PHP-Code:
All processes killed
========== OTL ==========
Service XDva398 stopped successfully!
Service XDva398 deleted successfully!
File C:\WINDOWS\system32\XDva398.sys File not found not found.
Service XDva397 stopped successfully!
Service XDva397 deleted successfully!
File C:\WINDOWS\system32\XDva397.sys File not found not found.
Service XDva394 stopped successfully!
Service XDva394 deleted successfully!
File C:\WINDOWS\system32\XDva394.sys File not found not found.
Service XDva393 stopped successfully!
Service XDva393 deleted successfully!
File C:\WINDOWS\system32\XDva393.sys File not found not found.
Service XDva392 stopped successfully!
Service XDva392 deleted successfully!
File C:\WINDOWS\system32\XDva392.sys File not found not found.
Service XDva390 stopped successfully!
Service XDva390 deleted successfully!
File C:\WINDOWS\system32\XDva390.sys File not found not found.
Service WDICA stopped successfully!
Service WDICA deleted successfully!
File File not found not found.
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
File File not found not found.
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
File File not found not found.
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
File File not found not found.
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
File File not found not found.
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
File File not found not found.
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
File File not found not found.
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
File File not found not found.
Service Changer stopped successfully!
Service Changer deleted successfully!
File File not found not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2F80C556-9991-42BF-943A-0C69E8A0F976}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2F80C556-9991-42BF-943A-0C69E8A0F976}\ not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
Prefs.js: "Google" removed from browser.search.defaultengine
Prefs.js: "Google" removed from browser.search.defaultenginename
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: "Ask.com" removed from browser.search.selectedEngine
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Cmaudio deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\FlashPlayerUpdate not found.
C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_3_300_262_Plugin.exe moved successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000011\ deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4fe8a4ae-4607-11e1-b5c0-000b6ad244d8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4fe8a4ae-4607-11e1-b5c0-000b6ad244d8}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4fe8a4ae-4607-11e1-b5c0-000b6ad244d8}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4fe8a4ae-4607-11e1-b5c0-000b6ad244d8}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4fe8a4ae-4607-11e1-b5c0-000b6ad244d8}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4fe8a4ae-4607-11e1-b5c0-000b6ad244d8}\ not found.
File move failed. G:\setup_vmc_lite.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\ not found.
File move failed. G:\setup_vmc_lite.exe scheduled to be moved on reboot.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
C:\WINDOWS\System32\SET948.tmp deleted successfully.
C:\WINDOWS\System32\SET949.tmp deleted successfully.
C:\WINDOWS\System32\SET94B.tmp deleted successfully.
C:\WINDOWS\System32\SET94C.tmp deleted successfully.
C:\WINDOWS\System32\SET94D.tmp deleted successfully.
C:\WINDOWS\System32\SET94E.tmp deleted successfully.
C:\WINDOWS\System32\SET950.tmp deleted successfully.
C:\WINDOWS\System32\SET953.tmp deleted successfully.
C:\WINDOWS\System32\SET954.tmp deleted successfully.
C:\WINDOWS\System32\SET955.tmp deleted successfully.
C:\WINDOWS\System32\SET958.tmp deleted successfully.
C:\WINDOWS\System32\SET95C.tmp deleted successfully.
C:\WINDOWS\System32\SET95D.tmp deleted successfully.
C:\WINDOWS\System32\SET95F.tmp deleted successfully.
C:\WINDOWS\System32\SET961.tmp deleted successfully.
C:\WINDOWS\System32\SET962.tmp deleted successfully.
C:\WINDOWS\System32\SET963.tmp deleted successfully.
C:\WINDOWS\System32\SET964.tmp deleted successfully.
C:\WINDOWS\System32\SET965.tmp deleted successfully.
C:\WINDOWS\System32\SET966.tmp deleted successfully.
C:\WINDOWS\System32\SET967.tmp deleted successfully.
C:\WINDOWS\System32\SET96B.tmp deleted successfully.
C:\WINDOWS\System32\SET96D.tmp deleted successfully.
C:\WINDOWS\System32\SET96E.tmp deleted successfully.
C:\WINDOWS\System32\SET96F.tmp deleted successfully.
C:\WINDOWS\System32\SET970.tmp deleted successfully.
C:\WINDOWS\System32\SET971.tmp deleted successfully.
C:\WINDOWS\System32\SET972.tmp deleted successfully.
C:\WINDOWS\System32\SET974.tmp deleted successfully.
C:\WINDOWS\System32\SET975.tmp deleted successfully.
C:\WINDOWS\System32\SET976.tmp deleted successfully.
C:\WINDOWS\System32\SET977.tmp deleted successfully.
C:\WINDOWS\System32\SET979.tmp deleted successfully.
C:\WINDOWS\System32\SET97A.tmp deleted successfully.
C:\WINDOWS\System32\SET97B.tmp deleted successfully.
C:\WINDOWS\System32\SET97C.tmp deleted successfully.
C:\WINDOWS\System32\SET97E.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\SET907.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\SET909.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\SET910.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\SET914.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\SET916.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\SET918.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\SET91A.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\SET91E.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\SET91F.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\SET920.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\SET921.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\SET922.tmp deleted successfully.
C:\WINDOWS\System32\dllcache\SET924.tmp deleted successfully.
C:\Dokumente und Einstellungen\CF.FreAk\Anwendungsdaten\Mozilla\Firefox\Profiles\bi6oylvg.default\searchplugins\askcom.xml moved successfully.
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\pmt_0piot.pad moved successfully.
File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\pmt_0piot.pad not found.
========== FILES ==========
[color=#A23BEC]< ipconfig /flushdns /c >[/color]
Windows-IP-Konfiguration
Der DNS-Auflösungscache wurde geleert.
C:\Dokumente und Einstellungen\CF.FreAk\Desktop\cmd.bat deleted successfully.
C:\Dokumente und Einstellungen\CF.FreAk\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 2193942 bytes
->Temporary Internet Files folder emptied: 5307553 bytes
->Flash cache emptied: 456 bytes
User: All Users
User: CF.FreAk
->Temp folder emptied: 207812 bytes
->Temporary Internet Files folder emptied: 393618 bytes
->FireFox cache emptied: 58686129 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 506 bytes
User: CF79EC~1~FRE
User: Crossfire
->Temp folder emptied: 25479 bytes
->Temporary Internet Files folder emptied: 562300 bytes
->FireFox cache emptied: 132446497 bytes
->Flash cache emptied: 1594 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33237 bytes
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2503692 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 483 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 193,00 mb
[EMPTYFLASH]
User: Administrator
->Flash cache emptied: 0 bytes
User: All Users
User: CF.FreAk
->Flash cache emptied: 0 bytes
User: CF79EC~1~FRE
User: Crossfire
->Flash cache emptied: 0 bytes
User: Default User
User: LocalService
User: NetworkService
User: UpdatusUser
Total Flash Files Cleaned = 0,00 mb
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\: LSP stack updated.
OTL by OldTimer - Version 3.2.54.0 log created on 07222012_021439
Files\Folders moved on Reboot...
File move failed. G:\setup_vmc_lite.exe scheduled to be moved on reboot.
PendingFileRenameOperations files...
[2009.07.23 16:55:39 | 000,266,240 | R--- | M] (Vodafone) G:\setup_vmc_lite.exe : MD5=D95DCDD55595C3B316B02D1835D9FC25
Registry entries deleted on Reboot...
hier ist es vom OTL Fix.....
22.07.2012, 01:23
Baum-Darstellung