| Freemotion | 09.01.2012 22:47 |
Allerdings läuft der OLTPE-Scan wenn ich nichts in die Textbox für Benutzerdefinierte Scans und Fixes eingebe.
Ich weiss nicht, ob es dir hilft, aber hier der log dazu:
OTL Logfile: Code:
OTL logfile created on: 1/9/2012 10:42:52 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 86.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97.66 Gb Total Space | 5.71 Gb Free Space | 5.85% Space Free | Partition Type: NTFS
Drive D: | 833.85 Gb Total Space | 784.38 Gb Free Space | 94.07% Space Free | Partition Type: NTFS
Drive E: | 1.88 Gb Total Space | 1.87 Gb Free Space | 99.13% Space Free | Partition Type: FAT
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV - [2012/01/06 06:10:17 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/12/14 17:13:43 | 003,316,000 | ---- | M] () [Auto] -- C:\program files\common files\akamai/netsession_win_b427739.dll -- (Akamai)
SRV - [2011/11/28 07:19:56 | 000,265,120 | ---- | M] () [Auto] -- C:\Program Files\Common Files\WireHelpSvc.exe -- (WireHelpSvc)
SRV - [2011/07/03 08:42:54 | 000,269,480 | ---- | M] (Avira GmbH) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/04/30 10:33:39 | 000,136,360 | ---- | M] (Avira GmbH) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/07/20 05:28:10 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand] -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2008/07/11 13:00:06 | 000,080,392 | ---- | M] () [Auto] -- C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe -- (GEST Service)
SRV - [2008/05/07 11:41:14 | 000,354,840 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2006/10/04 15:36:26 | 000,061,440 | ---- | M] (Deutsche Telekom AG, Marmiko IT-Solutions GmbH) [Auto] -- C:\Program Files\Common Files\Marmiko Shared\MZCCntrl.exe -- (MZCCntrl)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand] -- -- (IpInIp)
DRV - File not found [Kernel | On_Demand] -- -- (esgiguard)
DRV - File not found [Kernel | On_Demand] -- -- (EagleNT)
DRV - [2012/01/09 13:57:56 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2011/11/28 07:19:46 | 000,836,496 | ---- | M] (<Turtle Entertainment>) [Kernel | Auto] -- C:\Windows\System32\drivers\ESLWireACD.sys -- (ESLWireAC)
DRV - [2011/07/03 08:42:54 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/07/03 08:42:54 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/12/03 05:17:48 | 000,024,504 | ---- | M] (Turtle Entertainment GmbH) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ESLvnic.sys -- (ESLvnic1)
DRV - [2009/06/17 11:56:32 | 000,028,560 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2009/06/17 11:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2009/06/17 11:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2009/05/11 04:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/05/06 12:24:07 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009/04/10 23:45:37 | 000,185,856 | ---- | M] () [Kernel | System] -- C:\Windows\System32\drivers\netbt.sys -- (netbt)
DRV - [2009/02/13 05:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/12/01 17:14:33 | 004,179,968 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008/02/14 01:56:02 | 000,118,784 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2006/10/04 03:14:26 | 000,017,280 | ---- | M] (Marmiko IT-Solutions GmbH) [Kernel | On_Demand] -- C:\Program Files\Common Files\Marmiko Shared\MAcNdis5.sys -- (MACNDIS5)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\***_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\***_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\***_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\***_ON_C\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\***_ON_C\..\URLSearchHook: {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\Windows\System32\dvmurl.dll (DeviceVM Inc.)
IE - HKU\***_ON_C\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - Reg Error: Key error. File not found
IE - HKU\***_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\***_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\***_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:58263
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\System32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: D:\Firefox\components [2012/01/08 15:14:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: D:\Firefox\plugins
Hosts file not found
O3 - HKU\***_ON_C\..\Toolbar\WebBrowser: (no name) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - No CLSID value found.
O3 - HKU\***_ON_C\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4 - HKLM..\Run: [6z0NmEQ2XVotYW4] C:\Users\***\AppData\Roaming\a4y34y3a4.exe (IObit )
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [Launch LGDCore] C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe (Logitech Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [ToADiMon.exe] C:\Program Files\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe (Deutsche Telekom AG, Marmiko IT-Solutions GmbH)
O4 - HKU\.DEFAULT..\Run: [6z0NmEQ2XVotYW4] C:\Windows\System32\config\systemprofile\AppData\Roaming\a4y34y3a4.exe (IObit )
O4 - HKU\.DEFAULT..\Run: [InfoCockpit] C:\Program Files\T-Online\T-Online_Software_6\Info-Cockpit\IC_START.EXE (Deutsche Telekom AG, T-Com)
O4 - HKU\***_ON_C..\Run: [4Y3Y0C3AVF7XWI4EQMRF] C:\Recycle.Bin\B6232F3A613.exe (AVM GmbH)
O4 - HKU\***_ON_C..\Run: [6z0NmEQ2XVotYW4] C:\Users\***\AppData\Roaming\a4y34y3a4.exe (IObit )
O4 - HKU\***_ON_C..\Run: [Akamai NetSession Interface] C:\Users\***\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKU\***_ON_C..\Run: [EA Core] File not found
O4 - HKU\***_ON_C..\Run: [ESL Wire] D:\Program Files\EslWire\wire.exe (Turtle Entertainment GmbH)
O4 - HKU\***_ON_C..\Run: [EvJOWall] D:\Program Files\EvJOSoft\Wallpaper Changer\EvJOWall.exe (EvJOSoft)
O4 - HKU\***_ON_C..\Run: [F01.exe] C:\Users\***\AppData\Roaming\Microsoft\0013\F01.exe ()
O4 - HKU\***_ON_C..\Run: [Gammacontrol] File not found
O4 - HKU\***_ON_C..\Run: [ICQ] C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O4 - HKU\***_ON_C..\Run: [Mozilla Firefox] C:\Users\***\AppData\Roaming\Mozilla\Firefox\firefox.exe ()
O4 - HKU\***_ON_C..\Run: [Octoshape Streaming Services] File not found
O4 - HKU\***_ON_C..\Run: [Steam] C:\Program Files\Valve\Steam\steam.exe (Valve Corporation)
O4 - HKU\***_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\Run: [InfoCockpit] C:\Program Files\T-Online\T-Online_Software_6\Info-Cockpit\IC_START.EXE (Deutsche Telekom AG, T-Com)
O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [InfoCockpit] C:\Program Files\T-Online\T-Online_Software_6\Info-Cockpit\IC_START.EXE (Deutsche Telekom AG, T-Com)
O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [*Restore] C:\Windows\System32\rstrui.exe (Microsoft Corporation)
O7 - HKU\***_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - File not found
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O20 - HKLM Winlogon: Shell - (C:\Users\***\AppData\Roaming\a4y34y3a4.exe) - C:\Users\***\AppData\Roaming\a4y34y3a4.exe (IObit )
O20 - HKU\.DEFAULT Winlogon: Shell - (C:\Windows\system32\config\systemprofile\AppData\Roaming\a4y34y3a4.exe) - C:\Windows\System32\config\systemprofile\AppData\Roaming\a4y34y3a4.exe (IObit )
O20 - HKU\***_ON_C Winlogon: Shell - (C:\Users\***\AppData\Roaming\a4y34y3a4.exe) - C:\Users\***\AppData\Roaming\a4y34y3a4.exe (IObit )
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/01/09 08:14:45 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\3C022
[2012/01/08 18:01:36 | 000,095,744 | ---- | C] (Kassl GmbH) -- C:\Users\***\AppData\Roaming\dwlGina3.dll
[2012/01/08 17:53:40 | 000,458,752 | ---- | C] (IObit ) -- C:\Users\***\AppData\Roaming\a4y34y3a4.exe
[2012/01/08 15:44:18 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2012/01/08 15:14:06 | 000,272,384 | ---- | C] (Microsoft Corporation) -- C:\Users\***\AppData\Local\tid.exe
[2011/12/16 18:37:03 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\KollegahDerBoss
[2011/12/14 17:16:58 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011/12/14 17:16:58 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011/12/14 17:16:57 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011/12/14 17:16:56 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/12/14 17:16:56 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011/12/14 17:16:56 | 000,471,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/12/14 17:16:56 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/12/14 17:16:56 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011/12/14 17:16:56 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/12/14 17:16:56 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011/12/14 17:16:54 | 002,043,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/12/14 17:16:49 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2011/12/14 17:16:48 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/01/09 14:10:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/09 14:10:16 | 000,003,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/09 14:10:16 | 000,003,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/09 14:10:14 | 000,000,426 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{424591B6-41FE-408B-A098-41A3958E63B2}.job
[2012/01/09 14:02:17 | 000,638,972 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012/01/09 14:02:17 | 000,604,566 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/01/09 14:02:17 | 000,131,012 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012/01/09 14:02:17 | 000,107,898 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/01/09 13:57:56 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\Windows\gdrv.sys
[2012/01/09 13:57:52 | 3488,075,776 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/09 08:13:58 | 000,000,896 | ---- | M] () -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\0.4254705252397837.exe.lnk
[2012/01/08 18:01:36 | 000,095,744 | ---- | M] (Kassl GmbH) -- C:\Users\***\AppData\Roaming\dwlGina3.dll
[2012/01/08 15:31:14 | 000,458,752 | ---- | M] (IObit ) -- C:\Users\***\AppData\Roaming\a4y34y3a4.exe
[2012/01/08 15:25:24 | 000,010,554 | -HS- | M] () -- C:\Users\***\AppData\Local\647w8y7f5547
[2012/01/08 15:25:24 | 000,010,554 | -HS- | M] () -- C:\ProgramData\647w8y7f5547
[2012/01/08 15:14:06 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\Users\***\AppData\Local\tid.exe
[2011/12/23 18:10:27 | 000,221,991 | ---- | M] () -- C:\Users\***\Desktop\Kollegah.jpg
[2011/12/18 12:02:56 | 000,001,688 | ---- | M] () -- C:\Users\***\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2011/12/15 15:08:03 | 000,433,784 | ---- | M] () -- C:\Users***\Desktop\zuckerrohr.jpg
[2011/12/15 14:30:08 | 000,014,960 | ---- | M] () -- C:\Users\***\Desktop\9303762-bratpfanne-mit-teflon-deckung-isolated-on-a-white-background.jpg
[2011/12/15 14:29:10 | 000,091,939 | ---- | M] () -- C:\Users\***\Desktop\Funktionskleidung.jpg
[2011/12/15 14:19:05 | 000,053,062 | ---- | M] () -- C:\Users\***\Desktop\20660_1.jpg
[2011/12/15 14:14:12 | 000,459,365 | ---- | M] () -- C:\Users\***\Desktop\plastic_objects.jpg
[2011/12/15 12:17:40 | 000,047,676 | ---- | M] () -- C:\Users\***\Desktop\kunststoff_auto.jpg
[2011/12/15 11:56:57 | 000,019,231 | ---- | M] () -- C:\Users\***\Desktop\k_kreis2.JPG
[2011/12/15 10:14:06 | 000,410,920 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/01/09 13:34:19 | 3488,075,776 | -HS- | C] () -- C:\hiberfil.sys
[2012/01/09 08:13:58 | 000,000,896 | ---- | C] () -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\0.4254705252397837.exe.lnk
[2012/01/08 15:14:07 | 000,010,554 | -HS- | C] () -- C:\Users\***\AppData\Local\647w8y7f5547
[2012/01/08 15:14:07 | 000,010,554 | -HS- | C] () -- C:\ProgramData\647w8y7f5547
[2011/12/23 18:10:26 | 000,221,991 | ---- | C] () -- C:\Users\***\Desktop\Kollegah.jpg
[2011/12/18 12:02:56 | 000,001,688 | ---- | C] () -- C:\Users\***\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2011/12/15 15:08:03 | 000,433,784 | ---- | C] () -- C:\Users***\Desktop\zuckerrohr.jpg
[2011/12/15 14:30:08 | 000,014,960 | ---- | C] () -- C:\Users\***\Desktop\9303762-bratpfanne-mit-teflon-deckung-isolated-on-a-white-background.jpg
[2011/12/15 14:29:09 | 000,091,939 | ---- | C] () -- C:\Users\***\Desktop\Funktionskleidung.jpg
[2011/12/15 14:19:05 | 000,053,062 | ---- | C] () -- C:\Users\***\Desktop\20660_1.jpg
[2011/12/15 14:14:12 | 000,459,365 | ---- | C] () -- C:\Users\***\Desktop\plastic_objects.jpg
[2011/12/15 12:17:40 | 000,047,676 | ---- | C] () -- C:\Users\***\Desktop\kunststoff_auto.jpg
[2011/12/15 11:56:57 | 000,019,231 | ---- | C] () -- C:\Users\***\Desktop\k_kreis2.JPG
[2011/07/05 07:47:24 | 000,265,120 | ---- | C] () -- C:\Program Files\Common Files\WireHelpSvc.exe
[2011/06/02 07:24:07 | 000,554,496 | ---- | C] () -- C:\Windows\System32\dvmsg.dll
[2011/02/25 13:05:21 | 000,164,246 | ---- | C] () -- C:\Windows\hpoins19.dat
[2011/02/25 13:05:13 | 000,026,952 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2010/09/17 05:10:37 | 000,000,600 | ---- | C] () -- C:\Users\***\AppData\Roaming\winscp.rnd
[2010/09/01 16:02:39 | 000,000,000 | ---- | C] () -- C:\Users\***\AppData\Roaming\chrtmp
[2010/06/24 14:55:32 | 000,000,552 | ---- | C] () -- C:\Users\***\AppData\Local\d3d8caps.dat
[2010/05/11 07:29:13 | 000,098,304 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2010/03/18 14:26:16 | 000,017,408 | ---- | C] () -- C:\Users\***\AppData\Local\WebpageIcons.db
[2010/02/10 07:58:34 | 000,000,097 | ---- | C] () -- C:\Users\***\AppData\Local\fusioncache.dat
[2009/09/24 07:36:29 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/24 07:36:29 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/09/24 07:36:22 | 000,185,856 | ---- | C] () -- C:\Windows\System32\drivers\netbt.sys
[2009/05/28 06:14:08 | 000,000,760 | ---- | C] () -- C:\Users\***\AppData\Roaming\setup_ldm.iss
[2009/01/26 08:07:35 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/01/22 12:58:43 | 000,028,672 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/22 06:49:31 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/01/22 05:37:16 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/01/22 05:19:54 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009/01/22 05:00:39 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2009/01/22 04:57:16 | 000,007,512 | ---- | C] () -- C:\Users\***\AppData\Local\d3d9caps.dat
[2008/12/01 15:46:10 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008/12/01 15:08:39 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2008/10/30 09:45:42 | 000,180,720 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2008/10/21 12:40:00 | 000,081,920 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2008/10/21 12:40:00 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2008/01/21 02:15:58 | 000,638,972 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008/01/21 02:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008/01/21 02:15:58 | 000,131,012 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008/01/21 02:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2007/07/23 03:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2007/07/23 03:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2007/07/23 03:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2007/07/23 03:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2007/07/23 03:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2007/07/23 03:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2007/07/23 03:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2007/07/23 03:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2007/07/23 03:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2007/06/21 01:34:08 | 000,203,328 | R--- | C] () -- C:\Windows\GSetup.exe
[2006/11/02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:47:37 | 000,410,920 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:33:01 | 000,604,566 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,107,898 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
========== LOP Check ==========
[2012/01/09 08:14:45 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\3C022
[2009/04/01 07:59:34 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Babylon
[2011/07/29 09:27:15 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DVDVideoSoft
[2011/03/01 11:57:05 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers
[2011/11/07 14:49:51 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Electronic Arts
[2011/12/10 12:53:13 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\EvJOWallpaper
[2009/02/21 05:20:15 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FOG Downloader
[2009/08/11 14:01:21 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\gtk-2.0
[2011/05/04 06:41:59 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Hardcore
[2011/09/07 11:35:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\HLSW
[2012/01/08 15:17:16 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ICQ
[2011/02/25 13:22:44 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Image Zone Express
[2009/01/23 05:42:49 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Leadertech
[2010/02/10 11:08:00 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\McLoad
[2010/07/16 17:35:09 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Nokia
[2010/09/20 14:45:12 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenOffice.org
[2009/06/22 14:55:49 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\pokerth
[2011/02/25 13:22:44 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Printer Info Cache
[2011/01/21 19:33:46 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\SynthMaker
[2010/02/10 07:59:29 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\T-Online
[2011/09/20 10:24:36 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TeamViewer
[2011/06/30 14:14:50 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Tobit
[2011/05/18 07:07:13 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TS3Client
[2011/03/24 12:32:47 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\UltraMixer
[2009/04/24 06:37:29 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\VOIPlay
[2009/01/22 04:55:11 | 000,000,000 | -HSD | M] -- C:\ProgramData\Anwendungsdaten
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2009/04/01 08:45:03 | 000,000,000 | ---D | M] -- C:\ProgramData\Babylon
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2009/01/22 04:55:11 | 000,000,000 | -HSD | M] -- C:\ProgramData\Dokumente
[2011/07/22 13:41:34 | 000,000,000 | ---D | M] -- C:\ProgramData\Electronic Arts
[2010/12/11 20:47:51 | 000,000,000 | ---D | M] -- C:\ProgramData\ESL Wire
[2009/01/22 04:55:11 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoriten
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2010/02/15 13:49:30 | 000,000,000 | ---D | M] -- C:\ProgramData\ICQ
[2009/01/22 14:34:07 | 000,000,000 | ---D | M] -- C:\ProgramData\NexonEU
[2011/02/25 12:46:39 | 000,000,000 | ---D | M] -- C:\ProgramData\PC Drivers HeadQuarters
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2009/01/22 04:55:11 | 000,000,000 | -HSD | M] -- C:\ProgramData\Startmenü
[2010/02/10 07:56:25 | 000,000,000 | ---D | M] -- C:\ProgramData\T-Online
[2009/02/09 13:33:31 | 000,000,000 | ---D | M] -- C:\ProgramData\TEMP
[2006/11/02 08:02:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2010/12/14 09:52:11 | 000,000,000 | ---D | M] -- C:\ProgramData\TrackMania
[2009/09/26 04:43:02 | 000,000,000 | ---D | M] -- C:\ProgramData\TuneUp Software
[2009/01/22 04:55:11 | 000,000,000 | -HSD | M] -- C:\ProgramData\Vorlagen
[2009/04/06 06:30:29 | 000,000,000 | ---D | M] -- C:\ProgramData\WindowsSearch
[2010/04/03 13:06:35 | 000,000,000 | ---D | M] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/09/26 04:41:23 | 000,000,000 | -HSD | M] -- C:\ProgramData\{55A29068-F2CE-456C-9148-C869879E2357}
[2009/09/17 07:45:59 | 000,000,000 | ---D | M] -- C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/28 08:47:46 | 000,000,000 | ---D | M] -- C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2012/01/09 14:10:16 | 000,032,558 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/01/09 14:10:14 | 000,000,426 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{424591B6-41FE-408B-A098-41A3958E63B2}.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 487 bytes -> C:\ProgramData\TEMP:05EE1EEF
< End of report >
--- --- --- |
OTLPENet.exe von OldTimer herunter und speichere sie auf Deinem Desktop. Anmerkung: Die Datei ist ca. 120 MB groß und es wird bei langsamer Internet-Verbindung ein wenig dauern, bis Du sie runtergeladen hast.