nachdem ich OTLPE gestartet habe, hat er mir diese Logfile gezeigt:
Zitat:
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WinRing0_1_2_0 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry key HKEY_USERS\Der_Stutz_ON_E\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry key HKEY_USERS\Romilda_ON_E\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Corel File Shell Monitor deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\VeriFaceManager deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\WinampAgent deleted successfully.
File E:\Program Files\Winamp\winampa.exe not found.
Registry key HKEY_USERS\Der_Stutz_ON_E\Software\Microsoft\Windows\CurrentVersion\Run not found.
File E:\Users\Der Stutz\AppData\Roaming\jashla.exe not found.
Registry key HKEY_USERS\Der_Stutz_ON_E\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_USERS\LocalService_ON_E\Software\Microsoft\Windows\CurrentVersion\RunOnce not found.
File E:\Windows\System32\mctadmin.exe not found.
Registry key HKEY_USERS\NetworkService_ON_E\Software\Microsoft\Windows\CurrentVersion\RunOnce not found.
File E:\Windows\System32\mctadmin.exe not found.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File E:\autoexec.bat not found.
File move failed. X:\AUTORUN.INF scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{77f5d654-155a-11df-a72f-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{77f5d654-155a-11df-a72f-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{77f5d654-155a-11df-a72f-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{77f5d654-155a-11df-a72f-806e6f6e6963}\ not found.
File E:\Autorun.exe not found.
File E:\Users\Der Stutz\AppData\Roaming\jashla.exe not found.
File E:\ProgramData\~27516664r not found.
File E:\ProgramData\~27516664 not found.
File E:\ProgramData\27516664 not found.
========== FILES ==========
File\Folder E:\Users\Der Stutz\AppData\Roaming\jashla.exe not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
User: Default User
User: Der Stutz
User: Gast
User: Public
User: Romilda
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 81900937 bytes
Total Files Cleaned = 78.00 mb
F:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTLPE by OldTimer - Version 3.1.48.0 log created on 10022011_041923
Files\Folders moved on Reboot...
File move failed. X:\AUTORUN.INF scheduled to be moved on reboot.
Registry entries deleted on Reboot...
|
02.10.2011, 00:49
Hybrid-Darstellung
