Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: TR/Kazy.mekml.1 - was tun?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Alt 11.05.2011, 03:01   #1
Baileys
 
TR/Kazy.mekml.1 - was tun? - Standard

TR/Kazy.mekml.1 - was tun?



Hallo zusammen,

ich bin neu hier und würde mich über eure Hilfe sehr freuen. Leider habe ich nicht sehr viel Ahnung. Habe aber schon ein bisschen gelesen und hoffe euch gleich die richtigen Informationen zu liefern. Habe gelesen, dass man Malwarebytes Logs und die OTL logs hier posten soll, habe dieses nun mal getan und hoffe es ist so richtig und ihr könnt mir helfen.

Malware - Log
Code:
ATTFilter
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 6551

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

11.05.2011 04:18:17
mbam-log-2011-05-11 (04-18-17).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 156707
Laufzeit: 6 Minute(n), 18 Sekunde(n)

Infizierte Speicherprozesse: 1
Infizierte Speichermodule: 2
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 3
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 6

Infizierte Speicherprozesse:
c:\programdata\kmsaskyhhcwx.exe (Rogue.Installer.Gen) -> 3176 -> Unloaded process successfully.

Infizierte Speichermodule:
c:\Users\Baileys\AppData\Local\ng4040.dll (Trojan.Hiloti) -> Delete on reboot.
c:\Users\Baileys\AppData\Local\eyisazukuyaseza.dll (Trojan.Agent.U) -> Delete on reboot.

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Rparakuqeja (Trojan.Hiloti) -> Value: Rparakuqeja -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\KMsAsKYhhcwX (Rogue.Installer.Gen) -> Value: KMsAsKYhhcwX -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Ddomukacegala (Trojan.Agent.U) -> Value: Ddomukacegala -> Delete on reboot.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\Users\Baileys\AppData\Local\ng4040.dll (Trojan.Hiloti) -> Delete on reboot.
c:\programdata\kmsaskyhhcwx.exe (Rogue.Installer.Gen) -> Quarantined and deleted successfully.
c:\Users\Baileys\AppData\Local\Temp\0.3172997837472512.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.
c:\Users\Baileys\AppData\Local\Temp\tmp6775.tmp (Rogue.Installer.Gen) -> Delete on reboot.
c:\Users\Baileys\AppData\Roaming\Adobe\plugs\mmc217.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Baileys\AppData\Local\eyisazukuyaseza.dll (Trojan.Agent.U) -> Delete on reboot.
         
OTL-Log 1
Code:
ATTFilter
OTL logfile created on: 5/11/2011 4:20:15 AM - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Baileys\Downloads
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 51.00% Memory free
6.00 Gb Paging File | 4.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 138.99 Gb Total Space | 107.30 Gb Free Space | 77.20% Space Free | Partition Type: NTFS
Drive D: | 139.00 Gb Total Space | 131.42 Gb Free Space | 94.55% Space Free | Partition Type: NTFS
 
Computer Name: BAILEYS-PC | User Name: Baileys | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC -  File not found
PRC - C:\Users\Baileys\AppData\Roaming\Adobe\plugs\mmc1.exe ()
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe (SAMSUNG Electronics)
PRC - C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe (SEC)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
PRC - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
PRC - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (TeamViewer6) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (sftvsa) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (VMCService) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (ewusbnet) -- C:\Windows\System32\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV - (ZTEusbnet) -- C:\Windows\System32\drivers\ZTEusbnet.sys (ZTE Corporation)
DRV - (ZTEusbvoice) -- C:\Windows\System32\drivers\zteusbvoice.sys (ZTE Incorporated)
DRV - (ZTEusbser6k) -- C:\Windows\System32\drivers\ZTEusbser6k.sys (ZTE Incorporated)
DRV - (ZTEusbnmea) -- C:\Windows\System32\drivers\ZTEusbnmea.sys (ZTE Incorporated)
DRV - (ZTEusbmdm6k) -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)
DRV - (huawei_enumerator) -- C:\Windows\System32\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (ew_hwusbdev) -- C:\Windows\System32\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (rtport) -- C:\Windows\System32\drivers\rtport.sys (Windows (R) 2003 DDK 3790 provider)
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (nmwcdnsu) -- C:\Windows\System32\drivers\nmwcdnsu.sys (Nokia)
DRV - (nmwcdnsuc) -- C:\Windows\System32\drivers\nmwcdnsuc.sys (Nokia)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (Sftvol) -- C:\Windows\System32\drivers\Sftvollh.sys (Microsoft Corporation)
DRV - (Sftredir) -- C:\Windows\System32\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV - (Sftplay) -- C:\Windows\System32\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV - (Sftfs) -- C:\Windows\System32\drivers\Sftfslh.sys (Microsoft Corporation)
DRV - (yukonw7) -- C:\Windows\System32\drivers\yk62x86.sys ()
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (Serial) -- C:\windows\system32\DRIVERS\serial.sys (Brother Industries Ltd.)
DRV - (IntcHdmiAddService) Intel(R) -- C:\Windows\System32\drivers\IntcHdmi.sys (Intel(R) Corporation)
DRV - (massfilter) -- C:\Windows\System32\drivers\massfilter.sys (ZTE Incorporated)
DRV - (hwusbfake) -- C:\Windows\System32\drivers\ewusbfake.sys (Huawei Technologies Co., Ltd.)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=3ed7899b0000000000004c0f6e8b1fe8&tlver=1.4.19.19&affID=17159
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?babsrc=HP_ss&mntrId=3ed7899b0000000000004c0f6e8b1fe8&tlver=1.4.19.19&affID=17159
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: nasanightlaunch@example.com:0.6.20110329release
FF - prefs.js..keyword.URL: "hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=3ed7899b0000000000004c0f6e8b1fe8&tlver=1.4.19.19&instlRef=sst&affID=17159&q="
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/ig?hl=de#t_0"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"
 
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/01 16:04:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/25 19:12:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/05/01 16:07:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011/04/22 20:38:13 | 000,000,000 | ---D | M]
 
[2011/01/27 02:35:26 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Baileys\AppData\Roaming\mozilla\Extensions
[2011/01/08 00:53:45 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Baileys\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/01/27 02:35:26 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Baileys\AppData\Roaming\mozilla\Extensions\IMVUClientXUL@imvu.com
[2011/04/29 02:17:11 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Baileys\AppData\Roaming\mozilla\Firefox\Profiles\az730lx2.default\extensions
[2011/01/20 21:07:39 | 000,003,915 | -H-- | M] () -- C:\Users\Baileys\AppData\Roaming\Mozilla\Firefox\Profiles\az730lx2.default\searchplugins\sweetim.xml
[2011/01/20 21:07:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2011/01/07 14:05:07 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011/01/11 05:21:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
File not found (No name found) -- 
[2011/05/11 02:51:39 | 000,000,000 | -H-D | M] (XULRunner) -- C:\USERS\BAILEYS\APPDATA\LOCAL\{ECD1A716-4588-4366-9943-DA5B5D727363}
[2011/05/01 16:04:45 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/01/11 05:21:32 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/03/22 20:38:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2011/04/09 09:35:13 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011/04/09 09:48:33 | 000,002,423 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011/04/09 09:35:13 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/04/09 09:35:13 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011/04/09 09:35:13 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/04/09 09:35:13 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011/04/09 09:35:13 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BabylonToolbar] C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (Babylon Ltd.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MobileConnect] C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: []  File not found
O4 - HKCU..\Run: [Ddomukacegala] C:\Users\Baileys\AppData\Local\eyisazukuyaseza.dll (Conexant Systems Inc.)
O4 - HKCU..\Run: [Rparakuqeja] C:\Users\Baileys\AppData\Local\ng4040.dll (Voxware, Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{3f23b376-440b-11e0-bb89-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{3f23b376-440b-11e0-bb89-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{85b47755-30c8-11e0-b842-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{85b47755-30c8-11e0-b842-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{85b4775f-30c8-11e0-b842-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{85b4775f-30c8-11e0-b842-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{ac728b1f-3df0-11e0-bef0-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{ac728b1f-3df0-11e0-bef0-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{ac728b34-3df0-11e0-bef0-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{ac728b34-3df0-11e0-bef0-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{ebafa77c-70d1-11e0-99da-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{ebafa77c-70d1-11e0-99da-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/05/11 04:09:22 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Roaming\Malwarebytes
[2011/05/11 04:09:01 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys
[2011/05/11 04:09:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/11 04:08:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/05/11 04:08:56 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2011/05/11 04:08:56 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/05/11 03:42:01 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Baileys\Desktop\OTL.exe
[2011/05/11 02:51:39 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{ECD1A716-4588-4366-9943-DA5B5D727363}
[2011/05/10 16:07:04 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{43D0507C-296C-49CC-97DC-966338248A52}
[2011/05/10 15:43:21 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{56231C92-64C8-428D-90A5-48BA34997031}
[2011/05/09 21:35:00 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{50AE4613-F75F-452C-83C2-48B802C6FEF2}
[2011/05/09 09:34:25 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{BB7B49AD-0399-4F39-9C3B-1C79647860CE}
[2011/05/08 21:02:38 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{3657AFB3-DF08-441A-A60A-E2DE683775F7}
[2011/05/08 02:25:44 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{FAC8D531-D6DB-4EFE-A015-4523A68ECE7B}
[2011/05/07 11:06:53 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{7011F6F1-5BDE-424A-82AC-4FB33551C725}
[2011/05/06 15:44:43 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{17102787-1659-422D-989D-8DAA0E1DCDF5}
[2011/05/05 18:30:25 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{48C103C4-F80A-44FA-835E-AE5F854C1CB5}
[2011/05/04 17:21:06 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{C172829B-7159-4E7B-B5DF-AAB91802D159}
[2011/05/04 03:55:36 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{9C6DC8FE-C621-46E9-B5AD-903848A591E4}
[2011/05/03 15:55:09 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{06583A8F-2BBD-4564-9AA4-05794AD5EC52}
[2011/05/02 23:22:59 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{9ADAB908-6239-4006-9A61-A21C54408CF2}
[2011/05/02 11:22:31 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{FAB7D5D5-A4A5-4064-8D08-11AC43A9403C}
[2011/05/01 16:52:44 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{7D9C8003-E537-4DDF-918D-9EB5E17E281C}
[2011/05/01 16:06:04 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{0CE40FA7-4FDD-4AD7-8ABC-146AAC956593}
[2011/05/01 01:27:06 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{CBF981D7-A23E-4A72-860F-2624F9796FC6}
[2011/04/30 13:26:31 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{45047024-EE1C-4E50-90CC-7F7CAE3A083C}
[2011/04/29 19:07:48 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{7FC5ECBF-FE07-456D-B2F4-C991FC29D1A3}
[2011/04/28 15:47:51 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{E4D36517-A6CA-4CBC-A22F-FF906814F789}
[2011/04/27 22:06:48 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{1CCEA57C-49B9-434E-B738-891E78D37C3C}
[2011/04/27 16:20:19 | 000,000,000 | ---D | C] -- C:\windows\System32\SPReview
[2011/04/27 16:19:39 | 000,000,000 | ---D | C] -- C:\windows\System32\EventProviders
[2011/04/27 16:13:31 | 000,258,048 | ---- | C] (Conexant Systems Inc.) -- C:\Users\Baileys\AppData\Local\eyisazukuyaseza.dll
[2011/04/27 16:13:31 | 000,118,784 | ---- | C] (Voxware, Inc.) -- C:\Users\Baileys\AppData\Local\ng4040.dll
[2011/04/27 16:12:58 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\windows\System32\fms.dll
[2011/04/27 15:32:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vodafone
[2011/04/27 15:32:06 | 000,000,000 | ---D | C] -- C:\Program Files\Vodafone
[2011/04/27 15:31:12 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{460B8D94-E5AF-4A67-B475-D079D5805431}
[2011/04/26 18:28:44 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{4B295FEA-770B-445B-BCA0-F0C931B4727A}
[2011/04/25 19:35:56 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{7961D91A-410B-4D15-BBAE-27C16803E7D6}
[2011/04/23 06:15:30 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2011/04/22 22:41:39 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{6124D63F-CE3D-47DB-A7CF-16E7141A6A54}
[2011/04/22 20:43:40 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Roaming\Nokia Ovi Suite
[2011/04/22 20:43:39 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Roaming\Nokia
[2011/04/22 20:41:15 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\NokiaAccount
[2011/04/22 20:39:45 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\Nokia
[2011/04/22 20:39:43 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Roaming\PC Suite
[2011/04/22 20:39:43 | 000,000,000 | -H-D | C] -- C:\ProgramData\PC Suite
[2011/04/22 20:39:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
[2011/04/22 20:38:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia
[2011/04/22 20:38:09 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2011/04/22 20:38:08 | 000,018,816 | ---- | C] (Nokia) -- C:\windows\System32\drivers\pccsmcfd.sys
[2011/04/22 20:38:01 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2011/04/22 20:37:26 | 000,075,264 | ---- | C] (Nokia) -- C:\windows\System32\nmwcdcls.dll
[2011/04/22 20:36:32 | 000,000,000 | -H-D | C] -- C:\ProgramData\NokiaInstallerCache
[2011/04/22 20:36:32 | 000,000,000 | ---D | C] -- C:\Program Files\Nokia
[2011/04/22 10:41:12 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{DD5F50AD-C2A9-4B21-9AC9-E8FA8F58A621}
[2011/04/21 10:48:40 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{8D44564F-7CD5-42A9-A5F7-CBE00C614A37}
[2011/04/20 18:54:40 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{B0178AAE-E8E0-4B7D-86FA-0A9DCF235E3A}
[2011/04/20 04:33:09 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{A8AD07BE-001B-4F73-9E6A-6D18A300A443}
[2011/04/19 16:05:39 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{7C16A1A7-5750-454D-A337-F90436813F9A}
[2011/04/18 15:43:18 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{C2589FB9-F185-40A3-936A-D1544AEAE6E3}
[2011/04/18 03:49:37 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{C78D2C9C-E597-45EC-86F7-EB57539110B3}
[2011/04/18 03:42:30 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{55FF3D84-7FA0-43E1-87BF-FE7FAAAC783C}
[2011/04/18 03:37:51 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{2A638369-79C7-4481-BA9B-7FCD71AC09D3}
[2011/04/17 15:37:24 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{7EDDA988-8114-46F6-A1B9-AADF915E23D5}
[2011/04/16 23:34:48 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{AB724F29-6E23-4D2C-9AFE-551DC8048293}
[2011/04/16 11:34:21 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{B718824E-ED12-4847-9178-86AFEA8AB180}
[2011/04/15 23:33:02 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{D02F5D97-5FDC-457E-9302-7A2E1BDC4CCC}
[2011/04/15 11:32:36 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{7F0261F4-BD3F-471C-B0D2-1AE130ECE6C2}
[2011/04/14 22:55:30 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{4F2C6D2A-8DD0-43B7-93AE-D559C14DB068}
[2011/04/14 10:55:04 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{1072F0AC-E26E-4FC9-94AE-5D0C3BCC8CFC}
[2011/04/13 22:25:10 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{7405CE31-CB08-4FEE-8069-0BE601EF581D}
[2011/04/13 04:14:19 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{E1F9A57A-978F-4C51-B2F5-DD04A08585D4}
[2011/04/12 15:17:25 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{58BE38FD-5214-49A4-A7BC-D30481CDFF39}
[2011/04/11 17:04:46 | 000,000,000 | -H-D | C] -- C:\Users\Baileys\AppData\Local\{F24C43A7-F6AD-4271-AF3B-94F9CAF4C3C9}
[2011/02/11 18:40:40 | 000,004,096 | ---- | C] ( ) -- C:\windows\System32\IGFXDEVLib.dll
 
========== Files - Modified Within 30 Days ==========
 
[2011/05/11 04:19:03 | 000,054,016 | ---- | M] () -- C:\windows\System32\drivers\xgfajcqn.sys
[2011/05/11 04:09:01 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/11 03:54:00 | 000,001,098 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/11 03:42:04 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Baileys\Desktop\OTL.exe
[2011/05/11 02:51:40 | 000,000,120 | -H-- | M] () -- C:\Users\Baileys\AppData\Local\Inedisidubadi.dat
[2011/05/11 02:51:40 | 000,000,000 | -H-- | M] () -- C:\Users\Baileys\AppData\Local\Owuniki.bin
[2011/05/11 02:49:53 | 000,000,000 | -H-- | M] () -- C:\Users\Baileys\2gweorjqjutp92vjy9gake
[2011/05/10 23:54:00 | 000,001,094 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/10 15:49:01 | 000,014,512 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/10 15:49:01 | 000,014,512 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/10 15:41:40 | 000,065,536 | ---- | M] () -- C:\windows\System32\Ikeext.etl
[2011/05/10 15:41:35 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011/05/10 15:41:30 | 3150,561,280 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/04 22:16:41 | 000,654,610 | ---- | M] () -- C:\windows\System32\perfh007.dat
[2011/05/04 22:16:41 | 000,616,452 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2011/05/04 22:16:41 | 000,130,192 | ---- | M] () -- C:\windows\System32\perfc007.dat
[2011/05/04 22:16:41 | 000,106,574 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2011/04/27 16:40:46 | 000,277,656 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2011/04/27 16:24:31 | 000,072,822 | ---- | M] () -- C:\windows\System32\ieuinit.inf
[2011/04/22 20:47:24 | 000,007,680 | -H-- | M] () -- C:\Users\Baileys\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/22 20:40:52 | 000,000,000 | -H-- | M] () -- C:\windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2011/04/22 20:29:40 | 000,000,000 | -H-- | M] () -- C:\windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
 
========== Files Created - No Company Name ==========
 
[2011/05/11 04:19:03 | 000,054,016 | ---- | C] () -- C:\windows\System32\drivers\xgfajcqn.sys
[2011/05/11 04:09:01 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/11 02:51:40 | 000,000,120 | -H-- | C] () -- C:\Users\Baileys\AppData\Local\Inedisidubadi.dat
[2011/05/11 02:51:40 | 000,000,000 | -H-- | C] () -- C:\Users\Baileys\AppData\Local\Owuniki.bin
[2011/05/11 02:49:53 | 000,000,000 | -H-- | C] () -- C:\Users\Baileys\2gweorjqjutp92vjy9gake
[2011/04/27 16:24:31 | 000,072,822 | ---- | C] () -- C:\windows\System32\ieuinit.inf
[2011/04/27 16:13:40 | 000,146,852 | ---- | C] () -- C:\windows\System32\systemsf.ebd
[2011/04/27 16:12:46 | 000,010,429 | ---- | C] () -- C:\windows\System32\ScavengeSpace.xml
[2011/04/27 16:12:37 | 000,105,559 | ---- | C] () -- C:\windows\System32\RacRules.xml
[2011/04/22 20:46:55 | 000,007,680 | -H-- | C] () -- C:\Users\Baileys\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/22 20:40:52 | 000,000,000 | -H-- | C] () -- C:\windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2011/04/22 20:29:40 | 000,000,000 | -H-- | C] () -- C:\windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/01/07 14:05:52 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/01/07 10:50:06 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2010/08/25 20:30:02 | 000,439,308 | ---- | C] () -- C:\windows\System32\igcompkrng500.bin
[2010/08/25 20:30:00 | 000,982,240 | ---- | C] () -- C:\windows\System32\igkrng500.bin
[2010/08/25 20:30:00 | 000,092,356 | ---- | C] () -- C:\windows\System32\igfcg500m.bin
[2010/08/25 19:57:00 | 000,000,151 | ---- | C] () -- C:\windows\System32\GfxUI.exe.config
[2010/06/14 01:33:19 | 000,307,200 | ---- | C] () -- C:\windows\SetDisplayResolution.exe
[2010/06/14 01:10:58 | 000,000,832 | ---- | C] () -- C:\windows\HotFixList.ini
[2010/06/13 03:47:23 | 000,654,610 | ---- | C] () -- C:\windows\System32\perfh007.dat
[2010/06/13 03:47:23 | 000,295,922 | ---- | C] () -- C:\windows\System32\perfi007.dat
[2010/06/13 03:47:23 | 000,130,192 | ---- | C] () -- C:\windows\System32\perfc007.dat
[2010/06/13 03:47:23 | 000,038,104 | ---- | C] () -- C:\windows\System32\perfd007.dat
[2010/06/13 03:26:14 | 000,004,608 | ---- | C] () -- C:\windows\System32\HdmiCoin.dll
[2010/06/13 03:26:13 | 000,134,592 | ---- | C] () -- C:\windows\System32\igfcg500.bin
[2009/10/15 19:17:10 | 000,130,520 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2009/07/14 06:57:37 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009/07/14 06:33:53 | 000,277,656 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT
[2009/07/14 04:05:48 | 000,616,452 | ---- | C] () -- C:\windows\System32\perfh009.dat
[2009/07/14 04:05:48 | 000,291,294 | ---- | C] () -- C:\windows\System32\perfi009.dat
[2009/07/14 04:05:48 | 000,106,574 | ---- | C] () -- C:\windows\System32\perfc009.dat
[2009/07/14 04:05:48 | 000,031,548 | ---- | C] () -- C:\windows\System32\perfd009.dat
[2009/07/14 04:05:05 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT
[2009/07/14 04:04:11 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat
[2009/07/14 01:55:01 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009/07/14 01:51:43 | 000,073,728 | ---- | C] () -- C:\windows\System32\BthpanContextHandler.dll
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\windows\System32\BWContextHandler.dll
[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat
 
========== LOP Check ==========
 
[2011/02/05 03:41:21 | 000,000,000 | -H-D | M] -- C:\Users\Baileys\AppData\Roaming\Bytemobile
[2011/05/08 15:29:27 | 000,000,000 | -H-D | M] -- C:\Users\Baileys\AppData\Roaming\FreeFLVConverter
[2011/05/05 23:36:26 | 000,000,000 | -H-D | M] -- C:\Users\Baileys\AppData\Roaming\IMVU
[2011/04/09 16:37:50 | 000,000,000 | -H-D | M] -- C:\Users\Baileys\AppData\Roaming\IMVUClient
[2011/02/07 01:03:38 | 000,000,000 | -H-D | M] -- C:\Users\Baileys\AppData\Roaming\Mp3tag
[2011/04/22 20:43:39 | 000,000,000 | -H-D | M] -- C:\Users\Baileys\AppData\Roaming\Nokia
[2011/04/22 20:43:40 | 000,000,000 | -H-D | M] -- C:\Users\Baileys\AppData\Roaming\Nokia Ovi Suite
[2011/04/22 20:42:11 | 000,000,000 | -H-D | M] -- C:\Users\Baileys\AppData\Roaming\PC Suite
[2011/05/10 01:58:30 | 000,000,000 | -H-D | M] -- C:\Users\Baileys\AppData\Roaming\SoftGrid Client
[2011/01/10 00:39:46 | 000,000,000 | -H-D | M] -- C:\Users\Baileys\AppData\Roaming\TeamViewer
[2011/01/08 00:53:41 | 000,000,000 | -H-D | M] -- C:\Users\Baileys\AppData\Roaming\Thunderbird
[2011/01/30 02:20:54 | 000,000,000 | -H-D | M] -- C:\Users\Baileys\AppData\Roaming\TP
[2011/01/27 02:42:08 | 000,000,000 | -H-D | M] -- C:\Users\Baileys\AppData\Roaming\Vivox
[2011/03/01 22:05:45 | 000,000,000 | -H-D | M] -- C:\Users\Baileys\AppData\Roaming\Vodafone
[2011/02/05 03:46:18 | 000,000,000 | -H-D | M] -- C:\Users\Baileys\AppData\Roaming\Vodafone Mobile Connect
[2011/05/08 11:13:13 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
         
OTL-Log 2
Code:
ATTFilter
OTL Extras logfile created on: 5/11/2011 4:20:15 AM - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Baileys\Downloads
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 51.00% Memory free
6.00 Gb Paging File | 4.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 138.99 Gb Total Space | 107.30 Gb Free Space | 77.20% Space Free | Partition Type: NTFS
Drive D: | 139.00 Gb Total Space | 131.42 Gb Free Space | 94.55% Space Free | Partition Type: NTFS
 
Computer Name: BAILEYS-PC | User Name: Baileys | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{08600005-5228-4BF6-845E-E9A957AFDCB4}" = OviMPlatform
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution 4
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}" = EasyBatteryManager
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 23
"{28191B83-1D60-44B6-9B08-E854EF6632D5}" = Ovi Desktop Sync Engine
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34B76DCB-BF7C-440F-B058-C84172C1E338}" = Easy Network Manager
"{3553E875-F00E-4031-BDEC-75FB1DFEB093}" = Nokia Ovi Suite Software Updater
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FC42713-B6E7-49AA-A553-A224FE9828A8}" = Nokia Ovi Suite
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4216D328-0FE8-48B8-85B8-BD300E6F080F}" = Nokia Connectivity Cable Driver
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74A579FB-EB06-497D-B194-01590D6FE51A}" = BatteryLifeExtender
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-006D-0407-0000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96B51C0B-D3BE-4DF3-959C-28B22C10CFBB}" = Vodafone Mobile Connect Lite
"{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB2}" = Paint.NET v3.5.8
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.4 - Deutsch
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D1434266-0486-4469-B338-A60082CC04E1}" = Atheros Client Installation Program
"{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}" = Samsung Update Plus
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}" = PC Connectivity Solution
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F687E657-F636-44DF-8125-9FEEA2C362F5}" = Samsung Support Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Audiograbber" = Audiograbber 1.83 SE 
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BabylonToolbar" = Babylon toolbar
"Free FLV Converter_is1" = Free FLV Converter V 6.96.0
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Marvell Miniport Driver" = Marvell Miniport Driver
"Messenger Plus!" = Messenger Plus! 5
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 4.0.1 (x86 de)" = Mozilla Firefox 4.0.1 (x86 de)
"Mozilla Thunderbird (3.1.10)" = Mozilla Thunderbird (3.1.10)
"Mp3tag" = Mp3tag v2.48
"Nokia Ovi Suite" = Nokia Ovi Suite
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamViewer 6" = TeamViewer 6
"Winamp" = Winamp
"Winamp Offizielle Deutsche Sprachdatei Plus" = Winamp Offizielle Deutsche Sprachdatei Plus v5.60.1
"WinLiveSuite" = Windows Live Essentials
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"IMVU Avatar chat client software BETA" = IMVU Avatar Chat Software
"Winamp Detect" = Winamp Erkennungs-Plug-in
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 5/7/2011 7:37:37 PM | Computer Name = Baileys-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4181
 
Error - 5/7/2011 7:37:37 PM | Computer Name = Baileys-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4181
 
Error - 5/7/2011 7:37:38 PM | Computer Name = Baileys-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 5/7/2011 7:37:38 PM | Computer Name = Baileys-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5460
 
Error - 5/7/2011 7:37:38 PM | Computer Name = Baileys-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5460
 
Error - 5/7/2011 7:37:40 PM | Computer Name = Baileys-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 5/7/2011 7:37:40 PM | Computer Name = Baileys-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6568
 
Error - 5/7/2011 7:37:40 PM | Computer Name = Baileys-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6568
 
Error - 5/7/2011 8:07:36 PM | Computer Name = Baileys-PC | Source = VMCService | ID = 0
Description = GetProcessOwner
 
Error - 5/7/2011 8:15:00 PM | Computer Name = Baileys-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
 
[ System Events ]
Error - 3/7/2011 5:39:55 AM | Computer Name = Baileys-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   tcpipBM
 
Error - 3/7/2011 5:09:59 PM | Computer Name = Baileys-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   tcpipBM
 
Error - 3/7/2011 10:36:39 PM | Computer Name = Baileys-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   tcpipBM
 
Error - 3/7/2011 11:18:32 PM | Computer Name = Baileys-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   tcpipBM
 
Error - 3/8/2011 5:53:48 AM | Computer Name = Baileys-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   tcpipBM
 
Error - 3/8/2011 12:36:19 PM | Computer Name = Baileys-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   tcpipBM
 
Error - 3/11/2011 11:00:58 AM | Computer Name = Baileys-PC | Source = Microsoft-Windows-Bits-Client | ID = 16398
Description = Ein neuer BITS-Auftrag konnte nicht erstellt werden. Die aktuelle 
Auftragsanzahl für den Baileys-PC\Baileys-Benutzer ("60") ist gleich oder größer
 als das durch die Gruppenrichtlinie angegebene Auftragslimit ("60"). Sie können
 das Problem beheben, indem Sie die BITS-Aufträge beenden oder abbrechen, für die
 kein Fortschritt festgestellt wurde, indem Sie sich den Fehler ansehen, und den
 BITS-Dienst anschließend neu starten. Falls der Fehler weiterhin angezeigt wird,
 bitten Sie den Administrator, die durch die Gruppenrichtlinie angegebenen Auftragslimits
 pro Benutzer und pro Computer zu erhöhen.
 
Error - 3/29/2011 4:15:00 PM | Computer Name = Baileys-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?29.?03.?2011 um 13:23:05 unerwartet heruntergefahren.
 
Error - 4/1/2011 10:44:40 AM | Computer Name = Baileys-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?01.?04.?2011 um 12:46:57 unerwartet heruntergefahren.
 
Error - 4/7/2011 5:19:41 AM | Computer Name = Baileys-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?07.?04.?2011 um 03:28:55 unerwartet heruntergefahren.
 
 
< End of report >
         

Geändert von Baileys (11.05.2011 um 03:26 Uhr) Grund: logs hinzugefügt

 

Themen zu TR/Kazy.mekml.1 - was tun?
antivir, audiograbber, autorun, avgntflt.sys, avira, babylon toolbar, babylontoolbar, bho, bonjour, desktop, error, fehler, firefox, flash player, gruppe, home, install.exe, installation, launch, location, logfile, microsoft office starter 2010, mozilla, mozilla thunderbird, mp3, object, oldtimer, plug-in, problem, realtek, registry, richtlinie, rogue.installer.gen, rundll, scan, sched.exe, searchplugins, security, shell32.dll, software, start menu, sweetim, taskhost.exe, trojan.agent.u, vodafone, was tun, webcheck, windows, windows live mesh




Ähnliche Themen: TR/Kazy.mekml.1 - was tun?


  1. TR/Kazy.mekml.1 ; 'TR/FakeSysdef.A.621 ; 'TR/Kazy.22847'..
    Log-Analyse und Auswertung - 15.05.2011 (33)
  2. TR/Kazy.mekml.1
    Log-Analyse und Auswertung - 06.05.2011 (1)
  3. Tr/kazy.mekml.1
    Log-Analyse und Auswertung - 03.05.2011 (13)
  4. TR/Kazy.mekml.1
    Plagegeister aller Art und deren Bekämpfung - 02.05.2011 (2)
  5. TR/Kazy.mekml.1
    Plagegeister aller Art und deren Bekämpfung - 01.05.2011 (37)
  6. TR/Kazy.mekml.1 - OTL Fix?
    Log-Analyse und Auswertung - 01.05.2011 (17)
  7. TR/Kazy.mekml.1 ... SOS
    Plagegeister aller Art und deren Bekämpfung - 30.04.2011 (34)
  8. TR/kazy.mekml.1
    Plagegeister aller Art und deren Bekämpfung - 29.04.2011 (10)
  9. TR/kazy.mekml.1
    Mülltonne - 26.04.2011 (0)
  10. TR/Kazy.mekml.1
    Log-Analyse und Auswertung - 26.04.2011 (1)
  11. Osterei: TR/Kazy.mekml.1 und TR/Kazy.20364
    Log-Analyse und Auswertung - 25.04.2011 (1)
  12. tr/kazy.mekml.1
    Plagegeister aller Art und deren Bekämpfung - 23.04.2011 (9)
  13. kazy.mekml.1
    Log-Analyse und Auswertung - 23.04.2011 (3)
  14. TR/Kazy.mekml.1
    Plagegeister aller Art und deren Bekämpfung - 22.04.2011 (6)
  15. TR/Kazy.mekml.1
    Plagegeister aller Art und deren Bekämpfung - 22.04.2011 (11)
  16. TR/kazy.mekml.1
    Log-Analyse und Auswertung - 20.04.2011 (16)
  17. TR/Kazy.mekml.1
    Plagegeister aller Art und deren Bekämpfung - 18.04.2011 (4)

Zum Thema TR/Kazy.mekml.1 - was tun? - Hallo zusammen, ich bin neu hier und würde mich über eure Hilfe sehr freuen. Leider habe ich nicht sehr viel Ahnung. Habe aber schon ein bisschen gelesen und hoffe euch - TR/Kazy.mekml.1 - was tun?...

Alle Zeitangaben in WEZ +1. Es ist jetzt 00:58 Uhr.


Copyright ©2000-2025, Trojaner-Board
Archiv
Du betrachtest: TR/Kazy.mekml.1 - was tun? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.