| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: sdra64.exe wird andauernd von Malwarebytes gefundenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
08.05.2010, 23:58
| #1 |
| |  sdra64.exe wird andauernd von Malwarebytes gefunden Hallo, ich habe schon gesehen das ihr jede menge ahnung von viren und maleware und so n schrott habt  ich hab normal kaum probleme mit solchen sachen, war immer recht glücklich durchs netz gesurft aber mittlerweile drehe ich fast am rad. ich will euch auch nicht weiter nerven mit meiner vorgeschichte. wenn ich meinen rechner starte startet auch nach einigen minuten Malwarebytes und findet immer wieder diese sdra64.exe. hab schon mit Malwarebytes, Spyware Terminator, adaware, spybot und wise reg cleaner versucht das ding zu entfernen und immer wenn ich nach dieser datei schauen will ist sie weg, scheinbar entfernt Malwarebytes sie immer wenn ich auf continue klicke. kann mir bitte jemand helfen ? gruss medim  ) |
|
09.05.2010, 01:21
| #2 |
| |  sdra64.exe wird andauernd von Malwarebytes gefunden vielleicht hilft das da ja ? habs mit OTL gemacht
__________________ OTL Logfile: Code:
ATTFilter OTL logfile created on: 09.05.2010 01:19:14 - Run 1 OTL by OldTimer - Version 3.2.4.1 Folder = C:\Dokumente und Einstellungen\mcausevic\Eigene Dateien\Downloads Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 38,00% Memory free 3,00 Gb Paging File | 2,00 Gb Available in Paging File | 64,00% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 29,81 Gb Total Space | 3,93 Gb Free Space | 13,17% Space Free | Partition Type: NTFS Drive D: | 55,89 Gb Total Space | 55,83 Gb Free Space | 99,88% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Drive W: | 65,06 Gb Total Space | 50,39 Gb Free Space | 77,45% Space Free | Partition Type: NTFS Drive X: | 58,59 Gb Total Space | 56,51 Gb Free Space | 96,44% Space Free | Partition Type: NTFS Drive Y: | 76,27 Gb Total Space | 46,62 Gb Free Space | 61,13% Space Free | Partition Type: NTFS Drive Z: | 68,36 Gb Total Space | 16,23 Gb Free Space | 23,74% Space Free | Partition Type: NTFS Computer Name: MANHATTE-837ECB Current User Name: mcausevic Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Dokumente und Einstellungen\mcausevic\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft) PRC - C:\Programme\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft) PRC - Y:\Tobit Radio.fx\Server\rfx-server.exe () PRC - C:\Programme\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com) PRC - C:\Programme\Spyware Terminator\SpywareTerminatorShield.Exe (Crawler.com) PRC - C:\Programme\Spyware Terminator\sp_rsser.exe (Crawler.com) PRC - C:\Programme\Crawler\CToolbar.exe (Crawler.com) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom) PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) PRC - C:\WINDOWS\system32\TUProgSt.exe (TuneUp Software) PRC - C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe (Nero AG) PRC - C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\isuspm .exe (Macrovision Corporation) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) ========== Modules (SafeList) ========== MOD - C:\Dokumente und Einstellungen\mcausevic\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools) MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll (Microsoft Corporation) MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (Lavasoft Ad-Aware Service) -- C:\Programme\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft) SRV - (Radio.fx) -- Y:\Tobit Radio.fx\Server\rfx-server.exe () SRV - (sp_rssrv) -- C:\Programme\Spyware Terminator\sp_rsser.exe (Crawler.com) SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (TomTomHOMEService) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom) SRV - (FLEXnet Licensing Service) -- C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.) SRV - (SeaPort) -- C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) SRV - (TuneUp.ProgramStatisticsSvc) -- C:\WINDOWS\system32\TUProgSt.exe (TuneUp Software) SRV - (Nero BackItUp Scheduler 4.0) -- C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe (Nero AG) ========== Driver Services (SafeList) ========== DRV - (sp_rsdrv2) -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys () DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH) DRV - (Lbd) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB) DRV - (mod7700) -- C:\WINDOWS\system32\drivers\dvb7700all.sys (DiBcom) DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH) DRV - (ZTEusbnmea) -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys (ZTE Incorporated) DRV - (ZTEusbser6k) -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys (ZTE Incorporated) DRV - (ZTEusbmdm6k) -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys (ZTE Incorporated) DRV - (hwdatacard) -- C:\WINDOWS\system32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV - (massfilter) -- C:\WINDOWS\system32\drivers\massfilter.sys (ZTE Incorporated) DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (USBModem) -- C:\WINDOWS\system32\drivers\lgusbmodem.sys (LG Electronics Inc.) DRV - (UsbDiag) -- C:\WINDOWS\system32\drivers\lgusbdiag.sys (LG Electronics Inc.) DRV - (usbbus) -- C:\WINDOWS\system32\drivers\lgusbbus.sys (LG Electronics Inc.) DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation ) DRV - (VIAHdAudAddService) -- C:\WINDOWS\system32\drivers\viahduaa.sys (VIA Technologies, Inc.) DRV - (ialm) -- C:\WINDOWS\system32\drivers\igxpmp32.sys (Intel Corporation) DRV - (monfilt) -- C:\WINDOWS\system32\drivers\monfilt.sys (Creative Technology Ltd.) DRV - (SNPSTD3) USB PC Camera (SNPSTD3) -- C:\WINDOWS\system32\drivers\snpstd3.sys (Sonix Co. Ltd.) DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys (Windows (R) Server 2003 DDK provider) DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\ASACPI.sys () DRV - (MPE) -- C:\WINDOWS\system32\drivers\MPE.sys (Microsoft Corporation) DRV - (ASPI) -- C:\WINDOWS\system32\drivers\ASPI32.SYS (Adaptec) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = hxxp://dnl.crawler.com/support/sa_customize.aspx?TbId=60076 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.crawler.com/search/ie.aspx?tb_id=60076 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2303923 IE - HKCU\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Programme\Crawler\ctbr.dll (Crawler.com) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Schnell Sucher" FF - prefs.js..browser.search.order.1: "Ask" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.update: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://de.mg40.mail.yahoo.com/dc/launch?.gx=1&.rand=241ck2nnngb8p" FF - prefs.js..extensions.enabledItems: {38AB6A6C-CC4C-4f9e-A3DD-3C5681EF18A1}:1.0.3.84 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971 FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.3 FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.3 FF - prefs.js..extensions.enabledItems: {4B3803EA-5230-4DC3-A7FC-33638F3D3542}:1.3 FF - prefs.js..keyword.URL: "hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q=" FF - HKLM\software\mozilla\Firefox\extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\Programme\Crawler\firefox\ [2010.05.02 20:46:41 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.04.29 14:54:24 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.04.03 13:40:28 | 000,000,000 | ---D | M] [2010.03.04 17:07:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mcausevic\Anwendungsdaten\Mozilla\Extensions [2010.03.04 17:07:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mcausevic\Anwendungsdaten\Mozilla\Extensions\home2@tomtom.com [2010.05.09 00:58:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mcausevic\Anwendungsdaten\Mozilla\Firefox\Profiles\a3dxxaek.default\extensions [2010.04.27 09:22:06 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\mcausevic\Anwendungsdaten\Mozilla\Firefox\Profiles\a3dxxaek.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2009.10.18 19:28:35 | 000,000,000 | ---D | M] () -- C:\Dokumente und Einstellungen\mcausevic\Anwendungsdaten\Mozilla\Firefox\Profiles\a3dxxaek.default\extensions\{38AB6A6C-CC4C-4f9e-A3DD-3C5681EF18A1} [2010.03.30 14:22:43 | 000,000,000 | ---D | M] (FoxTab) -- C:\Dokumente und Einstellungen\mcausevic\Anwendungsdaten\Mozilla\Firefox\Profiles\a3dxxaek.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} [2010.04.27 09:22:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mcausevic\Anwendungsdaten\Mozilla\Firefox\Profiles\a3dxxaek.default\extensions\personas@christopher.beard [2009.04.21 08:38:08 | 000,000,682 | ---- | M] () -- C:\Dokumente und Einstellungen\mcausevic\Anwendungsdaten\Mozilla\Firefox\Profiles\a3dxxaek.default\searchplugins\ask.xml [2009.11.15 06:43:46 | 000,000,509 | ---- | M] () -- C:\Dokumente und Einstellungen\mcausevic\Anwendungsdaten\Mozilla\Firefox\Profiles\a3dxxaek.default\searchplugins\Schnell Sucher.xml [2010.05.09 00:48:12 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions [2008.09.04 02:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npbittorrent.dll [2009.09.21 12:00:44 | 001,447,328 | ---- | M] (1 mal 1 Software GmbH) -- C:\Programme\Mozilla Firefox\plugins\NpFv522.dll [2010.03.12 23:59:59 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2009.09.21 11:24:16 | 000,001,329 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\crawlersrch.xml [2010.03.12 23:59:59 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.03.12 23:59:59 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.03.12 23:59:59 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.03.12 23:59:59 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2004.08.04 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: () - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Programme\Crawler\ctbr.dll (Crawler.com) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Programme\Crawler\ctbr.dll (Crawler.com) O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Programme\Crawler\ctbr.dll (Crawler.com) O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [ISUSPM] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\isuspm .exe (Macrovision Corporation) O4 - HKLM..\Run: [QuickTime Task] C:\programme\quicktime\qttask .exe (Apple Inc.) O4 - HKLM..\Run: [SpywareTerminator] C:\Programme\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com) O4 - HKLM..\Run: [TrojanScanner] C:\Programme\Trojan Remover\Trjscan.exe (Simply Super Software) O4 - HKCU..\Run: [SpywareTerminatorUpdate] C:\Programme\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - Reg Error: Value error. File not found O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - Reg Error: Value error. File not found O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - Reg Error: Value error. File not found O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet) O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Programme\Crawler\ctbr.dll (Crawler.com) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\sdra64.exe) - C:\WINDOWS\System32\sdra64.exe File not found O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\mcausevic\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\mcausevic\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.04.20 12:31:28 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009.09.26 09:31:54 | 000,000,000 | ---D | M] - W:\Auto musik -- [ NTFS ] O33 - MountPoints2\{0ac232ea-2d9a-11de-99cd-00248c60adc6}\Shell - "" = AutoRun O33 - MountPoints2\{0ac232ea-2d9a-11de-99cd-00248c60adc6}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{0ac232ea-2d9a-11de-99cd-00248c60adc6}\Shell\AutoRun\command - "" = G:\StartVMCLite.exe -- File not found O33 - MountPoints2\{19521fa0-279f-11df-9cd3-00248c60adc6}\Shell\AutoRun\command - "" = E:\InstallTomTomHOME.exe -- File not found O33 - MountPoints2\{2961688a-d75c-11de-9b97-cc4a1ca861d4}\Shell - "" = AutoRun O33 - MountPoints2\{2961688a-d75c-11de-9b97-cc4a1ca861d4}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{2961688a-d75c-11de-9b97-cc4a1ca861d4}\Shell\AutoRun\command - "" = D:\StartVMCLite.exe -- File not found O33 - MountPoints2\{8f8a2302-22db-11df-9ccc-00248c60adc6}\Shell - "" = AutoRun O33 - MountPoints2\{8f8a2302-22db-11df-9ccc-00248c60adc6}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{8f8a2302-22db-11df-9ccc-00248c60adc6}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found O33 - MountPoints2\{e2a9b18f-fc06-11de-9c3d-00248c60adc6}\Shell - "" = AutoRun O33 - MountPoints2\{e2a9b18f-fc06-11de-9c3d-00248c60adc6}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{e2a9b18f-fc06-11de-9c3d-00248c60adc6}\Shell\AutoRun\command - "" = D:\USBAutoRun.exe -- File not found O33 - MountPoints2\{e42716d0-d6e7-11de-9b94-f2cf9451125e}\Shell - "" = AutoRun O33 - MountPoints2\{e42716d0-d6e7-11de-9b94-f2cf9451125e}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{e42716d0-d6e7-11de-9b94-f2cf9451125e}\Shell\AutoRun\command - "" = E:\StartVMCLite.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe () O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.05.08 08:00:13 | 000,000,000 | ---D | C] -- C:\Programme\Wise Registry Cleaner [2010.05.08 07:56:36 | 000,000,000 | ---D | C] -- C:\Programme\RegCleaner [2010.05.08 07:54:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVS4YOU [2010.05.08 07:54:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\mcausevic\Anwendungsdaten\AVS4YOU [2010.05.08 07:53:56 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\AVSMedia [2010.05.08 07:53:43 | 000,000,000 | ---D | C] -- C:\Programme\AVS4YOU [2010.05.04 21:11:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Adobe [2010.05.04 21:11:28 | 000,000,000 | -HSD | C] -- C:\WINDOWS\System32\lowsec [2010.05.02 20:46:17 | 000,000,000 | ---D | C] -- C:\Programme\Crawler [2010.05.01 08:54:18 | 000,000,000 | ---D | C] -- C:\opensim [2010.05.01 08:09:13 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\mcausevic\Anwendungsdaten\Spyware Terminator [2010.05.01 08:09:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spyware Terminator [2010.05.01 08:09:06 | 000,000,000 | ---D | C] -- C:\Programme\Spyware Terminator [2010.04.29 14:32:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP [2010.04.29 14:31:51 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ztvcabinet.dll [2010.04.29 14:31:48 | 000,000,000 | ---D | C] -- C:\Programme\Trojan Remover [2010.04.29 14:31:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\mcausevic\Eigene Dateien\Simply Super Software [2010.04.29 14:31:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\mcausevic\Anwendungsdaten\Simply Super Software [2010.04.29 14:31:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Simply Super Software [2010.04.29 14:29:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\mcausevic\Anwendungsdaten\Malwarebytes [2010.04.29 14:29:37 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010.04.29 14:29:35 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010.04.29 14:29:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes [2010.04.29 14:29:34 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2010.04.27 10:04:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Macromedia [2010.04.27 10:04:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Adobe [2010.04.27 09:58:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\mcausevic\Lokale Einstellungen\Anwendungsdaten\Windows Server [2010.04.22 23:01:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\InstallShield [2010.04.22 23:01:02 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\mcausevic\Recent [2010.04.22 22:08:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\mcausevic\Anwendungsdaten\Imprudence [2010.04.22 21:43:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\mcausevic\Lokale Einstellungen\Anwendungsdaten\Hippo_OpenSim_Viewer [2010.04.19 21:27:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\mcausevic\Desktop\Neuer Ordner (5) [2010.04.12 09:39:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\mcausevic\Lokale Einstellungen\Anwendungsdaten\LocalLow [2010.04.12 09:39:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\mcausevic\LocalLow [2010.04.11 23:41:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\mcausevic\Eigene Dateien\TubeBox! [2010.04.11 23:41:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\mcausevic\Anwendungsdaten\TubeBox [2010.04.11 18:36:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\mcausevic\Lokale Einstellungen\Anwendungsdaten\Emerald [2010.04.11 18:35:25 | 000,000,000 | ---D | C] -- C:\Programme\Emerald Viewer [2010.04.10 21:01:55 | 000,000,000 | ---D | C] -- C:\Programme\SpacialAudio [2010.04.09 23:12:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\mcausevic\Desktop\Konvertierte musik [2010.04.09 22:58:39 | 000,016,512 | ---- | C] (Adaptec) -- C:\WINDOWS\System32\drivers\ASPI32.SYS [2010.04.09 22:58:34 | 000,000,000 | ---D | C] -- C:\Programme\Alt WAV MP3 WMA OGG Converter [2009.11.21 14:49:40 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd3.dll [2007.03.12 12:41:52 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll [2005.11.23 13:55:32 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll [6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.05.09 01:17:14 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010.05.09 00:31:10 | 000,000,470 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2010.05.09 00:29:15 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010.05.09 00:29:10 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010.05.09 00:29:05 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010.05.08 11:44:55 | 000,000,805 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Emerald Viewer.lnk [2010.05.08 08:27:23 | 006,029,312 | ---- | M] () -- C:\Dokumente und Einstellungen\mcausevic\ntuser.dat [2010.05.08 08:27:23 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\mcausevic\ntuser.ini [2010.05.08 08:14:11 | 001,412,808 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010.05.08 08:13:05 | 004,841,268 | -H-- | M] () -- C:\Dokumente und Einstellungen\mcausevic\Lokale Einstellungen\Anwendungsdaten\IconCache.db [2010.05.08 08:00:15 | 000,001,678 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Clear with 1 click.lnk [2010.05.08 08:00:15 | 000,000,800 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Wise Registry Cleaner.lnk [2010.05.06 23:11:45 | 000,091,648 | ---- | M] () -- C:\Dokumente und Einstellungen\mcausevic\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.05.06 21:17:24 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010.05.04 22:03:40 | 000,000,665 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Radio.fx.LNK [2010.05.01 08:50:18 | 023,148,303 | R--- | M] () -- C:\osgrid.opensim-04302010.v0.6.9.post-fixes.0a9c98e.zip [2010.05.01 08:09:31 | 000,000,769 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Spyware Terminator.lnk [2010.05.01 08:09:15 | 000,142,592 | ---- | M] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys [2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010.04.29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010.04.29 14:29:40 | 000,000,676 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2010.04.29 14:28:57 | 001,042,118 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010.04.29 14:28:57 | 000,448,800 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2010.04.29 14:28:57 | 000,432,492 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010.04.29 14:28:57 | 000,080,108 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2010.04.29 14:28:57 | 000,067,448 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010.04.29 14:16:04 | 000,001,029 | ---- | M] () -- C:\WINDOWS\wininit.ini [2010.04.27 10:31:36 | 000,050,990 | ---- | M] () -- C:\WINDOWS\System32\ibembzmjtteffzyz.exe [2010.04.23 13:55:56 | 000,390,656 | ---- | M] () -- C:\WINDOWS\System32\ifdtxgbqnhf.dll.vir [2010.04.22 21:42:55 | 000,000,840 | ---- | M] () -- C:\Dokumente und Einstellungen\mcausevic\Desktop\Hippo OpenSim.lnk [2010.04.20 21:19:35 | 000,001,887 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk [2010.04.16 17:27:44 | 000,000,780 | ---- | M] () -- C:\WINDOWS\win.ini [2010.04.15 18:13:19 | 000,000,624 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\eMule.lnk [2010.04.15 13:07:35 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010.04.10 21:21:37 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys [2010.04.10 21:21:36 | 000,015,880 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe [2010.04.09 23:10:02 | 007,632,896 | ---- | M] () -- C:\Dokumente und Einstellungen\mcausevic\Desktop\18-billy_ocean-nights_feel_like_gettin_down_(live_-_previously_unreleased)-tn1.mp3 [2010.04.09 22:58:39 | 000,001,729 | ---- | M] () -- C:\Dokumente und Einstellungen\mcausevic\Desktop\Alt WAV MP3 WMA OGG Converter.lnk [6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.05.08 08:00:15 | 000,001,678 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Clear with 1 click.lnk [2010.05.08 08:00:15 | 000,000,800 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Wise Registry Cleaner.lnk [2010.05.04 22:03:40 | 000,000,665 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Radio.fx.LNK [2010.05.01 08:50:18 | 023,148,303 | R--- | C] () -- C:\osgrid.opensim-04302010.v0.6.9.post-fixes.0a9c98e.zip [2010.05.01 08:09:31 | 000,000,769 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Spyware Terminator.lnk [2010.05.01 08:09:15 | 000,142,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys [2010.04.29 14:31:51 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll [2010.04.29 14:31:51 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll [2010.04.29 14:31:51 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll [2010.04.29 14:31:51 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll [2010.04.29 14:29:40 | 000,000,676 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2010.04.27 09:59:25 | 000,050,990 | ---- | C] () -- C:\WINDOWS\System32\ibembzmjtteffzyz.exe [2010.04.20 21:19:35 | 000,001,887 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk [2010.04.15 18:13:19 | 000,000,624 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\eMule.lnk [2010.04.15 12:58:44 | 000,390,656 | ---- | C] () -- C:\WINDOWS\System32\ifdtxgbqnhf.dll.vir [2010.04.11 18:36:52 | 000,000,805 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Emerald Viewer.lnk [2010.04.09 23:09:55 | 007,632,896 | ---- | C] () -- C:\Dokumente und Einstellungen\mcausevic\Desktop\18-billy_ocean-nights_feel_like_gettin_down_(live_-_previously_unreleased)-tn1.mp3 [2010.04.09 22:58:39 | 000,001,729 | ---- | C] () -- C:\Dokumente und Einstellungen\mcausevic\Desktop\Alt WAV MP3 WMA OGG Converter.lnk [2010.03.21 16:15:55 | 000,554,496 | ---- | C] () -- C:\WINDOWS\System32\dvmsg.dll [2010.03.16 15:56:59 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll [2010.03.15 21:55:49 | 000,000,034 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2010.02.12 01:00:35 | 000,001,029 | ---- | C] () -- C:\WINDOWS\wininit.ini [2010.01.13 01:24:59 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI [2010.01.08 05:35:37 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\CommonDL.dll [2010.01.08 05:35:37 | 000,002,412 | ---- | C] () -- C:\WINDOWS\System32\lgAxconfig.ini [2009.08.21 13:13:07 | 000,004,767 | ---- | C] () -- C:\WINDOWS\Irremote.ini [2009.04.20 12:40:29 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4935.dll [2009.04.20 12:36:44 | 000,019,940 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini [2009.04.20 12:36:27 | 000,019,609 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2009.04.20 12:36:27 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys [2009.04.20 12:36:15 | 000,012,536 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2004.02.27 17:36:18 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini ========== Alternate Data Streams ========== @Alternate Data Stream - 121 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2 @Alternate Data Stream - 119 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:CB0AACC9 @Alternate Data Stream - 109 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:A8ADE5D8 < End of report > OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 09.05.2010 01:19:14 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Dokumente und Einstellungen\mcausevic\Eigene Dateien\Downloads
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 38,00% Memory free
3,00 Gb Paging File | 2,00 Gb Available in Paging File | 64,00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 29,81 Gb Total Space | 3,93 Gb Free Space | 13,17% Space Free | Partition Type: NTFS
Drive D: | 55,89 Gb Total Space | 55,83 Gb Free Space | 99,88% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive W: | 65,06 Gb Total Space | 50,39 Gb Free Space | 77,45% Space Free | Partition Type: NTFS
Drive X: | 58,59 Gb Total Space | 56,51 Gb Free Space | 96,44% Space Free | Partition Type: NTFS
Drive Y: | 76,27 Gb Total Space | 46,62 Gb Free Space | 61,13% Space Free | Partition Type: NTFS
Drive Z: | 68,36 Gb Total Space | 16,23 Gb Free Space | 23,74% Space Free | Partition Type: NTFS
Computer Name: MANHATTE-837ECB
Current User Name: mcausevic
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Programme\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" =
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Programme\Windows Live\Sync\WindowsLiveSync.exe" = C:\Programme\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\SecondLifeReleaseCandidate\SLVoice.exe" = C:\Programme\SecondLifeReleaseCandidate\SLVoice.exe:*:Enabled:SLVoice -- ()
"C:\Programme\DNA\btdna.exe" = C:\Programme\DNA\btdna.exe:*:Enabled:DNA -- (BitTorrent, Inc.)
"C:\Programme\BitTorrent\bittorrent.exe" = C:\Programme\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"C:\Programme\eMule\emule.exe" = C:\Programme\eMule\emule.exe:*:Enabled:eMule -- (hxxp://www.emule-project.net)
"C:\Programme\SpacialAudio\SAMBC\SAMBC.exe" = C:\Programme\SpacialAudio\SAMBC\SAMBC.exe:*:Enabled:SAMBC -- File not found
"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Programme\ICQ6.5\ICQ.exe" = C:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"C:\Programme\Hippo_OpenSim_Viewer\SLVoice.exe" = C:\Programme\Hippo_OpenSim_Viewer\SLVoice.exe:*:Enabled:SLVoice -- ()
"C:\Programme\SecondLifeReleaseCandidate\SecondLifeReleaseCandidate.exe" = C:\Programme\SecondLifeReleaseCandidate\SecondLifeReleaseCandidate.exe:*:Enabled:Second Life -- (Linden Lab)
"C:\Programme\OpenSim\OpenSim.exe" = C:\Programme\OpenSim\OpenSim.exe:*:Enabled: -- File not found
"C:\Programme\Mozilla Firefox\firefox.exe" = C:\Programme\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Programme\Windows Live\Sync\WindowsLiveSync.exe" = C:\Programme\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Programme\TerraTec\TerraTec Home Cinema\CinergyDvr.exe" = C:\Programme\TerraTec\TerraTec Home Cinema\CinergyDvr.exe:*:Enabled:TerraTec Home Cinema Basic -- File not found
"C:\Programme\TerraTec\TerraTec Home Cinema\tvtvSetup\tvtv_Wizard.exe" = C:\Programme\TerraTec\TerraTec Home Cinema\tvtvSetup\tvtv_Wizard.exe:*:Enabled:TerraTec Home Cinema Basic (tvtv Setup) -- File not found
"C:\Programme\TerraTec\TerraTec Home Cinema\VersionCheck\VersionCheck.exe" = C:\Programme\TerraTec\TerraTec Home Cinema\VersionCheck\VersionCheck.exe:*:Enabled:TerraTec Home Cinema Basic (Auto Update) -- File not found
"F:\fsetup.exe" = F:\fsetup.exe:*:Enabled:AVM FSetup Application -- File not found
"Y:\Tobit Radio.fx\Server\rfx-server.exe" = Y:\Tobit Radio.fx\Server\rfx-server.exe:*:Enabled:Radio.fx Server -- ()
"Y:\Tobit Radio.fx\Client\rfx-client.exe" = Y:\Tobit Radio.fx\Client\rfx-client.exe:*:Enabled:Radio.fx Client -- (Tobit.Software)
"C:\Programme\SpacialAudio\SAMBC\SAMReporter\SAMReporter.exe" = C:\Programme\SpacialAudio\SAMBC\SAMReporter\SAMReporter.exe:*:Disabled:SAMReporter -- File not found
"C:\Dokumente und Einstellungen\mcausevic\Lokale Einstellungen\Temp\{7BA7D570-A676-4137-BC8E-011C9EE60A2A}\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}\InstTool.exe" = C:\Dokumente und Einstellungen\mcausevic\Lokale Einstellungen\Temp\{7BA7D570-A676-4137-BC8E-011C9EE60A2A}\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}\InstTool.exe:*:Enabled:TerraTec Home Cinema (Setup) -- File not found
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{065D5505-3821-4C2E-BB6C-FE66A7E7CB4F}" = USB Flash Port Driver
"{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help
"{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08C0729E-3E50-11DF-9D81-005056806466}" = Google Earth
"{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool
"{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM
"{12345674-DE9A-677A-CCEE-666356D89777}" = Nero BurnRights
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{204D48C5-6231-4955-83EC-623DCB437FD9}_is1" = Emerald Viewer 1.23.5.1634
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 13
"{28CC9AFD-689F-F54D-3E1F-B70EE51B02AD}" = SimCity 4 Deluxe
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{29F05234-DCBB-4FE0-88DC-5160C9250312}" = Adobe Photoshop CS3
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart
"{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax
"{338F08AB-C262-42C7-B000-34DE1A475273}" = Ad-Aware Email Scanner for Outlook
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4a18140c-83ee-4483-9884-c36e79058865}" = Nero 9
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help
"{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{548F99E0-14CC-4D53-A7D6-4A62A5F2C748}" = Nero PhotoSnap
"{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A62A775-A29A-4CE1-BBC2-4A9CD0B211EF}" = Nero Live Help
"{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision
"{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help
"{5C42EAB8-54F9-423A-948C-1CBEF25F8DB4}" = Nero PhotoSnap Help
"{5C9BB0B3-E830-4814-BBA4-D93535E1C7B9}" = Nero Live
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{6A152894-9026-4DE0-9A1D-72FC215C1BFD}" = MySQL Server 5.1
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed
"{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express
"{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress
"{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool
"{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1.1 - Deutsch
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B95416CC-D7EA-4636-A8FC-600A1880DBC8}" = TubeBox!
"{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}" = WinZip 12.0
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D765F1CE-5AE5-4C47-B134-AE58AC474740}" = OpenOffice.org 3.1
"{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}" = LG USB Modem Drivers
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help
"{EA9FFE54-D8B1-11DC-92EF-E98356D81493}" = Nero BurnRights
"{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = USB PC Camera
"{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}" = Adobe Setup
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F53F6769-AC46-49E3-ABE3-2C8AFD39D0DD}" = Nero Vision
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"7D6D030B3D73FCCA3D4E45319380F315DFBE7A54" = Windows-Treiberpaket - Infineon Technologies (FlashUSB) USB (04/16/2009 1.0.0.6)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_5f143314a5d434c8511097393d17397" = Adobe Photoshop CS3
"Alt WAV MP3 WMA OGG Converter 7.3_is1" = Alt WAV MP3 WMA OGG Converter 7.3
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVMFBox" = AVM FRITZ!Box Dokumentation
"AVMFBoxPrinter" = AVM FRITZ!Box Druckeranschluss
"CToolbar_UNINSTALL" = Crawler Toolbar with Web Security Guard
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FUSSBALL MANAGER 09" = FUSSBALL MANAGER 09
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"ibembzmjtteffzyz" = Performance Solution Hotrevenue
"Infineon USB driver_is1" = Infineon USB driver 1.0.0.6
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"PalTalk8.2" = PaltalkScene
"SecondLifeReleaseCandidate" = SecondLifeReleaseCandidate (remove only)
"Spyware Terminator_is1" = Spyware Terminator
"Tobit Radio.fx Server" = Radio.fx
"TomTom HOME" = TomTom HOME 2.7.3.1894
"Trojan Remover_is1" = Trojan Remover 6.8.1
"VLC media player" = VLC media player 1.0.5
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Wise Registry Cleaner_is1" = Wise Registry Cleaner Free 5.21
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
"BitTorrent DNA" = DNA
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 29.04.2010 08:38:28 | Computer Name = MANHATTE-837ECB | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung wgj75.exe, Version 6.8.1.2587, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 01.05.2010 02:02:58 | Computer Name = MANHATTE-837ECB | Source = pctsSvc.exe | ID = 0
Description =
Error - 01.05.2010 03:11:41 | Computer Name = MANHATTE-837ECB | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 opensim.exe, P2 0.0.0.0, P3 4bdb4b85, P4 mscorlib,
P5 2.0.0.0, P6 4a7cd8f7, P7 ad6, P8 581, P9 system.formatexception, P10 NIL.
Error - 01.05.2010 03:13:38 | Computer Name = MANHATTE-837ECB | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 opensim.exe, P2 0.0.0.0, P3 4bdb4b85, P4 mscorlib,
P5 2.0.0.0, P6 4a7cd8f7, P7 ad6, P8 581, P9 system.formatexception, P10 NIL.
Error - 01.05.2010 03:14:41 | Computer Name = MANHATTE-837ECB | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 opensim.exe, P2 0.0.0.0, P3 4bdb4b85, P4 mscorlib,
P5 2.0.0.0, P6 4a7cd8f7, P7 ad6, P8 581, P9 system.formatexception, P10 NIL.
Error - 01.05.2010 04:29:38 | Computer Name = MANHATTE-837ECB | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung wmplayer.exe, Version 11.0.5721.5145, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 04.05.2010 16:46:39 | Computer Name = MANHATTE-837ECB | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung firefox.exe, Version 1.9.2.3743, fehlgeschlagenes
Modul shlwapi.dll, Version 6.0.2900.3676, Fehleradresse 0x0002c428.
Error - 05.05.2010 16:51:20 | Computer Name = MANHATTE-837ECB | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung vlc.exe, Version 1.0.5.0, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 08.05.2010 01:46:06 | Computer Name = MANHATTE-837ECB | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung firefox.exe, Version 1.9.2.3743, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 08.05.2010 01:50:47 | Computer Name = MANHATTE-837ECB | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung firefox.exe, Version 1.9.2.3743, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
[ System Events ]
Error - 08.05.2010 06:21:10 | Computer Name = MANHATTE-837ECB | Source = DCOM | ID = 10000
Description = Ein DCOM-Server konnte nicht gestartet werden: {FFF2D28F-E4EE-44D9-8104-8E71556757F6}.
Fehler:
"%2"
aufgetreten
beim Starten dieses Befehls: C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\agent.exe -Embedding
Error - 08.05.2010 18:29:18 | Computer Name = MANHATTE-837ECB | Source = DCOM | ID = 10000
Description = Ein DCOM-Server konnte nicht gestartet werden: {FFF2D28F-E4EE-44D9-8104-8E71556757F6}.
Fehler:
"%2"
aufgetreten
beim Starten dieses Befehls: C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\agent.exe -Embedding
Error - 08.05.2010 18:29:18 | Computer Name = MANHATTE-837ECB | Source = DCOM | ID = 10000
Description = Ein DCOM-Server konnte nicht gestartet werden: {FFF2D28F-E4EE-44D9-8104-8E71556757F6}.
Fehler:
"%2"
aufgetreten
beim Starten dieses Befehls: C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\agent.exe -Embedding
Error - 08.05.2010 18:29:30 | Computer Name = MANHATTE-837ECB | Source = Ftdisk | ID = 262189
Description = Das System konnte den Treiber für das Speicherabbild nicht laden.
Error - 08.05.2010 18:29:30 | Computer Name = MANHATTE-837ECB | Source = Ftdisk | ID = 262193
Description = Die Konfiguration der Auslagerungsdatei für das Speicherabbild ist
fehlgeschlagen. Stellen Sie sicher, dass eine Auslagerungsdatei auf der Startpartition
vorhanden ist und dass diese groß genug ist, um den gesamten physikalischen Speicher
abbilden zu können.
Error - 08.05.2010 18:39:18 | Computer Name = MANHATTE-837ECB | Source = DCOM | ID = 10000
Description = Ein DCOM-Server konnte nicht gestartet werden: {FFF2D28F-E4EE-44D9-8104-8E71556757F6}.
Fehler:
"%2"
aufgetreten
beim Starten dieses Befehls: C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\agent.exe -Embedding
Error - 08.05.2010 18:49:18 | Computer Name = MANHATTE-837ECB | Source = DCOM | ID = 10000
Description = Ein DCOM-Server konnte nicht gestartet werden: {FFF2D28F-E4EE-44D9-8104-8E71556757F6}.
Fehler:
"%2"
aufgetreten
beim Starten dieses Befehls: C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\agent.exe -Embedding
Error - 08.05.2010 18:59:18 | Computer Name = MANHATTE-837ECB | Source = DCOM | ID = 10000
Description = Ein DCOM-Server konnte nicht gestartet werden: {FFF2D28F-E4EE-44D9-8104-8E71556757F6}.
Fehler:
"%2"
aufgetreten
beim Starten dieses Befehls: C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\agent.exe -Embedding
Error - 08.05.2010 19:09:18 | Computer Name = MANHATTE-837ECB | Source = DCOM | ID = 10000
Description = Ein DCOM-Server konnte nicht gestartet werden: {FFF2D28F-E4EE-44D9-8104-8E71556757F6}.
Fehler:
"%2"
aufgetreten
beim Starten dieses Befehls: C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\agent.exe -Embedding
Error - 08.05.2010 19:19:18 | Computer Name = MANHATTE-837ECB | Source = DCOM | ID = 10000
Description = Ein DCOM-Server konnte nicht gestartet werden: {FFF2D28F-E4EE-44D9-8104-8E71556757F6}.
Fehler:
"%2"
aufgetreten
beim Starten dieses Befehls: C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\agent.exe -Embedding
[ TuneUp Events ]
Error - 29.04.2010 08:56:12 | Computer Name = MANHATTE-837ECB | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-04-29 14:56:12', '\device\harddiskvolume1\programme\malwarebytes'
anti-malware\mbam.exe','2180',0)
Error - 29.04.2010 08:56:42 | Computer Name = MANHATTE-837ECB | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-04-29 14:56:42', '\device\harddiskvolume1\programme\malwarebytes'
anti-malware\mbam.exe','2404',0)
Error - 30.04.2010 07:35:53 | Computer Name = MANHATTE-837ECB | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-04-30 13:35:53', '\device\harddiskvolume1\programme\malwarebytes'
anti-malware\mbam.exe','3960',0)
Error - 01.05.2010 01:41:58 | Computer Name = MANHATTE-837ECB | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-05-01 07:41:58', '\device\harddiskvolume1\programme\malwarebytes'
anti-malware\mbam.exe','392',0)
Error - 01.05.2010 01:42:39 | Computer Name = MANHATTE-837ECB | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-05-01 07:42:39', '\device\harddiskvolume1\dokumente
und einstellungen\all users\anwendungsdaten\malwarebytes\malwarebytes' anti-malware\mbam-setup.exe','1436',0)
Error - 01.05.2010 01:43:19 | Computer Name = MANHATTE-837ECB | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-05-01 07:43:19', '\device\harddiskvolume1\programme\malwarebytes'
anti-malware\mbam.exe','4040',0)
Error - 01.05.2010 01:43:24 | Computer Name = MANHATTE-837ECB | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-05-01 07:43:24', '\device\harddiskvolume1\dokumente
und einstellungen\all users\anwendungsdaten\malwarebytes\malwarebytes' anti-malware\mbam-setup.exe','1040',0)
Error - 01.05.2010 01:43:34 | Computer Name = MANHATTE-837ECB | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-05-01 07:43:34', '\device\harddiskvolume1\programme\malwarebytes'
anti-malware\mbam.exe','4020',0)
Error - 02.05.2010 14:42:12 | Computer Name = MANHATTE-837ECB | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-05-02 20:42:12', '\device\harddiskvolume1\programme\malwarebytes'
anti-malware\mbam.exe','3196',0)
Error - 03.05.2010 00:32:44 | Computer Name = MANHATTE-837ECB | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-05-03 06:32:44', '\device\harddiskvolume1\programme\malwarebytes'
anti-malware\mbam.exe','3888',0)
< End of report >
|
|
30.05.2010, 23:40
| #3 | |
| | sdra64.exe wird andauernd von Malwarebytes gefundenZitat:
  kann mir da keiner helfen ? ach ja das sdra64 hab ich dann mal selbst behoben Oo nun aber öffnen sich andauernd spamseiten. kann mir da jemand vielleicht nen tip geben ?  |
|
| Themen zu sdra64.exe wird andauernd von Malwarebytes gefunden |
| adaware, ahnung, cleaner, continue, datei, durchs, entfernen, entfernt, maleware, malwarebytes, minute, minuten, nerven, probleme, rechner, recht, sache, sachen, schei, schrott, sdra64.exe; trojaner rootkit, spybot, spyware, spyware terminator, starte, startet, versucht, viren |
Linear-Darstellung
