Zurück   Trojaner-Board > Archiv - Kein Posten möglich > Mülltonne

Mülltonne: Trojaner TR/Kazy.mekml.1 entfernen ( doppelt )

Windows 7 Beiträge, die gegen unsere Regeln verstoßen haben, solche, die die Welt nicht braucht oder sonstiger Müll landet hier in der Mülltonne...

 
Alt 27.04.2011, 09:31   #1
Merlson
 
Trojaner TR/Kazy.mekml.1 entfernen ( doppelt ) - Standard

Trojaner TR/Kazy.mekml.1 entfernen ( doppelt )



Habe schon in anderen Posts gelesen was der erste Schritt bei diesem Virus ist und haben diesen schonmal ausgeführt

Extras.Txt:OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 27.04.2011 08:01:00 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Ees\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 42,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 67,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 139,69 Gb Total Space | 73,85 Gb Free Space | 52,87% Space Free | Partition Type: NTFS
Drive D: | 7,80 Gb Total Space | 0,70 Gb Free Space | 8,98% Space Free | Partition Type: NTFS
Drive E: | 1,55 Gb Total Space | 1,32 Gb Free Space | 84,88% Space Free | Partition Type: NTFS
 
Computer Name: MERLE-PC | User Name: Ees | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
"" = 
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Orbitdownloader\orbitdm.exe" = C:\Program Files\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Program Files\Orbitdownloader\orbitnet.exe" = C:\Program Files\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{64C73BD6-6754-4293-93AF-1BB3AA00EAAB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{D0CA8247-8F66-4634-89E0-55DAC585E852}" = lport=2869 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{015DA139-6659-4FFA-A2BE-A09C99FDDD09}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe | 
"{0DEF7641-759C-4492-95C7-07B6628791EB}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd9.exe | 
"{1BBC5B12-0BA5-40D9-B269-4AC6B695BB1C}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe | 
"{22BF5A8B-2CEE-4461-8A5E-2BDC5B64D695}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe | 
"{267662CC-100E-4B44-8DDF-7E0B53506099}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe | 
"{2E67F1F9-874B-4768-BA39-8D15F483F6F9}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe | 
"{3CE1A116-B67F-42A9-A232-6CAF0BFADF76}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe | 
"{4050DC66-9FA4-49AF-BBE0-EAFA0D7D9A56}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd cinema\powerdvdcinema.exe | 
"{46CE7E80-2286-45C1-A766-A91B966FAB09}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe | 
"{4983CFAD-B53C-4D38-938D-B4D2AFC77AE0}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe | 
"{5BE688F1-D831-4C05-AB91-860890461DC5}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe | 
"{6A057B46-8D4E-4C00-A17B-D860073E7BEA}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{6C5ACBB4-E2EB-4C01-B026-A879C36F21AF}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 
"{70709836-0C41-4FB4-B582-4A89235CFF45}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe | 
"{7C2E0876-1A19-4DF6-8FFE-D8011E6D284B}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe | 
"{85F089DB-FF7E-406E-81DA-4A7E35ACD24A}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe | 
"{8E6D57F9-7A76-451B-AA05-E3D48B384A9D}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe | 
"{EB0B76F4-ED19-44B4-870C-DCEC5D5579A0}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe | 
"TCP Query User{27D34C01-E32B-4A03-9A3D-EF10B1B570C0}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"TCP Query User{2A60CFDC-8A98-402F-A632-769FA6194417}C:\program files\lionhead studios ltd\black & white\runblack.exe" = protocol=6 | dir=in | app=c:\program files\lionhead studios ltd\black & white\runblack.exe | 
"TCP Query User{3DCDCAAD-5664-4FDF-A3FB-AEA40C72380C}C:\programdata\kaspersky lab setup files\kaspersky anti-virus 7.0.1.325\german\setup.exe" = protocol=6 | dir=in | app=c:\programdata\kaspersky lab setup files\kaspersky anti-virus 7.0.1.325\german\setup.exe | 
"TCP Query User{3F8B84DC-1F7E-4322-95AF-2B740CC77CD2}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | 
"TCP Query User{44580C5D-F2A7-464C-B1CB-228019E438EC}C:\program files\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | 
"TCP Query User{45DBC807-3B97-42A3-A5B5-FBA66110D698}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"TCP Query User{51FA4EE5-6F85-4066-871D-5EC4890E72D1}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | 
"TCP Query User{5D03C8D0-00B0-41FF-8BD5-BB27A8E64475}C:\program files\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe | 
"TCP Query User{6BC9220D-30EF-434F-B074-CE3D66E1ECB4}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{7A36D7CC-D170-4800-A14C-D8F5CD1B8CEF}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"TCP Query User{7AF5932A-D0BF-42B9-8FAC-49C4830B2794}C:\program files\charles\charles.exe" = protocol=6 | dir=in | app=c:\program files\charles\charles.exe | 
"TCP Query User{7D831E99-FED7-47B8-8524-0DAD09E5B583}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"TCP Query User{8C5D91D1-A9DF-4047-AEA9-A9828E0318E5}C:\program files\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | 
"TCP Query User{9772A493-EAA8-46F5-A861-7519EF41163D}C:\program files\freetvradio\freetvradio.exe" = protocol=6 | dir=in | app=c:\program files\freetvradio\freetvradio.exe | 
"TCP Query User{B3DC33CF-F99F-497E-89C8-B6907A6F50F3}C:\program files\lionhead studios ltd\black & white\runblack.exe" = protocol=6 | dir=in | app=c:\program files\lionhead studios ltd\black & white\runblack.exe | 
"TCP Query User{BFAD110E-F03F-4CED-BD34-257935B39599}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe | 
"TCP Query User{E1FBBF56-1754-47D4-890B-7B1724C5D667}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{FA8AA0FE-652E-4AC8-9107-AB39B6C1082F}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"UDP Query User{0C35CF66-5C48-46C7-88C6-CB18F44F19FF}C:\programdata\kaspersky lab setup files\kaspersky anti-virus 7.0.1.325\german\setup.exe" = protocol=17 | dir=in | app=c:\programdata\kaspersky lab setup files\kaspersky anti-virus 7.0.1.325\german\setup.exe | 
"UDP Query User{0F01AEB5-0D00-4A4E-9E2F-054D53B7FCBE}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"UDP Query User{111FE701-6DA2-427D-B5AE-868A3FA712A3}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe | 
"UDP Query User{1919F3B3-B92F-4F6C-BADE-B0403DEBE9B4}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | 
"UDP Query User{1FD34F00-F2AC-4D5D-BC94-490B80531582}C:\program files\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe | 
"UDP Query User{2599FEF8-A41F-4E8A-BF8E-BAB3C48EFE68}C:\program files\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | 
"UDP Query User{370B49F9-1F54-4B21-A09D-7CCFDE6B71DB}C:\program files\lionhead studios ltd\black & white\runblack.exe" = protocol=17 | dir=in | app=c:\program files\lionhead studios ltd\black & white\runblack.exe | 
"UDP Query User{3F46DE2E-06D2-4CA7-B8F4-B2366E190383}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | 
"UDP Query User{91981058-E6B5-47E0-B7BC-BE5DEE2F450E}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"UDP Query User{9BCAF312-5233-4908-A8A5-EE28C10E9059}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"UDP Query User{ADFC1B64-5C16-429D-AE16-51C5110872A8}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"UDP Query User{B921647C-A6DA-40CD-A41D-D61DCF074733}C:\program files\charles\charles.exe" = protocol=17 | dir=in | app=c:\program files\charles\charles.exe | 
"UDP Query User{B9F2527D-3430-4355-98C4-E03EAA0F6621}C:\program files\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | 
"UDP Query User{C8B4DDEF-90DE-46C9-B7AA-F9CB55315AF2}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{CBFBBB41-302F-4B55-853E-B1ABBC66170B}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"UDP Query User{E309984B-9C54-4A30-98D2-AEF696B10C60}C:\program files\lionhead studios ltd\black & white\runblack.exe" = protocol=17 | dir=in | app=c:\program files\lionhead studios ltd\black & white\runblack.exe | 
"UDP Query User{E9B73CA4-F0BA-4544-BA8B-8B4A5D983485}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"UDP Query User{EBEE05F1-D1AE-4D42-8FC5-464CBE0D209D}C:\program files\freetvradio\freetvradio.exe" = protocol=17 | dir=in | app=c:\program files\freetvradio\freetvradio.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{04830D0F-F980-4EC0-89F1-594F2FD2A1B5}" = ElsterFormular 2008/2009
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0627E8E9-6822-4A5E-9225-286741CDC3E4}" = FileViewerUtility 1.0
"{119B7481-0216-40D2-A5CC-C3E1F461ECC1}" = Windows Live Fotogalerie
"{167FE5D9-865C-4050-BF26-DEB1CF078BEA}" = Canon Camera TWAIN Driver
"{192A107E-C6B9-41B9-BDBF-38E3AA226054}" = OpenOffice.org 3.2
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{2987EE84-C4EE-4FF5-8160-32DE00D6ABC6}" = GTA2
"{2D6BDF3A-6BDB-4169-909F-E882F23AB795}" = Camera Window
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}" = Nero Recode
"{368BA326-73AD-4351-84ED-3C0A7A52CC53}" = Nero Rescue Agent
"{36C97B5B-5593-45B8-B50E-DAD87036BD9D}" = Microsoft LifeCam
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{4216D328-0FE8-48B8-85B8-BD300E6F080F}" = Nokia Connectivity Cable Driver
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B9BB601-13E9-4042-A3BC-E7955BF4A98F}" = Kaspersky Anti-Virus 7.0
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{54B1E5A3-1B29-4582-A226-172A1FC7BA6C}" = Windows Live Family Safety
"{5513FFE5-06DA-4D96-9A9D-6D0476605F87}" = Black & White® 2 Demo
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{5AEACC26-7AD4-4957-BA81-A2875DB46493}" = Canon Camera TWAIN Driver
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6E298B0A-558C-4138-0096-740677B382CD}" = HdR Die Rückkehr des Königs tm
"{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{91E04CA7-0B13-4F8C-AA4D-2A573AC96D19}" = Windows Live Essentials
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9942e78b-cdf8-4128-8257-4a27e9ec4373}" = Nero 9 Trial
"{9A200E68-D5F4-4E70-910F-2871753A0E2B}" = Worms World Party
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A853299-C732-4ABC-AA46-6B8A4424537F}" = PDF-XChange Viewer
"{9E82B934-9A25-445B-B8DF-8012808074AC}" = Nero PhotoSnap
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A209525B-3377-43F4-B886-32F6B6E7356F}" = Nero WaveEditor
"{A3E0FF15-90D5-40CD-8565-B80A433B0D4C}" = PhotoStitch
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1.3 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B08894AF-D523-46B1-9B9B-2DA6B29CDD23}" = RemoteCapture 2.6
"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BEAD39CD-901D-4267-8B8B-EAA83CB4B70D}" = Pivot Stickfigure Animator
"{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}" = Canon Utilities ZoomBrowser EX
"{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}" = SoundTrax
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM
"{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}" = PC Connectivity Solution
"{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}" = Nero ShowTime
"{D9E52CD1-9DF1-4A8A-9BDC-1E5E53982F2B}" = Black & White® 2
"{E3B99F3D-9856-482A-9048-305E28E2510C}" = Vodafone Mobile Connect
"{E498385E-1C51-459A-B45F-1721E37AA1A0}" = Movie Templates - Starter Kit
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{ECCA3728-2753-4C3A-8608-5A41C4AEBDB7}" = Sony Vegas Pro 8.0
"{ED636101-1959-4360-8BF7-209436E7DEE4}" = Windows Live Sync
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F1861F30-3419-44DB-B2A1-C274825698B3}" = Nero Disc Copy Gadget
"{F38FD0E4-B991-462B-873D-F2115EADD093}" = Nokia PC Suite
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FB1AC1F1-8F47-4DCE-A1ED-0DFBA0F455B4}" = Driver Mender
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"{FEB2D0CA-9912-4AA1-8FBE-CFD852F9F1FC}" = Panda Cloud Antivirus
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Alawar.com Toolbar" = Alawar.com Toolbar
"Alive Video Converter_is1" = Alive Video Converter (version 3.2.0.8)
"Ask Toolbar_is1" = Ask Toolbar
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.8 (Unicode)
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BitTorrent" = BitTorrent
"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Wireless LAN Adapter
"Car 1.00" = Car 1.00
"Charles_XK72" = Charles
"DJ Mix Pro" = DJ Mix Pro
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"File Recover_is1" = File Recover 7.5
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free Studio_is1" = Free Studio version 4.7
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.7
"GhostMouse 2.0" = GhostMouse 2.0
"Google Updater" = Google Updater
"Gutscheinmieze - Toolbar" = Gutscheinmieze - Toolbar
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HyperCam 2" = HyperCam 2
"ICQToolbar" = ICQ Toolbar
"InfraRecorder" = InfraRecorder
"InstallShield_{0627E8E9-6822-4A5E-9225-286741CDC3E4}" = Canon Utilities FileViewerUtility 1.0
"InstallShield_{167FE5D9-865C-4050-BF26-DEB1CF078BEA}" = Canon IXY 320, PowerShot S230, IXUS v3 TWAIN-Treiber
"InstallShield_{2D6BDF3A-6BDB-4169-909F-E882F23AB795}" = Canon Camera Window for ZoomBrowser EX
"InstallShield_{5AEACC26-7AD4-4957-BA81-A2875DB46493}" = Canon PowerShot G3 TWAIN-Treiber
"InstallShield_{A3E0FF15-90D5-40CD-8565-B80A433B0D4C}" = Canon Utilities PhotoStitch 3.1
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{B08894AF-D523-46B1-9B9B-2DA6B29CDD23}" = Canon Utilities RemoteCapture 2.6
"InstallWIX_{4B9BB601-13E9-4042-A3BC-E7955BF4A98F}" = Kaspersky Anti-Virus 7.0
"JDownloader" = JDownloader
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 3.7.5
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 4.0 (x86 de)" = Mozilla Firefox 4.0 (x86 de)
"My Video Downloader2.0.1.1" = My Video Downloader
"Nokia PC Suite" = Nokia PC Suite
"NSS" = Norton Security Scan
"Orbit_is1" = Orbit Downloader
"Panda Cloud Antivirus" = Panda Cloud Antivirus
"Panda Identity Protect" = Panda Identity Protect 3.0.44
"Panda Security URL Filtering" = Panda Security URL Filtering
"pandasecuritytb" = Panda Security Toolbar
"PartyPoker" = PartyPoker
"PhotoRecord" = Canon PhotoRecord
"PhotoScape" = PhotoScape
"PROSet" = Intel(R) PRO Network Connections Drivers
"RealPlayer 6.0" = RealPlayer
"SearchAnonymizer" = SearchAnonymizer
"Softonic_Deutsch Toolbar" = Softonic_Deutsch Toolbar
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Tomb Raider: Anniversary Demo" = Tomb Raider: Anniversary Demo 1.0
"TrueCrypt" = TrueCrypt
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 0.9.9
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Zoo Tycoon 1.0" = Microsoft Zoo Tycoon
"Zylom Games Player Plugin" = Zylom Games Player Plugin
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >
         
--- --- ---

Habe jetzt auchb Malwarebytes durchlaufen lassen und folgendes bekommen:


Malwarebytes' Anti-Malware 1.50.1.1100
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: 6455

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

27.04.2011 11:07:33
mbam-log-2011-04-27 (11-07-33).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 175315
Laufzeit: 11 Minute(n), 7 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\Windows\Tasks\{8c3fdd81-7ae0-4605-a46a-2488b179f2a3}.job (Trojan.Downloader) -> Quarantined and deleted successfully.

Alt 06.05.2011, 12:48   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojaner TR/Kazy.mekml.1 entfernen ( doppelt ) - Standard

Trojaner TR/Kazy.mekml.1 entfernen ( doppelt )



http://www.trojaner-board.de/98271-t...-probleme.html
__________________

__________________

 

Themen zu Trojaner TR/Kazy.mekml.1 entfernen ( doppelt )
audacity, avira, black, cloud, converter, downloader, entfernen, error, firefox, flash player, format, google, google earth, home, install.exe, jdownloader, location, logfile, mozilla, mp3, oldtimer, recover, registry, rundll, saver, scan, security, server, shell32.dll, softonic, software, svchost.exe, tcp, trojaner, udp, video converter, virus, vista, vodafone



Ähnliche Themen: Trojaner TR/Kazy.mekml.1 entfernen ( doppelt )


  1. Trojaner TR/Kazy.mekml.1
    Log-Analyse und Auswertung - 20.05.2011 (20)
  2. Trojaner TR/Kazy.mekml.1
    Log-Analyse und Auswertung - 12.05.2011 (57)
  3. AW: Trojaner TR/Kazy.mekml.1
    Log-Analyse und Auswertung - 10.05.2011 (1)
  4. Trojaner/Kazy.mekml.1
    Log-Analyse und Auswertung - 05.05.2011 (28)
  5. Trojaner kazy.mekml.1
    Plagegeister aller Art und deren Bekämpfung - 30.04.2011 (22)
  6. Trojaner TR/Kazy.mekml.1
    Plagegeister aller Art und deren Bekämpfung - 29.04.2011 (12)
  7. Trojaner TR/Kazy.mekml.1
    Diskussionsforum - 27.04.2011 (1)
  8. Trojaner Kazy.mekml.1
    Mülltonne - 27.04.2011 (1)
  9. Trojaner TR/Kazy.mekml.1
    Plagegeister aller Art und deren Bekämpfung - 27.04.2011 (23)
  10. Der Kazy.mekml.1 Trojaner
    Plagegeister aller Art und deren Bekämpfung - 26.04.2011 (3)
  11. Trojaner TR/Kazy.mekml.1
    Mülltonne - 25.04.2011 (1)
  12. TR/kazy.mekml.1 spätfolgen entfernen
    Plagegeister aller Art und deren Bekämpfung - 25.04.2011 (1)
  13. Trojaner Kazy.mekml.1
    Log-Analyse und Auswertung - 25.04.2011 (1)
  14. Trojaner TR Kazy.mekml.1
    Log-Analyse und Auswertung - 23.04.2011 (1)
  15. Hilfe! Trojaner kazy.mekml.1!
    Log-Analyse und Auswertung - 22.04.2011 (1)
  16. Trojaner Kazy.mekml
    Log-Analyse und Auswertung - 21.04.2011 (13)
  17. Trojaner Kazy.mekml.1
    Plagegeister aller Art und deren Bekämpfung - 20.04.2011 (28)

Zum Thema Trojaner TR/Kazy.mekml.1 entfernen ( doppelt ) - Habe schon in anderen Posts gelesen was der erste Schritt bei diesem Virus ist und haben diesen schonmal ausgeführt Extras.Txt:OTL EXTRAS Logfile: Code: Alles auswählen Aufklappen ATTFilter OTL Extras logfile - Trojaner TR/Kazy.mekml.1 entfernen ( doppelt )...
Archiv
Du betrachtest: Trojaner TR/Kazy.mekml.1 entfernen ( doppelt ) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.