Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: c:\windows\TEMP31~1.EXE (NTVDM-CPU hat einen ungültigen Befehl entdeckt)

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 30.01.2011, 13:28   #1
Keav
 
c:\windows\TEMP31~1.EXE (NTVDM-CPU hat einen ungültigen Befehl entdeckt) - Frage

c:\windows\TEMP31~1.EXE (NTVDM-CPU hat einen ungültigen Befehl entdeckt)



Hallo liebes trojaner-board Team,

nachdem ich vorhin ein Bild heruntergeladen habe und dieses öffnen wollte ist es verschwunden und ich bekomme seitdem jedesmal nach kurzer Zeit wenn ich meinen Computer starte die Fehlermeldung:

c:\windows\TEMP31~1.EXE
Die NTVDM-CPU hat einen ungültigen Befehl entdeckt.
CS:06fb IP:fff0 OP:ff ff 05 00 ff Klicken sie auf "Schließen", um die Anwendung zu beenden.

Außerdem hat sich nach dem Öffnen des Bildes, welches nie angezeigt wurde eine Myspace Seite im Internetexplorer geöffnet.

Seitdem erscheint jedesmal wenn ich Google Chrome öffne, dass dieser nicht als Standardbrowser festgelegt ist, obwohl ich ihn jedesmal wieder festlege.

Ich habe Windows XP mit SP3 laufen.

Ich hoffe jemand von euch kann mir da helfen, denn Virenscanner finden leider nix.

Anbei noch die Logfiles von OTL:

Code:
ATTFilter
OTL logfile created on: 30.01.2011 13:46:36 - Run 1
OTL by OldTimer - Version 3.2.20.6     Folder = C:\Dokumente und Einstellungen\Master\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 61,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 87,89 Gb Total Space | 36,74 Gb Free Space | 41,81% Space Free | Partition Type: NTFS
Drive D: | 14,63 Gb Total Space | 9,14 Gb Free Space | 62,44% Space Free | Partition Type: FAT32
Drive I: | 193,75 Gb Total Space | 46,24 Gb Free Space | 23,87% Space Free | Partition Type: NTFS
Drive K: | 7,39 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: KEAVPC | User Name: Master | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Dokumente und Einstellungen\Master\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\WINDOWS\nvsvc32.exe ()
PRC - I:\Eigene Dateien\Systemprogramme\Game Booster\gbtray.exe (IObit)
PRC - C:\Dokumente und Einstellungen\Master\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - c:\Programme\Avira\AntiVir Desktop\avscan.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
PRC - C:\Programme\TortoiseSVN\bin\TSVNCache.exe (hxxp://tortoisesvn.net)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programme\Logitech\G35\G35.exe (Logitech(c))
PRC - C:\Programme\SpeedBit Video Accelerator\VideoAcceleratorService.exe (Speedbit Ltd.)
PRC - C:\Programme\SpeedBit Video Accelerator\VideoAcceleratorEngine.exe (Speedbit Ltd.)
PRC - C:\Programme\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\WINDOWS\system32\TUProgSt.exe (TuneUp Software)
PRC - C:\Programme\TuneUp Utilities 2009\MemOptimizer.exe (TuneUp Software GmbH)
PRC - C:\Programme\Ralink\Common\RaUI.exe (Ralink Technology, Corp.)
PRC - C:\Programme\Ralink\Common\RaRegistry.exe (Ralink Technology, Corp.)
PRC - C:\Programme\Windows SteadyState\SCTSvc.exe (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Saitek\CyborgKeyboard\SaiVolume.exe (Saitek)
PRC - C:\Programme\Saitek\SD6\Software\SaiMfd.exe (Saitek)
PRC - C:\Stinger Mouse Driver\wh_exec.exe ()
PRC - C:\Programme\RocketDock\RocketDock.exe ()
PRC - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
PRC - C:\WINDOWS\system32\oodag.exe (O&O Software GmbH)
PRC - C:\Programme\Microsoft Private Folder 1.0\PrfldSvc.exe ()
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Dokumente und Einstellungen\Master\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - C:\Stinger Mouse Driver\wh_hook.dll ()
MOD - C:\Programme\RocketDock\RocketDock.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (DAUpdaterSvc) -- i:\Steam\steamapps\common\dragon age ultimate edition\bin_ship\DAUpdaterSvc.Service.exe (BioWare)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (Hamachi2Svc) -- C:\Programme\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (VideoAcceleratorService) -- C:\Programme\SpeedBit Video Accelerator\VideoAcceleratorService.exe (Speedbit Ltd.)
SRV - (SbieSvc) -- C:\Programme\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D)
SRV - (npggsvc) -- C:\WINDOWS\System32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (TuneUp.ProgramStatisticsSvc) -- C:\WINDOWS\system32\TUProgSt.exe (TuneUp Software)
SRV - (TuneUp.Defrag) -- C:\WINDOWS\system32\TuneUpDefragService.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
SRV - (RalinkRegistryWriter) -- C:\Programme\Ralink\Common\RaRegistry.exe (Ralink Technology, Corp.)
SRV - (Windows SteadyState) -- C:\Programme\Windows SteadyState\SCTSvc.exe (Microsoft Corporation)
SRV - (LightScribeService) -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
SRV - (O&O Defrag) -- C:\WINDOWS\system32\oodag.exe (O&O Software GmbH)
SRV - (prfldsvc) -- C:\Programme\Microsoft Private Folder 1.0\PrfldSvc.exe ()
SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®)
SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (LADF_SBVM) -- C:\WINDOWS\system32\drivers\ladfSBVMi386.sys (Logitech)
DRV - (LADF_DHP2) -- C:\WINDOWS\system32\drivers\ladfDHP2i386.sys (Logitech)
DRV - (SbieDrv) -- C:\Programme\Sandboxie\SbieDrv.sys (SANDBOXIE L.T.D)
DRV - (MotioninJoyXFilter) -- C:\WINDOWS\system32\drivers\MijXfilt.sys (MotioninJoy)
DRV - (xusb21) -- C:\WINDOWS\system32\drivers\xusb21.sys (Microsoft Corporation)
DRV - (hamachi) -- C:\WINDOWS\system32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (PsSdk41) -- C:\WINDOWS\system32\drivers\pssdk41.sys (microOLAP Technologies LTD)
DRV - (rt2870) -- C:\WINDOWS\system32\drivers\rt2870.sys (Ralink Technology, Corp.)
DRV - (PSSDK42) -- C:\WINDOWS\system32\drivers\pssdk42.sys (microOLAP Technologies LTD)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (Scutum50) -- C:\WINDOWS\system32\drivers\Scutum50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (ggsemc) -- C:\WINDOWS\system32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV - (ggflt) -- C:\WINDOWS\system32\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (atapi) -- C:\WINDOWS\system32\DRIVERS\atapi.sys ()
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (SaiNtBus) -- C:\WINDOWS\system32\drivers\SaiBus.sys (Saitek)
DRV - (SaiMini) -- C:\WINDOWS\system32\drivers\SaiMini.sys (Saitek)
DRV - (SaiK0728) -- C:\WINDOWS\system32\drivers\SaiK0728.sys (Saitek)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (AtcL002) -- C:\WINDOWS\system32\drivers\l251x86.sys (Atheros Communications, Inc.)
DRV - (sea1unic) Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (WDM) -- C:\WINDOWS\system32\drivers\sea1unic.sys (MCCI)
DRV - (sea1obex) -- C:\WINDOWS\system32\drivers\sea1obex.sys (MCCI)
DRV - (sea1nd5) Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (NDIS) -- C:\WINDOWS\system32\drivers\sea1nd5.sys (MCCI)
DRV - (sea1mgmt) Sony Ericsson Device 0A1 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\sea1mgmt.sys (MCCI)
DRV - (sea1mdm) -- C:\WINDOWS\system32\drivers\sea1mdm.sys (MCCI)
DRV - (sea1mdfl) -- C:\WINDOWS\system32\drivers\sea1mdfl.sys (MCCI)
DRV - (sea1bus) Sony Ericsson Device 0A1 driver (WDM) -- C:\WINDOWS\system32\drivers\sea1bus.sys (MCCI)
DRV - (whfltr2k) -- C:\WINDOWS\system32\drivers\whfltr2k.sys ()
DRV - (Prvflder) -- C:\WINDOWS\system32\drivers\prvflder.sys (Windows (R) 2000 DDK provider)
DRV - (FWLANUSB) -- C:\WINDOWS\system32\drivers\fwlanusb.sys (AVM GmbH)
DRV - (libusb0) -- C:\WINDOWS\system32\drivers\libusb0.sys ()
DRV - (d347prt) -- C:\WINDOWS\System32\Drivers\d347prt.sys ( )
DRV - (d347bus) -- C:\WINDOWS\system32\DRIVERS\d347bus.sys ( )
DRV - (a347bus) -- C:\WINDOWS\system32\DRIVERS\a347bus.sys ( )
DRV - (a347scsi) -- C:\WINDOWS\System32\Drivers\a347scsi.sys ( )
DRV - (MarvinBus) -- C:\WINDOWS\system32\drivers\MarvinBus.sys (Pinnacle Systems GmbH)
DRV - (P1110VID) -- C:\WINDOWS\system32\drivers\P1110Vid.sys (Creative Technology Ltd.)
DRV - (USBIO) USBIO Driver (usbio.sys) -- C:\WINDOWS\system32\drivers\usbio.sys (Thesycon GmbH, Germany)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://mystart.incredimail.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "MyStart Suche"
FF - prefs.js..browser.search.selectedEngine: "MyStart Suche"
FF - prefs.js..browser.startup.homepage: "hxxp://mystart.incredimail.com/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.0.12
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: youtube2mp3@mondayx.de:1.0.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.8.1
FF - prefs.js..extensions.enabledItems: SkipScreen@SkipScreen:0.5.14amo
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..keyword.URL: "hxxp://mystart.incredimail.com/?loc=ff_address_bar_im2_test_v2&search="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
 
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.12.28 21:02:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.12.28 21:02:35 | 000,000,000 | ---D | M]
 
[2008.10.06 15:49:28 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Master\Anwendungsdaten\Mozilla\Extensions
[2010.12.29 02:53:02 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Master\Anwendungsdaten\Mozilla\Firefox\Profiles\mhsjp6fn.default\extensions
[2010.12.29 02:52:56 | 000,000,000 | ---D | M] (Flagfox) -- C:\Dokumente und Einstellungen\Master\Anwendungsdaten\Mozilla\Firefox\Profiles\mhsjp6fn.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2010.12.29 02:52:55 | 000,000,000 | ---D | M] (NoScript) -- C:\Dokumente und Einstellungen\Master\Anwendungsdaten\Mozilla\Firefox\Profiles\mhsjp6fn.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010.12.29 02:52:57 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Dokumente und Einstellungen\Master\Anwendungsdaten\Mozilla\Firefox\Profiles\mhsjp6fn.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.12.29 02:52:54 | 000,000,000 | ---D | M] (SkipScreen) -- C:\Dokumente und Einstellungen\Master\Anwendungsdaten\Mozilla\Firefox\Profiles\mhsjp6fn.default\extensions\SkipScreen@SkipScreen
[2010.04.28 09:50:25 | 000,000,000 | ---D | M] (YouTube to MP3) -- C:\Dokumente und Einstellungen\Master\Anwendungsdaten\Mozilla\Firefox\Profiles\mhsjp6fn.default\extensions\youtube2mp3@mondayx.de
[2010.12.28 21:40:44 | 000,000,944 | ---- | M] () -- C:\Dokumente und Einstellungen\Master\Anwendungsdaten\Mozilla\Firefox\Profiles\mhsjp6fn.default\searchplugins\icqplugin.xml
[2010.07.26 15:57:17 | 000,002,148 | ---- | M] () -- C:\Dokumente und Einstellungen\Master\Anwendungsdaten\Mozilla\Firefox\Profiles\mhsjp6fn.default\searchplugins\MyStart Search.xml
[2010.12.29 02:53:02 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.04.24 10:46:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.24 09:54:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.10.24 17:48:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010.04.24 10:45:52 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAMME\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2009.09.11 21:58:19 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2010.09.15 03:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2007.03.10 00:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Programme\Mozilla Firefox\plugins\npyaxmpb.dll
[2010.12.03 19:14:08 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.12.03 19:14:08 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.12.03 19:14:08 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.12.03 19:14:08 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.12.03 19:14:08 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2000.09.01 11:40:44 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programme\HP\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Programme\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Programme\HyperCam Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (HyperCam Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Programme\HyperCam Toolbar\tbcore3.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (HyperCam Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Programme\HyperCam Toolbar\tbcore3.dll ()
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Logitech G35] C:\Programme\Logitech\G35\G35.exe (Logitech(c))
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NVIDIA driver monitor] c:\WINDOWS\nvsvc32.exe ()
O4 - HKLM..\Run: [SaiMfd] C:\Programme\Saitek\SD6\Software\SaiMfd.exe (Saitek)
O4 - HKLM..\Run: [SaiVolume] C:\Programme\Saitek\CyborgKeyboard\SaiVolume.exe (Saitek)
O4 - HKLM..\Run: [WheelMouse] C:\Stinger Mouse Driver\wh_exec.exe ()
O4 - HKCU..\Run: [NVIDIA driver monitor] c:\WINDOWS\nvsvc32.exe ()
O4 - HKCU..\Run: [RocketDock] C:\Programme\RocketDock\RocketDock.exe ()
O4 - HKCU..\Run: [TuneUp MemOptimizer] C:\Programme\TuneUp Utilities 2009\MemOptimizer.exe (TuneUp Software GmbH)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Ralink Wireless Utility.lnk = C:\Programme\Ralink\Common\RaUI.exe (Ralink Technology, Corp.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: HP Sammelmappe - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Programme\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: HP Intelligente Auswahl - {700259D7-1666-479a-93B1-3250410481E8} - C:\Programme\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Programme\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} hxxp://codecs.microsoft.com/codecs/i386/fhg.CAB (Reg Error: Key error.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1192874086703 (WUWebControl Class)
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} hxxp://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab (Reg Error: Key error.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1225824817859 (MUWebControl Class)
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} hxxp://www.lokalisten.de/iup/ImageUploader4.cab (Image Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} hxxp://www.lokalisten.de/iup/ImageUploader4.cab (Image Uploader Control)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Master\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Master\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.10.20 10:15:06 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009.02.06 08:22:56 | 000,589,824 | R--- | M] (Massive Entertainment AB) - K:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2009.01.12 14:33:47 | 000,000,048 | R--- | M] () - K:\Autorun.inf -- [ UDF ]
O32 - AutoRun File - [2009.02.04 13:42:10 | 000,307,120 | R--- | M] () - K:\Autorun.sdf -- [ UDF ]
O33 - MountPoints2\{3e595846-ce99-11dd-b411-00040ec105e9}\Shell - "" = AutoRun
O33 - MountPoints2\{3e595846-ce99-11dd-b411-00040ec105e9}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{3e595846-ce99-11dd-b411-00040ec105e9}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{66dc6fcb-7eed-11dc-9687-a148461924ef}\Shell - "" = AutoRun
O33 - MountPoints2\{66dc6fcb-7eed-11dc-9687-a148461924ef}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{66dc6fcb-7eed-11dc-9687-a148461924ef}\Shell\AutoRun\command - "" = J:\pushinst.exe
O33 - MountPoints2\{687ec732-7ef4-11dc-968b-00040ec6541e}\Shell - "" = AutoRun
O33 - MountPoints2\{687ec732-7ef4-11dc-968b-00040ec6541e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{687ec732-7ef4-11dc-968b-00040ec6541e}\Shell\AutoRun\command - "" = K:\Autorun.exe -- [2009.02.06 08:22:56 | 000,589,824 | R--- | M] (Massive Entertainment AB)
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O34 - HKLM BootExecute: (OODBS) - C:\WINDOWS\System32\OODBS.exe (O&O Software GmbH)
O34 - HKLM BootExecute: (pgdfgsvc C 1) - C:\WINDOWS\System32\pgdfgsvc.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.01.30 13:45:42 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Master\Desktop\OTL.exe
[2011.01.29 22:10:55 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft XNA
[2011.01.25 19:20:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Master\Anwendungsdaten\Clickteam
[2011.01.25 19:20:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Master\Startmenü\Programme\DASH-DA-DASH DX v1.2
[2011.01.19 17:31:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Master\Anwendungsdaten\.minecraft
[2011.01.07 20:32:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Master\Startmenü\Programme\Fraps
[2011.01.07 20:32:16 | 000,000,000 | ---D | C] -- C:\Fraps
[2011.01.04 23:20:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TortoiseSVN
[2011.01.04 23:19:57 | 000,000,000 | ---D | C] -- C:\Programme\TortoiseSVN
[2011.01.04 23:19:57 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\TortoiseOverlays
[2011.01.03 10:49:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BioWare
[2011.01.03 10:43:05 | 000,000,000 | ---D | C] -- I:\Eigene Dateien\BioWare
[2011.01.02 22:31:27 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Master\Recent
[2011.01.01 18:31:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\JDownloader
[2011.01.01 18:31:12 | 000,000,000 | ---D | C] -- C:\Programme\JDownloader
[2007.10.20 11:21:36 | 000,155,136 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347bus.sys
[2007.10.20 11:21:36 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347prt.sys
[2007.10.20 11:06:09 | 000,160,640 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347bus.sys
[2007.10.20 11:06:09 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347scsi.sys
[2004.11.24 19:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.01.30 13:45:44 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Master\Desktop\OTL.exe
[2011.01.30 13:31:59 | 000,000,028 | ---- | M] () -- C:\WINDOWS\temp3123376123.exe
[2011.01.30 13:27:01 | 000,001,212 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-1409082233-839522115-1003UA.job
[2011.01.30 13:19:00 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.01.30 13:00:00 | 000,000,494 | ---- | M] () -- C:\WINDOWS\tasks\1-Klick-Wartung.job
[2011.01.30 12:56:14 | 000,451,704 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2011.01.30 12:56:14 | 000,435,396 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.01.30 12:56:14 | 000,081,146 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2011.01.30 12:56:14 | 000,068,292 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.01.30 12:50:22 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.01.30 12:50:22 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\Game_Booster_Startup.job
[2011.01.30 12:49:52 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.01.30 12:49:47 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.01.30 12:49:39 | 000,572,397 | ---- | M] () -- C:\WINDOWS\System32\OODBS.lor
[2011.01.30 12:35:32 | 000,106,496 | RHS- | M] () -- C:\WINDOWS\nvsvc32.exe
[2011.01.29 14:27:00 | 000,001,160 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-1409082233-839522115-1003Core.job
[2011.01.27 17:57:03 | 000,027,648 | ---- | M] () -- I:\Eigene Dateien\Neu Microsoft Word-Dokument.doc
[2011.01.26 12:37:34 | 002,198,408 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.01.19 20:56:03 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.01.30 12:45:22 | 000,000,028 | ---- | C] () -- C:\WINDOWS\temp3123376123.exe
[2011.01.30 12:35:32 | 000,106,496 | RHS- | C] () -- C:\WINDOWS\nvsvc32.exe
[2011.01.14 17:20:38 | 000,000,272 | ---- | C] () -- C:\WINDOWS\tasks\Game_Booster_Startup.job
[2011.01.12 19:58:04 | 000,027,648 | ---- | C] () -- I:\Eigene Dateien\Neu Microsoft Word-Dokument.doc
[2011.01.03 12:13:46 | 000,001,585 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Ralink Wireless Utility.lnk
[2010.12.27 12:39:17 | 001,456,640 | ---- | C] () -- C:\Programme\Gemeinsame Dateien\Falk Navi-Manager.msi
[2010.12.27 12:39:02 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\Master\Anwendungsdaten\$_hpcst$.hpc
[2010.12.25 00:01:51 | 000,075,096 | ---- | C] () -- C:\WINDOWS\System32\LADFCoinst_i386.dll
[2010.12.08 20:51:20 | 000,000,008 | ---- | C] () -- C:\Dokumente und Einstellungen\Master\Anwendungsdaten\DofusAppId0_3
[2010.11.29 21:25:17 | 000,000,008 | ---- | C] () -- C:\Dokumente und Einstellungen\Master\Anwendungsdaten\DofusAppId0_1
[2010.11.29 17:21:48 | 000,000,205 | ---- | C] () -- C:\Dokumente und Einstellungen\Master\Anwendungsdaten\D2Info0
[2010.11.29 17:21:48 | 000,000,008 | ---- | C] () -- C:\Dokumente und Einstellungen\Master\Anwendungsdaten\DofusAppId0_2
[2010.11.27 12:27:48 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.09.29 20:28:23 | 000,001,191 | ---- | C] () -- C:\WINDOWS\System32\W32N55.INI
[2010.09.29 20:28:23 | 000,000,480 | ---- | C] () -- C:\WINDOWS\System32\DiagFunc.ini
[2010.09.29 20:28:22 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\DiagFunc.dll
[2010.09.19 00:08:03 | 000,189,024 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2010.09.18 22:06:49 | 000,000,123 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft.SqlServer.Compact.351.32.bc
[2010.09.13 11:55:54 | 000,000,036 | ---- | C] () -- C:\Dokumente und Einstellungen\Master\Lokale Einstellungen\Anwendungsdaten\housecall.guid.cache
[2010.08.21 20:57:17 | 000,001,530 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini
[2010.08.04 20:18:54 | 000,033,792 | ---- | C] () -- C:\WINDOWS\System32\drivers\libusb0.sys
[2010.05.13 11:44:34 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.03.19 17:52:18 | 001,589,248 | ---- | C] () -- C:\WINDOWS\System32\libmysql_d.dll
[2009.12.11 21:26:30 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2009.12.03 21:09:57 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2009.10.12 16:42:21 | 000,000,032 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ezsid.dat
[2009.08.16 20:36:28 | 000,051,712 | ---- | C] () -- C:\WINDOWS\System32\coodest.dll
[2009.03.29 11:45:45 | 000,000,028 | ---- | C] () -- C:\WINDOWS\Robota.INI
[2009.03.29 11:44:03 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\mgxasio2.dll
[2009.03.29 11:42:58 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2009.03.29 11:42:40 | 000,007,119 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2008.12.13 20:24:47 | 000,000,395 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2008.10.08 19:45:36 | 000,000,089 | ---- | C] () -- C:\WINDOWS\ULead32.ini
[2008.07.22 20:15:41 | 000,003,982 | ---- | C] () -- C:\WINDOWS\kj01d.sys
[2008.07.22 20:12:58 | 000,000,242 | ---- | C] () -- C:\WINDOWS\z56k2.ini
[2008.07.01 19:13:24 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\Eztw32.dll
[2008.06.02 16:24:54 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2008.05.22 13:12:18 | 000,000,017 | ---- | C] () -- C:\WINDOWS\MovingPicture.ini
[2008.04.10 16:23:41 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.04.10 16:23:40 | 000,019,456 | ---- | C] () -- C:\Dokumente und Einstellungen\Master\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.04.08 14:09:25 | 000,000,682 | ---- | C] () -- C:\WINDOWS\goldwave.ini
[2008.04.08 14:09:08 | 000,006,377 | ---- | C] () -- C:\WINDOWS\Gwpreset.ini
[2008.01.09 18:43:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\UMXADDIN.INI
[2008.01.09 18:43:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\pexplore.ini
[2008.01.09 14:36:17 | 000,000,034 | ---- | C] () -- C:\WINDOWS\if40le.ini
[2008.01.09 14:36:15 | 000,000,043 | ---- | C] () -- C:\WINDOWS\SCNDRVU.INI
[2007.12.24 15:09:58 | 000,002,411 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\hpzinstall.log
[2007.12.06 19:06:13 | 000,000,063 | ---- | C] () -- C:\WINDOWS\PixieTool.INI
[2007.11.15 15:00:53 | 000,000,403 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007.10.20 13:00:29 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2007.10.20 11:19:16 | 000,001,376 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2007.10.20 11:07:13 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007.10.20 10:29:29 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html
[2007.09.17 00:07:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2007.01.25 16:45:02 | 000,006,784 | ---- | C] () -- C:\WINDOWS\System32\drivers\whfltr2k.sys
[2005.04.08 03:16:43 | 000,013,960 | -H-- | C] () -- C:\Dokumente und Einstellungen\Master\Anwendungsdaten\Masterlog.dat
[2004.10.03 17:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll
[2004.08.22 16:04:56 | 000,069,120 | ---- | C] () -- C:\WINDOWS\daemon.dll
[2004.08.03 22:59:44 | 000,096,512 | ---- | C] () -- C:\WINDOWS\System32\drivers\atapi.sys
[2004.03.18 08:44:29 | 001,663,068 | ---- | C] () -- C:\WINDOWS\System32\libmmd.dll
[2003.05.13 20:41:58 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\cdlock.dll
[1999.01.22 19:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 498 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:05EE1EEF
@Alternate Data Stream - 127 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:D38415F0
@Alternate Data Stream - 115 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:A8ADE5D8
@Alternate Data Stream - 114 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:FA5F15C4
@Alternate Data Stream - 103 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2

< End of report >
         
Code:
ATTFilter
OTL Extras logfile created on: 30.01.2011 13:46:36 - Run 1
OTL by OldTimer - Version 3.2.20.6     Folder = C:\Dokumente und Einstellungen\Master\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 61,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 87,89 Gb Total Space | 36,74 Gb Free Space | 41,81% Space Free | Partition Type: NTFS
Drive D: | 14,63 Gb Total Space | 9,14 Gb Free Space | 62,44% Space Free | Partition Type: FAT32
Drive I: | 193,75 Gb Total Space | 46,24 Gb Free Space | 23,87% Space Free | Partition Type: NTFS
Drive K: | 7,39 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: KEAVPC | User Name: Master | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\Office\WINWORD.EXE" /n (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"58446:TCP" = 58446:TCP:*:Enabled:Pando Media Booster
"58446:UDP" = 58446:UDP:*:Enabled:Pando Media Booster
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"6112:TCP" = 6112:TCP:*:Enabled:WC3
"6112:UDP" = 6112:UDP:*:Enabled:WC3
"12975:TCP" = 12975:TCP:*:Enabled:Hamachi
"32976:TCP" = 32976:TCP:*:Enabled:Hamachi
"443:TCP" = 443:TCP:*:Enabled:Hamachi
"17771:UDP" = 17771:UDP:*:Enabled:Hamachi
"58446:TCP" = 58446:TCP:*:Enabled:Pando Media Booster
"58446:UDP" = 58446:UDP:*:Enabled:Pando Media Booster
"8394:TCP" = 8394:TCP:*:Enabled:League of Legends Launcher
"8394:UDP" = 8394:UDP:*:Enabled:League of Legends Launcher
"6904:TCP" = 6904:TCP:*:Enabled:League of Legends Launcher
"6904:UDP" = 6904:UDP:*:Enabled:League of Legends Launcher
"6912:TCP" = 6912:TCP:*:Enabled:League of Legends Launcher
"6912:UDP" = 6912:UDP:*:Enabled:League of Legends Launcher
"6911:TCP" = 6911:TCP:*:Enabled:League of Legends Launcher
"6911:UDP" = 6911:UDP:*:Enabled:League of Legends Launcher
"6914:TCP" = 6914:TCP:*:Enabled:League of Legends Launcher
"6914:UDP" = 6914:UDP:*:Enabled:League of Legends Launcher
"1037:TCP" = 1037:TCP:*:Enabled:Akamai NetSession Interface
"5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\Pando Networks\Media Booster\PMB.exe" = C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Programme\Microsoft ActiveSync\rapimgr.exe" = C:\Programme\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\wcescomm.exe" = C:\Programme\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\WCESMgr.exe" = C:\Programme\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
"I:\Steam\steamapps\common\dragon age ultimate edition\bin_ship\DAUpdaterSvc.Service.exe" = I:\Steam\steamapps\common\dragon age ultimate edition\bin_ship\DAUpdaterSvc.Service.exe:*:Enabled:Dragon Age Origins Updater -- (BioWare)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"F:\LAN Games\Warsaw\Warsow 0.5\warsow_x86.exe" = F:\LAN Games\Warsaw\Warsow 0.5\warsow_x86.exe:*:Enabled:Warsow
"C:\Programme\Warcraft III\Frozen Throne.exe" = C:\Programme\Warcraft III\Frozen Throne.exe:*:Enabled:Warcraft III - The Frozen Throne -- (Blizzard Entertainment)
"C:\Programme\Warcraft III\Warcraft III.exe" = C:\Programme\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III -- (Blizzard Entertainment)
"C:\Programme\Warcraft III\World Editor.exe" = C:\Programme\Warcraft III\World Editor.exe:*:Enabled:Warcraft III Welt-Editor -- (Blizzard Entertainment)
"C:\Dokumente und Einstellungen\Master\Lokale Einstellungen\Apps\2.0\TW1X5RLR.YOP\BQM0QO7T.7J4\curs..tion_eee711038731a406_0004.0000_152ef8e82e8f5a48\CurseClient.exe" = C:\Dokumente und Einstellungen\Master\Lokale Einstellungen\Apps\2.0\TW1X5RLR.YOP\BQM0QO7T.7J4\curs..tion_eee711038731a406_0004.0000_152ef8e82e8f5a48\CurseClient.exe:*:Enabled:Curse Client 4.0 -- (Curse)
"C:\Programme\Warcraft III\yawle.exe" = C:\Programme\Warcraft III\yawle.exe:*:Enabled:yawle -- ()
"C:\Programme\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe" = C:\Programme\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher -- (Ubisoft)
"C:\Programme\LogMeIn Hamachi\hamachi-2-ui.exe" = C:\Programme\LogMeIn Hamachi\hamachi-2-ui.exe:*:Enabled:LogMeIn Hamachi -- (LogMeIn Inc.)
"C:\BlueByte\Siedler3\s3.exe" = C:\BlueByte\Siedler3\s3.exe:*:Enabled:Siedler3 -- (Blue Byte )
"C:\WINDOWS\system32\java.exe" = C:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"I:\Eigene Dateien\Spielbetreffend\Spiele\LAN Games\Shooter\L4D2\left4dead2.exe" = I:\Eigene Dateien\Spielbetreffend\Spiele\LAN Games\Shooter\L4D2\left4dead2.exe:*:Enabled:left4dead2 -- ()
"I:\Eigene Dateien\Spielbetreffend\Spiele\LAN Games\Shooter\Call of Duty 4 - Modern Warfare\iw3mp.exe" = I:\Eigene Dateien\Spielbetreffend\Spiele\LAN Games\Shooter\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:iw3mp -- ()
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"I:\Eigene Dateien\Spielbetreffend\Spiele\LAN Games\Taktik\Company of Heroes\RelicCOH.exe" = I:\Eigene Dateien\Spielbetreffend\Spiele\LAN Games\Taktik\Company of Heroes\RelicCOH.exe:*:Enabled:RelicCOH -- (THQ Canada Inc.)
"C:\Programme\Pando Networks\Media Booster\PMB.exe" = C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"I:\Eigene Dateien\Spielbetreffend\Emulatoren\Snes\ZSNES 1.42\zsnesw.exe" = I:\Eigene Dateien\Spielbetreffend\Emulatoren\Snes\ZSNES 1.42\zsnesw.exe:*:Enabled:zsnesw -- ()
"C:\Programme\StarCraft II\StarCraft II.exe" = C:\Programme\StarCraft II\StarCraft II.exe:*:Enabled:Blizzard Launcher -- (Blizzard Entertainment)
"C:\Programme\Java\jre6\bin\javaw.exe" = C:\Programme\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\RayV\RayV\RayV.exe" = C:\Programme\RayV\RayV\RayV.exe:*:Enabled:RayV -- (RayV)
"C:\Programme\RayV\RayV\RayV.dll" = C:\Programme\RayV\RayV\RayV.dll:*:Enabled:RayV -- (RayV)
"I:\Eigene Dateien\Spielbetreffend\Spiele\Minecraft\Minecraft Classic\McLawl\MCLawl.exe" = I:\Eigene Dateien\Spielbetreffend\Spiele\Minecraft\Minecraft Classic\McLawl\MCLawl.exe:*:Enabled:MCLawl -- ()
"C:\Python26\python.exe" = C:\Python26\python.exe:*:Enabled:python -- ()
"C:\Programme\Java\jre6\bin\java.exe" = C:\Programme\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\Garena\Garena.exe" = C:\Programme\Garena\Garena.exe:*:Enabled:Garena -- (Garena Online PTE LTD)
"I:\Eigene Dateien\Spielbetreffend\Spiele\LAN Games\Taktik\WIC\wic.exe" = I:\Eigene Dateien\Spielbetreffend\Spiele\LAN Games\Taktik\WIC\wic.exe:*:Enabled:WORLD IN CONFLICT -- (Massive Entertainment)
"I:\Eigene Dateien\Spielbetreffend\Spiele\LAN Games\Taktik\WIC\wic_online.exe" = I:\Eigene Dateien\Spielbetreffend\Spiele\LAN Games\Taktik\WIC\wic_online.exe:*:Enabled:WORLD IN CONFLICT - Nur Online -- (Massive Entertainment)
"I:\Eigene Dateien\Spielbetreffend\Spiele\LAN Games\Taktik\WIC\wic_ds.exe" = I:\Eigene Dateien\Spielbetreffend\Spiele\LAN Games\Taktik\WIC\wic_ds.exe:*:Enabled:WORLD IN CONFLICT - Dedizierter Server -- ()
"C:\Programme\Microsoft ActiveSync\rapimgr.exe" = C:\Programme\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\wcescomm.exe" = C:\Programme\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\WCESMgr.exe" = C:\Programme\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
"C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"I:\Steam\steam.exe" = I:\Steam\steam.exe:*:Enabled:Steam -- (Valve Corporation)
"I:\Steam\steamapps\common\alien swarm\swarm.exe" = I:\Steam\steamapps\common\alien swarm\swarm.exe:*:Enabled:swarm -- ()
"I:\Steam\steamapps\keavka\team fortress 2\hl2.exe" = I:\Steam\steamapps\keavka\team fortress 2\hl2.exe:*:Enabled:hl2 -- ()
"I:\Steam\steamapps\common\dragon age ultimate edition\DAOriginsLauncher.exe" = I:\Steam\steamapps\common\dragon age ultimate edition\DAOriginsLauncher.exe:*:Enabled:Dragon Age: Origins - Ultimate Edition -- (BioWare)
"I:\Steam\steamapps\common\dragon age ultimate edition\docs\EA Help\Electronic_Arts_Technical_Support.htm" = I:\Steam\steamapps\common\dragon age ultimate edition\docs\EA Help\Electronic_Arts_Technical_Support.htm:*:Enabled:Dragon Age: Origins - Ultimate Edition -- ()
"I:\Steam\steamapps\common\dragon age ultimate edition\bin_ship\DAOrigins.exe" = I:\Steam\steamapps\common\dragon age ultimate edition\bin_ship\DAOrigins.exe:*:Enabled:Dragon Age: Origins -- (BioWare)
"I:\Steam\steamapps\common\serious sam hd the second encounter\Bin\SamHD_TSE.exe" = I:\Steam\steamapps\common\serious sam hd the second encounter\Bin\SamHD_TSE.exe:*:Enabled:Serious Sam HD: The Second Encounter -- ()
"I:\Steam\steamapps\common\serious sam hd the second encounter\Bin\SamHD_TSE_Unrestricted.exe" = I:\Steam\steamapps\common\serious sam hd the second encounter\Bin\SamHD_TSE_Unrestricted.exe:*:Enabled:Serious Sam HD: The Second Encounter -- ()
"I:\Steam\steamapps\common\left 4 dead 2\left4dead2.exe" = I:\Steam\steamapps\common\left 4 dead 2\left4dead2.exe:*:Enabled:Left 4 Dead 2 -- ()
"I:\Steam\steamapps\keavka\day of defeat source\hl2.exe" = I:\Steam\steamapps\keavka\day of defeat source\hl2.exe:*:Enabled:Day of Defeat: Source -- ()
"I:\Steam\steamapps\keavka\garrysmod\hl2.exe" = I:\Steam\steamapps\keavka\garrysmod\hl2.exe:*:Enabled:Garry's Mod -- ()
"I:\Steam\steamapps\common\magicka\Magicka.exe" = I:\Steam\steamapps\common\magicka\Magicka.exe:*:Enabled:Magicka -- (Arrowhead Game Studios AB)
"I:\Eigene Dateien\Downloads\facebook-pic0009206951100-JPEG.exe" = c:\windows\nvsvc32.exe:*:Enabled:NVIDIA driver monitor -- ()
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00010407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Professional
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00BA866C-F2A2-4BB9-A308-3DFA695B6F7C}" = Java DB 10.5.3.0
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{06A1BE8A-4CA4-4A39-B9E4-E815AA8FE05C}" = Sony Noise Reduction Plug-In 2.0h
"{07FCBED5-94C3-4F94-B9D3-360FA27C7B06}" = Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32
"{0A755762-EED8-47AB-A446-505766F93D43}" = Atheros Communications Inc.(R) L2 Fast Ethernet Driver
"{11CB124D-DE58-404E-8695-4BF5262159BB}" = Saitek SD6 Programming Software 6.2.1.3
"{131D33DF-7CD2-47C6-A4F1-B3C1EFEB041B}" = Lyricsnapper
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{1545207E-C6F3-31D7-9918-BDBB65075FBF}" = Microsoft .NET Framework 3.5 Language Pack - deu
"{15C70064-2463-49dd-9A88-B700F75BB428}" = dj_sf_ProductContext
"{18DC1F9A-15B9-4707-A9CD-C2F66239261E}" = COMPUTERBILD-Abzockschutz
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{2447500B-22D7-47BD-9B13-1A927F43A267}" = Empire Earth
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 22
"{26A87AFB-B337-42C2-BEDF-D4A51F1A5F10}" = Falk Navi-Manager
"{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}" = Ralink RT2870 Wireless LAN Card
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2F467E6E-F7D2-43cc-91B9-4FCC105AE30D}" = D2400
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{3222B0CE-59C5-4CA0-B545-2B88F200756B}" = Falk Navi-Manager
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{32A3A4F4-B792-11D6-A78A-00B0D0160070}" = Java(TM) SE Development Kit 6 Update 7
"{32A3A4F4-B792-11D6-A78A-00B0D0160210}" = Java(TM) SE Development Kit 6 Update 21
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3D047C15-C859-45F7-81CE-F2681778069B}" = iPod for Windows 2006-01-10
"{3DED3A72-61A8-4B87-98A5-EF0BC8038AA0}" = DAEMON Tools
"{415CDA53-9100-476F-A7B2-476691E117C7}" = HP Smart Web Printing
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{49FC50FC-F965-40D9-89B4-CBFF80941031}" = Windows Movie Maker 2.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53480370-6CA2-47EC-BC05-02B4B9271C31}" = O&O Defrag Professional Edition
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{59279982-86E2-4C2A-8060-A3E77575CD8B}" = Logitech G35
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6151CF20-0BD8-4023-A4A0-6A86DCFE58E5}" = Python 2.6.6
"{639673E9-D53F-44F4-A046-485C8A6ADA15}" = Paint.NET v3.5.6
"{644EA08F-87D2-48C0-AE94-B327D1C85A97}" = Microsoft Private Folder 1.0
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{730837D4-FF5E-48DB-BA49-33E732DFF0B3}" = PanoStandAlone
"{75C22B40-6D12-4439-80DC-CAB3313EADA5}" = dj_sf_software_req
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 2.8.6
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{842FAF7C-50EF-4463-9B8F-6222E1384D7D}" = Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
"{87885939-F824-42bf-B790-231B1E8EF2BB}" = dj_sf_software
"{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{9309DD7E-EBFE-3C95-8B47-30D3A012F606}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - DEU
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9521B818-19CE-4d28-8200-DD26133E19E6}" = D2400_Help
"{9580813D-94B1-4C28-9426-A441E2BB29A5}" = Counter-Strike: Source
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{A1071AEB-B0EF-3F5F-BC84-83A270EBE496}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - DEU
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA1AF34D-9056-4B72-A588-D9A7B8CB305B}" = Saitek Cyborg Keyboard Volume 6.2.1.3
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1031-7B44-A81300000003}" = Adobe Reader 8.1.3 - Deutsch
"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver
"{ACCEB7C3-4F3A-4C43-93CA-644951D08B0D}" = TortoiseSVN 1.6.12.20536 (32 bit)
"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 135.36
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B49C924C-A651-4378-94F6-5D9BF44A959F}" = EE-ZDE
"{B571B309-5E65-3DCE-8DE7-205DE2D366C3}" = Microsoft Visual C++ 2008 Express Edition - DEU
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{C07B8BC4-AFD9-3AA4-BDF5-330A07591FDE}" = Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3592426-531E-4110-911D-BFECE2CE284C}" = osu!
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE4A3D0F-D1B0-47D1-BF99-3E957C548D12}" = LogMeIn Hamachi
"{D3880A64-6112-47b7-8BFE-70EEA07B43E0}" = Windows SteadyState
"{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe  1.4.124.1
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{E9F81423-211E-46B6-9AE0-38568BC5CF6F}" =             
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"{F11ADC64-C89E-47F4-A0B3-3665FF859397}" = WORLD IN CONFLICT: SOVIET ASSAULT
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5936267-D467-4e7b-8940-A7D9F0398EF3}" = HP Deskjet Printer Driver Software 9.0
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Audacity_is1" = Audacity 1.2.6
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Creative PC-CAM Center" = Creative PC-CAM Center Lite
"Creative PD1110" = Creative WebCam NX Driver (1.02.01.0827)
"Creative WebCam Monitor" = Creative WebCam Monitor
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"DotAzilla" = DotAzilla
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition
"Fraps" = Fraps
"Game Booster_is1" = Game Booster
"Gaming Mouse" = Gaming Mouse
"Garena" = Garena 2010
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Photosmart Essential" = HP Photosmart Essential 2.01
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"HPExtendedCapabilities" = HP Customer Participation Program 9.0
"HyperCam Toolbar" = HyperCam Toolbar
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{3D047C15-C859-45F7-81CE-F2681778069B}" = iPod for Windows 2006-01-10
"InstallShield_{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"IrfanView" = IrfanView (remove only)
"JDownloader" = JDownloader
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack - deu" = Microsoft .NET Framework 3.5 Language Pack - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Visual C++ 2008 Express Edition - DEU" = Microsoft Visual C++ 2008 Express Edition - DEU
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Neffy" = Neffy 1,3,29,0
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"RayV" = WCG2010EN Player
"RocketDock_is1" = RocketDock 1.3.5
"S3" = Die Siedler III Gold Edition
"Sandboxie" = Sandboxie 3.48
"SpeedBit Video Accelerator" = SpeedBit Video Accelerator
"StarCraft II" = StarCraft II
"Steam App 300" = Day of Defeat: Source
"Steam App 41010" = Serious Sam HD: The Second Encounter
"Steam App 42910" = Magicka
"Steam App 47810" = Dragon Age: Origins - Ultimate Edition
"Steam App 550" = Left 4 Dead 2
"SystemRequirementsLab" = System Requirements Lab
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VLC media player 1.1.5
"VST Bridge_is1" = VST Bridge 1.1
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WebSpider2" = Xaldon WebSpider2
"WheelMouse" = Stinger Mouse Driver 6.0.0.002
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinRAR archiver" = WinRAR
"XP Codec Pack" = XP Codec Pack
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Xvid_is1" = Xvid 1.2.2 final uninstall
"Yawle_0.3b" = YAWLE 0.5b
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"DASH-DA-DASH DX v1.2" = DASH-DA-DASH DX v1.2
"Google Chrome" = Google Chrome
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Warcraft III" = Warcraft III: All Products
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 25.01.2011 08:46:45 | Computer Name = KEAVPC | Source = WmiAdapter | ID = 4099
Description = Dienst konnte nicht geöffnet werden.
 
Error - 26.01.2011 16:09:50 | Computer Name = KEAVPC | Source = WmiAdapter | ID = 4099
Description = Dienst konnte nicht geöffnet werden.
 
Error - 26.01.2011 16:21:24 | Computer Name = KEAVPC | Source = WmiAdapter | ID = 4099
Description = Dienst konnte nicht geöffnet werden.
 
Error - 27.01.2011 10:44:03 | Computer Name = KEAVPC | Source = WmiAdapter | ID = 4099
Description = Dienst konnte nicht geöffnet werden.
 
Error - 27.01.2011 16:38:56 | Computer Name = KEAVPC | Source = WmiAdapter | ID = 4099
Description = Dienst konnte nicht geöffnet werden.
 
Error - 28.01.2011 05:00:43 | Computer Name = KEAVPC | Source = WmiAdapter | ID = 4099
Description = Dienst konnte nicht geöffnet werden.
 
Error - 28.01.2011 08:40:23 | Computer Name = KEAVPC | Source = WmiAdapter | ID = 4099
Description = Dienst konnte nicht geöffnet werden.
 
Error - 28.01.2011 16:29:30 | Computer Name = KEAVPC | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung steam.exe, Version 1.0.968.628, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 29.01.2011 08:03:23 | Computer Name = KEAVPC | Source = WmiAdapter | ID = 4099
Description = Dienst konnte nicht geöffnet werden.
 
Error - 30.01.2011 05:55:48 | Computer Name = KEAVPC | Source = WmiAdapter | ID = 4099
Description = Dienst konnte nicht geöffnet werden.
 
[ System Events ]
Error - 29.01.2011 05:38:01 | Computer Name = KEAVPC | Source = Service Control Manager | ID = 7022
Description = Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht ordnungsgemäß
 gestartet.
 
Error - 29.01.2011 05:38:01 | Computer Name = KEAVPC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   MFX  PCLEPCI
 
Error - 30.01.2011 05:42:36 | Computer Name = KEAVPC | Source = Service Control Manager | ID = 7011
Description = Zeitüberschreitung (30000 ms) beim Warten auf eine Transaktionsrückmeldung
 von Dienst Windows SteadyState.
 
Error - 30.01.2011 05:42:36 | Computer Name = KEAVPC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "iPodDrv" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 30.01.2011 05:44:02 | Computer Name = KEAVPC | Source = Service Control Manager | ID = 7022
Description = Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht ordnungsgemäß
 gestartet.
 
Error - 30.01.2011 05:44:02 | Computer Name = KEAVPC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   MFX  PCLEPCI
 
Error - 30.01.2011 07:50:41 | Computer Name = KEAVPC | Source = Service Control Manager | ID = 7011
Description = Zeitüberschreitung (30000 ms) beim Warten auf eine Transaktionsrückmeldung
 von Dienst Windows SteadyState.
 
Error - 30.01.2011 07:50:41 | Computer Name = KEAVPC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "iPodDrv" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 30.01.2011 07:52:08 | Computer Name = KEAVPC | Source = Service Control Manager | ID = 7022
Description = Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht ordnungsgemäß
 gestartet.
 
Error - 30.01.2011 07:52:08 | Computer Name = KEAVPC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   MFX  PCLEPCI
 
[ TuneUp Events ]
Error - 23.12.2010 06:42:15 | Computer Name = KEAVPC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
 ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-12-23 11:42:15', '\device\harddiskvolume2\eigene
 dateien\systemprogramme\antiviren\malwarebytes' anti-malware\mbam.exe','2308',0)
 
Error - 30.01.2011 07:57:27 | Computer Name = KEAVPC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
 ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2011-01-30 12:57:27', '\device\harddiskvolume2\eigene
 dateien\systemprogramme\antiviren\malwarebytes' anti-malware\mbam.exe','4020',0)
 
Error - 30.01.2011 08:32:34 | Computer Name = KEAVPC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
 ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2011-01-30 13:32:34', '\device\harddiskvolume2\eigene
 dateien\systemprogramme\antiviren\malwarebytes' anti-malware\mbam.exe','5316',0)
 
Error - 30.01.2011 08:47:15 | Computer Name = KEAVPC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
 ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2011-01-30 13:47:15', '\device\harddiskvolume2\eigene
 dateien\systemprogramme\antiviren\malwarebytes' anti-malware\mbam.exe','3716',0)
 
Error - 30.01.2011 08:47:55 | Computer Name = KEAVPC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
 ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2011-01-30 13:47:55', '\device\harddiskvolume1\dokumente
 und einstellungen\all users\anwendungsdaten\malwarebytes\malwarebytes' anti-malware\mbam-setup.exe','5728',0)
 
Error - 30.01.2011 08:47:55 | Computer Name = KEAVPC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
 ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2011-01-30 13:47:55', '\device\harddiskvolume2\eigene
 dateien\systemprogramme\antiviren\malwarebytes' anti-malware\mbamgui.exe','516',0)
 
Error - 30.01.2011 08:48:11 | Computer Name = KEAVPC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
 ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2011-01-30 13:48:11', '\device\harddiskvolume2\eigene
 dateien\systemprogramme\antiviren\malwarebytes' anti-malware\mbam.exe','1256',0)
 
Error - 30.01.2011 08:48:36 | Computer Name = KEAVPC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
 ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2011-01-30 13:48:36', '\device\harddiskvolume2\eigene
 dateien\systemprogramme\antiviren\malwarebytes' anti-malware\mbam.exe','4712',0)
 
Error - 30.01.2011 08:48:46 | Computer Name = KEAVPC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
 ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2011-01-30 13:48:46', '\device\harddiskvolume1\dokumente
 und einstellungen\all users\anwendungsdaten\malwarebytes\malwarebytes' anti-malware\mbam-setup.exe','5900',0)
 
Error - 30.01.2011 08:49:11 | Computer Name = KEAVPC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
 ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2011-01-30 13:49:11', '\device\harddiskvolume2\eigene
 dateien\systemprogramme\antiviren\malwarebytes' anti-malware\mbam.exe','4324',0)
 
 
< End of report >
         
MfG

Keav

Geändert von Keav (30.01.2011 um 13:56 Uhr)

Alt 30.01.2011, 20:55   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
c:\windows\TEMP31~1.EXE (NTVDM-CPU hat einen ungültigen Befehl entdeckt) - Standard

c:\windows\TEMP31~1.EXE (NTVDM-CPU hat einen ungültigen Befehl entdeckt)



Gibt es noch weitere Logs von Malwarebytes? Wenn ja bitte alle davon posten. Du findest diese im Reiter Logdateien in Malwarebytes.
__________________

__________________

Antwort

Themen zu c:\windows\TEMP31~1.EXE (NTVDM-CPU hat einen ungültigen Befehl entdeckt)
0x00000001, 32 bit, adblock, alternate, angezeigt, anwendung, audacity, avgntflt.sys, bild, c:\windows, call of duty, chrome, computer, entdeck, entdeckt, explorer, fehlermeldung, fontcache, google, google chrome, interne, internetexplorer, iobit, klicke, klicken, league of legends, libusb0.sys, location, myspace, ntvdmcpu, oldtimer, otl.exe, plug-in, saver, scan, scanner, sched.exe, schließen, searchplugins, seite, service pack 1, shell32.dll, standardbrowser, system restore, temp, temp31, total commander, trojaner-board, verschwunden, virenscan, virenscanner, visual studio, vlc media player, windows, windows internet, öffnen




Ähnliche Themen: c:\windows\TEMP31~1.EXE (NTVDM-CPU hat einen ungültigen Befehl entdeckt)


  1. G-Datea hat auf meinem Medion Akoya einen Virus entdeckt und nun soll ich das System mit der G Data Boot CD überprüfen
    Plagegeister aller Art und deren Bekämpfung - 19.08.2014 (1)
  2. AVG hat einen "VBS/Heur"-Virus entdeckt
    Plagegeister aller Art und deren Bekämpfung - 12.01.2014 (5)
  3. Bitdefender Total Security hat einen Virus entdeckt.
    Log-Analyse und Auswertung - 17.09.2013 (7)
  4. Virenprogramm aht bei mir einen Trojaner entdeckt. Jedoch via Internet keine Infos gefunden
    Plagegeister aller Art und deren Bekämpfung - 07.06.2012 (29)
  5. Windows startet nicht mehr nach befehl "rename explorer.exe C\Windows". was nun?
    Alles rund um Windows - 11.01.2012 (4)
  6. 16_Bit_MSDOS_Teilsystem_NtVDM-CPU_ungültiger Befehl
    Log-Analyse und Auswertung - 16.10.2011 (1)
  7. Befehl für den Taskmanager > windows fährt nicht richtig hoch
    Alles rund um Windows - 15.08.2011 (8)
  8. Die NTVDM-CPU hat einen ungültigen Befehl entdeckt.
    Alles rund um Windows - 06.04.2011 (7)
  9. Commerzbank hat bei mir einen Trojaner entdeckt - Was nun?
    Plagegeister aller Art und deren Bekämpfung - 08.12.2010 (14)
  10. *** hat einen Fehler entdeckt und muss geschlossen werden
    Plagegeister aller Art und deren Bekämpfung - 30.11.2010 (50)
  11. Include Befehl und HTML
    Alles rund um Windows - 18.10.2010 (14)
  12. NTVDM.exe Startup Fehler
    Plagegeister aller Art und deren Bekämpfung - 05.07.2010 (14)
  13. HILFE The NTVDM CPU has encountered an illegal instruction.
    Alles rund um Windows - 26.07.2009 (1)
  14. Die NTVDM-CPU hat einen ungültigen Befehl entdeckt
    Log-Analyse und Auswertung - 29.01.2009 (0)
  15. Dos-Befehl
    Diskussionsforum - 06.12.2007 (8)
  16. Die NTVDM-CPU hat einen ungültigen Befehl endeckt???
    Mülltonne - 11.11.2007 (0)
  17. NTVDM-Fehlermeldung - Brauche bitte dringend Hilfe!!!
    Log-Analyse und Auswertung - 10.07.2006 (5)

Zum Thema c:\windows\TEMP31~1.EXE (NTVDM-CPU hat einen ungültigen Befehl entdeckt) - Hallo liebes trojaner-board Team, nachdem ich vorhin ein Bild heruntergeladen habe und dieses öffnen wollte ist es verschwunden und ich bekomme seitdem jedesmal nach kurzer Zeit wenn ich meinen Computer - c:\windows\TEMP31~1.EXE (NTVDM-CPU hat einen ungültigen Befehl entdeckt)...
Archiv
Du betrachtest: c:\windows\TEMP31~1.EXE (NTVDM-CPU hat einen ungültigen Befehl entdeckt) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.