Flo Ramone\Desktop\mbam-setup-1.50.1.1100.exe [2011.04.15 14:37:06 | 000,280,472 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT ========== Files Created - No Company Name ========== Extras: OTL Extras logfile created on: 27.04.2011 16:47:47 - Run 2 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Flo Flo Ramone\Desktop Starter Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1.013,00 Mb Total Physical Memory | 272,00 Mb Available Physical Memory | 27,00% Memory free 2,00 Gb Paging File | 1,00 Gb Available in Paging File | 50,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 187,67 Gb Total Space | 153,62 Gb Free Space | 81,86% Space Free | Partition Type: NTFS Drive D: | 30,27 Gb Total Space | 29,32 Gb Free Space | 96,86% Space Free | Partition Type: NTFS Computer Name: FLO-FLO-NETBOOK | User Name: Flo Flo Ramone | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{02602409-9189-4567-BC07-562605243B69}" = Windows Live Remote Client Resources "{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion "{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{17542DBF-E17C-4562-BC4D-FA3EF3076C45}" = Lenovo ReadyComm 5 "{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client "{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool "{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service "{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 24 "{2B4E24A0-A06F-488D-87D8-16738E5E1104}" = Windows Live Family Safety "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{357B11ED-5417-4CF3-8EB2-386299BC30E0}" = Lenovo Quick Start "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack "{3A65A74A-5B6E-451A-92D8-50F1182BBE9A}" = Windows Live Remote Service Resources "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology "{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant "{65C0025A-2CDE-43C5-82D0-C7A56EF0DB39}" = Bing Bar Platform "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync "{76C66170-C538-4E77-B54D-48E136B5B533}" = Lenovo ReadyComm 5.0 Service "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later "{8991E763-21F5-4DEA-A938-5D9D77DCB488}" = Broadcom 802.11 Wireless Driver "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90140000-006D-0407-0000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010 "{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010 "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader "{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = Lenovo Bluetooth with Enhanced Data Rate Software "{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175 "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AC76BA86-7AD7-1031-7B44-A90100000001}" = Adobe Reader 9.0.1 - Deutsch "{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh "{AE1E24C2-E720-42D5-B8E1-48F71A97B4DB}" = Energy Management "{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie "{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail "{B2164CCB-C002-4B80-8550-7535D80DF237}" = Lenovo DirectShare "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common "{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety "{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials "{FE7AD27A-62B1-44F6-B69C-25D1ECA94F5D}" = Lenovo EasyCamera "755087041320E005CB1E8A67C5C55A260EB81B90" = Windows Driver Package - Broadcom Bluetooth (09/11/2009 6.2.0.9407) "A6A8668C0A13640CA28FE2A7D9654BE4AE478B13" = Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "BF20603967CFDCB2BBF91950E8A56DFBC5C833FE" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) "DivX Setup.divx.com" = DivX-Setup "Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.34.305 "HDMI" = Intel(R) Graphics Media Accelerator Driver "InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery "InstallShield_{B2164CCB-C002-4B80-8550-7535D80DF237}" = Lenovo DirectShare "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "McAfee Virtual Technician" = McAfee Virtual Technician "Messenger Plus!" = Messenger Plus! 5 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Mozilla Firefox 4.0 (x86 de)" = Mozilla Firefox 4.0 (x86 de) "Office14.Click2Run" = Microsoft Office Klick-und-Los 2010 "Picasa 3" = Picasa 3 "SynTPDeinstKey" = Synaptics Pointing Device Driver "Uninstall_is1" = Uninstall 1.0.0.1 "VeriFace" = VeriFace "WinLiveSuite" = Windows Live Essentials ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 10.04.2011 15:13:27 | Computer Name = Flo-Flo-Netbook | Source = Application Hang | ID = 1002 Description = Programm msnmsgr.exe, Version 15.4.3508.1109 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 8fc Startzeit: 01cbf78878bf855e Endzeit: 250 Anwendungspfad: C:\Program Files\Windows Live\Messenger\msnmsgr.exe Berichts-ID: 99b35072-63a6-11e0-93b6-60eb694eb188 Error - 11.04.2011 12:59:25 | Computer Name = Flo-Flo-Netbook | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\silicon motion\lenovo easycamera\driverpackage\DPInst64.exe". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 11.04.2011 12:59:40 | Computer Name = Flo-Flo-Netbook | Source = SideBySide | ID = 16842811 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\microsoft\search enhancement pack\search helper\searchhelper.dll". Fehler in Manifest- oder Richtliniendatei "c:\program files\microsoft\search enhancement pack\search helper\searchhelper.dll" in Zeile 2. Ungültige XML-Syntax. Error - 14.04.2011 10:20:57 | Computer Name = Flo-Flo-Netbook | Source = CVHSVC | ID = 100 Description = Nur zur Information. (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Der Servername oder die Serveradresse konnte nicht verarbeitet werden. Error - 18.04.2011 12:33:41 | Computer Name = Flo-Flo-Netbook | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\silicon motion\lenovo easycamera\driverpackage\DPInst64.exe". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 18.04.2011 12:33:50 | Computer Name = Flo-Flo-Netbook | Source = SideBySide | ID = 16842811 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\microsoft\search enhancement pack\search helper\searchhelper.dll". Fehler in Manifest- oder Richtliniendatei "c:\program files\microsoft\search enhancement pack\search helper\searchhelper.dll" in Zeile 2. Ungültige XML-Syntax. Error - 22.04.2011 07:31:36 | Computer Name = Flo-Flo-Netbook | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\silicon motion\lenovo easycamera\driverpackage\DPInst64.exe". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 22.04.2011 07:31:52 | Computer Name = Flo-Flo-Netbook | Source = SideBySide | ID = 16842811 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\microsoft\search enhancement pack\search helper\searchhelper.dll". Fehler in Manifest- oder Richtliniendatei "c:\program files\microsoft\search enhancement pack\search helper\searchhelper.dll" in Zeile 2. Ungültige XML-Syntax. Error - 25.04.2011 09:23:44 | Computer Name = Flo-Flo-Netbook | Source = CVHSVC | ID = 100 Description = Nur zur Information. (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt. Error - 25.04.2011 15:24:17 | Computer Name = Flo-Flo-Netbook | Source = CVHSVC | ID = 100 Description = Nur zur Information. (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt. [ System Events ] Error - 25.04.2011 08:40:55 | Computer Name = Flo-Flo-Netbook | Source = Service Control Manager | ID = 7000 Description = Der Dienst "McAfee VirusScan Announcer" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error - 25.04.2011 09:13:13 | Computer Name = Flo-Flo-Netbook | Source = Service Control Manager | ID = 7003 Description = Der Dienst "McAfee Validation Trust Protection Service" ist von folgendem Dienst abhängig: mfehidk. Dieser Dienst ist eventuell nicht installiert. Error - 25.04.2011 09:13:15 | Computer Name = Flo-Flo-Netbook | Source = Service Control Manager | ID = 7001 Description = Der Dienst "McAfee Firewall Core Service" ist vom Dienst "McAfee Validation Trust Protection Service" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1075 Error - 25.04.2011 09:13:16 | Computer Name = Flo-Flo-Netbook | Source = Service Control Manager | ID = 7001 Description = Der Dienst "McAfee Personal Firewall-Dienst" ist vom Dienst "McAfee Firewall Core Service" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 25.04.2011 09:13:16 | Computer Name = Flo-Flo-Netbook | Source = Service Control Manager | ID = 7001 Description = Der Dienst "McAfee Proxy Service" ist vom Dienst "McAfee Firewall Core Service" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 25.04.2011 09:15:56 | Computer Name = Flo-Flo-Netbook | Source = Service Control Manager | ID = 7000 Description = Der Dienst "McAfee VirusScan Announcer" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error - 25.04.2011 15:11:33 | Computer Name = Flo-Flo-Netbook | Source = Service Control Manager | ID = 7003 Description = Der Dienst "McAfee Validation Trust Protection Service" ist von folgendem Dienst abhängig: mfehidk. Dieser Dienst ist eventuell nicht installiert. Error - 25.04.2011 15:11:36 | Computer Name = Flo-Flo-Netbook | Source = Service Control Manager | ID = 7001 Description = Der Dienst "McAfee Firewall Core Service" ist vom Dienst "McAfee Validation Trust Protection Service" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1075 Error - 25.04.2011 15:11:41 | Computer Name = Flo-Flo-Netbook | Source = Service Control Manager | ID = 7001 Description = Der Dienst "McAfee Personal Firewall-Dienst" ist vom Dienst "McAfee Firewall Core Service" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 25.04.2011 15:11:41 | Computer Name = Flo-Flo-Netbook | Source = Service Control Manager | ID = 7001 Description = Der Dienst "McAfee Proxy Service" ist vom Dienst "McAfee Firewall Core Service" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 < End of report > Geändert von Flo-Flo (27.04.2011 um 16:03 Uhr) |
| Themen zu TR/Kazy.mekl.1 ebendfalls bei mir... |
| anti, anti-malware, appdata, avgntflt.sys, bösartige, conduit, dateien, daten, desktop, explorer, files, install.exe, laufen, lenovo, location, malware, mcafee firewall, microsoft, microsoft office starter 2010, minute, nicht gefunden, oldtimer, picasa, plug-in, problem, process, programm, richtlinie, saver, sched.exe, schei, schwarz, searchplugins, shell32.dll, software, start menu, taskhost.exe, temporary, tr/kazy, trojan.fakealert, trojaner, usb 2.0, value, verknüpfungen, version, webcheck |
Baum-Darstellung